528956 A7 B7 經 濟 部 智 慧 財 產 局 員 工 消 費 合 作 社 印 製 五、發明説明(1 ) 【發明領域】 本發明係有關於一種資源存取的授權方法以及系 統,更詳而言之,係為一種藉以使軟體服務供應商授權終 端裝置與其進行資源傳輸之互動存取方法以及系統。 【發明背景】 由於電子資訊與網際網路系統快速發展,使傳統商業 活動經由電腦及通訊網路間的互動與應用下即可完成實際 的交易行為。因此,現今推行商業自動化的企業即導入一 套止業資源規劃(Enterprise Resource Planning,ERP)的 系統,籍以整合企業内部各部門的資訊系統,俾有效運用 企業資源。 許多ERP系統的應用軟體服務供應商(Applicati〇n Service pr0vider ’ ASP )透過提供一個網站介面的方式, 將他們已有主從架構的應用軟體放在網站上,以便將ERp 產品授權商業客戶透過一種安全的、可靠的方式直接提交 »丁單,並存取相關的資料。另外的一些產品則授權商業合 作夥伴透過提供資訊的存取以及自助式的訂單交易來增 進相互的關係。而目前思愛普系統軟體公司(以下簡稱為 即居ERP系統軟體的龍頭地位,並且 也正在使它的應用軟體網站化。其中’ R/3 Intemet528956 A7 B7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the Invention (1) [Field of Invention] The present invention relates to a method and system for authorizing resource access, and more specifically, to enable The software service provider authorizes the terminal device to perform interactive access methods and systems for resource transmission with the terminal device. [Background of the Invention] Due to the rapid development of electronic information and Internet systems, traditional business activities can be completed through the interaction and application of computers and communication networks. Therefore, today's companies that implement business automation have introduced a Enterprise Resource Planning (ERP) system to integrate the information systems of various departments within the enterprise and effectively use enterprise resources. Many ERP system application software service providers (Application Service pr0vider 'ASP) provide a website interface to put their existing master-slave framework application software on the website in order to authorize commercial customers of ERP products through a Safe and reliable way to submit »Tickets directly and access related information. Other products empower business partners to increase mutual relationships by providing access to information and self-service order transactions. At present, SIAP system software company (hereafter referred to as the leading position of ERP system software) is also making its application website. Among them, ‘R / 3 Intemet
Application Components即將營運程序連結到網際網路例 如當商業合作料將虛擬購物車裝㉟商品後,彳以申請一 個獨立的報價單,也可以檢查是否所有的商品都有存貨, 以及何時才能被送^。所有這些資訊在—個執行的r/3系 ;紙張尺度適种國目家標準(CNS)A4規格(210x2971^5^-----—- 1 16362 (請先閲讀背面之注音_項再塡寫本頁各攔) 裝 線 528956 A7 B7 經濟部智慧財產局員工消費合作社印製 五、發明説明(2 ) — 統中,都可以透過一個連結到R/3資料庫的介面得到 R/3的其他模組也可以接收透過網站傳送來的交易。 當使用者欲存取此類ERP系統軟體業者所提供的軟 體時,一般需要完成以下步驟:第一,預先於各自的終^ 裝置内安裝由ERP系統軟體業者所提供的前端程式;第 一,在ERP系統軟體業者所提供的客戶資料庫中建立使 者權限資料;以及,第三,向ERP系統軟體業者付費以 買使用授權。 ' 由於各個使用者皆需在各自的終端裝置内預先安裝 用以存取ERP系統軟體的前端程式,並向ERp系統軟體 業者購買使用授權,故除使企業支付更多構買使用授權的 費用外,同時,亦相對提高對前端程式安裝及部署的成本。 因此,如何減少企業支付應用軟體服務供應商的授權 使用費用,同時簡化對前端程式的安裝、部署處理,以降 低企業成本,即是目前需要解決的問題。 【發明目的及概述】 鑒於以上所述習知技術之缺點,本發明之主要目的在 於提供一種新穎之資源存取的授權方法以及系統,盆可減 少企業存取應用軟體服務供應商之開發應用軟體所需支付 的授權使用費用。 本發明之另-目的在於提供一種資源存取的授權方 法以及系統’其可減化企業存取應用軟體服務供應商之應 用軟體所需安裝、部署前端程式的處理程序。 根據以上所述之目的’本發明即提供—種資源存取的 私紙張尺度適財酬家鮮(CNS)A4規格⑽X 297公爱)_ 16362 (請先閲讀背面之注咅1|?項再填寫本頁各攔) .裝 .訂· •線 528956 A7 B7 五、發明説明(3 ) 經濟部智慧財產局員工消費合作社印製 授權方法以及系統,本發明之資源存取的授權方法 用在用以將終端裝置網路連結至應用軟體服務供應商所建 立的資源系統中,藉以由該授權系統使該應用軟體服務供 應商授權終端裝置與其進行資源傳輪之互動存取,且預先 使該授權系統具有用以對提出登入請求之使用者識別身分 的多筆使用者資料之使用者資料庫,及用以授權使用者存 取該應用軟體服務供應商所建立的資源系統之使用帳號, 其包括以下步驟:1)由該授權系統接收使用者從終端裝置 所輸入的使用者資料;2)由該授權系統在使用者資料庫中 以終端裝置所傳來的使用者資料進行比對,若使用者資料 庫中沒有一筆使用者資料與終端裝置所傳來的使用者資料 相符時,則繼續進行步驟3),若有一筆使用者資料與終端 裝置所傳來的使用者資料相符時,則跳至步驟4 )· 3 )由 該授權系統傳送一無法登入資源系統之訊息至終端裝置, 並使位於終端裝置之使用者重新輸入請求登入資源系統的 使用者資料,然後返回步驟1); 4)由該授權系統傳送一 使用帳號至該應用軟體服務供應商所建立的資源系統中, 並將該資源系統所產生的資料訊息傳送至該終端裝置,以 供位於終端裝置之使用者透過瀏覽器即可與該應用軟體服 務供應商所建立的資源系統進行互動。 本發明之資源存取的授權系統,係一種用以將終端裝 置網路連結至軟體服務供雍亦^ 篮胍捞供應商所建立的貧源系統之授權系 :所:可使各個位於終端裝置之使用者存取軟體服務供應 商所提供的應用軟體,該授權系統包括:-使用者資料庫, 。