JP2002215481A - Web access control method and system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a Web control system which preferentially processes Web access to a specified customer, a specified page and a WWW server concerning a specified behavior. SOLUTION: For preferentially controlling Web access when multiple customers access to the WWW server at a time via an IP network and an MPLS network, which are represented as the Internet, a gateway device having a function for identifying customer ID such as Cookie information and ID such as URL information, which are included in a request packet received through the network, is used. Thus, a specified customer ID and page ID are preferentially processed and Web access to the specified customer, the specified page and specified behavior is preferentially processed.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION The present invention relates to a method in which a plurality of customers simultaneously use a WWW browser of their own terminal through an IP network or an MPLS network represented by the Internet.
The present invention relates to a method and system for preferentially controlling Web access relating to a specific customer, a specific page, and a specific action when accessing a WWW server.

[0002]

2. Description of the Related Art In conventional Web access via the Internet or the like, processing on a network, a WWW server, and the like is performed equally for a plurality of accesses. On the customer side, there are problems such as difficulty in connecting, or even if connection can be made, it takes a considerable amount of time for information to be sent.
On the service provider side, there is a problem that important customers are unable to connect and business opportunities are missed.To deal with this problem, the number of servers must be increased, and excessive capital investment is required. And other problems.

[0003]

SUMMARY OF THE INVENTION An object of the present invention is to solve the above-mentioned various problems caused by the fact that processing in a network, a WWW server, etc. is performed equally for all Web accesses. Another object of the present invention is to provide a web access control method and system.

[0004]

SUMMARY OF THE INVENTION The present invention provides a method for accessing a Web when a plurality of customers access a certain WWW server via an IP network, an MPLS network, or the like using a WWW browser of each terminal at a time. In controlling access, included between IP packets received through the network between the customer terminal and the WWW server
Identify the HTTP header information represented by the customer ID such as Cookie information and the page ID such as the URL, and prioritize the IP packet including the specific customer ID and the page ID, and specify the specific customer, the specific page and the specific It is characterized by giving priority control to Web access related to behavior.

The present invention further provides a Web access control system in which a plurality of customers access a certain WWW server via an IP network, an MPLS network, or the like using a WWW browser of each terminal at a time. Between the customer terminal and the WWW server, a customer ID such as Cookie information included in an IP packet constituting an HTTP request information received via the network or a page ID such as a URL.
Provide a gateway device that has a function to identify HTTP header information typified by a specific customer, a specific page, and a Web related to a specific behavior by prioritizing IP packets including a specific customer ID and page ID. It is characterized in that access is prioritized.

[0006] In a preferred embodiment of the present invention, the gateway device includes a page ID such as a customer ID or a URL such as the Cookie information.
A policy identification function that determines the priority of IP packet processing based on HTTP header information represented by D, and a policy that reflects the priority in the TOS value etc. based on the processing priority determination of the policy identification function Marking function and the WWW
A routing function for selecting a network to send a response IP packet from the server; a packet priority reading function for reading the response IP packet preferentially according to the priority such as the TOS value set by the policy marking function and sending the packet to the network; To be equipped.

In still another preferred embodiment of the present invention, the Web
The access priority control system further manages the customer's purchase history and determines the customer's web access priority,
Obtain a customer ID such as Cookie information from the WWW server,
A policy server having a function of associating the customer ID with a purchase history, a customer priority, etc., and setting the Cookie information and the priority as a policy for the gateway device is provided.

[0008] The "specific customer" mentioned here is, for example,
These are important customers who have high purchase prices.
It can be determined by Cookie information or the like. The “specific page” refers to a product sales page or the like planned by the service provider, which can be determined by URL information or the like. Further, the “specific action” is a request for purchase of a product or the like, which can also be determined by a URL or the like.

By using the above-described means, even if there are many Web accesses at the same time, if an important customer or an important page is set to a high priority, the access is given priority processing. You can connect to the WWW server and receive information as soon as possible. Also, it is only necessary to have facilities that can handle priority processing of important customers,
It is possible to avoid excessive capital investment for servers and the like, which tend to be excessive in the past.

[0010]

DESCRIPTION OF THE PREFERRED EMBODIMENTS The present invention will be described in more detail with reference to the accompanying drawings.

FIG. 1 is a diagram showing an example of a basic configuration of a Web access control system according to the present invention. 1 is a customer terminal, 2 is an IP network or MPLS network such as the Internet, 3 is a gateway device, and 4 is a WWW. Server.

