DISTRIBUTED PROCESSING SYSTEM AND METHOD FOR APPLICATION
PROGRAMS
Technical Field The present invention relates to a system and method for application programs, more specifically to a distributed processing system and method for application programs which makes it possible to perform general processes such as user authentication, application program download/update, etc. via a dedicated browser when a user wants to execute desired application programs provided on the World Wide Web through the Internet.
Background Art
In the conventional office work using computers, a user had to purchase software programs necessary for the work and install into his or her own computer system. In this case, it was inconvenient to install all the software programs to be used into a computer system separately and to keep up the programs (such as program re-installation and upgrade, etc).
Nowadays, a variety of software companies develop and sell office work/business software programs in packages, however, all the packages being sold are not associated with the form of the World Wide Web.
Software programs associated with the Web are used from time to time in the computerization of specific massive groups, but there are no Web-associated programs for the work of medium/small-sized groups. In
addition, it is difficult to input/output, analyze and check enormous client data because client data is generally managed by a central system in the software programs associated with the Web at the computerization of specific massive groups. Alternatively, in the ASP (Application Service Provider), the load on a browser is reduced since pages are created by a Web server, and failures in the network can be minimized by decreasing the need of mutual communications between the browser and the server. Further, security is enhanced by blocking data or contents which are not supposed to be transmitted to the browser. Nevertheless, such attempts result in the over-load on the server and investment of a lot of resources for database management due to the concentration of all sorts of data and contents into the server. Such over-load increases proportionately to the number of clients in service, which often causes installation of additional devices on the server side.
In addition, small-sized companies or private business owners have difficulties in using the ASP due to the cost thereof or the like because the ASP provides mainly for big or medium-sized companies.
As an example of prior art in this field, there is disclosed "A System and Method for Acquiring Remote Programs for Performing a Task" in the PCT Publication of International Publication Number WO 99/22332. According to such system, a user can easily and securely select, configure and access the unique computing resources and applications required to perform a given task. However, the system has all the application programs
including object request broker (ORB) and data in a web server. Accordingly, not only the speed of access to the server decreases due to over-load on the web but also there still exists possible hacking or server failure.
Disclosure of Invention
Therefore, the present invention is designed to overcome such problems, and it is an object of the present invention to provide a system and method for application programs which makes it possible to perform, efficiently in optimum conditions, general processes such as user authentication, authorization to use application programs, application program download/update, etc. when the application programs are provided on line through the Internet.
It is another object of the invention to provide a system and method for application programs that is capable of reducing loads on respective resources and preventing security problems such as data leakage from hacking, by storing all the task-related data prepared in the client terminal by a user into task DB on the client terminal side.
It is yet another object of the invention to provide a system and method for application programs including a dedicated browser for performing above-described various processes.
It is still another object of the invention to provide a system and method for application programs that can operate in an off-line condition.
In order to accomplish the above objects, the invention provides a
system for application programs, the system comprising a DB server for managing a DB which has a variety of basic information to perform various processes stored therein; middlewares for communicating with the DB server and performing corresponding processes based on the information from the DB server; a client terminal which can access the middlewares and includes a dedicated browser to perform the processes; and a file server for storing and managing a plurality of application program files and providing corresponding application programs to the browser according to the instructions from the middlewares.
Brief Description of the Drawings
The above and other objects and features of the instant invention will become apparent from the following description of preferred embodiments taken in conjunction with the accompanying drawings, in which: Fig. 1 is a schematic configuration diagram of a system for application programs according to the present invention;
Fig. 2A is a block diagram of a user authentication process through of the system shown in Fig. 1;
Fig. 2B is a block diagram of an authorization process' to use application programs through the system shown in Fig. 1 ;
Fig. 2C is a block diagram of an application program download/update process through the system shown in Fig. 1;
Fig. 2D shows block diagrams of load-balancing process and fail-over process of the system shown in Fig. 1;
Fig. 3A and Fig. 3B are flow charts of a user authentication process according to the present invention;
Fig. 3C is a flow chart of an application program registration process according to the present invention; Fig. 3D is a flow chart of an application program update process according to the present invention;
Fig. 3E is a flow chart of an application program execution process according to the present invention; and
Fig. 4 is a block diagram of a manual authentication process of the system according to the present invention in an off-line condition.
