KR101437550B1 - Method for connect interception of web-sever - Google Patents
Method for connect interception of web-sever Download PDFInfo
- Publication number
- KR101437550B1 KR101437550B1 KR1020140011284A KR20140011284A KR101437550B1 KR 101437550 B1 KR101437550 B1 KR 101437550B1 KR 1020140011284 A KR1020140011284 A KR 1020140011284A KR 20140011284 A KR20140011284 A KR 20140011284A KR 101437550 B1 KR101437550 B1 KR 101437550B1
- Authority
- KR
- South Korea
- Prior art keywords
- web server
- login
- user terminal
- message
- access
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
The present invention relates to a method for blocking access to a web server, and more particularly, to a method for preventing a third party from accessing a web server to access a specific web server repeatedly by stealing an ID and a password.
Recently, due to the development of the internet environment, various activities on the web have become possible, so that user authentication is often required. For example, when a user wants to make a payment using a credit card or a mobile communication terminal for a purchase price of a paid item in an online game shopping mall, or to transfer money by transferring money deposited in a user's account in Internet banking, Even a site may be required to authenticate a user at a later time.
In order to access the current Internet site and receive the service of the site that the user wishes to use, he / she sets an ID and a password at each site, inputs member information of a schedule form required by each site such as a resident registration number, address, and telephone number, And the method of using the site after logging in using the password is widely used.
However, due to the increase of various security threats, frequent security accidents due to leakage of IDs and passwords and illegal stealing occur, resulting in various cyber crimes and property damages caused by leakage of personal information on the internet.
Korean Registered Patent No. 1263423 entitled " Method for Implementing a Login Confirmation and Authorization Service Using a Mobile User Terminal ", when the user ID is logged into a web server registered in the access control management server, Transmitting a login notification message for notifying a login of the web server to a user terminal mapped to the user ID in the connection control management server; Transmitting, to the web server, a logout message for blocking login of the web server to the user ID in response to the log-in notification message from the user terminal in response to the log-in notification message from the access control management server Features include It proposes the access control method of the Web server.
Korean Patent Registration No. 0998626 (entitled " User Authentication Access Notification System ") is a system for receiving user authentication information from a user connected to a user access notification system, a pre-stored user authentication Authenticating the user authentication information when information is stored,
Determining whether the user is a general service application user or a high-level service application user from the authenticated user authentication information, notifying the user of the fact that the user authentication information is input to the communication medium corresponding to the user authentication information, and If the user does not receive the response information from the user within the set period, blocking the connection to the user connection notification system; and if the user is a high-level service application user, And proposes a user authentication access notification method of periodically performing the user authentication request from the time of authentication.
However, the above-described techniques are directed to preventing a third party who attempts to access a specific web server from accessing the web server by using the user's ID and password of another user. In particular, It is not described. Therefore, if a third party wants to access a specific web server repeatedly, countermeasures are needed.
A problem to be solved by the present invention is to provide a method for preventing a third party who attempts to access a web server to which a third party has subscribed by using a third party's ID and password from accessing the web server.
In order to achieve the above object, there is provided a method of intercepting a connection to a Web server in a connection blocking management server according to the present invention includes the steps of: receiving a login information message including an ID from the web server; Transmitting a login notification message to the user terminal mapped to the ID to inform the login of the web server; and upon receiving a log-in rejection message from the user terminal, Receiving a login information message including the ID from the web server, transmitting the login information message to the user terminal, transmitting the login information message to the web server, And transmitting the message including the URL. .
In order to achieve the above object, there is provided a method of intercepting a connection to a Web server in a connection blocking management server according to the present invention includes the steps of: receiving a login information message including an ID from the web server; Transmitting a login notification message to the user terminal mapped to the ID to inform the login of the web server; and upon receiving a log-in rejection message from the user terminal, Receiving a login information message including the ID from the web server log-out processing for the ID, transmitting the login information message to the web server, The terminal including the URL of the access blocking management server Characterized in that it comprises the step of transmitting the image.
The method for blocking access to a web server according to the present invention is a method for blocking access to a web server when a third party who has stolen an ID and a password tries to access a specific web server, Can be prevented in advance.
When the third party repeatedly accesses a specific web server, the user is notified that the password for logging in to the corresponding web server is exposed, and thus the login information for accessing the web server can be changed .
Figure 1 illustrates an access blocking system in accordance with an embodiment of the present invention.
2 is a block diagram showing a configuration of a contact blocking management server constituting an access blocking system according to an embodiment of the present invention.
FIG. 3 is a flowchart illustrating a message transmitted and received upon login to a web server in the access control management system according to the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS The foregoing and further aspects of the present invention will become more apparent from the following detailed description of preferred embodiments with reference to the accompanying drawings. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made in detail to the embodiments of the present invention, examples of which are illustrated in the accompanying drawings.