In the following, a customer uses his WWW browser to access an IP network or MPLS (multiprotocol label swit).
ching) An outline of the operation for realizing priority access for a specific customer, a specific page, and a specific action when accessing a WWW server through a network or the like will be described.

First, a customer uses a WWW browser of a terminal 1 to send an HTTP (hypertext transfe) via a network 2.
r protocol) An IP packet (hereinafter, referred to as a request packet) constituting request information is transmitted to the gateway device 3. The gateway device 3 searches the policy database 311 for the URL (uniform resource locator) information and the cookie information included in the received request packet by using the policy identification function 31, and this database 311
If the URL or Cookie information is set to have priority, the request packet is transmitted to the WWW server 4 together with the priority information. In the WWW server 4, priority processing is performed according to the sent priority, and an IP packet (hereinafter, referred to as a response packet) constituting the HTTP response information is transmitted to the gateway 3
Send to In the gateway device 3, the policy marking function 32 identifies the SA (source address) and the TCP connection information of the response packet, and reflects the priority TOS value corresponding to the identification information.
Based on the TOS value, the response packets are sorted into classes according to the priorities, and are temporarily stored in the packet read queue 331 of the packet priority read function 33. Packet read queue 3
The construction method of 31 includes PQ (priori
ty Queuing) and WFQ (weighted Fair Queuing) can be used. Packet priority reading function 33
Reads out response packets in order from the priority class according to an algorithm based on the configuration method of the packet read queue 331, and sends out the response packets to the network 2. In this way, the response packet reaches the customer terminal 1 via the network 2.

By repeating the above operation, the customer
Necessary information can be extracted from the server 4, and priority access can be realized for a specific customer, a specific page, and a specific action.

[0015]

Embodiment 1 FIG. 2 shows the WWW server 4 as a priority WWW server 4.
FIG. 2 is a configuration diagram of an embodiment in the case of dividing into an ordinary WWW server and an ordinary WWW server. In this case, the gateway device 3 is used for priority.
A routing function 34 for distributing the WWW server 41 and the normal WWW server 42 by a private address, and a routing function 35 for distributing an exit of the gateway 3 to the network 2 by a global address.
And a policy identification function 31 having a NAT (network address translation) function for translating a global address into a private address, a policy marking function 32 having a NAT function for translating a private address into a global address, and a method of configuring a packet read queue 331 A packet priority reading function 33 for reading response packets in order from the priority class according to an algorithm based on the packet and sending the response packets to the network 2.

When a customer accesses the Web, the policy identification function 31 of the gateway device 3 first determines from the HTTP header information of the request packet whether the access is a priority access or a normal access from a policy database (DB). ) Identify based on 311. The policy database 311 stores SA (source address), DA (destination address), URL, cookie information, and the like as information to be searched, and priority is given as output information corresponding to the information. The NAT function converts the DA (destination address) to an address (private address) assigned to the server corresponding to the priority.

As shown in the policy database 311 of FIG. 2, H of the request packet from the WWW browser of the customer terminal 1
The Cookie information and URL information included in the TTP header information are compared with the Cookie information and URL information set in the policy database 311 in advance, and based on the obtained priority and DA (destination address) information. Priority processing and
A WWW server is selected. For example, as shown in the policy database 311, the URL information of the request packet is
If p: //xxx.co.jp/product/, the priority of the packet is “priority”, and the DA outputs the private address 192.10.1.5 of the priority WWW server 41. The policy identification function 31 sets the DA of the request packet to 192.10.1.5 and sends it to the priority WWW server 41. On the other hand, if the request packet is a request packet having no priority setting in the policy database 311, the DA of this request packet is set to the private address (192.10.1.6) of the normal WWW server 42. It is transmitted to the normal WWW server 42.

The response packet from the priority WWW server 41 is sent to the policy marking function 32 of the gateway 3.
Identifies the SA (source address), and reflects the TOS value of the priority corresponding to the SA in the policy marking table (hereinafter referred to as the PM table) 321 and the priority W
From the private address (192.10.1.5) assigned to the WW server 41 to the global address (129.2)
Is converted to 0.1.10), priority classes are sorted according to TOS values and the like, temporarily stored in the packet reading queue 331, and read out by the packet priority reading function 33 according to the priority and the packet reading algorithm. And transmitted to the network 2.

