+

WO2006059849A1 - Method and system for preventing link - Google Patents

Method and system for preventing link Download PDF

Info

Publication number
WO2006059849A1
WO2006059849A1 PCT/KR2005/003959 KR2005003959W WO2006059849A1 WO 2006059849 A1 WO2006059849 A1 WO 2006059849A1 KR 2005003959 W KR2005003959 W KR 2005003959W WO 2006059849 A1 WO2006059849 A1 WO 2006059849A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
random code
time
information
web page
Prior art date
Application number
PCT/KR2005/003959
Other languages
French (fr)
Inventor
Min-Hyung Hong
Seung-Sik Lee
Original Assignee
Nhn Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nhn Corporation filed Critical Nhn Corporation
Priority to JP2007544258A priority Critical patent/JP4588767B2/en
Publication of WO2006059849A1 publication Critical patent/WO2006059849A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]

Definitions

  • the present invention relates to preventing links, and in particular, to a method and system for preventing illegal links to data stored in the server of a service provider.
  • a user may insert files such as images or video clips within a written message.
  • the files inserted in a message post is generally stored in a file server, and while creating the written message, the user uploads the image or vide clip files that are to be displayed together with the message to the file server.
  • the web server When there is a request for a web page regarding a message created in the manner described above, the web server receives files from the file server and supplies them to the web page.
  • the user can retrieve the address information of files in the file server using functions such as view HTML source, etc., in the web browser, and it is possible to directly access or link to the files without viewing the message post on the message board.
  • Such illegal links increase the load on the file server, to become a major obstacle in providing smooth web page services.
  • Korean published application no. 2001- 79245 proposes a method of invalidating illegal links by continuously renewing the address information of a file in the streaming server.
  • the streaming server when modifying the address information of a streaming server, as in Korean published application no. 2001-79245, the streaming server must perform a process of continuously renewing the address information in predetermined time intervals, which incurs a burden on the server.
  • the streaming server must transmit the renewed address information to each and every web server, which greatly increases the amount of communication required of the web server and the streaming server.
  • the present invention proposes a method and system for preventing illegal links without the file server having to renew the actual address information of the files. Also, the invention proposes a link prevention method and system with which results may be effected, that are virtually identical to renewing the addresses, without having the web server and file server exchange address alteration information.
  • An aspect of the invention provides a method of preventing links, comprising: (a) receiving web page request information from a user; (b) determining whether or not a file is linked in the requested web page; (c) determining the web page request time information, if a file is linked, and generating a random code using the web page request time information; (d) inserting the random code into a pre-configured position in the original address information of the file, and requesting the file from the file server using the transformed address information; and (e) receiving the file from the file server and transmitting the requested web page data to the user client; wherein the file server decodes the random code included in the transformed address to determine the web page request time, and transmits the file if the difference between the web page request time and the current time is less than a pre-configured threshold.
  • the random code may be generated using the web page request time information and parameters extracted from the original address information of the requested file.
  • the file server may deny access to the file server if a random code is not inserted in the pre-configured position of the file request information.
  • step a) it may be preferable for the receiving of the web page request information (step a) to comprise determining whether or not there is a linked file, by determining whether or not there is address information for a file in a database storing web page data.
  • the generating of the random code may comprise: forming a string by extracting the web page request time information and the pre-configured parameters from the address information of the file; converting the string to a form of hex code; and performing a logic calculation with the converted data and a pre-configured random
  • Another aspect of the invention provides a method of preventing links, comprising: (a) receiving content file request information from a user; (b) extracting the address information of the requested content file from a database; (c) generating a random code using file request time information; and (d) inserting the random code into a pre- configured position in the original address information of the extracted content file, and transmitting the transformed address information to the user client; wherein the user client, on receiving the address information, requests the corresponding content file from a file server using the received address information, and the file server decodes the random code included in the address information to determine the file request time and transmits the file if the difference between the file request time and the current time is less than a pre-configured threshold.
  • the random code may be generated using the file request time information and parameters extracted from the original address information of the requested file.
  • the file server may deny access to the file server if a random code is not inserted in the pre-configured position of the file request information.
  • a link prevention system comprising: a web server, which generates a converted file address by adding a random code - the random code is generated based on a web page request time — to the address information of a file linked in a web page requested by a user; and a file server, which, on receiving a converted file address, decodes the random code included in the converted file address, and transmits the linked file if the difference between the web page request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
  • the web server may generate the converted file address in a pre-conf ⁇ gured format, and the file server may determine whether or not the format of the received converted file address is consistent with the pre-configured format.
  • the file server may determine whether or not the format of the received converted file address is consistent with the pre-configured format by checking whether or not the random code has been inserted in a pre-configured region of the converted file address.
  • the web server may generate the random code using the web page request time and parameters extracted from the original address information of the file.
  • the file server may transmit the file corresponding to the file address, if the difference between the web page request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
  • a link prevention system comprising: a web server, which generates a converted file address by adding a random code - the random code is generated based on a file request time — to the file address information of a file requested by a user; and a file server, which, on receiving the converted file address, decodes the random code included in the converted file address, and transmits the requested file if the difference between the file request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
  • Still another aspect of the invention provides a method of preventing links, comprising: (a) receiving web page request information from a user; (b) determining whether or not a file is linked in the requested web page; (c) generating a random code, if a file is linked, using a first time information outputted by means of a time output module - the first time information outputted from the time output module is time information obtained by converting the web page request time or web page request time information in a pre-determined manner; (d) inserting the random code into a pre- configured position in the original address information of the file, and requesting the file from the file server using the transformed address information; and (e) receiving the file from the file server and transmitting the requested web page data to the user client; wherein the file server decodes the random code included in the transformed address to determine a first time, and transmits the file if the difference between the first time and a second time, which is a time-variant reference time, is less than a pre-configured threshold.
  • Yet another aspect of the invention provides a method of preventing links, comprising: (a) receiving content file request information from a user; (b) extracting the address information of the requested content file from a database; (c) generating a random code using a first time information outputted by means of a time output module - the time information outputted from the time output module is time information obtained by converting the file request time or file request time information in a predetermined manner; (d) inserting the random code into a pre-configured position in the original address information of the extracted content file, and transmitting the converted address information to the user client; wherein the user client, on receiving the address information, requests the corresponding content file from a file server using the received address information, and the file server decodes the random code included in the address information to determine a first time and transmits the file if the difference between the first time, which is outputted as a result of the decoding, and a second time, which is a time-variant reference time, is less than a pre-configured threshold.
  • Fig. 1 illustrates the composition of a link prevention system according to an embodiment of the invention.
  • Fig. 2 is a block diagram illustrating the composition of a web server according to an embodiment of the invention.
  • Fig. 3 is a block diagram illustrating the composition of a file server according to an embodiment of the invention.
  • Fig. 4 is a graph illustrating the process of uploading files to a file server according to an embodiment of the invention.
  • Fig. 5 is a flowchart illustrating the operation of a web server according to an embodiment of the invention.
  • Fig. 6 is a flowchart illustrating the operation of a web server according to another embodiment of the invention.
  • Fig. 7 is a flowchart illustrating the operation of a file server according to an embodiment of the invention.
  • Fig. 8 is a flowchart illustrating a method of generating a random code according to an embodiment of the invention.
  • Fig. 1 illustrates the composition of a link prevention system according to an embodiment of the invention.
  • a link prevention system may comprise a web server 100 and a file server 102, where a user client 104 may connect to the web server 100 or file server 102 through a network.
  • the network may include wired networks, such as the Internet or private networks, and wireless networks such as wireless Internet, and mobile communication networks.
  • the user client 104 connects to the web server 100 to request a web page or request a content file.
  • the user client can connect to the file server 102 and request the transmission of the corresponding file.
  • the user client 104 may include all types of information processing terminals, such as a computer, PDA, and cell phone, etc., that can connect to a network and perform data processing.
  • the web server 100 receives request information from the user concerning a particular content and transmits the corresponding content information to the user client 104 or provides an address information (the directory information of the corresponding file in the file server), by which the corresponding content may be obtained, to the user client.
  • the web server 100 extracts the web page data from a connected database (not shown), converts it into a form of document, such as an HTML type, that can be displayed by a web browser, and transmits it to the user client.
