A METHOD AND APPARATUS FOR CONFIRMING ACCESS OF DATA STORED ON A REMOTE DATABASE
The present application concerns method and apparatus for confirming access of data stored on a remote database. In particular embodiments of the present invention concern a method and apparatus confirming access of data stored on a remote database via the Internet.
With the growth of the number of Internet websites available, a need has arisen for a means by which users can distinguish between sites which fulfil certain standards in terms of the content and services which they provide and those sites which do not. One way in which this has been achieved in the prior art is by organisations reviewing the content and services provided by websites and contacting websites which fulfil that organization defined criteria. The organisations then provide computer graphic data files to be included within the web pages which the websites display so that approved sites may display graphics or icons indicating the websites approved status.
A problem with identifying authorised websites by the
inclusion within web pages of graphical indications that they fulfil the criteria set down by independent organisations is that unscrupulous web designers may copy the graphical displays from authorised sites to give the appearance to users that their sites are also authorised.
In order to overcome this problem some systems have developed means by which a user may select a graphic icon within a display which then causes a user's computer to connect via the Internet to another server which has stored thereon further information about approved websites which can then be viewed by a user.
However, although preventing simple copying of graphical indications of authorised status, this additional level of confirmation that the website is authorised gives rise to further problems. In particular, if the amount of additional data provided when an icon is selected is not very large, it is possible for an unscrupulous website to mimic the conformation procedure by including within their server's programs which generate similar displays to those provided on the separate server. However, if in order to prevent unscrupulous websites from mimicking the appearance of a confirmation, large amounts of data is included within a confirmation display this increases
the time required to download such confirmation data and therefore dissuades users from bothering to access the confirmation data at all.
A system is therefore required which enables users to obtain confirmation that data is being obtained from a third party when attempting to obtain confirmation that a website is authorised which does not require the download of large amounts of data and which it is not possible for an unscrupulous website to mimic.
In accordance with one aspect of the present invention there is provided a computer network comprising: a plurality of user stations operable to cause the generation of query data, each of said user stations further being arranged to store user data; a main server comprising a database storing data; and a communications network being operable to permit transfer of data between said plurality of user stations and said main server, wherein said main server further comprises : means for associating items of user data with additional data; said main server being arranged on receipt of query
data and user identification data corresponding to identification data stored on a user station, to output via said communications network to said user station, display data if said query data corresponds to any of said data within said database, said display data comprising said additional data associated in said registration database, w th user identification data corresponding to said received user identification data.
In accordance with this aspect of the present invention by storing and outputting additional data associated with an item of user data, if a generated query corresponds to data within the mam server, a means is provided for users to be provided with additional data, which they know s only available from the main server and hence provides confirmation that an access of the main server has been performed.
In accordance with another aspect of the present invention there is provided a method of confirming the access of data on a remote database via a computer network comprising a plurality of user stations; a main server and communications network comprising the steps of: providing a database in said main server;
storing user identification data m at least one of said plurality of user stations; storing additional data in said mam server in association with user identification data stored on said at least one server station; generating a query for said database utilizing one of said at least one server station and transmitting said query to said main server; and outputting said additional data associated with said user data of stored on the utilized user station in dependance upon the processing of said query by said database.
Other aspects of the present invention will become apparent with reference to the accompanying description and drawings in which :-
Figure 1 is a schematic block diagram of a computer network embodying the present invention;
Figure 2 is a schematic block diagram of an exemplary data structure for records stored within a site database;
Figure 3 is a schematic block diagram of an exemplary data structure for a user record within a registration
database;
Figure 4 is a flow diagram of the processing of a data transfer program;
Figure 5 is an illustration of an exemplary initial user display;
Figure 6 is a flow diagram of the processing of a control module of a main server;
Figure 7 is an illustration of an exemplary site confirmation display; and
Figure 8 is an illustration of an exemplary user warning display.
