TWI697802B - System and method for selecting data transmission mode according to client environment for certificate operation - Google Patents

System and method for selecting data transmission mode according to client environment for certificate operation Download PDF

Info

Publication number
TWI697802B
TWI697802B TW107140058A TW107140058A TWI697802B TW I697802 B TWI697802 B TW I697802B TW 107140058 A TW107140058 A TW 107140058A TW 107140058 A TW107140058 A TW 107140058A TW I697802 B TWI697802 B TW I697802B
Authority
TW
Taiwan
Prior art keywords
client
certificate
server
environment
web
Prior art date
Application number
TW107140058A
Other languages
Chinese (zh)
Other versions
TW202018563A (en
Inventor
周克遠
王國河
Original Assignee
臺灣網路認證股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣網路認證股份有限公司 filed Critical 臺灣網路認證股份有限公司
Priority to TW107140058A priority Critical patent/TWI697802B/en
Publication of TW202018563A publication Critical patent/TW202018563A/en
Application granted granted Critical
Publication of TWI697802B publication Critical patent/TWI697802B/en

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

A system and a method for selecting a data transmission mode according to a client environment for a certificate operation are provided. By selecting a data transmission mode based on an environment message transmitted from a client by a portal, guiding the client connects to a certificate server based on the data transmission mode by the portal, executing a certificate operation based on a command transmitted from the client for generating a certificate result by the certificate server, and transmitting the certificate result from the certificate server to the client, the system and the method can make sure certificate server transmits certificate result to client, and can achieve the effect of reducing loading of develop of web server.

Description

依客戶環境選擇資料傳遞方式以進行憑證作業之系統及方法 System and method for selecting data transmission mode according to customer environment to perform certificate operation

一種憑證管理系統及方法,特別係指一種依客戶環境選擇資料傳遞方式以進行憑證作業之系統及方法。 A voucher management system and method, in particular, refers to a system and method that selects a data transmission method to perform voucher operations according to the customer environment.

電子憑證,又稱為數位憑證,是一種用於電腦系統的身分識別機制。電子憑證是一個或一組電腦檔案,其中記載了擁有人的身份資料及一組公開密碼。電子憑證的擁有人可向電腦系統認證自己的身分,從而存取或使用某一特定的電腦服務。 Electronic certificates, also known as digital certificates, are an identification mechanism used in computer systems. An electronic certificate is a computer file or a set of computer files, which records the owner's identity information and a set of public passwords. The owner of an electronic certificate can authenticate himself to the computer system to access or use a specific computer service.

早期因網路安全性未如現今受到重視,需要透過電子憑證存取或使用的電腦服務大多以網頁附掛安控外掛元件的型態提供,意即使用者在存取或使用這些服務時,是透過瀏覽器來向遠端伺服器進行憑證申請、展期及查詢等相關服務。 In the early days, because network security was not as important as it is today, computer services that need to be accessed or used through electronic certificates are mostly provided in the form of webpages with security plug-ins, which means that when users access or use these services, It uses a browser to perform related services such as certificate application, renewal, and query to the remote server.

如今,因近年來網路安全漸受重視,瀏覽器對於運作於其上的網頁及外掛元件之安全性要求及檢核愈益嚴苛,限制大幅增加且支援度下降,造 成過去可順利在瀏覽器上執行的憑證新申請、展期、查詢等相關作業因之操作失敗比率大增,反而對使用者造成困擾。為了解決上述的問題,目前已有將憑證作業分離至外部伺服器執行的解決方案,此一解決方式是讓交易作業由客戶端連線到業務伺服器上執行,憑證作業則由客戶端連線到外部伺服器上執行。 Nowadays, due to the increasing importance of network security in recent years, browsers have become more stringent in their security requirements and checks for web pages and plug-in components that operate on them. Limitations have increased significantly and support has decreased. The failure rate of operations such as new application, renewal, and query of certificates that can be successfully executed on the browser in the past has greatly increased, which has caused confusion to users. In order to solve the above problems, there are solutions to separate the certificate operation to an external server for execution. This solution is to allow the transaction operation to be executed by the client connected to the business server, and the certificate operation is connected by the client Run on an external server.

然而,由於客戶端上運行的作業系統很多(例如在電腦以及在行動裝置上運行的各種作業系統),且客戶端所使用的瀏覽程式(包含電腦或行動裝置上之原生的網頁瀏覽程式或內嵌於電腦或行動裝置之應用程式中的瀏覽程式)更多,而不同的作業系統與不同的瀏覽程式之間可能會有些許設定上的差異,例如,有部分作業系統或瀏覽程式存在「防止跨網站追蹤」的設定,也有部分的瀏覽程式有無法跨網域傳遞資料的設定等。這些作業系統與瀏覽程式上之設定的差異可能會導致外部伺服器無法將憑證作業結果傳回客戶端,進而造成客戶端在業務伺服器上所進行的交易無法完成。 However, because there are many operating systems running on the client (such as various operating systems running on computers and mobile devices), and the browsers used by the client (including native web browser programs or internal There are more browser programs embedded in applications on computers or mobile devices, and different operating systems and different browser programs may have some differences in settings. For example, some operating systems or browser programs have "prevent "Cross-site tracking" settings, and some browsers have settings that cannot pass data across domains. The differences in the settings between these operating systems and browser programs may cause the external server to fail to send the certificate operation result back to the client, which may cause the client to fail to complete the transaction on the business server.

綜上所述,可知先前技術中長期以來一直存在不同作業系統及不同瀏覽程式上之設定的差異可能會導致外部伺服器無法將憑證作業結果傳回客戶端的問題,因此有必要提出改進的技術手段,來解決此一問題。 In summary, it can be seen that there have been differences in the settings of different operating systems and different browsers in the prior art for a long time, which may cause the problem that the external server cannot transmit the certificate operation result back to the client. Therefore, it is necessary to propose improved technical means To solve this problem.