  • a file related to an object such as a video clip or image
  • the web server requests and receives the corresponding file from the file server 102, and supplies to the user client the web page in which the corresponding file is inserted. If a file related to an object such as a video clip or image is inserted in the web page, the address information of the corresponding file is stored in the database connected to the web server 100, and the file server 102 requests the file using the stored address information.
  • the web server 100 transmits the address information of the corresponding content data to the user client 104, so that the user client 104 can receive the corresponding content data from the file server 102.
  • the web server 100 converts the address information of the content stored in the database in correspondence to a requested content, where the web server 100 converts the address information of the content by inserting a random code into a portion of the address information of the content.
  • the web server 100 requests the web page from the file server using the converted address information, where the random code is generated based on the web page request time.
  • the web server supplies the converted address information to the user client 104, so that the user client may receive the streaming data through the converted address information, where the random code is generated based on the file request time.
  • the random code included in the address information comprises time information.
  • the random code included in the address information changes continuously with time.
  • other information besides time information may be used together with the time information in generating the random code.
  • the file server 102 performs the function of providing the corresponding file, when file request information is received corresponding to a particular address from the web server 100 or the user client.
  • the file server is illustrated as a single unit in Fig. 1, it will be apparent to those skilled in the art that the file server may comprise a file web server, which processes file request information, and a separate storage server, which stores files.
  • the address information with a random code inserted is included in the file transmission request information transmitted to the file server 102.
  • the file server 102 decodes the random code included in the address information.
  • the web server 100 or the user client 104 can determine the time information regarding the time the file was requested.
  • the file server 102 decodes the random code to compare the web page request time or the file request time with the current time, and supplies the file corresponding to the requested address if the difference between the current time and the file request time or the difference between the current time and the web page request time is less than a pre- configured threshold.
  • the current time may be the time at which the legitimacy of the request is determined or the time at which the random code is decoded.
  • the corresponding file may always be provided to the user, since the web server generates a random code which is continuously renewed with time and provides to the user the address information with the random code inserted or requests the file from the file server using the address with the random code inserted.
  • the file server 102 decodes the random code, when a file is requested, and determines only the time information to determine whether the request is a legitimate request or an illegal link, so that there is no need to continuously renew the address information of the files in pre-configured time intervals as in prior art. Also, when there is a file request, the web server only performs the operation of inserting a random code into the address information according to a pre-configured algorithm. Thus, there is neither a need to write a separate script for concealing the addresses, nor a need to receive each case of renewed address information from the file server and modify the database to reflect the renewed information, so that illegal links are blocked more effectively, compared to previous methods.
  • Fig. 2 is a block diagram illustrating the composition of a web server according to an embodiment of the invention.
  • a web server according to an embodiment of the invention may comprise a packet transceiver unit 200, an HTML editor unit 202, a file server cooperation unit 204, and a random code generator unit 206.
  • Fig. 2 illustrates the composition of a web server which provides web pages to a user, and the web server is shown to be connected to a database 208 storing web page data. It will be apparent to those skilled in the art that, unlike in Fig. 2, the database and the web server may be a single structure, instead of being separate structures.
  • the packet transceiver unit 200 receives web page request information from the user client, and supplies the web page data requested by the user to the user client.
  • the packet transceiver unit 200 determines the type of the user's request using the header information of the packet transmitted from the client, and enables a process corresponding to the type of request. If the user has requested the transmission of web page data, the address information of the requested web page is supplied to the HTML editor unit 202 so that the requested web page may be edited.
  • the HTML editor unit 202 edits the HTML after extracting the web page data requested by the user from the database 208.
  • a web page is generally composed in an HTML format, other forms of documents may also be edited if the web browser supports such document forms.
  • the HTML editor unit 202 determines whether or not there are files, such as video clips or images, linked in the web page. If there is a linked file, the address information of the linked file is included in the corresponding web page data, and the HTML editor unit 202 determines whether or not there are linked files based on the existence of linked file address information.
  • the HTML editor unit requests the random code generator unit 206 to generate a random code, and supplies the address information with an inserted random code to the file server co-operation unit 204.
  • the random code generator unit 206 generates a random code to be additionally inserted into the address information stored in the database, when there is a file linked in the web page requested by the user or when the user requests a particular file through the web page.
  • the random code generator unit 206 generates a random code using the web page request time information or the file request time information as a key.
  • the random code generator unit 206 generates the random code using not only the web page request time or the file request time, but also parameters from portions of the address information of the file stored in the database, as keys.
  • the random code Since users may identify the random codes for each time period, when a random code is generated using only the web page request time or the file request time, it may be preferable for the random code to be generated using parameters of the file address information, which are different from the random code, together as keys. It will be apparent to those skilled in the art that information other than the address information of the file may be used together with the time information. A detailed embodiment will be described later with reference to another figure relating the generation of a random code in the random code generator unit 206.
  • the HTML editor unit inserts the random code generated from the random code generator unit 206 into the original address of the file and supplies it to the file server co-operation unit 204, and the file server co-operation unit 204 transmits to the file server the file request information including the address information with the random code inserted.
  • the HTML editor unit 202 inserts the generated random code into a particular region of the original address information. For example, if the original address information is http://mfiles.naver.net/data/2004/l 1/4/150/Event_notice.doc, and the random code is
  • the HTML editor unit 202 inserts the generated random code between the mfile.naver.net part and the data part of the original address.
  • the address information with the random code inserted would be transformed as follows. http://mfiles.naver.net/66b4528b9/data/2004/l 1/4/150/Event_notice.doc
  • the random code information may also be inserted by being attached to a particular letter sequence part of the original address.
  • the random code may be inserted as follows. http://mfiles.naver.net/data66b4528b9/2004/! 1/4/150/Event_n ⁇ tice.doc
  • the file server co-operation unit 204 receives the requested file from the file server and supplies it to the HTML editor unit, and the HTML editor unit 202 edits the web page HTML document, using the data stored in the database and the file received from the file server, and transmits the edited data via the packet transceiver unit 200 to the user client.
  • a web server providing media content such as still images and video clips may retransmit the address information with the inserted random code to the user client to allow the user client to access the file server through transmitted address.
  • Fig. 3 is a block diagram illustrating the composition of a file server according to an embodiment of the invention.
  • a file server may comprise an address format check unit 300, a random code decoder unit 302, a request time determination unit 304, a file storage controller unit 306, and a file storage unit 308.
  • the address format check unit 300 checks whether or not the address information included in the file request information transferred to the file server is consistent with a pre-conf ⁇ gured format. In other words, the address format check unit 300 checks whether or not a random code is inserted in a pre-configured region. If a random code is not included in the address information or if the random code is included in a region other than the pre-configured region, the address format check unit 300 concludes it to be invalid request information and denies access to the file server. Thus, when an illegal link is attempted by someone who has the original address information, access is denied to the file server if a file request contains only the original address information.
  • the random code decoder unit 302 decodes the random code included in the address information according to a pre-configured decoder algorithm. For address information of a proper format, the address format check unit 300 supplies the included random code information to the random code decoder unit 302, and the random code decoder unit 302 decodes the random code to output the time information. If parameters of the original address information besides the time information are used, the corresponding parameters are also outputted.
  • the request time determination unit 304 determines whether or not the difference between the time (the file request time or the web page request time) outputted through the random code decoder unit 302 and the current time (for instance, the time at which the legitimacy of the request is determined or the time at which the random code is decoded) is less than a pre-configured threshold. If the difference between the file request time and the current time is greater than the pre-configured threshold, the request time determination unit 304 concludes the request to be an invalid file request. If the difference between the file request time and the current time is less than the pre- configured threshold, the request time determination unit 304 requests the file storage unit 308 to transmit the file corresponding to the original address information with the random code removed from the requested address information.
  • the file storage unit 308 acts as a storage server for storing files. When the address information is received from the request time determination unit 304, the file storage unit 308 supplies the file corresponding to the address information.
  • the file storage controller unit 306 controls the process of uploading files.
  • the user requests the file server to upload a file through a web page or other forms of interface, after which the file storage controller unit 306 controls the process of storing the file uploaded by the user in the file storage unit 308.