Figure 1 illustrates an access blocking system in accordance with an embodiment of the present invention. Hereinafter, a connection blocking system according to an embodiment of the present invention will be described in detail with reference to FIG.
1, the access blocking system includes a user terminal, an access blocking management server, and at least one web server. Of course, other configurations than those described above may be included in the access blocking system proposed in the present invention.
The web server is a server for providing a web service to a user through a personal computer or a user terminal. The user provides the web server with the member information, the ID and the password of the form requested by each web server and registers the member as a member in the web server. A user inputs an ID and a password to a web server through a personal computer or a user terminal, logs in the web server, and uses the web service provided by the web server. Here, the web service provided by the web server can be applied to various fields such as portal service and online game.
The user accesses the access blocking management server by using the user terminal and downloads and executes the control management application provided by the access control management server to the user terminal. The web server to which the login notification service is to be requested is transmitted to the blocking control server . That is, the user inputs the ID of the web server and the ID of the web server to control access through the access blocking application, and transmits the ID to the access blocking management server.
If the web server is logged in with the user's ID and password, the web server determines whether the login notification service has been applied for the user ID. If the login notification service is applied for the user ID, the web server transmits the login information to the access blocking management server do.
The access
In particular, when the third party attempts to log into the web server 400 with the user's ID and password within a predetermined time after the forced logout, the web server transmits the login information to the access blocking management server.
The access blocking management server requests the web server not to accept login, and at the same time sends a message containing the URL to the user terminal. The message may be either a text message or a web push message.
If the URL included in the message is selected by the user, the user terminal moves to the mobile web page of the corresponding access blocking management server, performs user authentication, and performs login to the web server. That is, the present invention performs login to the corresponding web server after performing user authentication by the user terminal. When user authentication by the user terminal transmits an authentication message from the access blocking management server to the user terminal, the user terminal transmits the received authentication message to the access blocking management server. When the user authentication by the user terminal is completed, the access blocking management server requests login to the web server.
2 is a functional block diagram for explaining an access blocking management server according to the present invention. Hereinafter, the configuration of the access blocking management server according to an embodiment of the present invention will be described in detail with reference to FIG.
2, the
On the other hand, the
If the login rejection message is received from the
FIG. 3 is a flowchart illustrating a message transmitted and received upon login to a web server in the access control management system according to the present invention.
3, in order to use the login notification service, the user terminal first transmits a login notification service application message to the web server for using the login notification service (S300). The application of the login notification service can be performed using the
When the user logs in to the web server with the user ID and password, the web server determines whether the login notification service is requested by the user ID. If the login notification service is the applied user ID, the web server generates a login information message to the connection control management server (S302). The login information message stores the user ID or login time information logged in to the web server.
Upon receipt of the login information message, the connection control management server generates a login notification message for notifying the login information in the form of a push message and transmits the generated login notification message to the user terminal (S304). More specifically, the access control management server extracts the user ID from the login information message and searches whether the same user ID as the extracted user ID exists in the management member information of the access control management server. If the same user ID as the extracted user ID for the search result web server exists in the management member information of the connection control management server, the login notification message to the user terminal based on the contact of the user terminal mapped to the user ID in the management member information .
If the user himself or herself logs in to the web server or receives a login notification message from a third party authorized by the user, the user can ignore the login notification message or continue to access the web server, And the like. However, when a third party illegally logs in to the web server by inputting the user's ID and password, the user enters a user command for forcibly logging out the web server by pressing the reject login button. The user terminal generates a login rejection message in response to the inputted user command, and transmits the generated login rejection message to the access control management server (S306).
Upon receiving the login rejection message, the access blocking management server generates a logout message for forcibly logging out the login of the web server, and transmits the logout message to the web server (S308). In addition, the connection blocking management server changes the status value to the log-in status for the corresponding ID. The web server proceeds with the logout procedure for the login of the third party by the logout message provided from the access blocking management server.
When the user logs in to the web server with the user ID and password, the web server determines whether the login notification service is requested by the user ID. If the login notification service is the applied user ID, the web server generates a login information message to the connection control management server (S310).
The access blocking management server determines whether a login information message has been received within the set time after forcibly logging out the web server. When the login information message is received within the set time, the access blocking management server requests that the login to the web server be temporarily blocked. The access blocking management server also transmits a message including the URL to the user terminal (S312).
The user terminal selects the URL included in the message, and moves to the mobile web page of the access blocking management server by selection (S314).