Figure 1 is a schematic block diagram of a computer network embodying the present invention. The computer network comprises a plurality of user stations 1.1-l.n that are connected to a plurality of client servers 3.1- 3.m and a main server 5 via the Internet 7 which enables data to be transferred between the user stations 1.1-l.n, the plurality of client servers 3.1-3.m and the main server 5.
The plurality of user stations 1.1-l.n each comprise conventional computer apparatus which are connected to a display and a user input device such as a keyboard or mouse (not shown in Figure 1). Stored within the memory of each of the user stations 1.1-l.n is a browser program 8 comprising a conventional browser program such as Netscape Navigator or Microsoft Explorer. Additionally, stored within the memories of some of the user stations 1.1 are items of encrypted user identification data 9.
The plurality of client servers 3.1-3.m each have stored therein display data 10 such as hypertext mark-up (HTML) scripts for dispatch via the Internet 7 to the user stations 1.1-l.n to cause the browser programs 8 of the user stations 1.1-l.n to generate and display screen displays and user interfaces on the displays of the user stations 1.1-l.n. The plurality of client servers 3.1- 3.m also each have stored therein a data transfer program 12 for coordinating the transfer of data between the client server 3.1;3.m the main server 5 and the plurality of user stations 1.1-l.n as will be described in detail later.
In this embodiment, the main server 5 has stored therein
a control module program 18 for controlling the overall processing of the main server 5; a site database 20 containing site records associating address data the form of universal resource locator (URL) addresses with commentary data relating to the content of data and services available from a client server 3.1;3.m having that URL; a site processing module 22 for processing data received from client servers 3.1-3.m to select and output records from the site database 20; a registration database 24 associating each encrypted user identification data stored on user stations 1.1 with data identifying URL addresses and time data; and a registration module 26 for generating records for storage within the registration database 24.
In use, additional information about the content of data and services provided by the client servers 3.1-3.m can be obtained by a user inputting a request via a user interface generated by the browser program 8 within a user station 1.1. The request is then transferred via a client server 3.1;3.m into the main server 5 together with a copy of encrypted user identification data 9 where such data s stored in the memory of the user station 1.1. Data associated with the URL of the server 3.1;3.m transferring the request is then output from the site
database 20 together with data associated with the received encrypted user identification data 9 within the registration data 24. The output data is then dispatched to the user station 1.1 where it is displayed.
Receipt of data associated with the URL of a server acts to confirm that data associated with the URL of the sever 3.1;3.m is stored within the site database 20. Receipt of data associated with the received user identification acts to provide confirmation that the data related to a server URL has been obtained as a result of the interrogation of the main server 5 and has not been obtained in any other way.
In this embodiment of the present invention, when data is output from the main server 5, the control module 18 causes the record in the registration database 24 associated with received user identification data 9 to be amended to include data indicative of the received URL and the current time. The records associated with encrypted user data 9 within the registration database 24 therefore each comprise data indicative of the time and URL address of each request made by a specific user to obtain data associated with a URL from the site database 20 of the main server 5. Thus in this
embodiment the additional data output together with requested data is easily recognisable to a user and changes each time a request for data from the site database 20 is made by a user. The present embodiment therefore provides a means by which the retrieval of data by a client server 3.1,3.m from the main server 5 or one occasion does not enable the client server 3.1,3.m to mimic retrieval of data from the main server 5 at a later date .
Prior to describing in detail the processing of the data transfer program 12 and the control module 18 of this embodiment of the present invention, data structures for records within the site database 20 and registration database 24 stored within the main server 5 will now be described with reference to Figures 2 and 3.
Figure 2 is a schematic block diagram of an exemplary data structure for records stored within the site database 20 of the main server 5.
In this embodiment of the present invention, site records within the site database 20 comprise a site URL 28 which is associated with commentary data 29 comprising data that s an independent assessment of the content of data
and services provided by a client server 3.1,3.m associated with the site URL 28 of that site record.