  • the file storage controller unit 306 completes storing the file, and then supplies the address information of the stored file to the web server.
  • the web server stores the supplied address information in the database.
  • Fig. 4 is a graph illustrating the process of uploading files to a file server according to an embodiment of the invention. Referring to Fig. 4, the user client requests the web server for a file upload (step
  • the web server transmits a web page for the file upload to the user client (step 402).
  • An interface program may be included in the web page provided by the web server for selecting files stored in the user client, in the form of an ActiveX program, so that an interface may be provided in the form of a pop-up by which the user may select the files to be uploaded, when the user makes a selection for uploading files in the web page. Also, address information may also be included in the web page regarding the file server to which the user would upload the files.
  • the files selected by the user are transmitted to the file server and uploaded (step 404).
  • Fig. 4 depicts the case where a file is uploaded directly from the user client to the file server, the file may be uploaded to pass through the web server.
  • the file server transmits the address information of the uploaded file to the web server (step 406).
  • the web server stores the transmitted address information in the database.
  • Fig. 5 is a flowchart illustrating the operation of a web server according to an embodiment of the invention.
  • Fig. 5 illustrates the operation of the web server when the web server provides web page contents.
  • the web server first receives the user's web page request information (step 500).
  • the user may request a web page by inputting the address of a particular web page directly in the address window, or may request particular web page data through a hyperlink contained in the web page.
  • the web server searches the database storing the web page information requested by the user, and determines whether or not there are files linked in the requested web page (step 502). If there are linked files, the address information of the files is stored in the database, and the web server determines whether or not there are linked files based on the existence of file address information.
  • the web server When there is a file linked in the web page requested by the user, the web server generates a random code to be inserted in the address for a file request (step 504).
  • the random code is generated using the web page request time information as a key, and more preferably utilizes parameters included in the file address information also as keys for random code generation. For example, if the address of the requested file is http://mfiles.naver.net/data/2004/l 1/4/150/Event_notice.doc, the web server generates a random code by inserting the 2004, 11, 4, 150, and information on the day, hour, and minute, i.e. parameters contained in the address, into the logic module for generating random codes.
  • the web server inserts the generated random code into the address of the file stored in the database (step 506). It has already been discussed that there may be a variety of ways of inserting the random code.
  • the web server requests the linked file from the file server using the transformed address information (step 508), and receives the requested file from the file server (step 510).
  • the web server When there is no linked file in the web page requested by the user, or when a file has been provided from the file server, the web server performs an HTML edit for the web page requested by the user (step 512).
  • the web server transmits the edited web page to the user client (step514).
  • Fig. 5 illustrates the case where the web server requests a linked file from the file server
  • the script of the web server may be composed so that the web server provides only the transformed file address information to the user client, and the user client receives the linked file using the transformed file address information.
  • Fig. 6 is a flowchart illustrating the operation of a web server according to another embodiment of the invention.
  • Fig. 6 illustrates the operation of the web server when providing media contents such as still images or streaming video clips.
  • the web server first receives the user's content request information (step 600).
  • the user may request a media file by means of content request buttons, etc., included in the web page.
  • the web server searches the database and extracts the address information of the media content requested by the user (step 602). If the user has clicked the content request button, the content ID information of the content requested by the user is transmitted to the web server, and the web server extracts the address information corresponding to the content ID from the database.
  • the web server When the address information of the media content is extracted, the web server generates a random code to be inserted into the address (step 604), and inserts the generated random code into the extracted address (step 606).
  • the random code is generated based on the file request time.
  • the web server transmits the transformed address information to the user client (step 608).
  • the user client uses the transmitted address information to connect to the file server storing the media content file, and is provided the corresponding media content from the file server.
  • Fig. 7 is a flowchart illustrating the operation of a file server according to an embodiment of the invention.
  • the file server receives file request information from the web server or the user client (step 700).
  • the file request information is the address information of a file or includes the address information.
  • the file server determines whether or not the format of the file address is consistent with a pre-configured format (step 702). That is, the file server determines whether or not a random code is inserted in a pre- configured region.
  • the file server decodes the random code included in the address information (step 704). If the random code was generated using only the time information, only the time information will be outputted when the random code is decoded, and if other parameters of the original address were included besides the time information, such parameters will be outputted as well.
  • the file server identifies the file request time included in the address information through the results of decoding the random code (step 706). If the random code was generated including other parameters of the original address besides the time information, the file server may identify the time information reading only the data of the field in which the time information is located from among the outputted data.
  • the file server determines whether or not the difference between the time at which the file was requested and the current time is less than a pre-configured threshold (step 708).
  • the file server concludes the request to be an invalid file request and denies transmission of the file (step710).
  • the current time information may be used in which the current time is arbitrarily modified (for example, information in which a particular amount of time is added to or subtracted from the current time).
  • the web server may generate the random code with a time delayed by 2 hours from the current time as the key, and the file server may determine the validity of the request information by comparing with a corresponding
  • the address information of the file with a random code inserted may be exposed to a user when the user attempts a view HTML source function, etc., and the address of a file with a random code inserted may also be exposed a user transmits the address data of the file to the user client to connect to a media content server.
  • the embodiments of the invention even when an attempt at a link is made using the exposed random code, an operational link is impossible except in a particular time period.
  • the file server transmits the file corresponding to the requested address to the web server or the user client (step 712).
  • Fig. 8 is a flowchart illustrating a method of generating a random code according to an embodiment of the invention.
  • the web server when there is a request for a file from the user, or when there is a file linked in the page requested by the user, the web server first determines the time information regarding the time the file was requested (step 800).
  • the file request time information may be obtained by means of a timer module installed in the web server, or other methods may be used of checking the time.
  • the web server extracts the parameters from portions of the address information of the requested file (step 802).
  • the web server generates a string using the file request time and the parameters extracted from the address (step 804).
  • the parameters extracted from the address information are supplementary information used for generating more various forms of random code, and other data may also be used besides the parameters included in the address information.
  • the generated string data is converted to a form of hex code (step 806). Converting the string data to a form of hex code is to allow the random code that will be generated later to be outputted in more complex forms, and it will be apparent to those skilled in the art that the conversion may be performed to various other forms of code besides hex code.
  • the web server After the conversion to a form of hex code is completed, the web server performs a logic calculation between the converted data and a pre-configured random mask (step 808). The resulting data of the logic calculation is used as the random code, where various logic calculations may be performed between the converted data and the random mask.
  • Fig. 8 is merely one implementation of generating a random code, and other methods may be used of generating a random code using time information.
  • the process of decoding the random code at the file server may be performed by reversing the process of Fig. 8.
  • the file server may perform an inverse logic calculation between the random code and the random mask, and the hex code data extracted as a result may be converted to string data to identify the time information.
  • Embodiments of the invention described above may be especially useful in preventing illegal links to files posted on a message board by members in a community site or files posted by a community administrator for decorating the community homepage, etc.
  • a community homepage generally displays the main menu on the left, the name of the homepage at the top, and images or video clips for decorating the homepage in the middle. These images or video clips are inserted by the community administrator, where the community administrator stores the corresponding image or video clip files in the file server and the community web server edits the community homepage by loading the files stored in the file server.
  • the community web server When a user requests a community homepage in which an image or video clip is linked, the community web server requests the linked file from the file server using the file address with a random code inserted, by means of a method described above.
  • the file server decodes the random code to determine the time information regarding the time the community web server requested the image or video clip file, and supplies the image or video clip file to the community web server, and the community web server edits the community homepage or the message post web page using the supplied file. Therefore, unauthorized links to or unauthorized use of images or video clips that consist a web page by community members and guests may be prevented, so that a smoother community service may be provided.
  • illegal links may be prevented without the file server having to renew the actual address information of the file.
  • by inserting a random code when a file is requested and checking the validity of a request using the time information of the inserted random code those results may be effected that are virtually identical to renewing the addresses, without having the web server and file server exchange address alteration information.
  • the embodiments of the invention set forth above may be useful in reducing the load on a file server for composing a community web page in providing a community service.