Best Mode for Carrying out the Invention
Hereinafter, the present invention will be described with reference to the drawings. The present system consists of a distributed processing-based
3 -hierarchy structure, and comprises a DB server 10, middlewares 20, a client terminal 30 and a file server 40. The DB server 10 manages a DB 11 having various basic information stored therein, such as information related to member authentication and registration of users, information related to application programs, information related to application program download/update, information related to data backup, etc, form performing processes of the present system and comprises such as MS NT 4.0/2000 series and an MS SQL server. The middlewares 20 communicate with the DB server 10 and perform various processes on the basis of various
information of the DB 11 received from the DB server 10. The client terminal 30 makes it possible to access the middlewares on-line or off-line by the user and to perform all user-wanted tasks in itself. Finally, the file server 40 stores and manages various application program files, and provides corresponding application programs to the client terminal 30 according to the instructions from the middlewares 20.
The client terminal 30 includes a dedicated browser 32, the key component of the present invention. The dedicated browser 32 has all functions of any means used to access the Internet such as Internet Explorer of Microsoft or Netscape, and, for example, provides options that make it possible to use the environment of the Internet Explorer without changing the environment. The browser 32 includes a component 36 comprising a socket, a member administrator and a balance broker. The component 36, the middlewares 20 and the DB server 10 communicate each other so as to perform various processes which will be described in detail below. The component 36 is connected to the application program file server 40 through a file transfer protocol (FTP) module 38. The function of the balance broker will be described in detail below, in conjunction with a load balancing process and a fail-over process. The browser 32 can implement multi-browsing and automatic memorization of opened URL. With such multi-browsing function, a new Internet site can be opened within the browser which is being executed already without starting the browser again when opening a new window or inputting a new Internet site address. With such function of automatic
memorization of URL, it is possible to transfer to the already opened page without opening a new window when Internet addresses for several pages are inputted. Therefore, users can enjoy surfing the Internet with such multi-browsing function. The client terminal 30 includes a task data DB 34 for storing data of the task carried out in the client terminal 30 by the user. The task data DB 34 is arranged in the client terminal 30 as such in order to perform quick and efficient input/output, check, and analysis of the data made by the user. Accordingly, it is possible to prevent security problems such as leakage of user data by storing the data made by the user into the task data DB 34 in the client terminal 30. Also, it is possible to store the data made by the user as backup into specified positions according to respective users in a backup file server (not shown) in accordance with the instructions from the middlewares if the user wants to store the data as backup. The middlewares 20 each includes a component comprising a socket and a license administrator. With such configuration, each middleware 20 communicates with the component 36 of the dedicated browser 32, and manages general processes of the present invention, such as a membership authentication and registration process when a user accesses through the browser 32, an authorization process to use application programs by the user, an application program download/update process, load-balancing and fail-over processes, a data back-up process, a manual authentication process for the user in an off-line condition, etc.
Now, each process performed by the system according to the
present invention configured as Fig. 1 will be described in detail, with reference to the Figs. 2A to 2D, Figs. 3A to 3E, and Fig. 4. It should be noted that the Figs. 2A to 2D are block diagrams of several processes among a plurality of processes according to the invention in order to help readers understand the present invention, and that the flows of these and other processes are referred to Figs. 3A to 3E and Fig. 4.
Figs. 2A to 2D show a user authentication process, an authorization process to use application programs, an application program download/update process, and load-balancing and fail-over processes, respectively.
First, in a user authentication process as shown in Fig. 2A, a user inputs ID and password at log-in, and executes a dedicated browser 32 in a client terminal 30. Subsequently, a member administrator in a component 36 (see Fig. 1) of the browser 32 transmits user information (that is, user ID and password) to a license administrator in each middleware 20 so as to request authentication of the user. Then, the license administrator in each middleware 20 requests a DB server 10 to check on the user. In response to such request, the DB server 10 checks DB 11 (see Fig. 1) in the DB server 10, and notifies the license administrator of the check result. Accordingly, the license administrator notifies the member administrator whether the user has been authenticated or not, on the basis of the result, thereby completing the user authentication process.
Next, in an authorization process to use application programs as shown in Fig. 2B, the user requests to use specific application programs on
a screen menu of the dedicated browser 32 in the client terminal 30, then the member administrator transmits the user information and application program codes to the license administrator in each middleware 20 so as to request authentication. Accordingly, the license administrator transmits the user information (such as ID and password) and the application program codes to the DB server 10 so as to check the user information and the application program codes, and to transmit a list of the application programs requested by the user. In response to such request, the DB server 10 checks and searches the DB 11 in the DB server 10, and notifies the license administrator of the result. Then, the license administrator notifies the member administrator of such result, thereby completing the authorization process to use the application programs. In this authentication process, it is checked generally for important matters of authentication such as whether the user is a charged-member, whether the user is in a complimentary period, whether the user has paid the bill or not, etc.
