KR101437550B1 - Method for connect interception of web-sever - Google Patents

Method for connect interception of web-sever Download PDF

Info

Publication number
KR101437550B1
KR101437550B1 KR1020140011284A KR20140011284A KR101437550B1 KR 101437550 B1 KR101437550 B1 KR 101437550B1 KR 1020140011284 A KR1020140011284 A KR 1020140011284A KR 20140011284 A KR20140011284 A KR 20140011284A KR 101437550 B1 KR101437550 B1 KR 101437550B1
Authority
KR
South Korea
Prior art keywords
web server
login
user terminal
message
access
Prior art date
Application number
KR1020140011284A
Other languages
Korean (ko)
Inventor
김영준
Original Assignee
주식회사 민앤지
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 민앤지 filed Critical 주식회사 민앤지
Priority to KR1020140011284A priority Critical patent/KR101437550B1/en
Application granted granted Critical
Publication of KR101437550B1 publication Critical patent/KR101437550B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention relates to a method for blocking access to a web server and, more specifically, to a method for blocking a third party to repeat access to a specific web server using a stolen ID and password. To achieve this, a method for blocking access to a web server in an access blocking management server of the present invention comprises the steps of: receiving a log-in information message including an ID from the web server; transmitting a log-in notification message for notifying the login of the web server to a user terminal mapped to the ID; transmitting, to the web server, a logout message for blocking the login of the web server when a login denial message is received from the user terminal, and changing a state of the ID into a login disable state; re-receiving a login information message including the ID from the web server; and transmitting, to the user terminal, a message including a URL of the access blocking management server.

Description

[0001] METHOD FOR CONNECTING TO A WEB SERVER [

The present invention relates to a method for blocking access to a web server, and more particularly, to a method for preventing a third party from accessing a web server to access a specific web server repeatedly by stealing an ID and a password.

Recently, due to the development of the internet environment, various activities on the web have become possible, so that user authentication is often required. For example, when a user wants to make a payment using a credit card or a mobile communication terminal for a purchase price of a paid item in an online game shopping mall, or to transfer money by transferring money deposited in a user's account in Internet banking, Even a site may be required to authenticate a user at a later time.

In order to access the current Internet site and receive the service of the site that the user wishes to use, he / she sets an ID and a password at each site, inputs member information of a schedule form required by each site such as a resident registration number, address, and telephone number, And the method of using the site after logging in using the password is widely used.

However, due to the increase of various security threats, frequent security accidents due to leakage of IDs and passwords and illegal stealing occur, resulting in various cyber crimes and property damages caused by leakage of personal information on the internet.

Korean Registered Patent No. 1263423 entitled " Method for Implementing a Login Confirmation and Authorization Service Using a Mobile User Terminal ", when the user ID is logged into a web server registered in the access control management server, Transmitting a login notification message for notifying a login of the web server to a user terminal mapped to the user ID in the connection control management server; Transmitting, to the web server, a logout message for blocking login of the web server to the user ID in response to the log-in notification message from the user terminal in response to the log-in notification message from the access control management server Features include It proposes the access control method of the Web server.

Korean Patent Registration No. 0998626 (entitled " User Authentication Access Notification System ") is a system for receiving user authentication information from a user connected to a user access notification system, a pre-stored user authentication Authenticating the user authentication information when information is stored,

Determining whether the user is a general service application user or a high-level service application user from the authenticated user authentication information, notifying the user of the fact that the user authentication information is input to the communication medium corresponding to the user authentication information, and If the user does not receive the response information from the user within the set period, blocking the connection to the user connection notification system; and if the user is a high-level service application user, And proposes a user authentication access notification method of periodically performing the user authentication request from the time of authentication.

However, the above-described techniques are directed to preventing a third party who attempts to access a specific web server from accessing the web server by using the user's ID and password of another user. In particular, It is not described. Therefore, if a third party wants to access a specific web server repeatedly, countermeasures are needed.

A problem to be solved by the present invention is to provide a method for preventing a third party who attempts to access a web server to which a third party has subscribed by using a third party's ID and password from accessing the web server.

In order to achieve the above object, there is provided a method of intercepting a connection to a Web server in a connection blocking management server according to the present invention includes the steps of: receiving a login information message including an ID from the web server; Transmitting a login notification message to the user terminal mapped to the ID to inform the login of the web server; and upon receiving a log-in rejection message from the user terminal, Receiving a login information message including the ID from the web server, transmitting the login information message to the user terminal, transmitting the login information message to the web server, And transmitting the message including the URL. .