有鑒於先前技術存在不同作業系統及不同瀏覽程式上之設定的差異可能會導致外部伺服器無法將憑證作業結果傳回客戶端的問題,本發明遂揭露一種依客戶環境選擇資料傳遞方式以進行憑證作業之系統及方法,其中:本發明所揭露之依客戶環境選擇資料傳遞方式以進行憑證作業之系統,至少包含:網頁伺服器;客戶端,用以登入網頁伺服器,並執行網頁 伺服器所傳送之網頁程式,網頁程式用以偵測客戶端所使用之作業環境以取得與作業環境對應之環境識別訊息;入口伺服器,用以接收網頁程式透過客戶端所傳送之憑證作業指令及環境識別訊息,並依據環境識別訊息選擇作業執行模式;憑證伺服器,用以提供入口伺服器依據作業執行模式引導客戶端連接,及用以依據憑證作業指令執行相對應之憑證處理作業以產生憑證作業結果,並傳送憑證作業結果至客戶端,使網頁程式取得憑證作業結果。 In view of the difference in the settings of different operating systems and different browser programs in the prior art, the external server may not be able to transmit the certificate operation result back to the client. The present invention discloses a method of selecting data transmission according to the client environment to perform the certificate operation. The system and method of the invention, wherein: the system for selecting the data transmission method according to the client environment to perform the certificate operation disclosed in the present invention includes at least: a web server; a client for logging in to the web server and executing the web page The web program sent by the server, the web program is used to detect the operating environment used by the client to obtain the environment identification information corresponding to the operating environment; the entry server is used to receive the certificate operation command sent by the web program through the client And environment identification information, and select the operation execution mode according to the environment identification information; the certificate server is used to provide the entrance server to guide the client connection according to the operation execution mode, and to execute the corresponding certificate processing operation according to the certificate operation command to generate Certificate operation result, and send the certificate operation result to the client, so that the web program can obtain the certificate operation result.

本發明所揭露之依客戶環境選擇資料傳遞方式以進行憑證作業之方法,其步驟至少包括:客戶端登入網頁伺服器;客戶端執行網頁伺服器所傳送之網頁程式;網頁程式偵測客戶端所使用之作業環境以取得與作業環境對應之環境識別訊息;網頁程式透過客戶端傳送憑證作業指令及環境識別訊息至入口伺服器;入口伺服器依據環境識別訊息選擇作業執行模式,並依據作業執行模式引導客戶端連線至憑證伺服器;憑證伺服器依據憑證作業指令執行相對應之憑證處理作業以產生憑證作業結果;憑證伺服器傳送憑證作業結果至客戶端,使網頁程式取得憑證作業結果。 The method for selecting the data transmission method according to the client environment to perform the certificate operation disclosed in the present invention includes at least the steps of: the client logs into the web server; the client executes the web program sent by the web server; The operating environment used to obtain the environment identification information corresponding to the operating environment; the web program sends the certificate operation command and environment identification information to the portal server through the client; the portal server selects the operation execution mode according to the environment identification information, and according to the operation execution mode Guide the client to connect to the certificate server; the certificate server executes the corresponding certificate processing operation according to the certificate operation command to generate the certificate operation result; the certificate server sends the certificate operation result to the client so that the web program can obtain the certificate operation result.

本發明所揭露之系統與方法如上,與先前技術之間的差異在於本發明透過入口伺服器依據客戶端上所執行之網頁程式所傳送的環境識別訊息選擇作業執行模式,並依據作業執行模式引導客戶端連線至憑證伺服器後,憑證伺服器依據憑證作業指令執行憑證處理作業以產生憑證作業結果,並將憑證作業結果至客戶端,使網頁程式取得憑證作業結果,藉以解決先前技術所存在的問題,並可以達成減少網頁伺服器之開發人員的工作負擔的技術功效。 The system and method disclosed in the present invention are as above. The difference with the prior art is that the present invention selects the operation execution mode according to the environment identification information sent by the webpage program executed on the client through the portal server, and guides the operation according to the operation execution mode After the client connects to the certificate server, the certificate server executes the certificate processing operation according to the certificate operation command to generate the certificate operation result, and sends the certificate operation result to the client, so that the web program obtains the certificate operation result, so as to solve the existing technology The problem, and can achieve the technical effect of reducing the workload of web server developers.

110:客戶端 110: client

111:應用程式 111: Application

120:網頁伺服器 120: web server

121:網頁程式 121: Web Program

130:入口伺服器 130: Entry server

150:憑證伺服器 150: certificate server

步驟210:客戶端登入網頁伺服器 Step 210: The client logs in to the web server

步驟220:客戶端執行網頁伺服器所傳送之網頁程式 Step 220: The client executes the web program sent by the web server

步驟230:客戶端偵測客戶端所使用之作業環境以取得與作業環境對應之環境識別訊息 Step 230: The client detects the operating environment used by the client to obtain the environment identification information corresponding to the operating environment

步驟250:客戶端傳送憑證作業指令及環境識別訊息至入口伺服器 Step 250: The client sends the certificate operation command and environment identification message to the portal server

步驟260:入口伺服器依據環境識別訊息選擇作業執行模式,並依據作業執行模式引導客戶端連線至憑證伺服器 Step 260: The portal server selects the operation execution mode according to the environment identification information, and guides the client to connect to the certificate server according to the operation execution mode

步驟270:憑證伺服器依據憑證作業指令執行相對應之憑證處理作業並產生憑證作業結果 Step 270: The certificate server executes the corresponding certificate processing operation according to the certificate operation command and generates the certificate operation result

步驟280:憑證伺服器傳送憑證作業結果至客戶端,使應用程式取得憑證作業結果 Step 280: The certificate server sends the result of the certificate operation to the client, so that the application can obtain the result of the certificate operation

第1圖為本發明所提之依客戶環境選擇資料傳遞方式以進行憑證作業之系統架構圖。 Figure 1 is a system architecture diagram of the present invention that selects the data transmission method according to the customer environment to perform the certificate operation.

第2圖為本發明所提之依客戶環境選擇資料傳遞方式以進行憑證作業之方法流程圖。 Figure 2 is a flow chart of the method of selecting the data transfer method according to the customer environment for voucher operation according to the present invention.

以下將配合圖式及實施例來詳細說明本發明之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本發明解決技術問題所應用的技術手段並據以實施,藉此實現本發明可達成的功效。 The following will describe the features and implementation of the present invention in detail with the drawings and embodiments. The content is sufficient to enable anyone familiar with the relevant art to easily and fully understand the technical means used by the present invention to solve the technical problems and implement them accordingly. The achievable effect of the present invention.

本發明可以偵測客戶端的環境識別訊息,並依據所偵測到的環境識別訊息選擇客戶端連線至憑證伺服器的方式,使得客戶端取得憑證伺服器所傳送的憑證作業結果。 The present invention can detect the environment identification information of the client, and select the way for the client to connect to the certificate server according to the detected environment identification information, so that the client obtains the certificate operation result sent by the certificate server.

以下先以「第1圖」本發明所提之依客戶環境選擇資料傳遞方式以進行憑證作業之系統架構圖來說明本發明的系統運作。如「第1圖」所示,本發明之系統含有客戶端110、網頁伺服器120、入口伺服器130、以及憑證伺服器150。其中,客戶端110、網頁伺服器120、入口伺服器130、以及憑證伺服器150都可以是計算設備。 In the following, the system architecture diagram of selecting the data transmission mode according to the customer environment mentioned in the present invention to perform the certificate operation as mentioned in the "Figure 1" is used to illustrate the system operation of the present invention. As shown in "Figure 1", the system of the present invention includes a client 110, a web server 120, a portal server 130, and a certificate server 150. Among them, the client 110, the web server 120, the portal server 130, and the certificate server 150 may all be computing devices.