The response packet from the normal WWW server 42 is sent to the policy marking function 32 of the gateway 3.
Then, the non-priority TOS value is set in the PM table 321 based on the SA (192.10.1.6), stored in the low-priority class packet read queue 331, and according to the packet read algorithm. Read out, network 2
Sent to

As described above, only the Web access related to a specific customer, a specific page, and a specific action, whose priority is set high in the policy DB 311, is processed by the priority WWW server 41, and the response packet is also transmitted to the gateway. The processing is preferentially performed by the device and delivered to the terminal 1 of the customer.

[0021]

[Embodiment 2] FIG. 3 shows an embodiment in which one WWW server controls priority Web access and non-priority normal Web access, that is, a case where WWW servers are not divided by priority. In this example, when the gateway device 3 receives a TCP (transmission control protocol) connection creation request from the customer terminal 1, the policy identification function 31
P connection information is stored in a buffer etc. and the next HTTP
Policy DB3 with URL and Cookie information included in the request
11 and obtains the priority, transmits the request packet with the priority added to the WWW server 4, and transfers the priority and the held TCP connection information to the policy marking function 32 to transfer the request to the PM table. Set to 322.

The response packet from the WWW server 4 searches the policy marking (PM) table 322 by the policy marking function 32 based on the TCP connection information.
The priority is reflected in the TOS value or the like according to the priority set in the M table 322, and stored in the packet read queue 331 in the packet priority reading function 33 according to the priority information such as the TOS value. Response packet is packet read queue
The packet is read out according to the priority of 331 and the packet reading algorithm and transmitted to the network 2.

When the gateway device 3 receives a TCP connection disconnection request from the WWW server 4 or the customer terminal 1, the gateway device 3 discards the TCP connection information held by the policy identification function 31, and also deletes the corresponding PM table 32
Erase the TCP connection information etc. of 2.

[0024] In this way, a specific customer or a specific page set with a high priority and a We-
Only the b access is preferentially processed on a TCP connection basis according to the priority determined based on the URL of the request packet, the Cookie information, and the like.
A response packet to is also given priority processing.

FIG. 4 shows an example of a Web access priority control sequence based on HTTP 1.0 when the WWW server is not divided by priority. In FIG. 3, once the customer terminal 1 and the WWW server 4 establish a TCP connection, the gateway 3 searches the contents of the policy database 312 with URL and Cookie information, and sets the priority in the PM table 322 of the policy marking function 32. Set. As long as there is information to be transmitted from the WWW server 4, the TCP connection is maintained, and during that time, the HTTP response information is preferentially processed according to the TOS value of the PM table 322. When there is no more information to be transmitted from the WWW server 4, the TCP connection is disconnected. HT in HTTP1.0
Since a dedicated TCP connection is generated for each TP request, the above processing enables the priority to be determined for each HTTP request.

FIG. 5 shows an example of a priority control sequence based on HTTP1.1 when the WWW server is not divided by priority. In HTTP1.1, the same TCP connection is shared by multiple HTTP requests, so the priority is determined by the first HTTP request, and the WWW server 4 does not disconnect the TCP connection even if there is no more information to send. The HTTP request is processed. That is, since a plurality of HTTP requests are processed by one TCP connection, the access from the customer terminal 1 connected by this TCP connection is determined by the priority of the first access even if the accessed page changes. Priority processing will be performed. Therefore, HTTPl. In 1, the above processing enables priority processing for each customer terminal (customer) 1.

[0027]

Third Embodiment FIG. 6 shows a policy server 5 according to the fifth embodiment.
FIG. This policy server 5
Is determined based on the customer individual data table 511 in which purchase records for each customer are recorded, the customer basic data table 512 in which a list of customer ID, name, gender, address, purchase price, customer category, etc. of the customer is recorded. It has a priority level data table 513 that stores information such as priority and Cookie.

Each time there is Web access such as a purchase request or an inquiry from a customer, the WWW server 4
To send information such as purchase information and cookies. The policy server 5 manages the purchase status of each customer based on information from the WWW server 4 with a customer individual data table 511 and a customer basic data table 512, and gives priority to each customer according to purchase frequency, purchase genre, total purchase price, and the like. Determine the degree. The determined priority is the gateway device 3 together with the Cookie information.
And is set in the policy database 311. Subsequent access to the WWW server 4 is given priority according to the priority of the policy database 311. Especially W
When planning and selling a product on the eb, strategic priorities can be set such that the priority of a customer who frequently purchases in the same genre as the product to be sold is set high in advance.