In order to achieve the above object, there is provided a method of intercepting a connection to a Web server in a connection blocking management server according to the present invention includes the steps of: receiving a login information message including an ID from the web server; Transmitting a login notification message to the user terminal mapped to the ID to inform the login of the web server; and upon receiving a log-in rejection message from the user terminal, Receiving a login information message including the ID from the web server log-out processing for the ID, transmitting the login information message to the web server, The terminal including the URL of the access blocking management server Characterized in that it comprises the step of transmitting the image.

The method for blocking access to a web server according to the present invention is a method for blocking access to a web server when a third party who has stolen an ID and a password tries to access a specific web server, Can be prevented in advance.

When the third party repeatedly accesses a specific web server, the user is notified that the password for logging in to the corresponding web server is exposed, and thus the login information for accessing the web server can be changed .

Figure 1 illustrates an access blocking system in accordance with an embodiment of the present invention.
2 is a block diagram showing a configuration of a contact blocking management server constituting an access blocking system according to an embodiment of the present invention.
FIG. 3 is a flowchart illustrating a message transmitted and received upon login to a web server in the access control management system according to the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The foregoing and further aspects of the present invention will become more apparent from the following detailed description of preferred embodiments with reference to the accompanying drawings. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made in detail to the embodiments of the present invention, examples of which are illustrated in the accompanying drawings.

Figure 1 illustrates an access blocking system in accordance with an embodiment of the present invention. Hereinafter, a connection blocking system according to an embodiment of the present invention will be described in detail with reference to FIG.

1, the access blocking system includes a user terminal, an access blocking management server, and at least one web server. Of course, other configurations than those described above may be included in the access blocking system proposed in the present invention.

The web server is a server for providing a web service to a user through a personal computer or a user terminal. The user provides the web server with the member information, the ID and the password of the form requested by each web server and registers the member as a member in the web server. A user inputs an ID and a password to a web server through a personal computer or a user terminal, logs in the web server, and uses the web service provided by the web server. Here, the web service provided by the web server can be applied to various fields such as portal service and online game.

The user accesses the access blocking management server by using the user terminal and downloads and executes the control management application provided by the access control management server to the user terminal. The web server to which the login notification service is to be requested is transmitted to the blocking control server . That is, the user inputs the ID of the web server and the ID of the web server to control access through the access blocking application, and transmits the ID to the access blocking management server.

If the web server is logged in with the user's ID and password, the web server determines whether the login notification service has been applied for the user ID. If the login notification service is applied for the user ID, the web server transmits the login information to the access blocking management server do.

The access blocking management server 300 transmits the login information again to the user terminal. When the user logs in the web server 400 with the user's ID and password without permission of the third party based on the login information, 300 to request the log-out of the web server 400. When the access blocking management server 300 receives the logout request of the web server 400 from the user terminal 100, the access blocking management server 300 requests the web server 400 to logout of the user ID and password.

In particular, when the third party attempts to log into the web server 400 with the user's ID and password within a predetermined time after the forced logout, the web server transmits the login information to the access blocking management server.

The access blocking management server requests the web server not to accept login, and at the same time sends a message containing the URL to the user terminal. The message may be either a text message or a web push message.

If the URL included in the message is selected by the user, the user terminal moves to the mobile web page of the corresponding access blocking management server, performs user authentication, and performs login to the web server. That is, the present invention performs login to the corresponding web server after performing user authentication by the user terminal. When user authentication by the user terminal transmits an authentication message from the access blocking management server to the user terminal, the user terminal transmits the received authentication message to the access blocking management server. When the user authentication by the user terminal is completed, the access blocking management server requests login to the web server.

2 is a functional block diagram for explaining an access blocking management server according to the present invention. Hereinafter, the configuration of the access blocking management server according to an embodiment of the present invention will be described in detail with reference to FIG.

2, the transceiver 110 provides a connection blocking application to a personal computer or user terminal 100 connected to the network 200, and transmits the connection blocking application to the user terminal 100 through the transmission / And receives management member information. Here, the management member information includes personal information such as the user's name, age, gender, address, and e-mail address, contact information of the user terminal, web server identifier for receiving the login notification service mapped to the user terminal, It is an ID. According to the field to which the present invention is applied, the management member information is a contact information of a user terminal except for personal information, a web server for receiving a login notification service mapped to the user terminal, and a user ID registered in each web server. Here, the web server identifier is information for identifying the web server, and the name and IP address of the web server may be used. The member information management unit 120 classifies the management member information input through the transmission / reception unit 110 into the member information database 130 by classifying the web server into which the login notification service is registered for each user terminal contact or user.

