KR101678185B1 - Web application server capable of tracing access to personal information and web service providing system having the same - Google Patents

Web application server capable of tracing access to personal information and web service providing system having the same Download PDF

Info

Publication number
KR101678185B1
KR101678185B1 KR1020150074547A KR20150074547A KR101678185B1 KR 101678185 B1 KR101678185 B1 KR 101678185B1 KR 1020150074547 A KR1020150074547 A KR 1020150074547A KR 20150074547 A KR20150074547 A KR 20150074547A KR 101678185 B1 KR101678185 B1 KR 101678185B1
Authority
KR
South Korea
Prior art keywords
connection
personal information
session
database
service
Prior art date
Application number
KR1020150074547A
Other languages
Korean (ko)
Inventor
김현욱
박성은
구자동
Original Assignee
(주)케이사인
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)케이사인 filed Critical (주)케이사인
Priority to KR1020150074547A priority Critical patent/KR101678185B1/en
Application granted granted Critical
Publication of KR101678185B1 publication Critical patent/KR101678185B1/en

Links

Images

Classifications

    • H04L67/22
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L67/16

Abstract

The web application server includes a login module, a plurality of service modules, a database, a DB connection pool, and a management module. When receiving a login request signal including a user ID and a password from each of a plurality of user terminals, the login module assigns a session ID to each of the plurality of user terminals, associates the session ID with the user ID, . A plurality of service modules provide a web service to each of a plurality of user terminals. The database stores the data necessary to provide the Web service. The DB connection pool controls the behavior of the database. Each of the plurality of service modules, when receiving a DB access command from the corresponding user terminal, provides a DB access request signal together with the session ID to the DB connection pool. When receiving the DB access request signal and the session ID from the service module, the DB connection pool assigns the DB connection ID to the service module, stores the DB connection ID in the second table in association with the session ID, When accessing the personal information stored in the database using the connection ID, the access information for the personal information is stored in the third table in association with the DB connection ID. When receiving a search signal from an administrator terminal, the management module provides an access history of personal information for each user ID based on data stored in the first to third tables.

Figure R1020150074547

Description

TECHNICAL FIELD [0001] The present invention relates to a web application server having a personal information access history tracking function and a web service provision system including the web application server.

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a web application server (WAS), and more particularly, to a web application server capable of tracking access history of important data for each user and a web service providing system including the web application server.

Recently, as the number of web based services has increased, there have been an increasing number of applications providing services using important data such as personal information on the web. Accordingly, security incidents such as leakage of personal information are frequently occurring.

In order to prevent security incidents such as personal information leakage, there is a need for a technology that collects information about who has access to certain important data, as well as a technology that essentially blocks the leakage of important data.

However, a general web application server (WAS) has a problem in that it is difficult to know who has access to important data stored in the database because a plurality of users are controlled by using one database account.

An object of the present invention is to provide a web application server capable of effectively tracking access history of important data for each user.

Another object of the present invention is to provide a web service providing system including the web application server.

In order to accomplish one object of the present invention, a web application server according to an embodiment of the present invention includes a login module, a plurality of service modules, a database, a DB connection pool, and a management module . The login module, when receiving a login request signal including a user ID and a password from each of the plurality of user terminals, assigns a session ID to each of the plurality of user terminals, associates the session ID with the user ID And stores it in the first table. The plurality of service modules provide a web service to each of the plurality of user terminals. The database stores data necessary for providing the web service. The DB connection pool controls the operation of the database. Each of the plurality of service modules provides a DB access request signal to the DB connection pool together with the session ID when receiving a DB access command from a corresponding user terminal. Wherein the DB connection pool assigns a DB connection ID to the service module when the DB access request signal and the session ID are received from the service module, associates the DB connection ID with the session ID, When the service module accesses the personal information stored in the database using the DB connection ID, the service module stores the access information for the personal information in the third table in association with the DB connection ID. When receiving the search signal from the administrator terminal, the management module provides an access history of the personal information for each user ID based on the data stored in the first to third tables.

