The present invention relates to a website login processing method and system, and more particularly, to a website login processing method and system that is capable of logging in a website without repeatedly inputting an ID and password of a user.
This work was supported by the IT R&D program of MIC/IITA [2007-S-601-01, User Control Enhanced Digital Identity Wallet System].
In general, in order for a user to log in an Internet website, the user needs to input an ID and a password previously registered in the corresponding website. However, it is difficult for the user to memorize an ID and a password of each website, and the user should input an ID and a password whenever the user logs in that website. Therefore, it is inconvenient for the user to log in the website each time.
In order to get rid of inconvenience, two technologies are suggested in the related art. According to a first technology in the related art, if a user logs in a first website, the first website generates a message that confirms an authentication fact and transmits the message to a second website that the user logs in, after the first website. The second website performs a login process on the basis of the authentication confirmation message transmitted from the first website, instead of an ID and a password input by the user.
According to a second technology in the related art, after an ID and a password of each website are stored in advance in a user computer, when a user accesses a website, an ID and a password of the corresponding website that are stored in advance are automatically input.
However, according to the first technology in the related art, in order for a user to log in the first website again, the user still needs to input an ID and a password of the first website again, resulting in being inconvenient to the user. According to the second technology in the related art, there is a technical limitation in that, when a user accesses a website having two or more IDs, it is not possible to automatically determine which ID is used for logging in the corresponding website.
An object of the present invention is to get rid of inconvenience that a user feels when the user memorizes an ID and a password of a website and inputs the ID and password, in the case of logging in the website.
Another object of the present invention is to allow a user to select any one of a plurality of IDs for websites at the time of logging in a website, thereby getting rid of inconvenience that a user feels when memorizing an ID and a password of each website and inputting the ID and password.
Still another object of the present invention is to generate an encryption key for user information, such as an ID and a password, using random numbers, so as to prevent a password-guessing attack, a dictionary attack, or the like, thereby improving security.
A further object of the present invention is to store user information on websites, such as IDs and passwords, in a user ID management system, thereby allowing a user to easily recognize a list of websites that the user subscribes.
In order to achieve the above-described objects, according to a first aspect of the present invention, there is provided a website login processing method that performs a login process in a computer in which website information and one or more user information needed when logging in a website are associated with each other and stored. The website login processing method includes (a) a step of receiving a login command on a specific website from a user; and (b) a step of, in response to the login command, performing a login process on the specific website on the basis of user information, which is selected by the user among a plurality of user information associated with the specific website and stored in the computer.
At this time, the step (b) according to the first aspect of the present invention may include (b1) a step of displaying the plurality of user information associated with the specific website and stored in the computer; and (b2) a step of performing a login process on the specific website on the basis of the user information selected by the user among the plurality of displayed user information.
Further, the step (b) according to the first aspect of the present invention may be performing a login process on the specific website on the basis of user information selected by the user as a default in advance, among the plurality of user information associated with the specific website and stored in the computer.
Meanwhile, the computer according to the first aspect of the present invention may further store an encryption key for the user information that is generated using random numbers, and the step (b) may include validating the login using the encryption key.
Further, in order to achieve the above-described objects, according to a second aspect of the present invention, there is provided a website login processing method. The website login processing method includes (a) a step of providing a computer program, which allows the above website login processing method to be executed, to the computer; and (b) a step of, when the computer executes the computer program, communicating with the computer to execute the login process.
At this time, the step (b) according to the second aspect of the present invention may include (b1) a step of receiving the user information, which is needed when logging in the specific website, from the computer and storing the user information; (b2) a step of receiving a login request for the specific website from the computer; and (b3) a step of comparing user information included in the received login request with the user information stored in the step (b1) to validate the login.
Meanwhile, the step (b) according to the second aspect of the present invention may include (b1) a step of receiving an encryption key, which is generated using random numbers with respect to the user information that is needed when logging in the specific website, from the computer and storing the user information; (b2) a step of receiving a login request for the specific website from the computer; and (b3) a step of comparing an encryption key included in the received login request with the encryption key stored in the step (b1) to validate the login.
Furthermore, in order to achieve the above-described objects, according to a third aspect of the present invention, a website login processing apparatus includes an information storing unit that stores a computer program to allow the above-described website login processing method to be executed; an information processing unit that provides the computer program to the computer, and, when the computer executes the computer program, communicates with the computer to perform the login process; and a web page providing unit that provides a web page of the specific website to the computer in accordance with a result of the login process by the information processing unit.
According to the present invention, it is possible to get rid of inconvenience that a user feels when the user memorizes an ID and a password of a website and inputs the ID and password, in the case of logging in the website.
According to the present invention, since a user can select any one of a plurality of IDs for websites at the time of logging in a website, it is possible to get rid of inconvenience that a user feels when memorizing an ID and a password of each website and inputting the ID and password.
According to the present invention, since an encryption key for user information, such as an ID and a password, is generated using random numbers, it is possible to prevent a password-guessing attack, a dictionary attack, or the like, thereby improving security.
According to the present invention, since user information on websites, such as IDs and passwords, is stored in a user ID management system, a user can easily recognize a list of websites that the user subscribes.
Hereinafter, an exemplary embodiment of the present invention will be described in detail with reference to the accompanying drawings.