本發明所提之計算設備包含但不限於一個或多個處理器、一個或多個記憶體模組、以及連接不同元件(包括記憶體模組和處理器)的匯流排等元件,透過所包含之多個元件,計算設備可以載入並執行作業系統,使作業系 統在計算設備上運行,同時,計算設備也可以執行安裝於作業系統中的應用程式。 The computing device mentioned in the present invention includes but is not limited to one or more processors, one or more memory modules, and components such as buses connecting different components (including memory modules and processors). Of multiple components, the computing device can load and execute the operating system, making the operating system The system runs on a computing device, and at the same time, the computing device can also execute applications installed in the operating system.

本發明所提之計算設備的匯流排可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於並列的工業標準架構(ISA)匯流排、周邊元件互連(PCI)匯流排、視頻電子標準協會(VESA)局域匯流排、以及串列的通用序列匯流排(USB)、快速周邊元件互連(PCI-E)匯流排等。 The bus of the computing device mentioned in the present invention may include one or more types, for example, including data bus, address bus, control bus, and extended function bus ( expansion bus), and/or local bus (local bus). The bus of computing equipment includes, but is not limited to, parallel industry standard architecture (ISA) bus, peripheral component interconnect (PCI) bus, Video Electronics Standards Association (VESA) local bus, and serial universal serial bus (USB), PCI-E bus, etc.

本發明所提之計算設備的處理器與匯流排耦接。處理器包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在做為處理器的處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理器。處理器可為處理單元、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理器,則計算設備所包含的處理器都相同或類似,且透過匯流排耦接與通訊。 The processor of the computing device provided by the present invention is coupled with the bus. The processor contains a register group or register space. The register group or register space can be completely set on the processing chip used as the processor, or all or part of it can be set outside the processing chip And it is coupled to the processor via a dedicated electrical connection and/or via a bus. The processor may be a processing unit, a microprocessor, or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processors, the processors included in the computing device are all the same or similar, and they are coupled and communicated through a bus.

計算設備的處理器可以與晶片組耦接或透過匯流排與晶片組電性連接。晶片組是由一個或多個積體電路(IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理器存取或使用。 The processor of the computing device can be coupled to the chipset or electrically connected to the chipset through a bus. The chipset is composed of one or more integrated circuits (IC), including a memory controller and a peripheral input/output (I/O) controller, that is, the memory controller and peripheral input/output controller can be included in In an integrated circuit, two or more integrated circuits can also be used. Chipsets usually provide I/O and memory management functions, as well as multiple general-purpose and/or special-purpose registers, timers, etc., among which the aforementioned general-purpose and/or special-purpose registers and timers can be coupled or One or more processors electrically connected to the chipset are accessed or used.

計算設備的處理器也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組和大容量儲存區中的資料。上述之記憶體模組包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory,NVRAM)記憶體,例如靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、快閃記憶體(Flash)、唯讀記憶體(ROM)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟、磁帶機、隨身碟(快閃記憶體)、固態硬碟(Solid State Disk,SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。 The processor of the computing device can also access the data in the memory module and mass storage area installed on the computing device through the memory controller. The aforementioned memory modules include any type of volatile memory (volatile memory) and/or non-volatile memory (NVRAM), such as static random access memory (SRAM), dynamic random access Memory (DRAM), flash memory (Flash), read-only memory (ROM), etc. The aforementioned mass storage area can include any type of storage device or storage medium, such as hard disk drives, optical discs, tape drives, flash drives (flash memory), solid state disks (Solid State Disk, SSD), or any Other storage devices, etc. In other words, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard disk drives, and solid state drives.

計算設備的處理器也可以透過周邊輸出入控制器經由周邊輸出入匯流排與周邊輸出裝置、周邊輸入裝置、通訊介面、以及GPS接收器等周邊裝置或介面通訊。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等;周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等;周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援Wi-Fi、Zigbee等無線區域網路、藍牙、紅外線、近場通訊(NFC)、3G/4G行動通訊網路或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路設備、非同步傳輸模式(ATM)設備、DSL數據機、纜線(Cable)數據機等。處理器可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠進行資料的輸入與輸出,也能夠與具有上述描述之元件的另一個計算設備進行通訊。 The processor of the computing device can also communicate with peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers and other peripheral devices or interfaces through the peripheral I/O bus through the peripheral I/O controller. The peripheral input device can be any type of input device, such as a keyboard, mouse, trackball, touchpad, joystick, etc.; the peripheral output device can be any type of output device, such as a display, a printer, etc.; a peripheral input device It can also be the same device as the peripheral output device, such as a touch screen. The communication interface can include a wireless communication interface and/or a wired communication interface. The wireless communication interface can include support for Wi-Fi, Zigbee and other wireless local area networks, Bluetooth, infrared, near field communication (NFC), 3G/4G mobile communication network or others The interface of wireless data transmission protocol, wired communication interface can be Ethernet equipment, asynchronous transfer mode (ATM) equipment, DSL modem, cable modem, etc. The processor can periodically poll various peripheral devices and interfaces, so that the computing device can input and output data, and can also communicate with another computing device having the above-described components.

客戶端110為可以提供使用者選擇並執行應用程式111的計算裝置,包含但不限於電腦、智慧型手機、平板、個人數位助理、導航裝置、多媒體播放機、電子書閱讀機、遊戲主機、電子字典等。其中,本發明所提之應用程式111具有網頁瀏覽功能,例如網頁瀏覽器、或是內嵌於電腦應用軟體或行動應用程式中以WebView方式呈現的瀏覽程式等,但本發明並不以此為限。 The client 110 is a computing device that can provide users to select and execute the application 111, including but not limited to computers, smart phones, tablets, personal digital assistants, navigation devices, multimedia players, e-book readers, game consoles, and electronics Dictionaries etc. Among them, the application 111 mentioned in the present invention has a web browsing function, such as a web browser, or a browser embedded in a computer application software or a mobile application in the form of WebView, etc., but the present invention does not take this as limit.

客戶端110負責透過通訊介面使用有線網路或無線網路與網頁伺服器120連接,藉以接收網頁伺服器120所傳送的資料或訊號,及/或傳送資料或訊號至網頁伺服器120。其中,本發明所提之有線網路包含但不限於乙太網路,無線網路包含但不限於WiFi、藍牙、3G/4G電話網路等。 The client 110 is responsible for connecting to the web server 120 using a wired network or a wireless network through a communication interface, so as to receive data or signals sent by the web server 120 and/or send data or signals to the web server 120. Among them, the wired network mentioned in the present invention includes but is not limited to the Ethernet network, and the wireless network includes but not limited to WiFi, Bluetooth, 3G/4G telephone network, etc.