In one embodiment, the DB connection pool includes: a connection manager for giving the DB connection ID to the service module when receiving the DB access request signal and the session ID from the service module; A connection monitor unit for associating the DB connection ID with the session ID and storing the DB connection ID in the second table each time the DB connection ID is assigned in response to the access request signal and the session ID; A DB driver for performing a read operation on the database based on a query statement received via the database, and if the query statement corresponds to a statement accessing the personal information stored in the database, And a query analyzer for storing the information in the third table in association with the DB connection ID.

The DB driver and the query analyzer may simultaneously receive the query statement from the service module and operate in parallel based on the query statement.

Wherein the DB connection pool further includes a table information file storing names of personal information tables storing the personal information in the database and names of personal information columns storing the personal information in the personal information table, The analyzing unit compares the query sentence received from the service module with the name of the personal information table stored in the table information file and the name of the personal information column to access the personal information stored in the database Quot ;, or " corresponding to "

Wherein the query statement analyzing unit is configured to determine whether the query statement includes a name of the personal information table stored in the table information file and a name of the personal information column in the query statement, .

When the query statement is determined to correspond to a statement for accessing the personal information stored in the database, associating the name of the table and the name of the table included in the query statement with the DB connection ID, Can be stored in the third table.

In one embodiment, when receiving the search signal from the administrator terminal, the management module extracts the session ID corresponding to each of the user IDs using the first table, and uses the second table Extracting the DB connection ID corresponding to the extracted session ID, calculating the number of times of accessing the personal information through the extracted DB connection ID using the third table, May be provided to the administrator terminal.

According to an aspect of the present invention, there is provided a web service providing system including a plurality of user terminals, a web application server, and an administrator terminal. The web application server provides a web service to the plurality of user terminals. The administrator terminal manages the web application server. Wherein the web application server, when receiving a login request signal including a user ID and a password from each of the plurality of user terminals, assigns a session ID to each of the plurality of user terminals, A plurality of service modules each providing the web service to each of the plurality of user terminals, a database storing data necessary for providing the web service, A DB connection pool for controlling the DB, and a management module. Wherein each of the plurality of service modules provides a DB access request signal to the DB connection pool together with the session ID when receiving a DB access command from a corresponding user terminal, Wherein the service module receives the DB access request signal and the session ID, gives a DB connection ID to the service module, stores the DB connection ID in the second table in association with the session ID, When accessing stored personal information, stores access information on the personal information in association with the DB connection ID in a third table, and when the management module receives a search signal from the administrator terminal, And provides access history of the personal information for each user ID based on data stored in three tables.

The web application server according to the embodiments of the present invention can provide access histories of personal information stored in the database on a user-by-user basis.

1 is a conceptual diagram illustrating a web service provision system according to an embodiment of the present invention.
2 is a block diagram illustrating an example of a web application server included in the web service provision system of FIG.
3 is a diagram showing an example of a first table included in the web application server of FIG.
4 is a diagram showing an example of a second table included in the web application server of FIG.
5 is a diagram illustrating an example of a table information file included in the web application server of FIG.
6 is a diagram illustrating an example of a third table included in the web application server of FIG.

For the embodiments of the invention disclosed herein, specific structural and functional descriptions are set forth for the purpose of describing an embodiment of the invention only, and it is to be understood that the embodiments of the invention may be practiced in various forms, The present invention should not be construed as limited to the embodiments described in Figs.

The present invention is capable of various modifications and various forms, and specific embodiments are illustrated in the drawings and described in detail in the text. It is to be understood, however, that the invention is not intended to be limited to the particular forms disclosed, but on the contrary, is intended to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.

The terms first, second, etc. may be used to describe various components, but the components should not be limited by the terms. The terms may be used for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component.

It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between. Other expressions that describe the relationship between components, such as "between" and "between" or "neighboring to" and "directly adjacent to" should be interpreted as well.

The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In the present application, the terms "comprise", "having", and the like are intended to specify the presence of stated features, integers, steps, operations, elements, components, or combinations thereof, , Steps, operations, components, parts, or combinations thereof, as a matter of principle.