氏張尺度適用中 3 16362 (請先閲讀背面之注+1¾項再填寫本頁各攔) -裝 •訂· 線 528956 A7 B7 經濟部智慧財產局員工消費合作社印製 五、發明説明(4 ) 用以建立可存取該應用軟體服務供應商所建立的資源系統 的使用者資料,其中,每一筆使用者資料中皆具有一專屬 的使用者名稱及與該使用者名稱對應的密碼;一接受登入 請求模組,用以接收位於終端裝置之使用者輸入請求登入 資源系統的使用者資料;一驗證使用權限模組,用以將來 自該接受登入請求模組所傳來的使用者資料與在該使用者 資料庫中的使用者資料進行比對;回應登入請求模組,用 以根據來自該驗證使用權限模組之比對結果進行回應動 作右在該使用者賓料庫中汉有一筆使用者資料與該請求 登入資源系統的使用者資料相符時,將傳送一無法登入資 源系統的訊息給位於終端裝置之使用者,並令使用者重新 輸入請求登入資源系統的使用者資料,若在該使用者資料 庫中有一筆使用者資料與該請求登入資源系統的使用者資 料相符時,即產生一可登入信號;一資訊管理模組,其具 有一筆用以登入該應用軟體服務供應商所建立的資源系統 的使用帳號,該資訊管理模組係根據來自該回應登^請求 模組所傳來的m信·而㈣應用軟體服務供應商所 建立的資源系統傳送一筆使用帳號,當該應用軟體服務供 應商所建立的資源系統確認使用帳號正確後,即可使終端 裝置與該應用軟體服務供應商所建立的資源系統進=互 動;以及一存取處理模組,用α處理終端裝置與該資源系 統間互動下所產生的資料訊息,以便將該資料統所傳來 的資料型態以網頁型式展現於終端裝置之瀏覽器上。 其中,本發明之授權系、統係可選擇内建於一飼服器主 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公箸) 4 16362 (請先閲讀背面之注咅項再填寫本頁各攔) 咅Ρ -裝 -訂. 線 528956 A7 B7 經 濟 部 智 慧 財 產 局 員 工 消 費 合 作 社 印 製 五、發明説明(5 ) 【圖示之簡單說明】 為讓本發明之上述和其它目的、特徵以及優點能更明 顯易懂,將與較佳實施例,並配合所附圖式,詳細說明本 發明之實施例,所附圖式之内容簡述如下: 第1圖為一示意方塊圖,其顯示本發明之資源存取的 授權系統之基本架構方塊圖;以及 第2圖為一示意流程圖,其顯示應用本發明之資源存 取的授權系統,而進行資源存取的授權方法之運作程序步 【較佳實施例詳細說明】 請參閱第1圖,其顯示本發明之資源存取的授權系統 之基本架構示意方塊圖。如圖所示,本實施例之授權系統 2(虛線框中者),係建構於終端裝置1與全球資訊網(w〇dd Wide Web,WWW)(未圖示)之間,該授權系統2如同一 伺服器主機,而資源系統3即應用軟體服務供應商(Asp) 所開發的應用軟體,例如由SAP系統軟體公司所提供的R/3 Internet Application Components 系統。該授權系統 2 及應用軟體服務供應商所建立的資源系統3即包含於全球 資訊網中,當位於終端裝置1之使用者欲存取該應用軟體 服務供應商所建立的資源系統3時,首先,使用者在各自 的終端裝置1之瀏覽器10上輸入授權系 仅催糸統2 (即伺服器主 機)IP位址及名稱,便能連結至授權系 隹尔玩2,然後,經授 權系統2對位於終端裝置1之使用去&少ώ、 有疋成身分確認並與該 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐·) 5 16362 (請先閱讀背面之注音4項再塡寫本頁各攔) -裝 訂· 線 528956 A7 B7 經濟部智慧財產局員工消費合作社印製 五、發明説明(6 ) 應用軟體服務供應商所建立的資源系統3完成使用帳號確 認程序後,使用者即可存取該資源系統3,該授權系統2 係包括··一使用者資料庫2〇、一接受登入請求模組21、驗 也使用權限模組2 2、回應登入請求模組2 3、資料管理模組 24及存取處理模組25。 其中,使用者資料庫20,用以建立可存取該應用軟體 服務供應商所建立的資源系統3的多筆使用者資料,其由 企業預先建立,例如企業僅指派部分員工可存取該應用軟 體服務供應商所建立的資源系統3,而每一筆使用者資料 中皆具有一專屬的使用者名稱及與該使用者 碼’其需預先建立於該授權系統2中。 '應的在 該接夂登入請求模組21,用以接收位於終端裝置^之 使用者輸人請求登人資源系統3的使用者f料。當終端裝 置1與該授㈣統2網路連結後,授㈣統2隨二傳 單至瀏覽器H)’以令位於終端裝置i之使用者根據_ 10上所顯示的表單進行相斜摩的叙令 仃祁対應的動作,亦即,位於終端裝 置1之使用者在瀏覽器10鍵入使用者資料時 备你田 ΤίΤΤΤ3 广 TT X» 1§ 1C 會使用 HTTP ( Hyper Text Transfer Pr〇t〇c〇i, 模式)之傳輸協定,向授權系統2提出 飞 八'^求 9 而姆避 系統2便會根據要求給予適當的回應,並 顯不執行]g雍;f会 的相對網頁資料。由於瀏覽器、HTTP傳松边〜 .'、 裝置1與授權系統2間的網頁資料回應處^ ^M及終端 之網頁技術,因此以下將不對其功能及内架、播一般熟知 詳細之說明。 "構作進一步 本紙張尺度適用中國國家標準(CNS)A4規格(210 公變_ 16362 (請先閱讀背面之注音_項再填寫本頁各攔) .裝 -訂 線 6 528956Application Components will link the operation process to the Internet. For example, when a business cooperation team loads a virtual shopping cart with goods, they can apply for an independent quotation. You can also check whether all the goods are in stock and when can they be delivered ^ . All this information is in an r / 3 series; paper size is suitable for national standards (CNS) A4 specifications (210x2971 ^ 5 ^ -------- 1 16362 (Please read the phonetic _ item on the back before (Each block on this page) Installation line 528956 A7 B7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Invention Description (2) — In the system, you can get R / 3 through an interface connected to the R / 3 database. Other modules can also receive transactions sent through the website. When users want to access the software provided by such ERP system software providers, generally need to complete the following steps: First, install in advance in their respective devices The front-end program provided by the ERP system software operator; first, the establishment of messenger rights data in the customer database provided by the ERP system software operator; and, third, the ERP system software operator is paid to purchase licenses. Users need to install the front-end programs to access the ERP system software in advance in their respective terminal devices, and purchase licenses from the ERP system software industry, so in addition to making the enterprise pay more for constructing licenses In addition, at the same time, it also relatively increases the cost of installing and deploying front-end programs. Therefore, how