在部分的實施例中,客戶端110也可以透過通訊介面使用有線或無線網路與入口伺服器130連接,並可以接收入口伺服器130所傳送的資料或訊號,也可以傳送資料或訊號至入口伺服器130。其中,客戶端110可以直接與入口伺服器130建立連線,或是透過網頁伺服器120的重導向(redirect)與入口伺服器130建立連線。 In some embodiments, the client 110 can also connect to the portal server 130 through a communication interface using a wired or wireless network, and can receive data or signals sent by the portal server 130, and can also send data or signals to the portal Server 130. Wherein, the client 110 can directly establish a connection with the portal server 130, or establish a connection with the portal server 130 through a redirect of the web server 120.

客戶端110負責登入網頁伺服器120。更詳細的,客戶端110在執行應用程式111後,應用程式111可以連線到網頁伺服器120,並將登入資料傳送至網頁伺服器120以登入網頁伺服器120。其中,上述之登入資料包含但不限於客戶端110之使用者對應網頁伺服器120的帳號密碼等。 The client 110 is responsible for logging into the web server 120. In more detail, after the client 110 executes the application 111, the application 111 can connect to the web server 120 and send the login data to the web server 120 to log in to the web server 120. The aforementioned login information includes, but is not limited to, the account password of the user of the client 110 corresponding to the web server 120, etc.

客戶端110也負責接收憑證伺服器150所傳送的憑證作業結果,並由客戶端110執行的應用程式111將客戶端110所接收到的憑證作業結果儲存於與網頁伺服器120對應之本地儲存區(Local Storage)中。 The client 110 is also responsible for receiving the certificate operation result sent by the certificate server 150, and the application 111 executed by the client 110 stores the certificate operation result received by the client 110 in the local storage area corresponding to the web server 120 (Local Storage).

客戶端110也負責接收網頁伺服器120所傳送的網頁程式121並由被客戶端110執行的應用程式111執行所接收到的網頁程式121。其中,本發明所提之網頁程式121包含應用程式111可解碼的HTML語法及/或應用程式111可執行的腳本(Script)或程式碼。 The client 110 is also responsible for receiving the web program 121 sent by the web server 120 and the application 111 executed by the client 110 executes the received web program 121. The webpage program 121 mentioned in the present invention includes HTML grammar that can be decoded by the application 111 and/or a script or program code executable by the application 111.

網頁程式121可以使客戶端110所執行之應用程式111偵測客戶端110所使用的作業環境以取得客戶端110所使用之作業環境對應的環境識別訊息。本發明所提之作業環境可以是客戶端110的作業系統,也可以是執行網頁程式121的瀏覽程式,或可以是作業系統與瀏覽程式兩者;本發明所提之環境識別訊息可以是作業系統識別資料及/或瀏覽程式識別資料,瀏覽程式可以是應用程式本身(如瀏覽器程式),也可以是應用程式所包含的子程式(如內嵌於應用程式中的瀏覽元件)。也就是說,網頁程式121在被應用程式111執行後,應用程式111可以偵測客戶端110之作業系統以取得作業系統識別資料及/或偵測執行網頁程式121之瀏覽程式以取得瀏覽程式識別資料,並將所取得之作業系統識別資料及/或瀏覽程式識別資料作為環境識別訊息。上述之作業系統識別資料包含作業系統的名稱或代號、與版本訊息等資料;上述之瀏覽程式識別資料包含瀏覽程式的名稱、版本訊息等資料。 The webpage program 121 can enable the application 111 executed by the client 110 to detect the operating environment used by the client 110 to obtain the environment identification information corresponding to the operating environment used by the client 110. The operating environment mentioned in the present invention can be the operating system of the client 110, or a browser program that executes the webpage program 121, or it can be both an operating system and a browser program; the environment identification information mentioned in the present invention can be an operating system The identification data and/or the identification data of the browsing program. The browsing program can be the application itself (such as a browser program) or a subprogram included in the application (such as a browsing component embedded in the application). That is, after the webpage program 121 is executed by the application program 111, the application program 111 can detect the operating system of the client 110 to obtain the operating system identification data and/or detect the browser running the webpage program 121 to obtain the browser program identification. Data, and use the obtained operating system identification data and/or browser identification data as environmental identification information. The above-mentioned operating system identification data includes data such as the name or code of the operating system, and version information; the above-mentioned browsing program identification data includes data such as the name and version information of the browser.

網頁程式121也負責使客戶端110所執行的應用程式111產生憑證作業指令,並傳送所產生之憑證作業指令與所取得之環境識別資料給入口伺服器130。 The webpage program 121 is also responsible for causing the application 111 executed by the client 110 to generate a certificate operation command, and send the generated certificate operation command and the obtained environment identification data to the portal server 130.

網頁伺服器120可以透過通訊介面提供一個或多個客戶端110連接,藉以接收所連接之客戶端110所傳送的資料或訊號,及/或傳送資料或訊號至 所連接的客戶端110。其中,網頁伺服器120可以提供客戶端110使用有線網路或無線網路連接。 The web server 120 can provide one or more clients 110 to connect via a communication interface, so as to receive data or signals sent by the connected clients 110, and/or send data or signals to The connected client 110. Among them, the web server 120 can provide the client 110 to use a wired network or a wireless network connection.

網頁伺服器120負責透過通訊介面接收客戶端110所執行之應用程式111所傳送之登入資料,並驗證所接收到的登入資料,以及負責在登入資料通過驗證後,依據所接收到之登入資料將應用程式111登入網頁伺服器120。 The web server 120 is responsible for receiving the login information sent by the application 111 executed by the client 110 through the communication interface, and verifying the received login information, and is responsible for sending the login information according to the received login information after the login information is verified. The application 111 logs into the web server 120.

網頁伺服器120也負責將網頁程式121傳送給客戶端110上成功登入網頁伺服器120的應用程式111。 The web server 120 is also responsible for sending the web program 121 to the application 111 on the client 110 that has successfully logged in to the web server 120.

入口伺服器130負責透過通訊介面提供客戶端110使用有線或無線網路連接,藉以接收客戶端110所傳送的資料或訊號,及/或傳送資料或訊號至客戶端110。例如,入口伺服器130可以接收客戶端110執行之應用程式111所傳送的憑證作業指令以及環境識別訊息,但本發明並不以此為限。 The portal server 130 is responsible for providing the client 110 with a wired or wireless network connection through a communication interface, so as to receive data or signals sent by the client 110 and/or send data or signals to the client 110. For example, the portal server 130 may receive the certificate operation command and the environment identification message sent by the application 111 executed by the client 110, but the invention is not limited to this.