Unless otherwise defined, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries should be construed as meaning consistent with meaning in the context of the relevant art and are not to be construed as ideal or overly formal in meaning unless expressly defined in the present application .

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. The same reference numerals are used for the same constituent elements in the drawings and redundant explanations for the same constituent elements are omitted.

1 is a conceptual diagram illustrating a web service provision system according to an embodiment of the present invention.

Referring to FIG. 1, a web service providing system 10 includes a plurality of user terminals 100-1 to 100-n, a web application server 200, and an administrator terminal 300. Here, n represents a positive integer.

Each of the plurality of user terminals 100-1 to 100-n is connected to the web application server 200 through wired / wireless communication. The web application server 200 provides a web service to each of the plurality of user terminals 100-1 to 100-n through the wired / wireless communication.

Each of the plurality of user terminals 100-1 to 100-n may be a beacon electronic device such as a computer or a mobile device such as a smart phone or the like.

In one embodiment, the web application server 200 includes a database for storing data necessary for providing the web service, and a plurality of user terminals 100-1 to 100-n To provide the web service.

The web service provided by the web application server 200 is not limited to a specific service and may be any kind of web service.

The administrator terminal 300 is directly connected to the web application server 200 through the internal communication network and manages the web application server 200.

As described later, the web application server 200 stores important data, for example, personal information, in the database. When the web application server 200 receives a plurality of user terminals 100-1 to 100-n, When each of the plurality of user terminals 100-1 to 100-n accesses the personal information stored in the database in the process of providing the web service to each user, the web application server 200 determines which personal information Information as to whether or not the user has been accessed can be stored as log data. Therefore, the web application server 200 may provide the access history of the personal information to the administrator terminal 300 for each user based on the log data. Therefore, the administrator can easily grasp the access history of the personal information stored in the database of the web application server 200 for each user.

2 is a block diagram illustrating an example of a web application server included in the web service provision system of FIG.

2, the web application server 200 includes a login module 210, a plurality of service modules 220, a database 240, a DB connection pool 230, and a management module 250 ).

Each of the plurality of user terminals 100-1 to 100-n receives a login request signal including a user ID (U_ID) and a password to the web application server 200 in order to receive the web service from the web application server 200 Can be transmitted.

When the login module 210 receives the login request signal from each of the plurality of user terminals 100-1 to 100-n, the login module 210 authenticates the user ID (U_ID) included in the login request signal and the password, (SS_ID) to each of the plurality of user terminals, associates the session ID (SS_ID) with the user ID (U_ID) included in the login request signal, and stores it in the first table 251 Can be stored.

3 is a diagram showing an example of a first table included in the web application server of FIG.

Referring to FIG. 3, the first table 251 may include a user ID field U_ID_F, a session ID field SS_ID_F, an IP address field IP_ADDR_F, and a time field DT_F.

As shown in FIG. 3, the login module 210 provides session IDs (IDs) to each of the plurality of user terminals in response to the login request signal received from each of the plurality of user terminals 100-1 to 100-n SS_ID), the user ID (U_ID), the session ID (SS_ID), the IP address of the user terminal included in the login request signal, and the current time included in the login request signal are stored in the first table The user ID field U_ID_F, the session ID field SS_ID_F, the IP address field IP_ADDR_F, and the time field DT_F.

The first table 251 shown in FIG. 3 is an example, and the present invention is not limited thereto. According to the embodiment, the first table 251 may include a name of the user corresponding to the user ID U_ID, May further store user information such as < RTI ID = 0.0 >

Referring again to FIG. 2, each of the plurality of user terminals 100-1 to 100-n receives a session ID (SS_ID) from the login module 210. The session ID (SS_ID) The web server 200 may request the web service provision.

Each of the plurality of service modules 220 may provide the web service to each of the plurality of user terminals 100-1 to 100-n. That is, each of the plurality of user terminals 100-1 to 100-n can receive the web service through the corresponding service module 220. [

Thus, each of the plurality of service modules 220 can provide the web service to the corresponding user terminal 100-k using the data stored in the database 240. [ Here, k represents a positive integer of n or less.