to reduce the license fees for application software service providers paid by enterprises and simplify the process of installing and deploying front-end programs to reduce corporate costs, that is, [Problems and Summary of the Invention] In view of the shortcomings of the conventional technology described above, the main purpose of the present invention is to provide a novel resource access authorization method and system, which can reduce enterprises' access to application software services. The authorized use fee paid by the vendor to develop application software. Another object of the present invention is to provide a method and system for resource access authorization, which can reduce the installation required for an enterprise to access application software from a service provider. 2. Deploy the front-end program processing program. According to the above-mentioned purpose, the present invention provides a kind of resource access-private paper size, suitable for financial value (CNS) A4 specification, X 297 public love) _ 16362 (Please read the back first Note 咅 1 |? Please fill in each block on this page). Binding. Binding · • Line 528956 A7 B7 V. Description of the invention (3 ) The method and system for printing authorization of employees' cooperatives in the Intellectual Property Bureau of the Ministry of Economic Affairs, the resource access authorization method of the present invention is used to connect a terminal device network to a resource system established by an application software service provider. The authorization system enables the application software service provider to authorize the terminal device to perform interactive access to resource transfers with it, and the authorization system has a user who has multiple user data for identifying the user who submitted the login request in advance. The database and the account used to authorize users to access the resource system established by the application software service provider include the following steps: 1) The authorization system receives user data entered by the user from the terminal device; 2) The authorization system compares the user data sent from the terminal device in the user database. If none of the user data in the user database matches the user data sent by the terminal device, Then proceed to step 3), if a piece of user data matches the user data sent from the terminal device, Then skip to step 4) · 3) The authorization system sends a message that the resource system cannot be logged in to the terminal device, and the user located in the terminal device re-enters the user data requesting to log in to the resource system, and then returns to step 1); 4) The authorization system sends a usage account to the resource system established by the application software service provider, and transmits the data message generated by the resource system to the terminal device for users located on the terminal device to browse through The server can interact with the resource system established by the application software service provider. The resource access authorization system of the present invention is an authorization system for connecting a network of terminal devices to a software service for a poor source system established by a supplier. The user accesses the application software provided by the software service provider. The authorization system includes:-a user database,. Applicable scales 3 16362 (please read the note on the back + 1¾ first and then fill out each block on this page)-binding, binding, line 528956 A7 B7 Printed by the Consumers ’Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention (4) It is used to create user data that can access the resource system created by the