入口伺服器130也負責依據所接收到的環境識別訊息選擇作業執行模式,並負責依據所選擇的作業執行模式引導客戶端110連線到憑證伺服器150。其中,入口伺服器130所選擇的作業執行模式可以是使用內嵌網頁(iFrame)的方式,也就是入口伺服器130可以傳送包含內嵌網頁(iFrame)的網頁給客戶端110,使得客戶端110所執行的應用程式111依據透過內嵌網頁連線到憑證伺服器150;入口伺服器130所選擇的作業模式也可以是重導向的方式,也就是入口伺服器130將客戶端110所執行之應用程式111的連線轉送給憑證伺服器150,使得憑證伺服器150與客戶端110建立連線。 The portal server 130 is also responsible for selecting the operation execution mode according to the received environment identification message, and is responsible for guiding the client 110 to connect to the certificate server 150 according to the selected operation execution mode. Wherein, the operation execution mode selected by the portal server 130 may be an embedded web page (iFrame), that is, the portal server 130 may send a web page containing an embedded web page (iFrame) to the client 110, so that the client 110 The running application 111 is based on connecting to the certificate server 150 through the embedded webpage; the operation mode selected by the portal server 130 can also be a redirection method, that is, the portal server 130 sends the application executed by the client 110 The connection of the program 111 is forwarded to the certificate server 150 so that the certificate server 150 establishes a connection with the client 110.

憑證伺服器150負責透過通訊介面提供客戶端110以入口伺服器130所選擇之作業執行模式的方式連接。也就是說,憑證伺服器150可以透過內嵌網頁或重導向的方式與客戶端110連接。 The certificate server 150 is responsible for providing the client 110 to connect in the operation execution mode selected by the portal server 130 through the communication interface. In other words, the certificate server 150 can connect to the client 110 through an embedded webpage or redirection.

憑證伺服器150也負責透過通訊介面接收憑證作業指令。其中,當憑證伺服器150透過內嵌網頁的方式與客戶端110連接時,憑證伺服器150可以接收由客戶端110所傳送的憑證作業指令;而當憑證伺服器150透過重導向的方式與客戶端110連接時,憑證伺服器可以接收由入口伺服器130所傳送的憑證作業指令。 The certificate server 150 is also responsible for receiving certificate operation commands through the communication interface. Wherein, when the certificate server 150 is connected to the client 110 through an embedded web page, the certificate server 150 can receive the certificate operation command sent by the client 110; and when the certificate server 150 communicates with the client 110 through a redirection method When the terminal 110 is connected, the certificate server can receive the certificate operation command sent by the portal server 130.

憑證伺服器150也負責依據所接收到的憑證作業指令執行相對應的憑證處理作業,並產生相對應的憑證作業結果。舉例來說,憑證伺服器150可以依據憑證作業指令執行憑證申請、期限展延、密碼變更等憑證處理作業。 The certificate server 150 is also responsible for executing corresponding certificate processing operations according to the received certificate operation instructions, and generating corresponding certificate operation results. For example, the certificate server 150 can perform certificate processing operations such as certificate application, time limit extension, password change, etc. according to the certificate operation command.

憑證伺服器150也負責透過通訊介面傳送所產生的憑證作業結果至客戶端110。憑證伺服器可以透過HTML 5規範中之postMessage的函式傳送所產生的憑證作業結果至客戶端110。 The certificate server 150 is also responsible for sending the generated certificate operation result to the client 110 through the communication interface. The certificate server can send the generated certificate operation result to the client 110 through the postMessage function in the HTML 5 specification.

接著以一個實施例來解說本發明的運作系統與方法,並請參照「第2圖」本發明所提之依客戶環境選擇資料傳遞方式以進行憑證作業之方法流程圖。在本實施例中,假設客戶端110為電腦,應用程式111為網頁瀏覽器,但本發明並不以此為限,例如,客戶端110與應用程式111也可以是手機等行動裝置以及執行於行動裝置上之包含瀏覽程式的行動應用程式,或可以是電腦與執行於電腦上之包含瀏覽程式的應用軟體。 Next, an embodiment is used to explain the operating system and method of the present invention, and please refer to the flowchart of the method of selecting the data transmission method according to the customer environment in the present invention in "Figure 2" to perform the certificate operation. In this embodiment, it is assumed that the client 110 is a computer and the application 111 is a web browser, but the present invention is not limited to this. For example, the client 110 and the application 111 may also be mobile devices such as mobile phones and run on A mobile application containing a browser program on a mobile device, or it can be a computer and an application software containing a browser program running on the computer.

當有使用者在客戶端110上操作應用程式111連線到網頁伺服器120時,網頁伺服器120可以要求應用程式111提供登入資料,使得應用程式111顯示輸入登入資料的網頁以提供使用者輸入登入資料。在本實施例中,假設登入資料為預先在網頁伺服器120上所註冊的帳號與密碼。 When a user operates the application 111 on the client 110 to connect to the web server 120, the web server 120 may request the application 111 to provide login information, so that the application 111 displays a web page for inputting the login information to provide user input Login information. In this embodiment, it is assumed that the login information is an account and password registered on the web server 120 in advance.

在使用者操作客戶端110在應用程式111中輸入先前在網頁伺服器120上所註冊的帳號與密碼後,應用程式111可以將登入資料傳送給網頁伺服器120。若被傳送的登入資料沒有通過網頁伺服器120的驗證,則網頁伺服器120可以再次要求應用程式111提供登入資料;而若登入資料通過網頁伺服器120的驗證,則網頁伺服器120可以將應用程式111登入網頁伺服器120(步驟210),並可以將網頁程式121傳送至應用程式111。在本實施例中,假設網頁程式121包含符合HTML 5規範的腳本。 After the user operates the client 110 to input the account and password previously registered on the web server 120 into the application 111, the application 111 can send the login information to the web server 120. If the transmitted login information does not pass the verification of the web server 120, the web server 120 may request the application 111 to provide the login information again; and if the login information passes the verification of the web server 120, the web server 120 may apply The program 111 logs into the web server 120 (step 210), and the web program 121 can be sent to the application 111. In this embodiment, it is assumed that the webpage program 121 includes scripts that comply with HTML 5 specifications.