The database 240 may store data necessary for providing the web service. The DB connection pool 230 may control the operation of the database 240.

2 illustrates that the database 240 is included in the web application server 200. However, the database 240 may exist separately from the web application server 200 according to an embodiment of the present invention.

In one embodiment, each of the plurality of user terminals 100-1 to 100-n uses a DB access command (DB_CMD) to the corresponding service module 220 in order to use the data stored in the database 240 .

Each of the plurality of service modules 220 receives the DB access request signal DB_REQ from the corresponding user terminal 100-k and transmits the DB access request signal DB_REQ to the corresponding user terminal 100- (SS_ID) to the DB connection pool 230.

The DB connection pool 230 provides the DB connection ID DB_ID to the service module 220 when receiving the DB access request signal DB_REQ and the session ID SS_ID from the service module 220, (DB_ID) may be stored in the second table 252 in association with the session ID (SS_ID). The DB connection pool 230 may read the data stored in the database 240 based on the request of the service module 220 and provide the data to the service module 220. In this case, when the service module 220 accesses the personal information stored in the database 240 using the DB connection ID (DB_ID), the service module 220 associates access information on the personal information with the DB connection ID, 253).

Specifically, the DB connection pool 230 may include a connection management unit 231, a connection monitor unit 233, a DB driver 235, and a query analysis unit 237.

The connection management unit 231 may provide the DB connection ID DB_ID to the service module 220 when receiving the DB access request signal DB_REQ and the session ID SS_ID from the service module 220.

The connection monitor unit 233 transmits the DB connection ID DB_ID to the service module 220 in response to the DB access request signal DB_REQ and the session ID SS_ID received from the service module 220 by the connection management unit 231 The DB connection ID (DB_ID) may be stored in the second table 252 in association with the session ID (SS_ID).

4 is a diagram showing an example of a second table included in the web application server of FIG.

Referring to FIG. 4, the second table 252 may include a session ID field (SS_ID_F), and a DB connection ID field (DB_ID_F).

4, the connection monitor unit 233 monitors whether the connection management unit 231 grants a new DB connection ID (DB_ID) to the service module 220, and when the connection management unit 231 determines that the service module 220 (SS_ID) and the DB connection ID (DB_ID) when giving the DB connection ID (DB_ID) to the service module 220 in response to the DB access request signal (DB_REQ) and the session ID (SS_ID) ) In the session ID field (SS_ID_F) and the DB connection ID field (DB_ID_F) of the second table 252, respectively.

The second table 252 shown in FIG. 4 is illustrative, and the present invention is not limited thereto. According to an embodiment, the second table 252 may include a new DB connection ID (DB_ID) And information such as a given time may be further stored.

2, when the service module 220 acquires the DB connection ID (DB_ID) from the connection management part 231, the service module 220 transmits a query statement (QR) to the DB connection pool 230 using the DB connection ID Can be transmitted.

The query statement QR transmitted from the service module 220 is simultaneously provided to the DB driver 235 and the query analyzer 237. The DB driver 235 and the query analyzer 237 operate in parallel can do.

The DB driver 235 reads data corresponding to the query statement QR from the data stored in the database 240 based on the query statement QR received from the service module 220 and provides the data to the service module 220 .

The query analyzing unit 237 analyzes the query QR received from the service module 220 and determines that the query QR corresponds to a statement accessing the personal information from the data stored in the database 240 The information on the query QR can be stored in the third table 253 in association with the DB connection ID DB_ID.

In one embodiment, the DB connection pool 230 includes a table 240 for storing the name of the personal information table storing the personal information in the database 240 and the name of the personal information column storing the personal information in the personal information table An information file (TI) 239 may be further included.

5 is a diagram illustrating an example of a table information file included in the web application server of FIG.