application software service provider, wherein each user data has a unique user name and a password corresponding to the user name; an accept A login request module is used to receive user data from a terminal device to input a user request to log in to the resource system; a verification use authority module is used to combine the user data sent from the accepted login request module with the Compare user data in the user database; respond to the login request module to respond based on the comparison result from the authentication use authority module. Right in the user guest database. When the user data matches the user data requested to log in to the resource system, a message that the user cannot log in to the resource system will be sent to the user at the terminal device. And instruct the user to re-enter the user data requested to log in to the resource system. If there is a user data in the user database that matches the user data requested to log in to the resource system, a login signal is generated; an information The management module has a user account for logging in to the resource system established by the application software service provider. The information management module is based on the m-letter and application from the response login request module. The resource system established by the software service provider sends a usage account. After the resource system established by the application software service provider confirms that the usage account is correct, the terminal device and the resource system established by the application software service provider can be imported. = Interaction; and an access processing module, which uses α to process the data messages generated under the interaction between the terminal device and the resource system, so that the data type transmitted by the data system is displayed on the terminal device as a webpage. Device. Among them, the authorization system and system of the present invention may choose to be built in a feeder. The main paper size is applicable to Chinese National Standard (CNS) A4 (210 X 297 cm) 4 16362 (Please read the note on the back first) Please fill in the blocks on this page again) 咅 Ρ-Binding-Binding. Line 528956 A7 B7 Printed by the Consumer Consumption Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention (5) [Simplified description of the picture] The purpose, characteristics and advantages can be more clearly understood. The embodiments of the present invention will be described in detail with the preferred embodiments and the accompanying drawings. The contents of the attached drawings are briefly described below: Figure 1 is a schematic block. FIG. 2 is a block diagram showing the basic architecture of the resource access authorization system of the present invention; and FIG. 2 is a schematic flowchart showing the resource access authorization method using the resource access authorization system of the present invention Operation procedure steps [Detailed description of the preferred embodiment] Please refer to FIG. 1, which shows a schematic block diagram of the basic architecture of the resource access authorization system of the present invention. As shown in the figure, the authorization system 2 (in the dotted frame) of this embodiment is constructed between the terminal device 1 and the World Wide Web (WWW) (not shown). The authorization system 2 As the same server host, the resource system 3 is the application software developed by the application software service provider (Asp), such as the R / 3 Internet Application Components system provided by SAP system software company. The authorization system 2 and the resource system 3 established by the application software service provider