KR101021374B1 - System and method for sharing profile of user connected to network - Google Patents
System and method for sharing profile of user connected to network Download PDFInfo
- Publication number
- KR101021374B1 KR101021374B1 KR1020070136694A KR20070136694A KR101021374B1 KR 101021374 B1 KR101021374 B1 KR 101021374B1 KR 1020070136694 A KR1020070136694 A KR 1020070136694A KR 20070136694 A KR20070136694 A KR 20070136694A KR 101021374 B1 KR101021374 B1 KR 101021374B1
- Authority
- KR
- South Korea
- Prior art keywords
- user
- profile
- application service
- network
- server
- Prior art date
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
A network connected user profile sharing system and method are disclosed. The network connection user profile sharing system according to the present invention includes an AAA server for processing authentication and authorization for a user accessing a network, a profile database for storing a user profile that the user has already provided for accessing the network; And a profile sharing server for providing the stored user profile to an application service server providing the application service in response to a request of the application service when the user profile is required when the user uses the application service. do. According to the present invention, by using a user profile secured for network access, a user can safely and conveniently use an application service provided on the Internet without repetitive subscription and authentication procedures. Even users who do not directly subscribe to the provided service can provide the application service to the user without repeated subscription and authentication procedures.
Network access, application services, user profiles
Description
The present invention relates to a network connected user profile sharing system and method, and more particularly, to a system and method for sharing a user profile already provided by a user to access a network with an application service provider.
The internet access service and the application service provided on the internet each have an authentication function that allows access after confirming that the user who requested the service has the proper authority in using the service, so that the service can be provided only to legitimate users. . Authentication is generally a process in which the service requester checks whether the service requester has the right and right to subscribe to the service through a proper procedure and to receive the service properly. To this end, a service subscription procedure for securing user information related to service provision is defined between a user and a service provider, and when a user subscribes to a service or requests for authentication, the user provides predetermined user profile information to identify himself or herself to the service provider. Done.
The most representative authentication method is a method in which a user is given a user ID and password that will be used to identify himself or herself through a service subscription in advance, and proves that the user is a legitimate user at the time of connection. In general, a service provider constructs and manages a database of basic information of various customers necessary for providing a service, in addition to a basic identifier and password for user identification. Such personal information may be an important asset for the service provider, but from the user's point of view, it may be inconvenient and insecure to use the service even while providing his or her personal information through a complicated subscription procedure.
Currently, various access services for internet access are provided, such as high speed internet, wireless LAN, portable internet, and dial-up connection, and these services confirm that they are legitimate users through different authentication schemes. In order to use a wired or wireless network access service for internet use, a service provider verifies or verifies whether the user is a legitimate user through subscription, authentication, and identity verification. To this end, before using the service, the user provides his or her information to the service provider so that when the user uses the service later, the service provider can verify the identity based on the information. This information includes a large amount of information with various attributes, such as the subscriber's name, gender, social security number, address, telephone number, and e-mail address.
In general, in order to use an application service on the Internet after a network connection, a user must go through various types of subscription and authentication procedures according to a procedure required by an individual service provider providing the application service. In this repetitive subscription and authentication process, personal information of an individual may be excessively exposed, and a subscriber may feel inconvenient in using a service due to a repetitive subscription and authentication process. In addition, even from the standpoint of an application service provider, in order to provide an application service to a user, it is cumbersome to perform registration and authentication for each user, and thus, it is difficult to secure a wide range of application service users.
The technical problem to be achieved by the present invention is to enable the user to safely and conveniently use the application services provided on the Internet without repeated subscription and authentication procedures, and does not allow the application service provider to directly subscribe to the services provided by the application service provider. The present invention provides a network access user profile sharing system and method for providing an application service to a non-user without repetitive subscription and authentication procedures.
In order to solve the above technical problem, a network access user profile sharing system according to the present invention comprises: an AAA server for processing authentication and authorization for a user accessing a network; A profile database for storing a user profile that the user has already provided for accessing the network; And a profile sharing server for providing the stored user profile to an application service server providing the application service according to the request of the application service when the user profile is required when the user uses the application service. It is done.