5, the table information file 239 includes names (TABLEA, TABLEB) of personal information tables including the personal information, names of personal information columns in which the personal information is stored in each of the personal information tables (JUMIN, TEL, CARDNUM) in association with each other.

5 exemplarily shows that the resident registration number and the telephone number are stored as the personal information in the first table TABLEA and the resident registration number and the card number are stored as the personal information in the second table TABLEB .

2, the query analyzing unit 237 analyzes the query QR received from the service module 220 with the name of the personal information table stored in the table information file 239 and the name of the personal information column To determine whether the query statement QR corresponds to a statement accessing the personal information stored in the database 240. [

For example, when the query statement (QR) includes the name of the personal information table and the name of the personal information column stored in the table information file 239, the query statement analysis unit 237 determines that the query statement (QR) It can be determined that it corresponds to a statement for accessing the personal information stored in the database 240.

If it is determined that the query statement QR corresponds to a statement for accessing the personal information stored in the database 240, the query statement analysis unit 237 analyzes the name of the table and the name of the column included in the query statement QR May be stored in the third table 253 in association with the DB connection ID (DB_ID).

6 is a diagram illustrating an example of a third table included in the web application server of FIG.

Referring to FIG. 6, the third table 253 may include a DB connection ID field (DB_ID_F) and a query information field (QR_F).

6, when the name of the personal information table and the name of the personal information column stored in the table information file 239 are included in the query statement QR, the query statement analyzing unit 237 analyzes the DB connection The DB_ID_F of the third table 253 and the query information field QR_F of the table and the names of the tables included in the ID (DB_ID) and the query statement QR, respectively.

6, the present invention is not limited to this. According to the embodiment, the query analyzing unit 237 analyzes the query information field QR_F of the third table 253, The query statement QR may be stored as it is.

2, when the management module 250 receives the search signal SS from the administrator terminal 300, the management module 250 determines whether or not the user terminal 300 receives the search signal SS based on the data stored in the first to third tables 251, 252, (DB_LOG) for the personal information stored in the database 240 for each ID (U_ID).

For example, when the management module 250 receives the search signal SS from the administrator terminal 300, the management module 250 uses the first table 251 to obtain a session ID (SS_ID) corresponding to each of the user IDs U_ID Extracts the DB connection ID (DB_ID) corresponding to the extracted session ID (SS_ID) using the second table 252, and extracts the DB connection ID (DB_ID) extracted using the third table 253 The number of times the user accesses the personal information can be calculated. Therefore, the management module 250 can provide the administrator terminal 300 with the number of times the personal information stored in the database 240 is accessed for each user ID (U_ID).

In one embodiment, the administrator terminal 300 may provide the user ID (U_ID) of the user to be inquired to the management module 250 together with the search signal SS. In this case, the management module 250 determines the number of times the user ID (U_ID) received based on the data stored in the first to third tables 251, 252, and 253 accesses the personal information stored in the database 240 And provide it to the administrator terminal 300.

In one embodiment, when an access history to specific personal information (for example, a resident number) is to be retrieved, the administrator terminal 300 stores the name and the name of the column of the personal information table storing the specific personal information as a search signal (SS) to the management module 250. In this case, the management module 250 calculates the number of times the specific personal information is accessed for each user ID (U_ID) based on the data stored in the first to third tables 251, 252, and 253, ).

As described above with reference to FIGS. 1 to 6, the web application server 200 according to the embodiments of the present invention includes a process of providing the web service to each of the plurality of user terminals 100-1 to 100-n When each of the plurality of user terminals 100-1 to 100-n accesses the personal information stored in the database 240, the first to third tables 251, 252, You can store information about whether you have accessed your personal information. Therefore, the web application server 200 can provide the access history of the personal information to the administrator terminal 300 for each user based on the data stored in the first to third tables 251, 252, and 253, The access history of the personal information stored in the database of the web application server 200 can be easily grasped by the user.

The web application server according to the embodiments of the present invention provides a history of accessing personal information stored in a database for each user, and thus can be useful for preventing leakage of personal information from a web application server.