A browser 10 is an application program that enables a user to view all information on the World Wide Web. The browser 10 calls the information processing unit 22 through a calling unit 12, receives web pages from the web page providing unit 31 of the website system 30, and shows the web pages to the user.
1. Structure of User ID Management System 20
The information storing unit 23 stores a computer program that allows a website subscribing method (refer to
The information storing unit 23 further stores website information and user information that is needed when logging in a corresponding website. The website information may include information, such as a website name and a website access address. The user information may include information, such as a user ID and a user password. The information storing unit 23 further stores an encryption key for the user information (for example, user ID). The encryption key is generated using random numbers.
As for the user information, a plurality of user information may be stored for the same website. For example, as shown in
The information storing unit 23 may further store information on site cards to be shown to a user through a screen when the user accesses websites. For example, as shown in
The information display unit 21 visually displays a site card for a website that a user accesses. When one site card is assigned to each ID, the information display unit 21 displays site cards for all IDs that are registered in a corresponding website. As shown in
The information processing unit 22 performs a data communication with the information processing unit 32 of the website system 30 and performs a website subscribing process and a website login process according to this embodiment.
Further, the information processing unit 22 performs a process of storing website information, user information, encryption key information, and site card information in the information storing unit 23. The information processing unit 22 shows a site card for a website that a user accesses to the user through the information display unit 21, such that the user can select user information that is needed when logging in the website. The information processing unit 22 exchanges a variety of information with the website system 30 so as to perform a login process on the corresponding website on the basis of the user information selected by the user. The information processing unit 22 receives information on a website access address from the website system 30 or transmits information stored in the information storing unit 23 to the website system 30.
2. Structure of Website System 30
The information storing unit 33 stores user information and encryption key information transmitted from the user ID management system 20. The information storing unit 33 further stores a computer program that allows a website subscribing method (refer to
The website system 30 cooperates with the user ID management system 20 in response to the execution of the computer program, and performs a website subscribing process and a website login process according to this embodiment.
The web page providing unit 31 provides a web page 11 upon the request from the information processing unit 22 of the user ID management system 20.
The information processing unit 32 performs a data communication with the information processing unit 22 of the user ID management system 20 and performs a website subscribing process and a website login process according to this embodiment. The information processing unit 32 performs a process of providing a web page through the web page providing unit 31. The information processing unit 32 transmits an access address of the corresponding website to the user ID management system 20 upon the request from the user ID management system 20, and stores user information and encryption key information transmitted from the user ID management system 20 in the information storing unit 33.
3. Website Subscribing Method
A website subscribing method will be described with reference to
The information processing unit 22 requests a user to input user information, such as user ID and password, through the information display unit 21. If the user inputs the user information, the information processing unit 22 acquires the user information input by the user (S120).
The information processing unit 22 generates an encryption key composed of random numbers with respect to the user information, and transmits a subscription request message including the user information and the generated encryption key to the website access address acquired in Step S110 (S130).
The information processing unit 32 of the website system 30 generates a user record including the user information and the encryption key transmitted in Step S130 and stores the user record in the information storing unit 33, and transmits a result message to the information processing unit 22 (S140).
After receiving the result message, the information processing unit 22 of the user ID management system 20 generates a site card including a website name and user information (for example, user ID) (S150). One site card may be generated for each ID. When there is a site card that is already registered in the corresponding website, a new ID may be added to the site card, thereby generating the site card shown in
The information processing unit 22 shows a user the site card generated in Step S150 and stores the site card in the information storing unit 23 (S160).
The information processing unit 22 returns to the browser 10. The browser 10 outputs a subscription result page included in the web page 11 to a screen (S170).
4. Website Login Processing Method
A website login processing method will be described with reference to
The information processing unit 22 searches a site card generated at the time of subscribing the corresponding website from the information storing unit 23 and acquires the site card (S220). When one site card is assigned to each ID, the information processing unit searches site cards for IDs registered in the corresponding website. As shown in
The information processing unit 22 shows a user the site cards acquired in Step S220 through the information display unit 21, such that the user can select one of the site cards (S230). As shown in
The information processing unit 22 transmits a login request message, which includes user information selected or set as a default and an encryption key related to the user information, to an access address of the corresponding website (S240).
The information processing unit 32 of the website system 30 searches a user record, which is matched to the user information and the encryption key transmitted from the information processing unit 22 of the user ID management system 20, from the information storing unit 33 and acquires the user record. Then, if an encryption key included in the user record is matched to the transmitted encryption key, the information processing unit 32 determines that login is successful, and generates a session through the web page providing unit 31 (S250).
The information processing unit 22 returns to the browser 10. The browser 10 outputs a login result page included in the web page 11 to a screen (S260).
5. Website Login Processing System
The system 50 may include an I/O unit 54 that processes the operation of a user on an input device, such as a keyboard and a mouse, and an output device, such as a printer and a speaker, and a communication unit 55 that enables a communication with an external network.
Although the exemplary embodiment described above is specified by the specific structure and the drawings, it should be understood that the present invention is not limited by the exemplary embodiment. Accordingly, it will be apparent to those skilled in the art that the present invention includes various modifications and equivalents thereof that do not depart from the scope and spirit of the present invention.
Number | Date | Country | Kind |
---|---|---|---|
10-2007-0118449 | Nov 2007 | KR | national |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/KR08/05171 | 9/3/2008 | WO | 00 | 5/17/2010 |