Figure 3 s a schematic block diagram of an exemplary data structure for a user record within the registration database 24. A user record in this embodiment of the invention comprises encrypted user identification data 30, corresponding to encrypted user identification data 9 stored within one of the user stations 1.1-l.n, and one or more visit records 32 each comprising a URL and a time stamp. As will be described in detail later whenever a user requests data from the site database 20 of the main server 5 via a client server 3.1-3.3m, the user record having encrypted user identification data 30 corresponding to the encrypted user identification data 9 stored within the user station l.l;l.n from which a request originated is amended to incorporate a further visit record comprising the URL of the client server 3.1,3.m through which a user's request has passed and a time stamp corresponding to the current time.
The processing of a data transfer program 12 of a client server 3.1;3.m will now be described in detail with reference to Figures 4 and 5.
Figure 4 is a flow diagram of the processing of a data transfer program 12 of a client server 3.1;3.m. Initially, when a user station 1.1; l.n connects to a server 3.1;3.m via the Internet 7 the data transfer program 12 causes (SI) an initial display interface to be selected from the display data 10 stored within the server 3.1;3.m. This initial user display interface is then dispatched from the client server 3.1;3.m to the user station 1.1; l.n via the Internet 7. When the initial user display interface is received by the user station 1.1; l.n it is shown on the screen of the user station.
Figure 5 is an illustration of an exemplary initial user display. In this embodiment the display comprises a main display 100 containing information provided from the client server 3.1,3.m in which is incorporated a confirm site status button 102 which can be selected by a user of the user station 1.1; l.n using an input device such as a keyboard or mouse.
When data is entered using input device connected to a user station 1.1; l.n the browser program 8 within the user station 1.1; l.n causes the entered data to be transmitted to the client server 3.1;3.m to which the
user station 1.1, l.n is currently connected via the Internet 7. By dispatching to a user station 1.1; l.n an initial user display 100 which incorporates a confirm site status button 102, a means is therefore provided by which users may input a request to obtain confirmation that the URL of the client server 3.1;3.m to which they are currently connected is stored within the site records of the site database 20 of the main server 5.
After an initial user display interface has been dispatched to a user station 1.1; l.n from the client server 3.1,3.m the data transfer program 12 then (S2) awaits the receipt of data from a user station 1.1; l.n via the Internet 7. When data is received from a user station 1.1; l.n the data transfer program 12 then (S3) determines whether the data received from the user station l.l;l.n is indicative of a user's selection of the confirm site status button 102 of the initial user display 100. If the data received from a user station 1.1,-l.n is not indicative of the selection of the confirm site status button 102, this means that the user has not requested confirmation that a record within the site database 20 of the main server 5 corresponds to the URL of the client server 3.1;3.m to which the user station 1.1-l.n is currently connected and the processing of the
data transfer program 12 comes to an end.
If data received from a user station 1.1; l.n is indicative of the selection of a confirm site status button 102 in an initial user display, the data transfer program 12 then (S4) causes a request to be dispatched from the client server 3.1;3.m via the Internet 7 to the user station 1.1; l.n from which the request has been received to request the output from the user station 1.1; l.n of stored encrypted user identification data 9, if such data is present or alternatively output data indicative of there being no stored identification data 9.
After requesting retrieval of stored encrypted user identification data 9 the data transfer program 12 then awaits a reply from the user station 1.1; l.n. When a reply is received from a user station 1.1; l.n via the Internet 7, the data transfer program 12 then determines (S5) whether the data received comprises encrypted user identification data 9 retrieved from a user station 1.1 or data indicating that no user identification data 9 is stored within the user station l.n from which a request for confirmation of site status has been received.
If the data transfer program 12 determines that data received from the Internet 7 is indicative of there being no encrypted user identification data 9 stored within the user station l.n from which a request has been received, the data transfer program 12 then causes an instruction to be sent to the user station l.n to cause the user station l.n to be connected directly to the main server 5 via the Internet 7. The processing of the data transfer program 12 then comes to an end.