在客戶端110的應用程式111接收到網頁伺服器120所傳送的網頁程式121後,可以執行所接收到的網頁程式121(步驟220)。在本實施例中,若網頁程式121包含在表示登入成功的網頁中,則應用程式111可以在成功登入網頁伺服器120時,也就是在載入表示成功登入網頁伺服器120的網頁時,執行網頁程式121;而若網頁程式121包含在交易網頁中,則應用程式111可以在由網頁伺服器120下載交易網頁時,或是使用者操作客戶端110點選交易網頁中的元件以進行交易時,執行網頁程式121。 After the application 111 of the client 110 receives the web page program 121 sent by the web server 120, it can execute the received web page program 121 (step 220). In this embodiment, if the webpage program 121 is included in a webpage indicating a successful login, the application 111 can execute when successfully logging into the web server 120, that is, when loading a webpage indicating successful login to the web server 120 Web page program 121; if the page program 121 is included in the transaction page, the application program 111 can be used when the transaction page is downloaded from the web server 120, or when the user operates the client 110 to click on the component in the transaction page to perform the transaction , Run the web program 121.

在客戶端110的應用程式111執行網頁伺服器120所傳送的網頁程式後,網頁程式121可以偵測客戶端110所使用之作業環境,藉以取得與客戶端110之作業環境對應的環境識別訊息(步驟230)。在本實施例中,假設網頁程式121可以偵測客戶端110的作業系統,並產生包含所取得之作業系統資訊的環境識別訊息。 After the application 111 of the client 110 executes the web program sent by the web server 120, the web program 121 can detect the operating environment used by the client 110 to obtain the environment identification information corresponding to the operating environment of the client 110 ( Step 230). In this embodiment, it is assumed that the webpage program 121 can detect the operating system of the client 110 and generate an environment identification message containing the obtained operating system information.

在客戶端110之應用程式111所執行之網頁程式121取得與客戶端110之作業環境對應的環境識別訊息後,網頁程式121可以透過客戶端110將憑證作業指令以及所取得之環境識別訊息傳送給入口伺服器130(步驟250)。在本 實施例中,假設網頁程式121可以使用開啟新視窗或新分頁的方式連線到入口伺服器130,並在連線時將環境識別訊息傳送到入口伺服器130。 After the web program 121 executed by the application 111 of the client 110 obtains the environment identification information corresponding to the operating environment of the client 110, the web program 121 can send the certificate operation command and the obtained environment identification information to the client 110 through the client 110 The portal server 130 (step 250). In this In the embodiment, it is assumed that the webpage program 121 can connect to the portal server 130 by opening a new window or a new page, and send the environment identification message to the portal server 130 when connecting.

在客戶端110之應用程式111所執行的網頁程式121將環境識別訊息傳送到入口伺服器130(步驟250)後,入口伺服器130可以依據網頁程式121所傳送的環境識別訊息選擇作業執行模式,並依據所選擇的作業執行模式引導客戶端110的應用程式111連線到憑證伺服器150(步驟260)。在本實施例中,假設入口伺服器130在環境識別訊息表示客戶端110的作業系統為特定的作業系統時,可以選擇重導向到憑證伺服器150,使得客戶端110的應用程式111與憑證伺服器150連接,並可以在重導向時把憑證作業指令傳送給憑證伺服器150;而入口伺服器130在環境識別訊息表示客戶端110的作業系統不是預定的作業系統時,可以選擇將包含iFrame的網頁傳送至客戶端110,使得客戶端110的應用程式111可以透過所接收到之網頁中的iFrame連線到憑證伺服器150,並可以在連線到憑證伺服器150時,把憑證作業指令傳送給憑證伺服器150。 After the web program 121 executed by the application 111 of the client 110 transmits the environment identification information to the portal server 130 (step 250), the portal server 130 can select the operation execution mode according to the environment identification information sent by the web program 121. The application 111 of the client 110 is guided to connect to the certificate server 150 according to the selected operation execution mode (step 260). In this embodiment, it is assumed that the portal server 130 can choose to redirect to the certificate server 150 when the environment identification message indicates that the operating system of the client 110 is a specific operating system, so that the application 111 of the client 110 and the certificate server Server 150 is connected, and can send the certificate operation command to the certificate server 150 when redirecting; and the entry server 130 can choose to include the iFrame when the environment identification message indicates that the operating system of the client 110 is not a predetermined operating system The web page is sent to the client 110, so that the application 111 of the client 110 can connect to the certificate server 150 through the iFrame in the received web page, and can send the certificate operation command when connecting to the certificate server 150 To the certificate server 150.

在入口伺服器130引導客戶端110的應用程式111連線到憑證伺服器150(步驟260),且客戶端110的應用程式111將憑證作業指令傳送給憑證伺服器150後,憑證伺服器150可以依據客戶端110之應用程式111所傳送的憑證作業指令執行相對應的憑證處理作業,並在執行憑證處理作業後產生相對應的憑證作業結果(步驟270)。 After the portal server 130 guides the application 111 of the client 110 to connect to the certificate server 150 (step 260), and the application 111 of the client 110 sends the certificate operation command to the certificate server 150, the certificate server 150 can The corresponding certificate processing operation is executed according to the certificate operation command sent by the application program 111 of the client 110, and the corresponding certificate operation result is generated after the certificate processing operation is executed (step 270).

之後,憑證伺服器150可以將所產生的憑證作業結果傳送到客戶端110,使得客戶端110之應用程式111所執行的網頁程式121可以取得憑證伺服器150所產生的憑證作業結果(步驟280)。在本實施例中,假設憑證伺服器150可以透過postMessage的函式將憑證作業結果傳送給客戶端110所執行的應用程 式111,應用程式111可以將憑證作業結果儲存在與網頁伺服器120對應的本地儲存區中,藉以等待應用程式111進行交易時使用。 After that, the certificate server 150 may send the generated certificate operation result to the client 110, so that the web program 121 executed by the application 111 of the client 110 can obtain the certificate operation result generated by the certificate server 150 (step 280) . In this embodiment, it is assumed that the certificate server 150 can send the result of the certificate operation to the application program executed by the client 110 through the postMessage function. Formula 111, the application program 111 can store the result of the certificate operation in a local storage area corresponding to the web server 120, so as to wait for the application program 111 to use it when the transaction is performed.

如此,透過本發明,入口伺服器130可以依據客戶端110的執行環境選擇客戶端110與憑證伺服器150的連接方式,使得憑證伺服器150可以順利的將客戶端110的憑證作業結果傳送給客戶端110使用。 In this way, through the present invention, the portal server 130 can select the connection mode of the client 110 and the certificate server 150 according to the execution environment of the client 110, so that the certificate server 150 can smoothly transmit the certificate operation result of the client 110 to the client Terminal 110 is used.