The access blocking management server transmits the authentication message to the user terminal connected to the mobile web page, and the user terminal retransmits the received authentication message. Through the above process, the access blocking management server performs authentication for the user terminal (S316). Of course, if the user terminal does not connect to the web server, the access blocking management server may deny the requested authentication.
When the access blocking management server completes the authentication procedure with the user terminal, it transmits a login message allowing the connection to the web server. That is, the connection blocking management server transmits a message allowing the login requested in step S310. In addition, the connection blocking management server changes the state value to the log-in state for the corresponding ID.
Of course, the access blocking management server transmits the URL including the mobile web page address of the web server to the user terminal, and the user terminal can perform the login procedure for the web server after performing the user authentication procedure with the web server.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the scope of the present invention .
100: user terminal 200: access blocking management server
300: Web server 202: Transmitting /
204: Member information management unit 206: Member information database
208: Login manager 210: Login information database
212: logout management unit
Claims (5)
Receiving a login information message including an ID from the web server;
Transmitting a login notification message to notify the user terminal mapped to the ID of the login of the web server;
Sending a logout message to the web server to block logins of the web server when the log-in rejection message is received from the user terminal, and changing a status value to the log-in status for the ID;
Re-receiving a login information message including the ID from the web server;
Transmitting a message including the URL of the access blocking management server to the user terminal;
And transmitting approval information to the user terminal when the access blocking management server accesses the access blocking management server via the URL, and receiving the approval information from the user terminal. Way.
And changing the state value to a log-in state for the ID if the received approval information is the same as the approved approval number.
Receiving a login information message including an ID from the web server;
Transmitting a login notification message to notify the user terminal mapped to the ID of the login of the web server;
Sending a logout message to the web server to block logins of the web server when the log-in rejection message is received from the user terminal, and changing a status value to the log-in status for the ID;
Requesting that the log-in to the web server be temporarily blocked when the log-in information message including the ID is re-received from the web-server within the set time for the ID for which forced logout processing has been performed;
Transmitting a message including the URL of the access blocking management server to the user terminal;
Transmitting the approval information to the user terminal when accessing the access blocking management server via the URL, and transmitting a login message allowing access to the web server upon receiving the approval information from the user terminal; The method comprising the steps of:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140011284A KR101437550B1 (en) | 2014-01-29 | 2014-01-29 | Method for connect interception of web-sever |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140011284A KR101437550B1 (en) | 2014-01-29 | 2014-01-29 | Method for connect interception of web-sever |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101437550B1 true KR101437550B1 (en) | 2014-09-05 |
Family
ID=51759320
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020140011284A KR101437550B1 (en) | 2014-01-29 | 2014-01-29 | Method for connect interception of web-sever |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101437550B1 (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100447806B1 (en) * | 2003-09-09 | 2004-09-08 | 황두진 | security service method with notifying event |
-
2014
- 2014-01-29 KR KR1020140011284A patent/KR101437550B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100447806B1 (en) * | 2003-09-09 | 2004-09-08 | 황두진 | security service method with notifying event |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11832099B2 (en) | System and method of notifying mobile devices to complete transactions | |
US20220043897A1 (en) | Method And Apparatus For Geographic Location Based Electronic Security Management | |
CN107690788B (en) | Identification and/or authentication system and method | |
CN103283204B (en) | To the method that the access of protected content is authorized | |
US9900774B2 (en) | Shared network connection credentials on check-in at a user's home location | |
US8862097B2 (en) | Secure transaction authentication | |
US8572701B2 (en) | Authenticating via mobile device | |
EP3579595B1 (en) | Improved system and method for internet access age-verification | |
KR101263423B1 (en) | Log in confirmation service implementation method for mobile terminal | |
US9137241B2 (en) | Method and system using a cyber ID to provide secure transactions | |
KR101212509B1 (en) | System and method for service control | |
KR101294805B1 (en) | 2-channel authentication method and system based on authentication application | |
JP6847949B2 (en) | Network architecture for controlling data signaling | |
KR101437550B1 (en) | Method for connect interception of web-sever | |
KR101212510B1 (en) | System and method for service security based on location | |
KR101195027B1 (en) | System and method for service security | |
KR101405832B1 (en) | Login system and method through an authentication of user's mobile telecommunication | |
KR20130005635A (en) | System for providing secure card payment system using mobile terminal and method thereof | |
KR101571199B1 (en) | Login processing system based on inputting telephone number and control method thereof | |
KR20150083562A (en) | Method for authentication using user apparatus, digital system, and authentication system thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20170828 Year of fee payment: 4 |
|
FPAY | Annual fee payment |
Payment date: 20180828 Year of fee payment: 5 |
|
FPAY | Annual fee payment |
Payment date: 20190826 Year of fee payment: 6 |