The system may further include an access controller connected to a user terminal of the user and providing a network resource to the user terminal according to an authentication result of the user.
In addition, the profile sharing server may allow the user to be authenticated to the application service by providing the application service server with a master ID or token generated in the process of accessing the network.
In addition, the profile sharing server may provide the stored user profile only when the user agrees to provide the user profile. Here, the consent to the provision of the user profile may be made in an explicit or implied form.
The system may further include a service management server that obtains the user profile from the user and receives a subscription of a service provided by the system from the user and a provider of the application service.
Further, the profile sharing server may pay the predetermined amount of money to the provider of the application service on behalf of the user when the user needs to pay a predetermined amount to the provider of the application service.
The profile sharing server may reconfigure and manage the stored user profile into a dynamic profile, which is information that may change every time the network is connected, and a static profile, which is information that does not change every time the network is connected.
The profile sharing server may further include: a profile sharing interface module for retrieving a user profile requested by the application service and delivering the same to the application service server; A connection state information module for providing the network connection information, master ID or token of the user to the application service server; And a profile location lookup module for building location information of the user profile and delivering the location of the user profile requested by the application service to the application service server.
According to another aspect of the present invention, there is provided a network access user profile sharing method comprising: (a) authenticating a user accessing a network, and allowing the user to access the network according to the authentication result; (b) receiving a request for providing the user profile from an application service server providing the application service when the user requires a user profile when using the application service; And (c) providing the application service server with a user profile that the user has already provided to access the network according to the request.
The method may further include allowing the user to authenticate to the application service by providing the application service server with a master ID or token generated during the user's connection to the network.
In addition, the method further comprises the step of confirming whether or not the user agrees to the provision of the user profile, and the step (c) includes the user profile only when the user agrees to provide the user profile. Can be provided. Here, the consent to the provision of the user profile may be made in an explicit or implied form.
In addition, the step (b) may include, if the user profile is required, receiving from the user to provide the profile already provided; And receiving a request for providing the user profile from an application service server providing the application service according to the user's designation.
In addition, in the step (c), the user profile may be reconfigured into a dynamic profile, which is information that may change every network connection, and a static profile, which is information that does not change every network connection, and provided to the application service server.
The method may further include obtaining the user profile from the user and receiving a subscription of a service providing the user profile from the user and a provider of the application service.
In addition, the method may further comprise paying the predetermined amount of money on behalf of the user to the provider of the application service if the user is required to pay a predetermined amount to the provider of the application service.
In order to solve the above another technical problem, a computer readable recording medium having recorded thereon a program for executing the network access user profile sharing method according to the present invention is provided.
According to the present invention, a user profile secured for network access can be used to allow a user to safely and conveniently use an application service provided on the Internet without repetitive subscription and authentication procedures. Even users who do not directly subscribe to the provided service can provide the application service to the user without repeated subscription and authentication procedures.
Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description and the accompanying drawings, substantially the same components are denoted by the same reference numerals, and redundant description will be omitted. In addition, in the following description of the present invention, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted.
First, the profile sharing service proposed by the present invention will be described. 1 is a conceptual diagram of a profile sharing service model according to an embodiment of the present invention. Referring to FIG. 1, a user is a subject that accesses a network and uses the Internet, a profile sharing service provider is a subject that provides network resources and a profile sharing service to the user, and an application service provider is a user based on the Internet. It is a subject that provides various application services.
The user should subscribe to the network access service and profile sharing service of the profile sharing service provider. Then, the profile sharing service provider processes the information collected through the user's network access service and the profile sharing service subscription and network connection process, and uses the authentication service, user personal information providing service, and payment agent service as shown in FIG. And application service providers. The application service provider may subscribe to the profile sharing service provided by the profile sharing service provider and provide the same level of service to the subscribers who do not directly subscribe to the service provided by the profile sharing service provider.