are included in the World Wide Web. When a user located on the terminal device 1 wants to access the resource system 3 established by the application software service provider, first, , The user enters the authorization system only the IP address and name of the system 2 (ie the server host) on the browser 10 of the respective terminal device 1, and can be connected to the system 2 of the authorization system, and then, through the authorization system 2 For the use of the terminal device 1 & small, free identification, and the Chinese paper standard (CNS) A4 specification (210 X 297 mm ·) 5 16362 (Please read the back 4 phonetic transcriptions and reprints on this page)-Binding · Line 528956 A7 B7 Printed by the Consumers' Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention (6) Resource system established by the application software service provider 3 Complete account confirmation After the procedure, the user can access the resource system 3. The authorization system 2 includes a user database 20, a module for accepting login requests 21, and a module 2 for verifying permissions 2. Responding to the login request Module 2 3, data management module 24 and access processing module 25. The user database 20 is used to establish a plurality of user data that can access the resource system 3 established by the application software service provider, which is established in advance by the enterprise. For example, the company assigns only some employees to access the application. The resource system 3 established by the software service provider, and each piece of user data has a unique user name and the user code, which needs to be established in the authorization system 2 in advance. 'Yes' The access request module 21 is used to receive the user input request of the user resource system 3 from the user input device located at the terminal device ^. When the terminal device 1 is connected to the network 2 of the system, the system 2 sends the leaflet to the browser H) 'to enable the user located on the terminal device i to perform a phase comparison based on the form shown on _ 10 The instructions are as follows, that is, the user located on the terminal device 1 prepares you when entering the user data in the browser 10 ΤΤΤΤΤ3 TT × 1 1C will use HTTP (Hyper Text Transfer Pr〇t〇 coi, mode) transfer agreement, proposed to fly to the authorized system 2 求 求 ask 9 and the Mu avoid system 2 will give an appropriate response according to the request, and will not show the implementation] g Yong; f will be the relative web page information. Due to the browser, HTTP transmission loose edge ~. ', The webpage data response point between the device 1 and the authorization system ^ ^ M and the webpage technology of the terminal, the following will not give a general description of its functions, internal frames, and broadcast. " Construction further This paper size applies the Chinese National Standard (CNS) A4 specification (210 public variable _ 16362 (please read the phonetic _ item on the back before filling in each block on this page). Binding-Thread 6 528956
經 濟 部 智 慧 財 產 局 消 費 合 作 社 印 製 該驗證使用權限模組22,用以將來自該接受登入請求 模組21所傳來的使用者資料與在該使用者資料庫中的 使用者資料進行比對,其中,肖驗證使用#限模组U可透 過SQL ( Structured Query “吨⑽% )程式語言來存取使用 者資料庫20中的使用者資料。 該回應登入請求模組23,用以根據來自該驗證使用權 限模組22之比對結果進行回應動作’若驗證使用權限模組 22在使用者貝料庫2G中未找尋到—筆使用者資料與請求 登入資源系統3的使用者資料相符時,回應登入請求模組 將傳送無法·登入資源系统3的訊息給位於終端裝置1 之使用者’並令使用者重新輸入請求登入資源系統3的使 用者資料’若在該使用者資料庫2〇中有一筆使用者資料與 請求登入資源系統3的使用者資料相符時,回應登入,长 模組23即傳送一可登入信號至資訊管理模組24中。 該資訊管理模組24,其具有一筆用以登入(即授權使 用)該應用軟體服務供應商所建立的資源系統3的使用帳 號’該資訊管理模組24係根據來自該回應登入請求模組 23所次傳來的可登入信號而對該應用軟體服務供應商所建 立的育源系統3傳送一筆使用帳號,當該應用軟體服務供 應商所建立的資源系統3確認使用帳號正確後,即可使終 端裝置1與該應用軟體服務供應商所建立的資源系統3進 行存取互動。 