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

A method and system for preventing illegal links is disclosed. When a web page is requested by a user in which a file is linked, a random code is generated using the web page request time information. The random code is inserted into a pre-configured position in the original address information, and the address information with the random code inserted is used to request the linked file from the file server. On receiving the file request information, the file server determines whether or not the address information is consistent with a pre-configured format, and then decodes the inserted random code. If the time calculated by decoding the random code is within a pre-configured threshold from the current time, the file server transmits the requested file. The method disclosed herein effectively prevents links, even though the file server does not actually renew the addresses of the files, and without additional communication between the web server and the file server.

Description

Title of the Invention
METHODAND SYSTEM FOR PREVENTING LINK
Field of the invention
The present invention relates to preventing links, and in particular, to a method and system for preventing illegal links to data stored in the server of a service provider.
Background of the invention
In a typical message board service such as a community service, a user may insert files such as images or video clips within a written message. The files inserted in a message post is generally stored in a file server, and while creating the written message, the user uploads the image or vide clip files that are to be displayed together with the message to the file server.
When there is a request for a web page regarding a message created in the manner described above, the web server receives files from the file server and supplies them to the web page. Here, the user can retrieve the address information of files in the file server using functions such as view HTML source, etc., in the web browser, and it is possible to directly access or link to the files without viewing the message post on the message board. Such illegal links increase the load on the file server, to become a major obstacle in providing smooth web page services.
Besides message board services, illegal links are a problem also in providing media services such as for still images, music, and video clips. Although media contents are typically provided to users through web pages, when the address information of files is exposed, those cases occur frequently where users directly access the server storing the media files and attempt links to particular files, and such illegal links incur a serious problem in using the media contents for regular users.
A method was adopted which uses scripts to prevent illegal links, but did not prove to be very effective.
With regard to preventing illegal links, Korean published application no. 2001- 79245 proposes a method of invalidating illegal links by continuously renewing the address information of a file in the streaming server.
However, when modifying the address information of a streaming server, as in Korean published application no. 2001-79245, the streaming server must perform a process of continuously renewing the address information in predetermined time intervals, which incurs a burden on the server.
In addition, the streaming server must transmit the renewed address information to each and every web server, which greatly increases the amount of communication required of the web server and the streaming server.
Detailed description of the invention
The present invention proposes a method and system for preventing illegal links without the file server having to renew the actual address information of the files. Also, the invention proposes a link prevention method and system with which results may be effected, that are virtually identical to renewing the addresses, without having the web server and file server exchange address alteration information. An aspect of the invention provides a method of preventing links, comprising: (a) receiving web page request information from a user; (b) determining whether or not a file is linked in the requested web page; (c) determining the web page request time information, if a file is linked, and generating a random code using the web page request time information; (d) inserting the random code into a pre-configured position in the original address information of the file, and requesting the file from the file server using the transformed address information; and (e) receiving the file from the file server and transmitting the requested web page data to the user client; wherein the file server decodes the random code included in the transformed address to determine the web page request time, and transmits the file if the difference between the web page request time and the current time is less than a pre-configured threshold.
The random code may be generated using the web page request time information and parameters extracted from the original address information of the requested file.
Preferably, the file server may deny access to the file server if a random code is not inserted in the pre-configured position of the file request information.
It may be preferable for the receiving of the web page request information (step a) to comprise determining whether or not there is a linked file, by determining whether or not there is address information for a file in a database storing web page data.
The generating of the random code (step c) may comprise: forming a string by extracting the web page request time information and the pre-configured parameters from the address information of the file; converting the string to a form of hex code; and performing a logic calculation with the converted data and a pre-configured random
mask. Another aspect of the invention provides a method of preventing links, comprising: (a) receiving content file request information from a user; (b) extracting the address information of the requested content file from a database; (c) generating a random code using file request time information; and (d) inserting the random code into a pre- configured position in the original address information of the extracted content file, and transmitting the transformed address information to the user client; wherein the user client, on receiving the address information, requests the corresponding content file from a file server using the received address information, and the file server decodes the random code included in the address information to determine the file request time and transmits the file if the difference between the file request time and the current time is less than a pre-configured threshold.
The random code may be generated using the file request time information and parameters extracted from the original address information of the requested file.
Preferably, the file server may deny access to the file server if a random code is not inserted in the pre-configured position of the file request information.
A link prevention system is provided, comprising: a web server, which generates a converted file address by adding a random code - the random code is generated based on a web page request time — to the address information of a file linked in a web page requested by a user; and a file server, which, on receiving a converted file address, decodes the random code included in the converted file address, and transmits the linked file if the difference between the web page request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold. The web server may generate the converted file address in a pre-confϊgured format, and the file server may determine whether or not the format of the received converted file address is consistent with the pre-configured format.
The file server may determine whether or not the format of the received converted file address is consistent with the pre-configured format by checking whether or not the random code has been inserted in a pre-configured region of the converted file address.
It may be preferable that the web server generate the random code using the web page request time and parameters extracted from the original address information of the file. Preferably, the file server may transmit the file corresponding to the file address, if the difference between the web page request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
A link prevention system is provided, comprising: a web server, which generates a converted file address by adding a random code - the random code is generated based on a file request time — to the file address information of a file requested by a user; and a file server, which, on receiving the converted file address, decodes the random code included in the converted file address, and transmits the requested file if the difference between the file request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold. Still another aspect of the invention provides a method of preventing links, comprising: (a) receiving web page request information from a user; (b) determining whether or not a file is linked in the requested web page; (c) generating a random code, if a file is linked, using a first time information outputted by means of a time output module - the first time information outputted from the time output module is time information obtained by converting the web page request time or web page request time information in a pre-determined manner; (d) inserting the random code into a pre- configured position in the original address information of the file, and requesting the file from the file server using the transformed address information; and (e) receiving the file from the file server and transmitting the requested web page data to the user client; wherein the file server decodes the random code included in the transformed address to determine a first time, and transmits the file if the difference between the first time and a second time, which is a time-variant reference time, is less than a pre-configured threshold.