Although the preferred embodiments of the present invention have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims. It will be understood that the invention may be modified and varied without departing from the scope of the invention.

10: Web service providing systems 100-1 to 100-n:
200: Web application server 300: administrator terminal

Claims (8)

When receiving a login request signal including a user ID and a password from each of a plurality of user terminals, assigning a session ID to each of the plurality of user terminals, associating the session ID with the user ID, A login module to store;
A plurality of service modules for providing a web service to each of the plurality of user terminals;
A database for storing data necessary for providing the web service;
A DB connection pool for controlling the operation of the database; And
Management module,
Wherein each of the plurality of service modules provides a DB access request signal to the DB connection pool together with the session ID when receiving a DB access command from a corresponding user terminal,
Wherein the DB connection pool assigns a DB connection ID to the service module when the DB access request signal and the session ID are received from the service module, associates the DB connection ID with the session ID, Storing the access information for the personal information in the third table in association with the DB connection ID when the service module accesses the personal information stored in the database using the DB connection ID,
Wherein the management module provides a history of access to the personal information for each user ID based on data stored in the first to third tables when receiving a search signal from the administrator terminal,
The DB connection pool includes:
A connection management unit for providing the DB connection ID to the service module when receiving the DB access request signal and the session ID from the service module;
A connection monitor unit for associating the DB connection ID with the session ID and storing the DB connection ID in the second table whenever the connection management unit gives the DB connection ID in response to the DB access request signal and the session ID;
A DB driver for performing a read operation on the database based on a query sent from the service module via the DB connection ID; And
And a query analyzer for associating information on the query statement with the DB connection ID and storing the query statement in the third table when the query statement corresponds to a statement for accessing the personal information stored in the database. . delete The web application server according to claim 1, wherein the DB driver and the query analyzer simultaneously receive the query statement from the service module and operate in parallel based on the query statement. 2. The method according to claim 1, wherein the DB connection pool further includes a table information file storing names of personal information tables storing the personal information in the database and names of personal information columns storing the personal information in the personal information table Including,
Wherein the query analyzer compares the query received from the service module with a name of the personal information table stored in the table information file and a name of the personal information column, A web application server that determines whether it corresponds to an accessing statement. The method according to claim 4, wherein, if the query statement includes a name of the personal information table stored in the table information file and a name of the personal information column in the query statement, The web application server determines that it corresponds to a statement accessing the web server. 5. The method according to claim 4, wherein, if it is determined that the query statement corresponds to a statement for accessing the personal information stored in the database, the query analyzer analyzes the name of the table and the name of the column included in the query, And stores it in the third table in association with the connection ID. The method according to claim 1, wherein, when receiving the search signal from the administrator terminal, the management module extracts the session ID corresponding to each of the user IDs using the first table, Extracting the DB connection ID corresponding to the extracted session ID, calculating the number of times of accessing the personal information through the extracted DB connection ID using the third table, To the administrator terminal. A plurality of user terminals;
A web application server for providing a web service to the plurality of user terminals; And
And an administrator terminal for managing the web application server,
The web application server,
When receiving a login request signal including a user ID and a password from each of the plurality of user terminals, assigning a session ID to each of the plurality of user terminals, associating the session ID with the user ID, A login module for storing the password in the login module;
A plurality of service modules for providing the web service to each of the plurality of user terminals;
A database for storing data necessary for providing the web service;
A DB connection pool for controlling the operation of the database; And
Management module,
Wherein each of the plurality of service modules provides a DB access request signal to the DB connection pool together with the session ID when receiving a DB access command from a corresponding user terminal,
Wherein the DB connection pool assigns a DB connection ID to the service module when the DB access request signal and the session ID are received from the service module, associates the DB connection ID with the session ID, Storing the access information for the personal information in the third table in association with the DB connection ID when the service module accesses the personal information stored in the database,
Wherein the management module provides an access history of the personal information for each user ID based on data stored in the first to third tables when receiving a search signal from the administrator terminal,
The DB connection pool includes:
A connection management unit for providing the DB connection ID to the service module when receiving the DB access request signal and the session ID from the service module;
A connection monitor unit for associating the DB connection ID with the session ID and storing the DB connection ID in the second table whenever the connection management unit gives the DB connection ID in response to the DB access request signal and the session ID;
A DB driver for performing a read operation on the database based on a query sent from the service module via the DB connection ID; And
And a query analyzer for associating information on the query statement with the DB connection ID and storing the information in the third table when the query statement corresponds to a statement for accessing the personal information stored in the database system.
KR1020150074547A 2015-05-28 2015-05-28 Web application server capable of tracing access to personal information and web service providing system having the same KR101678185B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150074547A KR101678185B1 (en) 2015-05-28 2015-05-28 Web application server capable of tracing access to personal information and web service providing system having the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150074547A KR101678185B1 (en) 2015-05-28 2015-05-28 Web application server capable of tracing access to personal information and web service providing system having the same