該存取處理模組25,用以處理當終端裝置^該應用 軟體服務供應商所建立的資源系統3之間進行存取互動下 本紙張尺度適用中國國f標準(“)Α4規$21〇 χ 297公愛_ 7 16362 (請先閲讀背面之注音項再塡寫本頁各攔) •裝 --訂 線 528956 A7 B7 五、發明説明(8 所產生的資料訊息’以便將該應用軟體服務供應商所建立 的資源系統3傳來的資料型態以網頁型式展現於终端裝置 1之潮覽S 10上。當該資源系統3例如以XMUeXtensibieThe Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs prints the verification use authorization module 22, which is used to compare the user data transmitted from the login acceptance request module 21 with the user data in the user database. Among them, Xiao verification uses the #limit module U to access the user data in the user database 20 through the SQL (Structured Query “Tons%”) programming language. The response login request module 23 is used to This verification responds with the comparison result of the authorization module 22. If the verification authorization module 22 is not found in the user database 2G—when the user data matches the user data requested to log in to the resource system 3 In response to the login request module, it will send a message “Unable to log in to the resource system 3” to the user located at the terminal device 1 and cause the user to re-enter the user data requesting to log in to the resource system 3 ”if it is in the user database 2〇 When one of the user data matches the user data requested to log in to the resource system 3, in response to the login, the long module 23 sends a login signal to the Management module 24. The information management module 24 has a use account for logging in (that is, authorized to use) the resource system 3 established by the application software service provider. In response to the login signal sent by the login request module 23, a usage account is transmitted to the Yuyuan system 3 established by the application software service provider. When the resource system 3 established by the application software service provider confirms the use account After being correct, the terminal device 1 can access and interact with the resource system 3 established by the application software service provider. The access processing module 25 is used to process when the terminal device ^ established by the application software service provider Under the access and interaction between the resource system 3 of this paper, the Chinese paper standard (“) Α4 standard is applicable to this paper standard (“) Α4 regulation $ 21〇χ 297 公 爱 _ 7 16362 (Please read the phonetic entry on the back before writing the blocks on this page) • Binding-Binding line 528956 A7 B7 V. Description of the invention (8 Data message generated 'in order to use the webpage format for the data type transmitted from the resource system 3 established by the application software service provider Now the tide of the terminal apparatus 1 Browse S 10. When, for example, in the resource system 3 XMUeXtensibie
Markup~Language,延伸標示語言)的標示語言作為伺服器 之間的資訊交換時,該存取處理模組25將取得該xml資 料型態令的之資料内容及標籤(tag),以告知終端裝置i 之瀏覽器10該如何以XML資料型態呈現一網頁(web page )。 其中,該授權系統2如同一中介軟體(middleware ), 亦即,其可連結如第丨圖所示之終端裝置〗與該應用軟體 服務供應商所建立的資源系統3這兩個不同的平臺,透過 授權系統2,使位於終端裝置丨的使用者透過瀏覽器1〇所 顯示的網頁上直接對該資源系統3下存取指令,而該資源 系統3根據使用者所下的存取指令執行動作後,再透過授 權系統2傳送執行結果至終端裝置1。 經 濟 部 智 慧 財 產 局 員 工 消 費 合 作 社 印 製 (請先閱讀背面之注音办項再填寫本頁各攔) 對需預先在各自的終端裝置1安裝前端程式,並且各 個位於終端裝置之使用者皆需預先購得登入資源系統3之 使用授權(使用帳號)以便登入及存取該資源系統3的情 況下,藉由本發明之授權系統2,其主動對欲登入授權系 統2的使用者進行身分確認,於通過身分確認程序之後, 授權系統2僅以單一筆使用帳號向該應用軟體服務供應商 所建立的資源系統3提出登入及存取請求,即可使各個位 於終端裝置1之使用者登入及存取該資源系統3。因此, 本發明之授權系統2確實能減少企業對應用軟體服務供應 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 8 16362 528956 五、發明説明(9 ) 商支付使用授權(使用帳號)之購買費用,同時亦簡化對 前端程式的安裝及部署程序,因而大幅降低企業成本。 請參閱第2圖’其顯示應用本發明之資源存取的授權 系統2’而進行資源存取的授權方法之運作程序步驟。以 下請參閱第1、2圖以配合說明。 首先,進行步驟S1,由接受登入請求模組21取得使 用者從終端裝置i透過瀏覽器10所輸入的使用者資 著進行步驟S2。 於步驟S2中,由驗證使用權限模組22根據來自接受 登入請求模組21㈣來的使用者資料與在使用者資料庫 20中的使用者資料進行比對,接著進行步驟s3。 