Yet another aspect of the invention provides a method of preventing links, comprising: (a) receiving content file request information from a user; (b) extracting the address information of the requested content file from a database; (c) generating a random code using a first time information outputted by means of a time output module - the time information outputted from the time output module is time information obtained by converting the file request time or file request time information in a predetermined manner; (d) inserting the random code into a pre-configured position in the original address information of the extracted content file, and transmitting the converted address information to the user client; wherein the user client, on receiving the address information, requests the corresponding content file from a file server using the received address information, and the file server decodes the random code included in the address information to determine a first time and transmits the file if the difference between the first time, which is outputted as a result of the decoding, and a second time, which is a time-variant reference time, is less than a pre-configured threshold.
Brief description of the drawings
Fig. 1 illustrates the composition of a link prevention system according to an embodiment of the invention.
Fig. 2 is a block diagram illustrating the composition of a web server according to an embodiment of the invention.
Fig. 3 is a block diagram illustrating the composition of a file server according to an embodiment of the invention. Fig. 4 is a graph illustrating the process of uploading files to a file server according to an embodiment of the invention.
Fig. 5 is a flowchart illustrating the operation of a web server according to an embodiment of the invention.
Fig. 6 is a flowchart illustrating the operation of a web server according to another embodiment of the invention.
Fig. 7 is a flowchart illustrating the operation of a file server according to an embodiment of the invention.
Fig. 8 is a flowchart illustrating a method of generating a random code according to an embodiment of the invention.
Embodiments
Hereinafter, embodiments of the invention will be described in detail with reference to the accompanying drawings, wherein those components are rendered the same reference number that are the same or are in correspondence regardless of the figure number. The descriptions are provided so that those skilled in the art may easily understand the present invention, and the embodiments disclosed in the drawings and detailed descriptions are for illustrative use only and do not limit the scope of the present invention.
Fig. 1 illustrates the composition of a link prevention system according to an embodiment of the invention.
Referring to Fig. 1, a link prevention system according to an embodiment of the invention may comprise a web server 100 and a file server 102, where a user client 104 may connect to the web server 100 or file server 102 through a network.
In Fig. 1, the network may include wired networks, such as the Internet or private networks, and wireless networks such as wireless Internet, and mobile communication networks.
The user client 104 connects to the web server 100 to request a web page or request a content file. When a user knows the address information of a particular file and wishes to create an illegal link to the file, the user client can connect to the file server 102 and request the transmission of the corresponding file. The user client 104 may include all types of information processing terminals, such as a computer, PDA, and cell phone, etc., that can connect to a network and perform data processing. The web server 100 receives request information from the user concerning a particular content and transmits the corresponding content information to the user client 104 or provides an address information (the directory information of the corresponding file in the file server), by which the corresponding content may be obtained, to the user client.
When the content requested by the user is a web page, the web server 100 extracts the web page data from a connected database (not shown), converts it into a form of document, such as an HTML type, that can be displayed by a web browser, and transmits it to the user client. When a file related to an object such as a video clip or image is inserted in the web page requested by the user, the web server requests and receives the corresponding file from the file server 102, and supplies to the user client the web page in which the corresponding file is inserted. If a file related to an object such as a video clip or image is inserted in the web page, the address information of the corresponding file is stored in the database connected to the web server 100, and the file server 102 requests the file using the stored address information.
When the content requested by the user is not a web page but streaming data such as video clips or still image data such as comics, the web server 100 transmits the address information of the corresponding content data to the user client 104, so that the user client 104 can receive the corresponding content data from the file server 102.
When the web server transmits to the user a web page in which a file is linked, the user can obtain the address information through the view HTML source function, etc. of the web browser. The user can also obtain the address information of streaming data files in cases where streaming data is provided. In an embodiment of the present invention, the web server 100 converts the address information of the content stored in the database in correspondence to a requested content, where the web server 100 converts the address information of the content by inserting a random code into a portion of the address information of the content. When the content is a web page, the web server 100 requests the web page from the file server using the converted address information, where the random code is generated based on the web page request time. Also, when the content is streaming data, the web server supplies the converted address information to the user client 104, so that the user client may receive the streaming data through the converted address information, where the random code is generated based on the file request time.
According to an embodiment of the invention, the random code included in the address information comprises time information. Thus, the random code included in the address information changes continuously with time. Of course, it will be apparent to those skilled in the art that other information besides time information may be used together with the time information in generating the random code.
The file server 102 performs the function of providing the corresponding file, when file request information is received corresponding to a particular address from the web server 100 or the user client. Although the file server is illustrated as a single unit in Fig. 1, it will be apparent to those skilled in the art that the file server may comprise a file web server, which processes file request information, and a separate storage server, which stores files.
As described earlier, the address information with a random code inserted is included in the file transmission request information transmitted to the file server 102. The file server 102 decodes the random code included in the address information. When the random code is decoded, the web server 100 or the user client 104 can determine the time information regarding the time the file was requested.
The file server 102 decodes the random code to compare the web page request time or the file request time with the current time, and supplies the file corresponding to the requested address if the difference between the current time and the file request time or the difference between the current time and the web page request time is less than a pre- configured threshold. Here, the current time may be the time at which the legitimacy of the request is determined or the time at which the random code is decoded.
When a user requests a file through the web server, the corresponding file may always be provided to the user, since the web server generates a random code which is continuously renewed with time and provides to the user the address information with the random code inserted or requests the file from the file server using the address with the random code inserted.
However, when a user attempts an illegal link for requesting a file by obtaining the address information of the file and afterwards directly accessing the file server, obtaining a link becomes virtually impossible, since the file server may only be accessed at a particular time period. In an embodiment of the invention, the file server 102 decodes the random code, when a file is requested, and determines only the time information to determine whether the request is a legitimate request or an illegal link, so that there is no need to continuously renew the address information of the files in pre-configured time intervals as in prior art. Also, when there is a file request, the web server only performs the operation of inserting a random code into the address information according to a pre-configured algorithm. Thus, there is neither a need to write a separate script for concealing the addresses, nor a need to receive each case of renewed address information from the file server and modify the database to reflect the renewed information, so that illegal links are blocked more effectively, compared to previous methods.
Fig. 2 is a block diagram illustrating the composition of a web server according to an embodiment of the invention. Referring to Fig. 2, a web server according to an embodiment of the invention may comprise a packet transceiver unit 200, an HTML editor unit 202, a file server cooperation unit 204, and a random code generator unit 206.
Fig. 2 illustrates the composition of a web server which provides web pages to a user, and the web server is shown to be connected to a database 208 storing web page data. It will be apparent to those skilled in the art that, unlike in Fig. 2, the database and the web server may be a single structure, instead of being separate structures.
In Fig. 2, the packet transceiver unit 200 receives web page request information from the user client, and supplies the web page data requested by the user to the user client. The packet transceiver unit 200 determines the type of the user's request using the header information of the packet transmitted from the client, and enables a process corresponding to the type of request. If the user has requested the transmission of web page data, the address information of the requested web page is supplied to the HTML editor unit 202 so that the requested web page may be edited.
The HTML editor unit 202 edits the HTML after extracting the web page data requested by the user from the database 208. Although a web page is generally composed in an HTML format, other forms of documents may also be edited if the web browser supports such document forms.