Fig. 2C shows an application program download/update process. In this process, the user requests for download/update of the application programs shown on the screen menu of the dedicated browser 32 in the client terminal 30, then the member administrator transmits the user information and the application program codes to the license administrator in each middleware 20. Subsequently, the license administrator transmits the user information (such as ID and password) and the application program codes to the DB server 10, so as to check whether the user has
authorization to download/update the application programs. So, the DB server 10 searches and checks the DB 11 and notifies the check result to the license administrator, and then the license administrator notifies the member administrator of the result. If the member administrator is notified that the user has authorization to download/update the application programs, the member administrator requests again the license administrator for IP, account and password. Next, if the member administrator receives the IP, account and password, the member administrator requests an application program file server 40 for corresponding application programs through a FTP module 38. Where, the IP is an address for connecting to the FTP module 38, thereby enabling to connect to the application program file server 40. Then, the application program file server 40 transmits files corresponding to the requested application programs to the dedicated browser 32 in the client terminal 30 via the FTP module 38, thereby completing the application program download/update process.
The load-balancing process and fail-over process for performing various processes efficiently in the system of the present invention are illustrated in Fig. 2D. In the load-balancing process shown in the Fig. 2D, the user accesses the dedicated browser 32 in the client terminal 30, then the balance broker 22 checks the number of current users connected to each of the plurality of middlewares 20-1, 20-2, , and 20-n. In accordance with the check result, the balance broker 22 connects automatically the user to a middleware 20-n with the smallest number of
users connected thereto, as indicated by the arrow of a solid line. In the fail-over process, when a user accesses the dedicated browser 32 in the client terminal 30, the balance broker 22 connects automatically the user to middlewares 20-1 and 20-2 operating in normal state among the plurality of middlewares 20-1, 20-2, , and 20-n, by avoiding the middleware 20-n which is in failure. With such load-balancing and fail-over function, the balance broker 22 in the dedicated browser 32 connects the user to a optimum middleware 20 which has least members or guests connected and operates normally, so that general logic procedures such as user authentication, authorization to use application programs, application program download/update, etc can be performed quickly and accurately through information exchange with the DB server 10. Therefore, it is possible not only to alleviate the over-load on the servers but also to make the resources in the middlewares 20 and file server 40 optimum states.
Hereinafter, the flows of the above processes of the system according to the present invention will be described in detail, with reference to Figs. 3A to 3E.
User Authentication Process Fig. 3A shows a user authentication process for a new user. First, the user executes a dedicated browser 32 in the client terminal 30 in step S10. Then, a middleware 20 requests a DB server 10 to check whether the user has membership S20. Then, the DB server 10 searches and checks DB 11, if the user does not have membership, the middleware 20 requests
the user to input general information for acquiring membership such as private and/or company information S30. Next, the middleware 20 checks whether the user has inputted information normally S40. If the input information is normal, the user is requested to input information related to the application programs the user wants to use S50. Such input information is based on the various application programs shown on the application program menu on the browser 32. After the information is inputted, it is determined whether the input information will be stored or not S60. If the response is 'No', this process is ended. If the response is 'Yes', the user is given ID and password is encoded S70, and then the ID and encoded password are stored in the DB 11 in step S80. As such, the user authentication process is completed, and step A in Fig. 3B follows next. The step A also follows the step S20 if the user has membership.