If the data transfer program 12 determines that data received from a user station 1.1 is encrypted user identification data 9, the data transfer program 12 then (S7) causes the received encrypted user identification data 9 to be sent together with the URL for the client server 3.1;3.m to be dispatched to the main server 5. The data transfer program 12 then waits (S8) for receipt of display data dispatched from the main server 5 following the processing of the URL and encrypted user identification data 9. When data has been received, the display data is then incorporated into a user display which is dispatched by the client server 3.1;3.m via the Internet 7 to the user station 1.1 from which a request has been received. The dispatched display is then shown to a user on the screen of the user station 1.1. The
processing of the data transfer program 12 then finishes.
As will be described in detail later following receipt of encrypted user identification data 9 and a URL the main server 5 processes the received data and causes to be output to a client server 3.1;3.m either a display comprising commentary on the content or services provided by a client server 3.1 together with data retrieved from the records of the registration database 24 indicating the last three sites that a specific user has chosen to verify or alternatively outputs display data comprising a warning that the URL of the client server 3.1;3.m from which encrypted user identification data 9 has been dispatched is not included within the site database 20.
The processing of the control module 18 of the main server will now be described.
Figure 6 is a flow diagram of the processing of the control module 18 of a main server 5 in accordance with this embodiment of the present invention following receipt of data via the Internet 7.
Initially (S10) the control module 18 determines whether the data received from the Internet 7 comprises encrypted
user identification data 9 together with a URL or whether the data comprises a request instruction from a user station 1.1, l.n to connect directly to the main server 5. If the data received from the Internet 7 comprises a request from a user station 1.1; l.n to connect directly to the mam server 5 such a request will have been generated as a result of a client server 3.1,3.m determining that the user station l.n does not have stored therein encrypted user identification data 9. In such a case the control module 18 then (Sll) invokes the registration module 26 to cause to be generated within the registration database 24 a new user record comprising newly generated encrypted user identification data 30 and three visit records comprising the URL for the mam server 5 and the current time and date. The registration module 26 then (S12) causes a copy of the newly generated encrypted user identification data 30 of the new record to be dispatched to the user station l.n from which the original request to connect to the main server 5 originated for storage in the memory of that user station l.n. Thus in this way following a determination by the client server 3.1;3.m that there is no encrypted user data 9 stored with a specific user station l.n, by causing that the user station 1. n to connect to the mam
server 5 a means is provided to cause encrypted user identification data 9 to be written to the user station l.n corresponding to a user identification 30 within a newly generated user record within the registration database so that in the future that user station l.n may be used to access the content of the site database 20 of the main server 5.
If the control module 18 of the main server 5 determines that data received from the Internet 7 does not relate to a request to register this will have occurred because the data transfer program 12 of a client server 3.1,3.m will have transferred to the main server 5 data indicative of its URL together with encrypted user data 9 retrieved from a user station 1.1. The control module 18 the invokes the site processing module 22 to determine (S13) whether any of the site URLs 28 of the site records within the site database 20 correspond to the URL received from the client server 3.1;3.m.
If the site processing module 22 determines that one of the site records within the site database 20 does have a site URL 28 corresponding to the URL received from the client server 3.1,3.m. The site processing module 22 then (S14) causes a user record from within the
registration database 24 having user identification data 30 corresponding to the encrypted user identification data 9 received from the client server 3.1;3.m to be retrieved from the registration database 24 and amended to incorporate a further visit record comprising the received URL and the current time and date.
In this way the site processing module 22 causes the user records within the registration database 24 to include the URLs of which servers 3.1,3.m a user has accessed and then requested to be confirmed by selecting the confirmed site status button 102 n an initial user display. As the sites which have been verified by a user will be known to that user but are only stored within a computerised form within the registration database 24 of the mam server 5 the inclusion of data from this registration database 24 within the output of a client server is indicative of the client server having been permitted access to the registration database 26 and hence indirectly provides confirmation to a user that the URL of the client server is stored within a site record in the site database 20.