When the web page data is extracted from the database 208, the HTML editor unit 202 determines whether or not there are files, such as video clips or images, linked in the web page. If there is a linked file, the address information of the linked file is included in the corresponding web page data, and the HTML editor unit 202 determines whether or not there are linked files based on the existence of linked file address information.
When there is a file linked in the requested web page, the HTML editor unit requests the random code generator unit 206 to generate a random code, and supplies the address information with an inserted random code to the file server co-operation unit 204. The random code generator unit 206 generates a random code to be additionally inserted into the address information stored in the database, when there is a file linked in the web page requested by the user or when the user requests a particular file through the web page. As described earlier, the random code generator unit 206 generates a random code using the web page request time information or the file request time information as a key. In an embodiment of the invention, the random code generator unit 206 generates the random code using not only the web page request time or the file request time, but also parameters from portions of the address information of the file stored in the database, as keys.
Since users may identify the random codes for each time period, when a random code is generated using only the web page request time or the file request time, it may be preferable for the random code to be generated using parameters of the file address information, which are different from the random code, together as keys. It will be apparent to those skilled in the art that information other than the address information of the file may be used together with the time information. A detailed embodiment will be described later with reference to another figure relating the generation of a random code in the random code generator unit 206.
The HTML editor unit inserts the random code generated from the random code generator unit 206 into the original address of the file and supplies it to the file server co-operation unit 204, and the file server co-operation unit 204 transmits to the file server the file request information including the address information with the random code inserted.
In an embodiment of the invention, the HTML editor unit 202 inserts the generated random code into a particular region of the original address information. For example, if the original address information is http://mfiles.naver.net/data/2004/l 1/4/150/Event_notice.doc, and the random code is
66b4528b9, the HTML editor unit 202 inserts the generated random code between the mfile.naver.net part and the data part of the original address. Thus, the address information with the random code inserted would be transformed as follows. http://mfiles.naver.net/66b4528b9/data/2004/l 1/4/150/Event_notice.doc
On the other hand, the random code information may also be inserted by being attached to a particular letter sequence part of the original address. For example, the random code may be inserted as follows. http://mfiles.naver.net/data66b4528b9/2004/! 1/4/150/Event_nόtice.doc
It will be apparent to those skilled in the art that the generated random code may be inserted into the original address in a variety of ways besides the method described above. The file server co-operation unit 204 receives the requested file from the file server and supplies it to the HTML editor unit, and the HTML editor unit 202 edits the web page HTML document, using the data stored in the database and the file received from the file server, and transmits the edited data via the packet transceiver unit 200 to the user client.
The composition of a web server providing web pages was explained with reference to Fig. 2. A web server providing media content such as still images and video clips, unlike in Fig. 2, may retransmit the address information with the inserted random code to the user client to allow the user client to access the file server through transmitted address.
Fig. 3 is a block diagram illustrating the composition of a file server according to an embodiment of the invention.
Referring to Fig. 3, a file server according to an embodiment of the invention may comprise an address format check unit 300, a random code decoder unit 302, a request time determination unit 304, a file storage controller unit 306, and a file storage unit 308.
The address format check unit 300 checks whether or not the address information included in the file request information transferred to the file server is consistent with a pre-confϊgured format. In other words, the address format check unit 300 checks whether or not a random code is inserted in a pre-configured region. If a random code is not included in the address information or if the random code is included in a region other than the pre-configured region, the address format check unit 300 concludes it to be invalid request information and denies access to the file server. Thus, when an illegal link is attempted by someone who has the original address information, access is denied to the file server if a file request contains only the original address information.
The random code decoder unit 302 decodes the random code included in the address information according to a pre-configured decoder algorithm. For address information of a proper format, the address format check unit 300 supplies the included random code information to the random code decoder unit 302, and the random code decoder unit 302 decodes the random code to output the time information. If parameters of the original address information besides the time information are used, the corresponding parameters are also outputted.
The request time determination unit 304 determines whether or not the difference between the time (the file request time or the web page request time) outputted through the random code decoder unit 302 and the current time (for instance, the time at which the legitimacy of the request is determined or the time at which the random code is decoded) is less than a pre-configured threshold. If the difference between the file request time and the current time is greater than the pre-configured threshold, the request time determination unit 304 concludes the request to be an invalid file request. If the difference between the file request time and the current time is less than the pre- configured threshold, the request time determination unit 304 requests the file storage unit 308 to transmit the file corresponding to the original address information with the random code removed from the requested address information. The file storage unit 308 acts as a storage server for storing files. When the address information is received from the request time determination unit 304, the file storage unit 308 supplies the file corresponding to the address information.
The file storage controller unit 306 controls the process of uploading files. The user requests the file server to upload a file through a web page or other forms of interface, after which the file storage controller unit 306 controls the process of storing the file uploaded by the user in the file storage unit 308. When the user uploads a file using a web page of the web server and the web server requests an upload for the file, the file storage controller unit 306 completes storing the file, and then supplies the address information of the stored file to the web server. The web server stores the supplied address information in the database.
Fig. 4 is a graph illustrating the process of uploading files to a file server according to an embodiment of the invention. Referring to Fig. 4, the user client requests the web server for a file upload (step
400), and the web server transmits a web page for the file upload to the user client (step 402).
An interface program may be included in the web page provided by the web server for selecting files stored in the user client, in the form of an ActiveX program, so that an interface may be provided in the form of a pop-up by which the user may select the files to be uploaded, when the user makes a selection for uploading files in the web page. Also, address information may also be included in the web page regarding the file server to which the user would upload the files.
When the user selects the files to be uploaded using the interface provided in the web page, the files selected by the user are transmitted to the file server and uploaded (step 404). Although Fig. 4 depicts the case where a file is uploaded directly from the user client to the file server, the file may be uploaded to pass through the web server.
When a file is uploaded, the file server transmits the address information of the uploaded file to the web server (step 406). The web server stores the transmitted address information in the database.
Fig. 5 is a flowchart illustrating the operation of a web server according to an embodiment of the invention. Fig. 5 illustrates the operation of the web server when the web server provides web page contents. Referring to Fig. 5, the web server first receives the user's web page request information (step 500). The user may request a web page by inputting the address of a particular web page directly in the address window, or may request particular web page data through a hyperlink contained in the web page. The web server searches the database storing the web page information requested by the user, and determines whether or not there are files linked in the requested web page (step 502). If there are linked files, the address information of the files is stored in the database, and the web server determines whether or not there are linked files based on the existence of file address information. When there is a file linked in the web page requested by the user, the web server generates a random code to be inserted in the address for a file request (step 504). As described earlier, the random code is generated using the web page request time information as a key, and more preferably utilizes parameters included in the file address information also as keys for random code generation. For example, if the address of the requested file is http://mfiles.naver.net/data/2004/l 1/4/150/Event_notice.doc, the web server generates a random code by inserting the 2004, 11, 4, 150, and information on the day, hour, and minute, i.e. parameters contained in the address, into the logic module for generating random codes.
When the random code is generated, the web server inserts the generated random code into the address of the file stored in the database (step 506). It has already been discussed that there may be a variety of ways of inserting the random code. The web server requests the linked file from the file server using the transformed address information (step 508), and receives the requested file from the file server (step 510).