On the other hand, the login management unit 140 receives the login information message from the web server through the transmission / reception unit 110, and based on the user ID of the received login information message and the user ID registered and stored in the member information database 130 It is determined whether the web server that has sent the login information message to the web server is the web server to which the login notification service is applied based on whether or not the same user ID as the user ID of the login information message exists in the managed member information. When the web server that has transmitted the login information message is the web server to which the login notification service is requested, the login management unit 140 stores the login time information of the web server provided in the login information message in the login information database 150. At the same time, the login management unit 140 generates a login notification message and transmits the login notification message generated through the transmission / reception unit 110 to a contact of the user terminal mapped to the management member information in the form of a push message. The login notification message in the form of a push message is automatically generated and transmitted to the user terminal when the access control management server receives the login information message without requiring the user.

If the login rejection message is received from the user terminal 100 through the transmission / reception unit 110, a logout message for forcibly logging out the login of the web server is generated, and the generated logout message is transmitted to the web server do.

FIG. 3 is a flowchart illustrating a message transmitted and received upon login to a web server in the access control management system according to the present invention.

3, in order to use the login notification service, the user terminal first transmits a login notification service application message to the web server for using the login notification service (S300). The application of the login notification service can be performed using the user terminal 100 or the personal computer which can access the web server 400 through the network 200 and transmit and receive data. The application of the login notification service is to "send login information to the access control management server when logging in to the web server with the user ID and password". In the web server, the user ID requesting the login notification service is registered and stored.

When the user logs in to the web server with the user ID and password, the web server determines whether the login notification service is requested by the user ID. If the login notification service is the applied user ID, the web server generates a login information message to the connection control management server (S302). The login information message stores the user ID or login time information logged in to the web server.

Upon receipt of the login information message, the connection control management server generates a login notification message for notifying the login information in the form of a push message and transmits the generated login notification message to the user terminal (S304). More specifically, the access control management server extracts the user ID from the login information message and searches whether the same user ID as the extracted user ID exists in the management member information of the access control management server. If the same user ID as the extracted user ID for the search result web server exists in the management member information of the connection control management server, the login notification message to the user terminal based on the contact of the user terminal mapped to the user ID in the management member information .

If the user himself or herself logs in to the web server or receives a login notification message from a third party authorized by the user, the user can ignore the login notification message or continue to access the web server, And the like. However, when a third party illegally logs in to the web server by inputting the user's ID and password, the user enters a user command for forcibly logging out the web server by pressing the reject login button. The user terminal generates a login rejection message in response to the inputted user command, and transmits the generated login rejection message to the access control management server (S306).

Upon receiving the login rejection message, the access blocking management server generates a logout message for forcibly logging out the login of the web server, and transmits the logout message to the web server (S308). In addition, the connection blocking management server changes the status value to the log-in status for the corresponding ID. The web server proceeds with the logout procedure for the login of the third party by the logout message provided from the access blocking management server.

When the user logs in to the web server with the user ID and password, the web server determines whether the login notification service is requested by the user ID. If the login notification service is the applied user ID, the web server generates a login information message to the connection control management server (S310).

The access blocking management server determines whether a login information message has been received within the set time after forcibly logging out the web server. When the login information message is received within the set time, the access blocking management server requests that the login to the web server be temporarily blocked. The access blocking management server also transmits a message including the URL to the user terminal (S312).

The user terminal selects the URL included in the message, and moves to the mobile web page of the access blocking management server by selection (S314).

The access blocking management server transmits the authentication message to the user terminal connected to the mobile web page, and the user terminal retransmits the received authentication message. Through the above process, the access blocking management server performs authentication for the user terminal (S316). Of course, if the user terminal does not connect to the web server, the access blocking management server may deny the requested authentication.

 When the access blocking management server completes the authentication procedure with the user terminal, it transmits a login message allowing the connection to the web server. That is, the connection blocking management server transmits a message allowing the login requested in step S310. In addition, the connection blocking management server changes the state value to the log-in state for the corresponding ID.