After the site processing module 22 has caused the user record associated within received encrypted user
identification data 9 to be updated to include an additional visit record corresponding to the received URL and current time and date the site processing module 22 then (S15) causes to be dispatched to the client server 3.1,3.m from which a URL and encrypted user identification data 9 has been received, display data comprising a copy of the commentary data 29 of the site record within the site database 20 having an associated sire URL 28 corresponding to the received URL from the client server 3.1,3.m together with copies of the three visit records associated with user identification data 30 corresponding to the encrypted user identification data received from the client server 3.1,3.m which comprise URL's and time stamps having the three most recent times associated with them. This data is then dispatched to the client server 3.1;3.m for incorporation within a user display as will now be described. The processing of the control module 18 and the site precessing module 22 then comes to an end.
Figure 7 is an illustration of an exemplary site confirmation display in accordance with this embodiment of the present invention. The display 110 contains a written commentary 112 corresponding to the commentary data 29 of the site record having a site URL 28
corresponding to the URL of the client server 3.1;3.m to which a user station 1.1; l.n is connected to via the Internet 7. Beneath the displayed commentary data 12 are three URL's 113 each associated with a time and date 114 being URL's associated with the three most recent times and dates in visit records associated with encrypted user identification data 9 received from a client server within user records withm the registration database 24.
Thus in this way since the commentary data displayed to a user 112 is displayed together with data retrieved from within the registration database 24 the fact -chat data must have been passed to the client server 3.1;3.m from the mam server 5 is therefore made apparent to a user. Furthermore, since the data within the site records in the site database 20 and the user records in the registration database 24 is only made available when data corresponding to a client server URL is stored within a site record stored in the mam server 5, a user is also therefore provided with confirmation that the client server 3.1;3.m to which the user station is connected fulfills whatever requirements have been laid down for entry of a record for the client servers URL within the site database 20.
Returning to Figure 6, if following receipt of encrypted user identification data 9 and a URL, the site processing module 22 determines (S13) that none of the site records within the site database 20 has a site URL 28 corresponding to a site URL received from a client server 3.1,3.m. This causes the site processing module to cause to be dispatched (S16) display data comprising a warning message to warn a user that the URL of the client server 3.1,3.m to which the user station is currently connected via the Internet 7 is not contained within the site database 20. The processing of the site processing module 22 and the control module 18 then finishes.
Figure 8 is an exemplary illustration of a user warning display generated from data output by a main server 5 when the main server determines that the URL received from a client server 3.1;3.m does not correspond to a site URL 28 within a site record in the site database 20. In this embodiment the user warning display comprises a written warning 120 displayed within a window generated by the browser program 8 within a user station 1.1, l.n.
The data for generating a user warning display does not however incorporate the references to previously visited and verify client servers as indicated within one or more
visit records 32 associated with encrypted user identification data 30 in user records in the registration database 24.
Following the determination (S13) of the site processing module 22 that a received URL does not correspond to any of the URL's 28 to the site records within the site database 20, no access is made to the records stored within the registration database 24. Data indicative of the visit records 32 associated with a received encrypted user identification data 9 is therefore not included with the display data output to the client server 3.1;3.m.
As the content of the visit records 32 is not available to the client server 3.1;3.m in any other way it is not possible for the client server 3.1;3.m to output to a user station 1.1, l.n a false site confirmation interface incorporating such data. As the client servers 3.1-3.m are unable to generate a site confirmation display for dispatch to the user stations 1.1; l.n independently of the main server 5, the receipt of a site confirmation display indicating the content of the visit records 32 by a user station 1.1; l.n therefore provides confirmation that a record within the site database 20 corresponds to the URL of the client server 3.1;3.m to which they are
currently connected via the Internet 7; and that this confirmation has been generated by accessing the databases 20,24 stored within the mam server 5.