When there is no linked file in the web page requested by the user, or when a file has been provided from the file server, the web server performs an HTML edit for the web page requested by the user (step 512).
The web server transmits the edited web page to the user client (step514).
Although Fig. 5 illustrates the case where the web server requests a linked file from the file server, the script of the web server may be composed so that the web server provides only the transformed file address information to the user client, and the user client receives the linked file using the transformed file address information.
Fig. 6 is a flowchart illustrating the operation of a web server according to another embodiment of the invention.
Fig. 6 illustrates the operation of the web server when providing media contents such as still images or streaming video clips. Referring to Fig. 6, the web server first receives the user's content request information (step 600). The user may request a media file by means of content request buttons, etc., included in the web page.
The web server searches the database and extracts the address information of the media content requested by the user (step 602). If the user has clicked the content request button, the content ID information of the content requested by the user is transmitted to the web server, and the web server extracts the address information corresponding to the content ID from the database.
When the address information of the media content is extracted, the web server generates a random code to be inserted into the address (step 604), and inserts the generated random code into the extracted address (step 606). Here, the random code is generated based on the file request time.
Unlike the case for providing web page content, the web server transmits the transformed address information to the user client (step 608). Using the transmitted address information, the user client connects to the file server storing the media content file, and is provided the corresponding media content from the file server.
Fig. 7 is a flowchart illustrating the operation of a file server according to an embodiment of the invention.
Referring to Fig. 7, the file server receives file request information from the web server or the user client (step 700). Generally, the file request information is the address information of a file or includes the address information.
On receiving the file request information, the file server determines whether or not the format of the file address is consistent with a pre-configured format (step 702). That is, the file server determines whether or not a random code is inserted in a pre- configured region.
Even when someone attempting an illegal link has obtained the original address information of a file stored in the database by hacking the web server database, etc., access to the file server is denied when a file is requested using the original address information of the file.
If the address information is consistent with the pre-configured format, the file server decodes the random code included in the address information (step 704). If the random code was generated using only the time information, only the time information will be outputted when the random code is decoded, and if other parameters of the original address were included besides the time information, such parameters will be outputted as well.
The file server identifies the file request time included in the address information through the results of decoding the random code (step 706). If the random code was generated including other parameters of the original address besides the time information, the file server may identify the time information reading only the data of the field in which the time information is located from among the outputted data.
When the time information is identified, the file server determines whether or not the difference between the time at which the file was requested and the current time is less than a pre-configured threshold (step 708).
If the difference between the file's request time and the current time is greater than the pre-configured threshold, the file server concludes the request to be an invalid file request and denies transmission of the file (step710).
It is not always necessary to use the current time information in determining the validity of the file request. To conceal the fact that the current time information is used, such information may be used in which the current time is arbitrarily modified (for example, information in which a particular amount of time is added to or subtracted from the current time). For instance, the web server may generate the random code with a time delayed by 2 hours from the current time as the key, and the file server may determine the validity of the request information by comparing with a corresponding
reference time.
When the web server requests a file, the address information of the file with a random code inserted may be exposed to a user when the user attempts a view HTML source function, etc., and the address of a file with a random code inserted may also be exposed a user transmits the address data of the file to the user client to connect to a media content server. However, with the embodiments of the invention, even when an attempt at a link is made using the exposed random code, an operational link is impossible except in a particular time period.
If the difference between the request time of the file and the current time is less than the pre-configured threshold, the file server transmits the file corresponding to the requested address to the web server or the user client (step 712).
Fig. 8 is a flowchart illustrating a method of generating a random code according to an embodiment of the invention.
Referring to Fig. 8, when there is a request for a file from the user, or when there is a file linked in the page requested by the user, the web server first determines the time information regarding the time the file was requested (step 800). The file request time information may be obtained by means of a timer module installed in the web server, or other methods may be used of checking the time.
Also, the web server extracts the parameters from portions of the address information of the requested file (step 802).
The web server generates a string using the file request time and the parameters extracted from the address (step 804). As described earlier, the parameters extracted from the address information are supplementary information used for generating more various forms of random code, and other data may also be used besides the parameters included in the address information. The generated string data is converted to a form of hex code (step 806). Converting the string data to a form of hex code is to allow the random code that will be generated later to be outputted in more complex forms, and it will be apparent to those skilled in the art that the conversion may be performed to various other forms of code besides hex code. After the conversion to a form of hex code is completed, the web server performs a logic calculation between the converted data and a pre-configured random mask (step 808). The resulting data of the logic calculation is used as the random code, where various logic calculations may be performed between the converted data and the random mask. Fig. 8 is merely one implementation of generating a random code, and other methods may be used of generating a random code using time information. The process of decoding the random code at the file server may be performed by reversing the process of Fig. 8. The file server may perform an inverse logic calculation between the random code and the random mask, and the hex code data extracted as a result may be converted to string data to identify the time information.
Embodiments of the invention described above may be especially useful in preventing illegal links to files posted on a message board by members in a community site or files posted by a community administrator for decorating the community homepage, etc.
A community homepage generally displays the main menu on the left, the name of the homepage at the top, and images or video clips for decorating the homepage in the middle. These images or video clips are inserted by the community administrator, where the community administrator stores the corresponding image or video clip files in the file server and the community web server edits the community homepage by loading the files stored in the file server.
When a user requests a community homepage in which an image or video clip is linked, the community web server requests the linked file from the file server using the file address with a random code inserted, by means of a method described above. The file server decodes the random code to determine the time information regarding the time the community web server requested the image or video clip file, and supplies the image or video clip file to the community web server, and the community web server edits the community homepage or the message post web page using the supplied file. Therefore, unauthorized links to or unauthorized use of images or video clips that consist a web page by community members and guests may be prevented, so that a smoother community service may be provided.
Industrial availability
As discussed above, according to embodiments of the present invention, illegal links may be prevented without the file server having to renew the actual address information of the file. Also, according to embodiments of the invention, by inserting a random code when a file is requested and checking the validity of a request using the time information of the inserted random code, those results may be effected that are virtually identical to renewing the addresses, without having the web server and file server exchange address alteration information.
In particular, the embodiments of the invention set forth above may be useful in reducing the load on a file server for composing a community web page in providing a community service.
The present invention has been described above with reference to the accompanying drawings and the embodiments so that those skilled in the art may easily understand the invention. However, the embodiments disclosed in the accompanying drawings are for illustrative use only and do not limit the scope of the invention. The actual scope of the present invention may only be defined by the appended claims and their equivalents.