Of course, the access blocking management server transmits the URL including the mobile web page address of the web server to the user terminal, and the user terminal can perform the login procedure for the web server after performing the user authentication procedure with the web server.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the scope of the present invention .

100: user terminal 200: access blocking management server
300: Web server 202: Transmitting /
204: Member information management unit 206: Member information database
208: Login manager 210: Login information database
212: logout management unit

Claims (5)

delete A method for blocking access to a web server from a connection blocking management server,
Receiving a login information message including an ID from the web server;
Transmitting a login notification message to notify the user terminal mapped to the ID of the login of the web server;
Sending a logout message to the web server to block logins of the web server when the log-in rejection message is received from the user terminal, and changing a status value to the log-in status for the ID;
Re-receiving a login information message including the ID from the web server;
Transmitting a message including the URL of the access blocking management server to the user terminal;
And transmitting approval information to the user terminal when the access blocking management server accesses the access blocking management server via the URL, and receiving the approval information from the user terminal. Way.
3. The method of claim 2, further comprising: after receiving the grant information from the user terminal,
And changing the state value to a log-in state for the ID if the received approval information is the same as the approved approval number.
The method of claim 3, wherein the login notification message is transmitted to the user terminal through an application push message or an SMS method.
A method for blocking access to a web server from a connection blocking management server,
Receiving a login information message including an ID from the web server;
Transmitting a login notification message to notify the user terminal mapped to the ID of the login of the web server;
Sending a logout message to the web server to block logins of the web server when the log-in rejection message is received from the user terminal, and changing a status value to the log-in status for the ID;
Requesting that the log-in to the web server be temporarily blocked when the log-in information message including the ID is re-received from the web-server within the set time for the ID for which forced logout processing has been performed;
Transmitting a message including the URL of the access blocking management server to the user terminal;
Transmitting the approval information to the user terminal when accessing the access blocking management server via the URL, and transmitting a login message allowing access to the web server upon receiving the approval information from the user terminal; The method comprising the steps of:
KR1020140011284A 2014-01-29 2014-01-29 Method for connect interception of web-sever KR101437550B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020140011284A KR101437550B1 (en) 2014-01-29 2014-01-29 Method for connect interception of web-sever

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020140011284A KR101437550B1 (en) 2014-01-29 2014-01-29 Method for connect interception of web-sever

Publications (1)

Publication Number Publication Date
KR101437550B1 true KR101437550B1 (en) 2014-09-05

Family

ID=51759320

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020140011284A KR101437550B1 (en) 2014-01-29 2014-01-29 Method for connect interception of web-sever

Country Status (1)

Country Link
KR (1) KR101437550B1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100447806B1 (en) * 2003-09-09 2004-09-08 황두진 security service method with notifying event

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100447806B1 (en) * 2003-09-09 2004-09-08 황두진 security service method with notifying event

Similar Documents

Publication Publication Date Title
US11832099B2 (en) System and method of notifying mobile devices to complete transactions
US20220043897A1 (en) Method And Apparatus For Geographic Location Based Electronic Security Management
CN107690788B (en) Identification and/or authentication system and method
CN103283204B (en) To the method that the access of protected content is authorized
US9900774B2 (en) Shared network connection credentials on check-in at a user's home location
US8862097B2 (en) Secure transaction authentication
US8572701B2 (en) Authenticating via mobile device
EP3579595B1 (en) Improved system and method for internet access age-verification
KR101263423B1 (en) Log in confirmation service implementation method for mobile terminal
US9137241B2 (en) Method and system using a cyber ID to provide secure transactions
KR101212509B1 (en) System and method for service control
KR101294805B1 (en) 2-channel authentication method and system based on authentication application
JP6847949B2 (en) Network architecture for controlling data signaling
KR101437550B1 (en) Method for connect interception of web-sever
KR101212510B1 (en) System and method for service security based on location
KR101195027B1 (en) System and method for service security
KR101405832B1 (en) Login system and method through an authentication of user's mobile telecommunication
KR20130005635A (en) System for providing secure card payment system using mobile terminal and method thereof
KR101571199B1 (en) Login processing system based on inputting telephone number and control method thereof
KR20150083562A (en) Method for authentication using user apparatus, digital system, and authentication system thereof

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20170828

Year of fee payment: 4

FPAY Annual fee payment

Payment date: 20180828

Year of fee payment: 5

FPAY Annual fee payment

Payment date: 20190826

Year of fee payment: 6