The authentication service uses the information gathered during the network connection process and the specific type of key value generated at this time, for example, a universal identifier (master ID) or token, to separate or authenticate the application service provided by the application service provider. It is a service that makes application services available without a procedure. The profile sharing service provider grants the user a universal identifier or token during the process of authenticating the user's network connection or the profile-specific service. If the user wants to use the application service, the profile sharing service provider delivers it to the application service module in an implicit manner. You can use the application service without signing up for an application service or entering an ID and password. Accordingly, the application service provider may form a reliable relationship with a user who is not a subscriber to the service by using the received universal identifier or token.
User privacy service is a service that establishes user personal information provided to a profile sharing service provider in a database during the process of subscribing and accessing a network service or subscribing to a profile sharing service, and providing the information when requested by an application service provider through appropriate procedures. to be. Therefore, a user can use an application service requiring user personal information without directly providing the user personal information to the application service provider. Of course, the sharing of user personal information between the profile sharing service provider and the application service provider is based on the user's consent, and the user personal information should not be exposed in the provision process.
The payment agent service is a service for the user to skip the cumbersome subscription and credit information sharing process for online payment when the user and the application service provider need to make online financial transactions. For example, if a user is required to pay a certain amount to an application service provider in exchange for receiving the application service without a subscription to the application service and a mutual trust relationship with the application service provider. Instead of performing complicated mutual identification and security setting procedures for this, the application service provider receives a certain amount instead from the profile sharing service provider and the user pays a certain amount afterwards to the profile sharing service provider. The detailed payment method of the amount may be made according to various methods already known.
2 is a configuration diagram of a network connection user profile sharing system according to an embodiment of the present invention for realizing the profile sharing service described above.
2, the system according to the present embodiment includes an
The
The
The
The
The
In addition, if the user needs to pay a predetermined amount to the application service provider, the
3 is a conceptual diagram illustrating a form in which a user profile is provided to an application service provider according to an embodiment of the present invention.
Referring to FIG. 3, a user accesses a network through a network access service subscribed to by a
Profile sharing service subscription information generated during the profile sharing service subscription process is stored in the
The
The managed information is used to provide an authentication service, a user personal information service, a payment agent service, etc. to an application service provider who subscribes to a profile sharing service. The dynamic profile may be provided to an application service server to be used for user authentication or to be used in a service using location information of the user terminal. The static profile is an application service for checking user's personal information and verifying identity. Can be provided to the server.
4 is a flowchart of a user profile sharing method performed in the system shown in FIG. 1 according to an embodiment of the present invention.
First, when the user attempts to access the network through the user terminal 210 (step 311), the
5 is a detailed configuration diagram of the
The
The profile sharing interface module retrieves the profile requested by the
The connection
The user
The
The
In addition, the
The profile
The
According to the present invention described above, the user can use the application services of various application service providers subscribed to the profile sharing service without providing personal information by subscribing to various application services requiring subscription each time. In addition, the application service provider is a user of an application service that provides a large subscriber base subscribed to a profile sharing service of a network service provider that already has a large number of users, in addition to the subscribers who directly subscribe to the service provided by the application service provider. It can be secured. Furthermore, an application service provider may need to perform user authentication and provide application services to a user through the authentication service and the profile sharing service provided by the profile sharing service provider without implementing user authentication and user profile management functions. User profiles can be obtained.
Meanwhile, the above-described embodiments of the present invention can be written as a program that can be executed in a computer, and can be implemented in a general-purpose digital computer that operates the program using a computer-readable recording medium. The computer-readable recording medium may be a magnetic storage medium (for example, a ROM, a floppy disk, a hard disk, etc.), an optical reading medium (for example, a CD-ROM, DVD, etc.) and a carrier wave (for example, the Internet). Storage medium).
So far I looked at the center of the preferred embodiment for the present invention. Those skilled in the art will appreciate that the present invention can be implemented in a modified form without departing from the essential features of the present invention. Therefore, the disclosed embodiments should be considered in an illustrative rather than a restrictive sense. The scope of the present invention is shown in the claims rather than the foregoing description, and all differences within the scope will be construed as being included in the present invention.
1 is a conceptual diagram of a profile sharing service model according to an embodiment of the present invention.