Publications (1)

Publication Number Publication Date
KR101678185B1 true KR101678185B1 (en) 2016-11-21

Family

ID=57537866

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150074547A KR101678185B1 (en) 2015-05-28 2015-05-28 Web application server capable of tracing access to personal information and web service providing system having the same

Country Status (1)

Country Link
KR (1) KR101678185B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114095514A (en) * 2020-07-29 2022-02-25 华为技术有限公司 Database access method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060042330A (en) * 2004-11-09 2006-05-12 한국전자통신연구원 A method for managing the session channel according to each service class of mobile terminal
KR20100088861A (en) * 2009-02-02 2010-08-11 주식회사 유섹 Method and system for protecting customer's privacy information in contact center

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060042330A (en) * 2004-11-09 2006-05-12 한국전자통신연구원 A method for managing the session channel according to each service class of mobile terminal
KR20100088861A (en) * 2009-02-02 2010-08-11 주식회사 유섹 Method and system for protecting customer's privacy information in contact center

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114095514A (en) * 2020-07-29 2022-02-25 华为技术有限公司 Database access method and system
CN114095514B (en) * 2020-07-29 2023-03-10 华为技术有限公司 Database access method and system

Similar Documents

Publication Publication Date Title
CN103886529A (en) Health archive information management service system and method
ATE311063T1 (en) UNITED LOGIN PROCESS
WO2018093961A1 (en) Systems and methods for digital presence profiler service
JP2007214978A (en) Object person management system
US20140114991A1 (en) Providing access to information
CN103761603A (en) Mobile card punching system suitable for outworkers
KR101678185B1 (en) Web application server capable of tracing access to personal information and web service providing system having the same
KR20130064447A (en) Method and appratus for providing search results using similarity between inclinations of users and device
JP2011100268A (en) Service providing system, authentication device, service providing device, control method, and program
CN104378202A (en) Information processing method, electronic terminal and server
JP5069168B2 (en) Network operation monitoring system, manager device, and network operation monitoring method
CN104092681A (en) Personalized multi-media smart campus content distribution and interactive system based on location-based service
KR20080079708A (en) Imformation offering system for individual and method
CN104680467A (en) Political propaganda and election review platform and safe operation method thereof
KR20090131967A (en) The individual tailored portal site providing system and management method using smart card
JP2008197919A (en) Processing mode switching device
KR20150083589A (en) Server for sharing and managing bookmarks, system and method for sharing and managing bookmarks using the same
JP2016018337A (en) Information processing system, information processing method, and program
CN107592373A (en) A kind of information requesting method, device and the user terminal of more domain name pages
JP2014035655A (en) Access control system
KR20120022199A (en) Content providing system using the serial number of mobile memory devices and method thereof
CN111048196B (en) Hospital equipment management system and management method thereof
KR101792187B1 (en) System and method for question answering service using statistical method
WO2023192521A1 (en) System and method for analyzing patient data and managing interactions with a patient via a display device having multiple display windows
CN106572462A (en) Alarm information sending method and apparatus

Legal Events

Date Code Title Description
GRNT Written decision to grant