[0029]

By using the means as described above,
Even if there are many web accesses at the same time, if important customers are set high priority, priority processing will be given, so important customers can connect to the WWW server as usual,
You can receive information quickly. In addition, the service provider can prioritize access only to important customers, important pages and important activities, so if there are facilities that can handle high-priority access without missing business opportunities And avoid excessive capital investment.

[Brief description of the drawings]

FIG. 1 is a diagram showing an overall configuration of a Web access control system according to the present invention.

FIG. 2 is a diagram illustrating a configuration example of a system in which a WWW server is divided into a priority WWW server and a normal WWW server.

FIG. 3 is a diagram illustrating a configuration example of a system in which a WWW server is not divided according to priority;

FIG. 4 is an explanatory diagram showing an example of a priority control sequence in HTTP1.0 when a WWW server is not divided by priority.

FIG. 5 is an explanatory diagram showing an example of a priority control sequence in HTTP1.1 when a WWW server is not divided by priority.

FIG. 6 is a diagram illustrating an operation of an example when a policy server is used in a Web access control system.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Customer terminal 2 IP network represented by the Internet 3 Gateway device 4 WWW server 5 Policy server 31 Policy identification function 32 Policy marking function 33 Packet priority reading function 34, 35 Routing function

 ────────────────────────────────────────────────── ─── Continuing on the front page (72) Inventor Yoshihiko Uematsu 2-3-1 Otemachi, Chiyoda-ku, Tokyo F-term in Nippon Telegraph and Telephone Corporation (reference) 5B089 GA11 GA21 GA31 GB02 JA22 KA06 KA13 KB06 KB13 KC39 KC52 MA02 MA04 5K030 GA13 HA08 HC01 HD03 KA05 LA03 LB07 LE05

Claims (6)

[Claims] 1. A WWW system in which a plurality of customers access a certain WWW server at a time via an IP network or an MPLS network using a WWW browser of each terminal.
In controlling eb access, the customer terminal and the WWW
Received via the network between the server
Customer ID and UR such as Cookie information included in IP packet
Identifies HTTP header information represented by page IDs such as L information, prioritizes IP packets containing specific customer IDs and page IDs, and provides Web access related to specific customers, specific pages, and specific actions. W characterized by priority control
eb access control method. 2. A web access control system in which a plurality of customers access a certain WWW server via an IP network, an MPLS network, or the like using a WWW browser of each terminal at a time. And the WW
H received between the W server and the network
HTTP represented by customer ID such as Cookie information included in IP packet constituting TTP request information and page ID such as URL
Providing a gateway device having a function to identify header information, prioritizing IP packets containing specific customer IDs and page IDs, and giving priority control to Web access related to specific customers, specific pages, and specific actions Web access control system characterized by doing so. 3. The method according to claim 1, wherein the gateway device is a client ID such as the cookie information or an HTTP represented by a page ID such as a URL.
A policy identification function for determining the priority of IP packet processing based on the header information, a policy marking function for setting the priority by reflecting the priority on the TOS value or the like based on the processing priority determination of the policy identification function; Response IP from server
A routing function to select a network to send a packet to, and a TO set by the policy marking function
3. The packet priority reading function according to claim 2, further comprising a packet priority reading function of reading a response IP packet preferentially according to a priority such as an S value and sending the response IP packet to a network.
Web access control system. 4. A routing function for dividing the WWW server into a priority WWW server and a normal WWW server, and wherein the gateway further selects and distributes a WWW server from a customer according to the priority. 3. The Web access control according to claim 2, further comprising a function of converting a private address assigned to each of the WWW servers into a global address registered on the network on behalf of the plurality of WWW servers. system. 5. The information of a priority target TCP connection and a priority is transferred from the policy identification function to the policy marking function.
The information from the policy identification function is reflected in a TOS value or the like, and the packet priority reading function preferentially reads a response packet from the WWW server according to parameters such as the TOS value. The web access control system according to claim 3. 6. The Web access control system further manages the purchase history of the customer, determines a Web access priority of the customer, and obtains a customer ID such as cookie information from the WWW server. And a policy server having a function of setting the cookie information and the priority as a policy for the gateway device by associating the cookie information with the purchase history, the customer priority, and the like. The web access control system according to claim 2.