Claims

Claims
1. A method of preventing links, comprising:
(a) receiving web page request information from a user;
(b) determining whether or not a file is linked in the requested web page; (c) determining the web page request time information, if a file is linked, and generating a random code using the web page request time information;
(d) inserting the random code into a pre-configured position in the original address information of the file, and requesting the file from the file server using the transformed address information; and (e) receiving the file from the file server and transmitting the requested web page data to the user client; wherein the file server decodes the random code included in the transformed address to determine the web page request time, and transmits the file if the difference between the web page request time and the current time is less than a pre-configured threshold.
2. The method of claim 1, wherein the random code is generated using the web page request time information and parameters extracted from the original address information of the requested file.
3. The method of claim 1, wherein the file server denies access to the file server if a random code is not inserted in the pre-configured position of the file request information.
4. The method of claim 1, wherein the receiving of the web page request information (step a) comprises determining whether or not there is a linked file, by determining whether or not there is address information for a file in a database storing web page data.
5. The method of claim 2, wherein the generating of the random code (step c) comprises: forming a string by extracting the web page request time information and the pre- configured parameters from the address information of the file; converting the string to a form of hex code; and performing a logic calculation with the converted data and a pre-configured random mask.
6. A method of preventing links, comprising:
(a) receiving content file request information from a user;
(b) extracting the address information of the requested content file from a database;
(c) generating a random code using file request time information; and
(d) inserting the random code into a pre-configured position in the original address information of the extracted content file, and transmitting the transformed address information to the user client; wherein the user client, on receiving the address information, requests the corresponding content file from a file server using the received address information, and the file server decodes the random code included in the address information to determine the file request time and transmits the file if the difference between the file request time and the current time is less than a pre-coniϊgured threshold.
7. The method of claim 6, wherein the random code is generated using the file request time information and parameters extracted from the original address information of the requested file.
8. The method of claim 6, wherein the file server denies access to the file server if a random code is not inserted in the pre-configured position of the file request information.
9. A link prevention system, comprising: a web server, which generates a converted file address by adding a random code — the random code is generated based on a web page request time — to the address information of a file linked in a web page requested by a user; and a file server, which, on receiving a converted file address, decodes the random code included in the converted file address, and transmits the linked file if the difference between the web page request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
10. The link prevention system of claim 9, wherein the web server generates the converted file address in a pre-configured format, and the file server determines whether or not the format of the received converted file address is consistent with the pre- configured format.
11. The link prevention system of claim 10, wherein the file server determines whether or not the format of the received converted file address is consistent with the pre-configured format by checking whether or not the random code has been inserted in a pre-configured region of the converted file address.
12. The link prevention system of claim 9, wherein the web server generates the random code using the web page request time and parameters extracted from the original address information of the file.
13. The link prevention system of claim 9, wherein the file server transmits the file corresponding to the file address, if the difference between the web page request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
14. A link prevention system, comprising: a web server, which generates a converted file address by adding a random code - the random code is generated based on a file request time — to the file address information of a file requested by a user; and a file server, which, on receiving the converted file address, decodes the random code included in the converted file address, and transmits the requested file if the difference between the file request time, outputted as a result of decoding the random code, and the current time is less than a pre-configured threshold.
15. A method of preventing links, comprising: (a) receiving web page request information from a user;
(b) determining whether or not a file is linked in the requested web page;
(c) generating a random code, if a file is linked, using a first time information outputted by means of a time output module — the first time information outputted from the time output module is time information obtained by converting the web page request time or web page request time information in a pre-determined manner;
(d) inserting the random code into a pre-configured position in the original address information of the file, and requesting the file from the file server using the transformed address information; and
(e) receiving the file from the file server and transmitting the requested web page data to the user client; wherein the file server decodes the random code included in the transformed address to determine a first time, and transmits the file if the difference between the first time and a second time, which is a time-variant reference time, is less than a pre- configured threshold.
16. A method of preventing links, comprising:
(a) receiving content file request information from a user;
(b) extracting the address information of the requested content file from a database; (c) generating a random code using a first time information outputted by means of a time output module - the time information outputted from the time output module is time information obtained by converting the file request time or file request time information in a pre-determined manner; (d) inserting the random code into a pre-configured position in the original address information of the extracted content file, and transmitting the converted address information to the user client; wherein the user client, on receiving the address information, requests the corresponding content file from a file server using the received address information, and the file server decodes the random code included in the address information to determine a first time and transmits the file if the difference between the first time, which is outputted as a result of the decoding, and a second time, which is a time- variant reference time, is less than a pre-configured threshold.
PCT/KR2005/003959 2004-12-03 2005-11-23 Method and system for preventing link WO2006059849A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2007544258A JP4588767B2 (en) 2004-12-03 2005-11-23 Link prevention method and system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2004-0101277 2004-12-03
KR1020040101277A KR100504442B1 (en) 2004-12-03 2004-12-03 Method and system for preventing link

Publications (1)

Publication Number Publication Date
WO2006059849A1 true WO2006059849A1 (en) 2006-06-08

Family

ID=36565265

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2005/003959 WO2006059849A1 (en) 2004-12-03 2005-11-23 Method and system for preventing link

Country Status (3)

Country Link
JP (1) JP4588767B2 (en)
KR (1) KR100504442B1 (en)
WO (1) WO2006059849A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230344641A1 (en) * 2022-04-26 2023-10-26 Coinbase, Inc. Systems and methods for managing partial private keys for cryptography-based, storage applications used in blockchain operations for decentralized applications
US12267438B2 (en) 2022-04-26 2025-04-01 Coinbase, Inc. Systems and methods for facilitating secure authentication when conducting blockchain operations using cryptography-based, storage applications

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20000050106A (en) * 2000-05-16 2000-08-05 김의경 multimedia streaming service method, and system for the same
KR20030056285A (en) * 2001-12-28 2003-07-04 한국전자통신연구원 Apparatus and method for detecting illegitimate change of web resources
KR20040029571A (en) * 2002-10-01 2004-04-08 박주현 Display method of a multimedia file
JP2004185286A (en) * 2002-12-03 2004-07-02 Fujitsu Ltd Web access control device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002288134A (en) * 2001-03-23 2002-10-04 Ntt Communications Kk Access controlling system, method and recording medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20000050106A (en) * 2000-05-16 2000-08-05 김의경 multimedia streaming service method, and system for the same
KR20030056285A (en) * 2001-12-28 2003-07-04 한국전자통신연구원 Apparatus and method for detecting illegitimate change of web resources
KR20040029571A (en) * 2002-10-01 2004-04-08 박주현 Display method of a multimedia file
JP2004185286A (en) * 2002-12-03 2004-07-02 Fujitsu Ltd Web access control device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230344641A1 (en) * 2022-04-26 2023-10-26 Coinbase, Inc. Systems and methods for managing partial private keys for cryptography-based, storage applications used in blockchain operations for decentralized applications
US12267438B2 (en) 2022-04-26 2025-04-01 Coinbase, Inc. Systems and methods for facilitating secure authentication when conducting blockchain operations using cryptography-based, storage applications

Also Published As

Publication number Publication date
JP4588767B2 (en) 2010-12-01
JP2008522315A (en) 2008-06-26
KR100504442B1 (en) 2005-07-28

Similar Documents

Publication Publication Date Title
US7500099B1 (en) Method for mitigating web-based “one-click” attacks
CN100486243C (en) Secure session management authentication method and system for WEB sites
US6944822B1 (en) Method and apparatus for preventing reuse of text, images, and software transmitted via networks
JP4221286B2 (en) System and method for managing access to digital content and streaming data
US6393468B1 (en) Data access control
US8250635B2 (en) Enabling authentication of openID user when requested identity provider is unavailable
US20040015703A1 (en) System and method for controlling access to digital content, including streaming media
MXPA03005450A (en) Parental controls customization and notification.
JP2006508436A (en) Method and system for hyperlinking files
MXPA03010778A (en) Methods and systems for authentication of a user for sub-locations of a network location.
US7562113B2 (en) Method and system for automatically creating and storing shortcuts to web sites/pages
JP2004185263A (en) Dispersed cooperative content delivery system
WO2006023729A2 (en) Meethod and system for providing image rich web pages from a computer system over a network
EP1209577A1 (en) Web page browsing limiting method and server system
US20030065789A1 (en) Seamless and authenticated transfer of a user from an e-business website to an affiliated e-business website
WO2006059849A1 (en) Method and system for preventing link
JP5282631B2 (en) Automatic authentication system
US7437427B1 (en) Accessing multiple web pages from a single URL
JP2003030031A (en) Information acquisition method in network system and network system for acquiring information
KR20060063218A (en) Link prevention method and system
US20080033961A1 (en) Electronic Document Browsing
WO2003005226A1 (en) User authentication system and method using the same
JP2004220483A (en) User authentication system for web page access
CN101478535A (en) Multiple servers mutual operation method oriented to the same customer terminal
KR20070048887A (en) How to restrict web page access of mobile communication terminal

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2007544258

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05821218

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载