2 is a block diagram of a network connection user profile sharing system according to an embodiment of the present invention.
3 is a conceptual diagram illustrating a form in which a user profile is provided to an application service provider according to an embodiment of the present invention.
4 is a flowchart of a user profile sharing method performed in the system shown in FIG. 1 according to an embodiment of the present invention.
5 is a detailed configuration diagram of a profile sharing server and an application service server according to an embodiment of the present invention.
Claims (18)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020070136694A KR101021374B1 (en) | 2007-12-24 | 2007-12-24 | System and method for sharing profile of user connected to network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020070136694A KR101021374B1 (en) | 2007-12-24 | 2007-12-24 | System and method for sharing profile of user connected to network |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20090068892A KR20090068892A (en) | 2009-06-29 |
KR101021374B1 true KR101021374B1 (en) | 2011-03-14 |
Family
ID=40996219
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020070136694A KR101021374B1 (en) | 2007-12-24 | 2007-12-24 | System and method for sharing profile of user connected to network |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101021374B1 (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20040052764A (en) * | 2004-05-03 | 2004-06-23 | 임재관 | user info managementing site joint a internet and network |
KR20050102415A (en) * | 2004-04-22 | 2005-10-26 | 주식회사 니츠 | System and method for sharing a user profile |
KR100625881B1 (en) * | 2005-03-31 | 2006-09-20 | 주식회사 니츠 | System and method for sharing a user profile by using privacy protection policy |
US20070206736A1 (en) * | 2006-02-23 | 2007-09-06 | Sprigg Stephen A | Sharing profile data between telecommunication devices |
-
2007
- 2007-12-24 KR KR1020070136694A patent/KR101021374B1/en active IP Right Grant
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20050102415A (en) * | 2004-04-22 | 2005-10-26 | 주식회사 니츠 | System and method for sharing a user profile |
KR20040052764A (en) * | 2004-05-03 | 2004-06-23 | 임재관 | user info managementing site joint a internet and network |
KR100625881B1 (en) * | 2005-03-31 | 2006-09-20 | 주식회사 니츠 | System and method for sharing a user profile by using privacy protection policy |
US20070206736A1 (en) * | 2006-02-23 | 2007-09-06 | Sprigg Stephen A | Sharing profile data between telecommunication devices |
Also Published As
Publication number | Publication date |
---|---|
KR20090068892A (en) | 2009-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9860234B2 (en) | Bundled authorization requests | |
US10084823B2 (en) | Configurable adaptive access manager callouts | |
JP4579546B2 (en) | Method and apparatus for handling user identifier in single sign-on service | |
JP4551369B2 (en) | Service system and service system control method | |
US20040117493A1 (en) | Method and system for accessing internet resources through a proxy using the form-based authentication | |
JP4913457B2 (en) | Federated authentication method and system for servers with different authentication strengths | |
WO2010075761A1 (en) | Method, server and system for providing resource for an access user | |
TW200810460A (en) | Authentication of a principal in a federation | |
JP2009500734A (en) | Centralized access permission method and system for online streaming content | |
US20110035794A1 (en) | Method and entity for authenticating tokens for web services | |
JP4932154B2 (en) | Method and system for providing user authentication to a member site in an identity management network, method for authenticating a user at a home site belonging to the identity management network, computer readable medium, and system for hierarchical distributed identity management | |
KR101021374B1 (en) | System and method for sharing profile of user connected to network | |
US20110289552A1 (en) | Information management system | |
JP2003345280A (en) | Method for distributing advertisement and virtual communication system | |
JP5414774B2 (en) | Federated authentication method and system for servers with different authentication strengths | |
KR101853350B1 (en) | Method and apparatus for the world wide federated authentication | |
KR20030075372A (en) | Business method for providing homepage by authorization of user on the internet network and computer readable medium having stored thereon computer executable instruction for performing the method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20140303 Year of fee payment: 4 |
|
FPAY | Annual fee payment |
Payment date: 20150302 Year of fee payment: 5 |
|
FPAY | Annual fee payment |
Payment date: 20170322 Year of fee payment: 7 |