於步驟S3中,由驗證使用權限模組22判斷兩個使用 者資料是否相符,若相符時,則進行步驟S5;否則進行步 驟S4 〇 於步驟S4中,使回應登入請求模組23即產生一無法 登入資源系統3的信號至終端裝置!,並令位於終端裝置ι 經 濟 部 智 慧 財 產 局 員 工 消 費 合 作 社 印 製 (請先閲讀背面之注立〇項再填寫本頁各攔) 之使用者重新輸入請求登入資源系統3的使用者資料,接 著返回前述步驟S1。 於步驟S5中,使回應登入請求模組23即產生一可登 入資源系統3的信號至資訊管理模組24,接著進行步驟 S6 - 於步驟S6中,由資訊管理模組24讀取其所儲存的一 筆使用帳號資料240,並將該使用帳號資料傳送給資源系 統3,經其識別該使用帳號資料正確後,即可授權提出登 本紙張尺度適用中國國家標準(CNS)A4規格(210x297公楚) 9 16362 528956 五、發明説明(i〇 ) 入貢源系統3請求的終端裝置1存 進行步驟S7e 絲該資源系統3,接著 於步驟S7中,由資訊管理模組24接收來自該 統3所傳來的資料訊息,並將其傳送至存取處理模組=,、 =令該存取處理模·組25將取得的資料訊息以網頁資料型 L顯示於終端裝置!之瀏覽器1G上。其中,該存取處理模 組25透過XML格式的商業文件交換,即可為企業提供内 部和外部的營運整合。 因此,透過本發明之授權方法以及系統除可防止未經 授權之客戶端存取應用軟體服務供應冑(ASp)所提供的 應用軟體外’更能在減少企業對軟體授權費用支付的同 時’亦可供多位員工從網際網路上存取由應用軟體服務供 應商所研發的應用軟體,而與該應用軟體服務供應商所建 立的資源系統進行存取互動。 以上所述僅為本發明之較佳實施例而已,並非用以限 :本發明之實質技術内容之範圍,故本發明之實質技術内 經濟部智慧財產局員工消費合作社印製 (請先閲讀背面之注ΦΓΙ>1項再填寫本頁各攔) 3 谷係廣義地定義於下述之申請專利範圍中,任何他人所完 成之技術實體或方若是與下述之申料利冑圍所定義 者完全㈣’或是為同一等效之變更,均將被視為涵蓋於 此專利範圍之中。 【元件符號說明】 1 終端裝置 2 授權系統 3 資源系統 16362 528956 A7 B7 五、發明説明(η ) 10 瀏覽器 20 使用者資料庫 21 接受登入請求模組 22 驗證使用權限模組 23 回應登入請求模組 24 資訊管理模組 25 存取處理模組 240 使用帳號資料 (請先閲讀背面之注Jt-e項再塡寫本頁各攔) 一 經濟部智慧財產局員工消費合作社印製 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 11 16362Markup ~ Language (Extended Markup Language) When the markup language is used as information exchange between servers, the access processing module 25 will obtain the data content and tags of the xml data type order to inform the terminal device How the browser 10 of i should present a web page in the form of XML data. The authorization system 2 is the same middleware, that is, it can connect the two different platforms of the terminal device shown in FIG. 丨 and the resource system 3 established by the application software service provider. Through the authorization system 2, the user located on the terminal device 丨 through the webpage displayed by the browser 10 to directly access the resource system 3, and the resource system 3 executes the action according to the access instruction given by the user Then, the execution result is transmitted to the terminal device 1 through the authorization system 2. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs (please read the phonetic entry on the back and fill in the blocks on this page). It is necessary to install the front-end program in the respective terminal device 1 in advance, and each user located in the terminal device needs to be in advance. In the case of purchasing a use authorization (using an account) for logging in to the resource system 3 in order to log in and access the resource system 3, with the authorization system 2 of the present invention, it actively confirms the identity of a user who wants to log in to the authorization system 2. After passing the identity confirmation process, the authorization system 2 only submits a login and access request to the resource system 3 established by the application software service provider with a single use account, so that each user located on the terminal device 1 can log in and access The resource system 3. Therefore, the authorization system 2 of the present invention can indeed reduce the enterprise's supply of application software services. This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 8 16362 528956 V. Invention description (9) Merchant payment authorization (Using an account) purchase costs, while also simplifying the installation and deployment of front-end programs, thereby greatly reducing corporate costs. Please refer to FIG. 2 'which shows the operation procedure steps of the resource access authorization method using the resource access authorization system 2' of the present invention. Please refer to Figures 1 and 2 for explanation. First, step S1 is performed, and the login acceptance request module 21 obtains the user input from the terminal device i through the browser 10 and proceeds to step S2. In step S2, the verification