綜上所述,可知本發明與先前技術之間的差異在於具有入口伺服器依據客戶端上所執行之網頁程式所傳送的環境識別訊息選擇作業執行模式,並依據作業執行模式引導客戶端連線至憑證伺服器後,憑證伺服器依據憑證作業指令執行憑證處理作業以產生憑證作業結果,並將憑證作業結果至客戶端,使網頁程式取得憑證作業結果之技術手段,藉由此一技術手段可以解決先前技術所存在不同作業系統及不同瀏覽程式上之設定的差異可能會導致外部伺服器無法將憑證作業結果傳回客戶端的問題,進而達成減少網頁伺服器之開發人員的工作負擔的技術功效。 In summary, it can be seen that the difference between the present invention and the prior art is that the portal server selects the operation execution mode according to the environment identification information sent by the webpage program executed on the client, and guides the client connection according to the operation execution mode After reaching the certificate server, the certificate server executes the certificate processing operation according to the certificate operation command to generate the certificate operation result, and sends the certificate operation result to the client, so that the web program can obtain the result of the certificate operation. Solve the problem that the difference in the settings of different operating systems and different browsers in the prior art may cause the external server to fail to send the certificate operation result back to the client, thereby achieving the technical effect of reducing the workload of web server developers.

再者,本發明之依客戶環境選擇資料傳遞方式以進行憑證作業之方法,可實現於硬體、軟體或硬體與軟體之組合中,亦可在電腦系統中以集中方式實現或以不同元件散佈於若干互連之電腦系統的分散方式實現。 Furthermore, the method of the present invention for selecting the data transmission method according to the customer environment to perform the certificate operation can be implemented in hardware, software, or a combination of hardware and software, and can also be implemented in a centralized manner in a computer system or with different components Distributed in several interconnected computer systems.

雖然本發明所揭露之實施方式如上,惟所述之內容並非用以直接限定本發明之專利保護範圍。任何本發明所屬技術領域中具有通常知識者,在不脫離本發明所揭露之精神和範圍的前提下,對本發明之實施的形式上及細節上作些許之更動潤飾,均屬於本發明之專利保護範圍。本發明之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。 Although the embodiments of the present invention are disclosed as above, the content described is not intended to directly limit the scope of patent protection of the present invention. Anyone with ordinary knowledge in the technical field to which the present invention belongs, without departing from the spirit and scope of the present invention, makes some modifications in the form and details of the implementation of the present invention, all belong to the patent protection of the present invention range. The scope of patent protection of the present invention shall still be determined by the scope of the attached patent application.

步驟210:客戶端登入網頁伺服器 Step 210: The client logs in to the web server

步驟220:客戶端執行網頁伺服器所傳送之網頁程式 Step 220: The client executes the web program sent by the web server

步驟230:客戶端偵測客戶端所使用之作業環境以取得與作業環境對應之環境識別訊息 Step 230: The client detects the operating environment used by the client to obtain the environment identification information corresponding to the operating environment

步驟250:客戶端傳送憑證作業指令及環境識別訊息至入口伺服器 Step 250: The client sends the certificate operation command and environment identification message to the portal server

步驟260:入口伺服器依據環境識別訊息選擇作業執行模式,並依據作業執行模式引導客戶端連線至憑證伺服器 Step 260: The portal server selects the operation execution mode according to the environment identification information, and guides the client to connect to the certificate server according to the operation execution mode

步驟270:憑證伺服器依據憑證作業指令執行相對應之憑證處理作業並以產生憑證作業結果 Step 270: The certificate server executes the corresponding certificate processing operation according to the certificate operation command and generates the certificate operation result

步驟280:憑證伺服器傳送憑證作業結果至客戶端,使客戶端取得憑證作業結果 Step 280: The certificate server sends the result of the certificate operation to the client, so that the client can obtain the result of the certificate operation

Claims (8)