Although in the previously described embodiment apparatus has been described which is arranged to output to a user station 1.1; l.n data indicative of the three most recent client servers that a user has selected for confirmation, it will be appreciated that other data could be used to provide an indication to a user that access of data within a mam server 5 has occurred. Thus for example instead of outputting the content of three visit records associated with encrypted user identification data 9 any other number of visit records associated with encrypted user identification data 9 could be output. Instead of selecting visit records on the basis of the time data associated within a visit record other criteria could be used instead or in addition to the time data to select which visit records are incorporated in data output to a client server. For example, the site processing module 22 could be arranged to only output visit records corresponding to different URLs.
Although in the previously described embodiment the content of a user record is only updated following
selection of a confirm site status button 102 within an initial user interface, the data transfer module 12 stored within client servers 3.1-3.m and the control module 18 of the mam server 5 could be arranged to cause records within the registration database 24 to be automatically updated whenever a user station accesses display data 10 stored within a client server 3.1;3.m. In such a system, the content of the visit records 32 associated with encrypted user identification data 9 would correspond to data indicative of the client servers 3.1-3.m visited by a user. The data transfer module 12 and the site processing module 22 could also additionally be arranged to include within visit records additional data indicative of the actions such as the making of a purchase via a website on the client server 3.1;3.m for inclusion within a visit record.
Although m the above described embodiment data stored within the registration database 24 comprised encoded user identification data 30 and one or more visit records 32. Other data could be stored m addition to this data. Thus for example, instead of the registration module 26 automatically creating a user record the registration module 26 could be arranged to cause to be generated within a user station 1.1; l.n a user interface for
inputting data indicative of personal user details such as name, address, age etc for inclusion within a user record. Additionally, the registration module 26 could be arranged to identify the processor number of a processor within the user station 1.1; l.n to which it is connected via the Internet 7 to include such data within a user record available for retrieval when confirmation of the status of a client server 3.1;3.m is requested.
Although not a preferred embodiment the site processing module 22 could be arranged to select and output only this personal data as an indication of confirmation that access has been made to the databases of the main server 5. In such a system no visit records would need to be included within a user record associated with encrypted user identification data 30 as the personal data alone would provide an indication that access of the databases within the main server 5 had occurred. However, if a system is provided which is not arranged to alter the content of user records, once a user has confirmed the status of a client server 3.1;3.m. If that client server 3.1;3.m ceases to fulfil the requirements for inclusion within the site database 20 the impression that records for that client sever 3.1;3.m are still within the site database 20 may be given since the data associated with
encrypted user identification data 9 will have been made available to the server 3.1;3.m at the earlier time.
Although m the previous embodiment apparatus has been described in which confirmation of the authorised status of a client server 3.1 has been provided by means of including commentary data within an output display, it will be appreciated that other means could be provided to indicate to a user that a client server 3.1;3.m is in some way authorised. Thus for example the display data dispatched from a client server to a user station could comprise solely the data retrieved from the record associated with received encrypted user identification data 9.
Although the embodiments of the invention described with reference to the drawings comprise computer apparatus and processes performed in computer apparatus, the invention also extends to computer programs, particularly computer programs on or in a carrier, adapted for putting the invention into practice. The program may be in the form of source or object code or in any other form suitable for use m the implementation of the processes according to the invention. The carrier be any entity or device capable of carrying the program.
For example, the carrier may comprise a storage medium, such as a ROM, for example a CD ROM or a semiconductor ROM, or a magnetic recording medium, for example a floppy disc or hard disk. Further, the carrier may be a transmissible carrier such as an electrical or optical signal which may be conveyed via electrical or optical cable or by radio or other means.
When a program is embodied in a signal which may be conveyed directly by a cable or other device or means, the carrier may be constituted by such cable or other device or means.
Alternatively, the carrier may be an integrated circuit in which the program is embedded, the integrated circuit being adapted for performing, or for use in the performance of, the relevant processes.