use authority module 22 compares the user data received from the accepted login request module 21 with the user data in the user database 20, and then proceeds to step s3. In step S3, the verification and use authority module 22 determines whether the two user data match, and if they match, step S5 is performed; otherwise, step S4 is performed. In step S4, the response to the login request module 23 generates a Unable to login the signal of the resource system 3 to the terminal device! And ask the user located in the terminal device ι printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs (please read the note on the back and fill in the blocks on this page) to re-enter the user information requesting to log in to the resource system 3, then Return to step S1. In step S5, in response to the login request module 23, a signal that can log in to the resource system 3 is generated to the information management module 24, and then step S6 is performed. In step S6, the information management module 24 reads its stored information. A piece of usage account information 240, and transmitted the usage account information to the resource system 3, after identifying that the usage account information is correct, it can authorize the registration of the paper to apply the Chinese National Standard (CNS) A4 specification (210x297) ) 9 16362 528956 V. Description of the invention (i〇) The terminal device 1 requested by the tribute source system 3 is stored in step S7e and the resource system 3, and then in step S7, the information management module 24 receives the information from the system 3 The transmitted data message is sent to the access processing module =,, = This access processing module · group 25 displays the acquired data message on the terminal device as a web data type L! Browser 1G. Among them, the access processing module 25 can provide internal and external operation integration for enterprises through the exchange of business documents in XML format. Therefore, in addition to preventing the unauthorized client from accessing the application software provided by the application software service provider (ASp) through the authorization method and system of the present invention, it is also 'more capable of reducing the payment of software license fees by enterprises' and also Allows multiple employees to access application software developed by an application software service provider from the Internet, and access and interact with resource systems established by the application software service provider. The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the essential technical content of the present invention. Therefore, the essential technology of the present invention is printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs (please read the back first Note ΦΓΙ &1; fill in each page on this page) 3 Valley is broadly defined in the scope of the patent application described below. Any technical entity or party completed by anyone else is defined by the following claims. It is considered to be completely covered by this patent if it is completely or equivalently changed. [Description of component symbols] 1 Terminal device 2 Authorization system 3 Resource system 16362 528956 A7 B7 V. Description of invention (η) 10 Browser 20 User database 21 Accept login request module 22 Verify usage authority module 23 Respond to login request module Group 24 Information management module 25 Access processing module 240 Use account information (please read the note Jt-e on the back first, and then write each block on this page) A paper printed by the employee consumer cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs China National Standard (CNS) A4 (210 X 297 mm) 11 16362