Fig. 3B shows a user authentication process performed in case of the registered members. First, the user is requested to input ID and password S90. After inputting the ID and password, the user is subjected to user authentication S100. The operation process for the components of the present system related to this user authentication was already described with reference to Fig. 2A. Next, it is checked whether the user authentication is performed normally SI 10. If the result of the user authentication is not normal, the user returns to the step S90 to input user ID and password again, and repeats the steps until the user authentication is performed normally. If the user authentication is performed normally, it is checked whether the user has applied for the use of application
programs before, SI 20. If the use has applied for the use of application programs before, the step B of application program registration shown in Fig. 3C follows. On the other hand, if the user has not applied for the use of application programs before, the user is caused to apply for the use of application programs S130. After that, it is determined whether such result will be stored S140. If the response is 'Yes', the result is stored in the DB 11 in step SI 50, and the step B of application program registration follows next. On the contrary, if the response is 'No', the procedure ends. Application Program Registration Process Fig. 3C shows a process for downloading the user- wanted application programs and registering the downloaded application programs into the application program menu of the dedicated browser 32. First, it is checked whether the user has authorization to use the application programs requested by the user SI 60. After such check, if the user has no authorization to use, the step of authorization to use the application programs follows so that the user is given authorization to use the application programs. On the contrary, if the user is checked as having authorization to use the application programs, lists of the application programs are requested SI 80. The above request for the lists of the application programs is performed in such a way that the member administrator of the browser 32 requests the license administrator of the middleware 20 for the lists of the application programs requested by the user in the above-described user authentication process. Next, the number of application programs requested by the user is counted S190. Then, the
steps included in a larger block shown in Fig. 3E are repeated in accordance with the number of counted application programs. In such repetition, first, the download of the requested application programs is performed S200. Then, it is checked whether the download of the requested application programs is performed normally S210. If the result of the download is not normal, the download of the requested application programs is performed again S205. On the contrary, if the result of the download is normal, it is checked whether the downloaded application programs have been registered in the application program menu of the browser S220. If registered, step C of the application program update in Fig. 3D follows next. On the other hand, if not registered, the downloaded application programs are registered in the application program menu of the browser S230, and then step C of the application program update in Fig. 3D also follows next. Where, the process for registering application programs in the application program menu also creates icons of execution files for the application programs on the screen of the browser, so that the user can execute the application programs directly on the browser 32. Application Program Update Process Fig. 3D shows an application program update process. As described above, after the application program registration process is completed, the user can execute the application programs directly S240. In this case, it is checked whether the version of an application program to be executed by the user is the latest S250. If the version is the latest, step D of application program execution shown in Fig. 3E follows next, so that the user can
perform his/her task with the latest version of the application program. If the version of the application program to be executed by the user is not the latest, it is checked whether the user has authorization to update the application program S260. If the user has no authorization to update the application program, the user is made to request authorization to update S270. If the user has authorization to update, the user can download and install the latest version of the application program S290, thereby completing the application program update. Then, step D of Fig. 3E in which the user does his/her tasks using the application program follows next.
Application Program Execution Process
As shown in Fig. 3E, now the user executes an application program so as to do his/her tasks. The authorization to use the application program is performed in step S300. If the authentication is normal, the user ultimately executes the application program so as to do his/her tasks S330. On the contrary, if the authentication is not normal, step S320 follows next, and the process ends with only browser open.
It should be noted that, immediately after the completion of the application program registration process, the application program execution process of Fig. 3E might follow directly. Only when the version of the application program stored in the application program file server 40 is later than that of the application program stored and used currently in the client terminal 30, the application program update process is performed.
In addition, it should be noted that, although several authentication steps are performed in each process, it is possible to change, modify, add or subtract properly such authentication steps in accordance with the operator's intention, and it is not intended to limit the present invention to the flows of the processes described with the preferred embodiments.
Fig. 4 shows a manual authorization process to use the present system in off-line condition, when it is difficult to access the present system due to failure of the middlewares 20. For such manual authentication, the present system includes a local authentication module, which comprises a serial number issue module at the dedicated browser 32 and an authentication number generator module at the middlewares 20. First, in case of middleware failure, the user checks a serial number on the dedicated browser, and notifies the customer service team of the present system of the serial number by phone so as to request an authentication key. Then, the customer service team retrieves the authentication module to input the serial number of the user, confirms and notifies the user of an authentication key. Accordingly, the user can log in the dedicated browser with the authentication key so as to execute a desired application program. Where, the authentication key generated in accordance with the serial number cannot apply to other computer systems. That is, the authentication key cannot apply to other computer systems with different serial number because the serial number is generated by referring to, for example, a serial number on a hard disk of a user PC. In addition, the authentication key given once cannot be used permanently. That is, the
authentication key can be used only for a predetermined time, for example one hour, after the key is given, since the authentication key is generated while checking the date and time of the user PC when the user executes the serial number issue module. The time limit is set as such because the failure of the middlewares does not last long and quick recovery by spot-side is made immediately after occurrence of the failure. Furthermore, the authentication key does not expose to outside by configuring and applying an encode algorithm internally.
As described above, the present invention makes it possible to perform general processes such as user authentication, authorization to use application programs, application program download/update, etc. efficiently in optimum condition, through a dedicated browser. In addition, all task data made by the user is stored in a task DB on the client terminal side other than a central server, thereby alleviating load on respective resources and preventing security problems such as data leakage from hacking.
Although the preferred embodiments of the invention have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.