一種依客戶環境選擇資料傳遞方式以進行憑證作業之方法,該方法至少包含下列步驟:一客戶端登入一網頁伺服器;該客戶端執行該網頁伺服器所傳送之一網頁程式,以偵測該客戶端所使用之一作業環境並取得與該作業環境對應之一環境識別訊息;該客戶端傳送該環境識別訊息至一入口伺服器;該入口伺服器依據該環境識別訊息選擇將該客戶端之連線轉送至一憑證伺服器,使該憑證伺服器與該客戶端連線,或選擇傳送包含一內嵌網頁(iFrame)之網頁給該客戶端,使該客戶端依據該內嵌網頁連線至該憑證伺服器;該憑證伺服器依據該客戶端產生之一憑證作業指令執行相對應之憑證處理作業以產生一憑證作業結果;及該憑證伺服器傳送該憑證作業結果至該客戶端,使該客戶端取得該憑證作業結果。 A method for selecting a data transmission method to perform a certificate operation according to a client environment. The method includes at least the following steps: a client logs in to a web server; the client executes a web program sent by the web server to detect the The client uses an operating environment and obtains an environment identification message corresponding to the operating environment; the client sends the environment identification message to a portal server; the portal server selects the client’s The connection is forwarded to a certificate server to connect the certificate server to the client, or choose to send a web page containing an embedded web page (iFrame) to the client, so that the client connects according to the embedded web page To the certificate server; the certificate server executes the corresponding certificate processing operation according to a certificate operation command generated by the client to generate a certificate operation result; and the certificate server sends the certificate operation result to the client so that The client obtains the result of the certificate operation. 如申請專利範圍第1項所述之依客戶環境選擇資料傳遞方式以進行憑證作業之方法,其中該憑證伺服器傳送該憑證作業結果至該客戶端之步驟為該憑證伺服器透過postMessage函式傳送該憑證作業結果至該客戶端。 For example, the method of selecting the data transmission method according to the client environment to perform the certificate operation as described in the first item of the scope of patent application, wherein the certificate server sends the result of the certificate operation to the client by the certificate server through the postMessage function The result of the certificate operation is sent to the client. 如申請專利範圍第1項所述之依客戶環境選擇資料傳遞方式以進行憑證作業之方法,其中該方法於該客戶端取得該憑證作業結果之步驟後,更包含該客戶端將該憑證作業結果儲存於與該網頁伺服器對應之本地儲存區(Local Storage)中之步驟。 For example, the method of selecting the data transmission method to perform the certificate operation according to the client environment described in the first item of the scope of patent application, wherein the method further includes the client terminal obtaining the certificate operation result after the step of obtaining the certificate operation result Steps stored in the local storage corresponding to the web server. 如申請專利範圍第1項所述之依客戶環境選擇資料傳遞方式以進行憑證作業之方法,其中該客戶端偵測該客戶端所使用之該作業環境以取得與該作業環境對應之該環境識別訊息之步驟為該客戶端偵測該客戶端之作業系統及/或偵測執行該網頁程式之瀏覽程式以取得該環境識別訊息。 For example, the method of selecting the data transmission method according to the client environment to perform the certificate operation as described in the first item of the scope of patent application, wherein the client detects the operating environment used by the client to obtain the environment identification corresponding to the operating environment The message step is that the client detects the operating system of the client and/or detects the browser program that executes the web program to obtain the environmental identification information. 一種依客戶環境選擇資料傳遞方式以進行憑證作業之系統,該系統至少包含:一網頁伺服器;一憑證伺服器;一客戶端,用以登入該網頁伺服器,並用以偵測該客戶端所使用之一作業環境以取得與該作業環境對應之一環境識別訊息;及一入口伺服器,用以接收該客戶端所傳送之該環境識別訊息,並依據該環境識別訊息選擇將該客戶端之連線轉送至該憑證伺服器,使該憑證伺服器與該客戶端連線,或選擇傳送包含一內嵌網頁(iFrame)之網頁給該客戶端,使該客戶端依據該內嵌網頁連線至該憑證伺服器;其中,該憑證伺服器更用以依據該客戶端所產生之一憑證作業指令執行相對應之憑證處理作業以產生一憑證作業結果,並傳送該憑證作業結果至該客戶端,使該客戶端取得該憑證作業結果。 A system that selects the data transmission method to perform the certificate operation according to the client environment. The system at least includes: a web server; a certificate server; a client for logging in to the web server and for detecting where the client is Use an operating environment to obtain an environment identification message corresponding to the operating environment; and an entry server to receive the environment identification message sent by the client, and select the client's identification message based on the environment identification message The connection is forwarded to the certificate server to connect the certificate server to the client, or choose to send a web page containing an embedded web page (iFrame) to the client, so that the client connects according to the embedded web page To the certificate server; wherein, the certificate server is further used to execute a corresponding certificate processing operation according to a certificate operation command generated by the client to generate a certificate operation result, and send the certificate operation result to the client To enable the client to obtain the result of the certificate operation. 如申請專利範圍第5項所述之依客戶環境選擇資料傳遞方式以進行憑證作業之系統,其中該憑證伺服器是透過postMessage函式傳送該憑證作業結果至該客戶端。 For example, the system that selects the data transmission method to perform the certificate operation according to the client environment as described in item 5 of the scope of patent application, wherein the certificate server transmits the result of the certificate operation to the client through the postMessage function. 如申請專利範圍第5項所述之依客戶環境選擇資料傳遞方式以進行憑證作業之系統,其中該客戶端更用以將該憑證作業結果儲存於與該網頁伺服器對應之本地儲存區中。 For example, the system for selecting the data transmission method to perform the certificate operation according to the client environment described in item 5 of the scope of patent application, wherein the client is further used to store the result of the certificate operation in the local storage area corresponding to the web server. 如申請專利範圍第5項所述之依客戶環境選擇資料傳遞方式以進行憑證作業之系統,其中該客戶端是偵測該客戶端之作業系統及/或偵測該客戶端中執行網頁程式之瀏覽程式以取得該環境識別訊息。 As described in item 5 of the scope of patent application, the system that selects the data transfer method to perform the certificate operation according to the client's environment, where the client is to detect the operating system of the client and/or to detect the execution of the web program in the client Browse the program to obtain the environmental identification information.
TW107140058A 2018-11-12 2018-11-12 System and method for selecting data transmission mode according to client environment for certificate operation TWI697802B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW107140058A TWI697802B (en) 2018-11-12 2018-11-12 System and method for selecting data transmission mode according to client environment for certificate operation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107140058A TWI697802B (en) 2018-11-12 2018-11-12 System and method for selecting data transmission mode according to client environment for certificate operation

Publications (2)

Publication Number Publication Date
TW202018563A TW202018563A (en) 2020-05-16
TWI697802B true TWI697802B (en) 2020-07-01

Family

ID=71895771

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107140058A TWI697802B (en) 2018-11-12 2018-11-12 System and method for selecting data transmission mode according to client environment for certificate operation

Country Status (1)

Country Link
TW (1) TWI697802B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201528844A (en) * 2014-01-07 2015-07-16 Alibaba Group Services Ltd Method and system for determining whether a terminal logging into a website is a mobile terminal
CN105337735A (en) * 2014-05-26 2016-02-17 阿里巴巴集团控股有限公司 Digital certificate processing and verifying method and apparatus

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201528844A (en) * 2014-01-07 2015-07-16 Alibaba Group Services Ltd Method and system for determining whether a terminal logging into a website is a mobile terminal
CN105337735A (en) * 2014-05-26 2016-02-17 阿里巴巴集团控股有限公司 Digital certificate processing and verifying method and apparatus

Also Published As

Publication number Publication date
TW202018563A (en) 2020-05-16

Similar Documents

Publication Publication Date Title
KR102158754B1 (en) Method and apparatus for operating on smart network interface card
WO2022121221A1 (en) Token-based application access method and apparatus, computer device, and medium
US9177129B2 (en) Devices, systems, and methods for monitoring and asserting trust level using persistent trust log
KR20160083930A (en) Method and system for determining whether a terminal logging into a website is a mobile terminal
CN101960446A (en) Application based on the safety browser
CN103763331A (en) Method and system for a platform-based trust verifying service for multi-party verification
US8832805B1 (en) Verifying user information
US20100199170A1 (en) Method and system for identifying dynamic content in hypertext transfer protocol (http) responses
US10904011B2 (en) Configuration updates for access-restricted hosts
TWM618092U (en) Certificate management system for automated domain verification
US9727726B1 (en) Intrusion detection using bus snooping
TWI697802B (en) System and method for selecting data transmission mode according to client environment for certificate operation
TWM592629U (en) System to obtain appended data and execute corresponding operation when identity is confirmed
TWM642428U (en) Prevention and verification system for financial transaction during non-business hours
TWI690820B (en) System for using embedded browser module to manage certificate and method thereof
US12039309B2 (en) Information processing apparatus, method of activating an application and storage medium
TWI742429B (en) System for displaying signature message of portable document format file in web page and method thereof
US11316843B1 (en) Systems for authenticating users from a separate user interface
TWM574269U (en) System of certificate processing operated for transmission method selected based on customer environment
TWI691859B (en) System for identifying according to instruction to execute service and method thereof
TWM586390U (en) A system for performing identity verification according to the service instruction to execute the corresponding service
TWI746920B (en) System for using certificate to verify identity from different domain through portal and method thereof
TWM588313U (en) System for confirming user identity through financial account information
US20240297898A1 (en) Systems and methods for detecting advanced users by detection of the use of multiple windows or tabs
CN111489184A (en) Method, device, server, client and medium for verifying click behavior