Disclosure of Invention
The present invention has been made in view of the above problems, and provides a user identity authentication method, apparatus, computing device, and computer storage medium that overcome or at least partially solve the above problems
According to a first aspect of the present invention, there is provided a user identity authentication method, comprising:
Receiving a user identity authentication request sent by a user terminal;
acquiring service usage data of the user terminal in a first historical time window;
determining an authentication mode corresponding to the user identity authentication request according to the service usage data;
The authentication mode comprises at least one of local database authentication and unified identity authentication.
In an optional implementation manner, the determining, according to the service usage data, an authentication mode corresponding to the user identity authentication request further includes:
Determining a target business service corresponding to the unified identity authentication;
judging whether a plurality of different usage records of the target business service exist in the business service usage data;
if yes, determining that the authentication mode corresponding to the user identity authentication request is unified identity authentication.
In an optional implementation manner, the determining, according to the service usage data, an authentication mode corresponding to the user identity authentication request further includes:
If the service usage data does not have a plurality of different usage records of the target service, randomly selecting an authentication mode from a local database authentication and a unified identity authentication as an authentication mode corresponding to the user identity authentication request.
In an optional implementation manner, the determining, according to the service usage data, an authentication mode corresponding to the user identity authentication request further includes:
If the service usage data does not have a plurality of different target service usage records, counting the first number of user identity authentication requests with uniform identity authentication in the authentication mode in a second historical time window;
if the first number is larger than the first preset number, determining an authentication mode corresponding to the user identity authentication request as local database authentication; and if the first number is smaller than or equal to the first preset number, determining an authentication mode corresponding to the user identity authentication request as unified identity authentication.
In an optional implementation manner, the determining, according to the service usage data, an authentication mode corresponding to the user identity authentication request further includes:
if the service usage data does not have a plurality of different usage records of the target service, counting a second number of user identity authentication requests of which the authentication modes are local database authentication in a second historical time window;
if the second number is larger than a second preset number, determining an authentication mode corresponding to the user identity authentication request as unified identity authentication; and if the second number is smaller than or equal to a second preset number, determining an authentication mode corresponding to the user identity authentication request as a local database authentication.
In an alternative embodiment, after the receiving the user identity authentication request sent by the user terminal, the method further includes:
judging whether the third quantity of the received user identity authentication requests in the third historical time window is larger than or equal to a third preset quantity;
If yes, the prompt information which cannot be authenticated currently is fed back to the user terminal.
In an optional implementation manner, after the authentication mode corresponding to the user identity authentication request is determined according to the service usage data, the method further includes:
If the authentication mode corresponding to the user identity authentication request is local database authentication, the user identity authentication request is sent to a local database, and an authentication result fed back by the local database is sent to the user terminal.
In an alternative embodiment, the method further comprises:
and if the authentication result fed back by the local database is authentication failure, sending the user identity authentication request to a unified identity authentication server, and sending the authentication result fed back by the unified identity authentication server to the user terminal.
In an optional implementation manner, after the authentication mode corresponding to the user identity authentication request is determined according to the service usage data, the method further includes:
and if the authentication mode corresponding to the user identity authentication request is unified identity authentication, sending the user identity authentication request to a unified identity authentication server, and sending an authentication result fed back by the unified identity authentication server to the user terminal.
In an alternative embodiment, the method further comprises:
And if the authentication result fed back by the unified identity authentication server is authentication failure, sending the user identity authentication request to a local database, and sending the authentication result fed back by the local database to the user terminal.
In an alternative embodiment, the unified identity authentication is LADP authentication.
According to a second aspect of the present invention, there is provided a user identity authentication apparatus comprising:
The receiving module is used for receiving a user identity authentication request sent by the user terminal;
the acquisition module is used for acquiring service use data of the user terminal in a first historical time window;
The determining module is used for determining an authentication mode corresponding to the user identity authentication request according to the service use data;
The authentication mode comprises at least one of local database authentication and unified identity authentication.
In an alternative embodiment, the determining module is further configured to determine a target business service corresponding to the uniform identity authentication;
judging whether a plurality of different usage records of the target business service exist in the business service usage data;
if yes, determining that the authentication mode corresponding to the user identity authentication request is unified identity authentication.
In an optional implementation manner, the determining module is further configured to randomly select an authentication mode from a local database authentication and a unified identity authentication as an authentication mode corresponding to the user identity authentication request if there are no multiple different usage records of the target service in the service usage data.
In an optional implementation manner, the determining module is further configured to, if there are no usage records of a plurality of different target service in the service usage data, count a first number of user identity authentication requests in which the authentication manner is uniform identity authentication in the second historical time window;
if the first number is larger than the first preset number, determining an authentication mode corresponding to the user identity authentication request as local database authentication; and if the first number is smaller than or equal to the first preset number, determining an authentication mode corresponding to the user identity authentication request as unified identity authentication.
In an alternative embodiment, the determining module is further configured to count a second number of user identity authentication requests authenticated by the local database in an authentication manner within a second historical time window if there are no multiple different usage records of the target service in the service usage data;
if the second number is larger than a second preset number, determining an authentication mode corresponding to the user identity authentication request as unified identity authentication; and if the second number is smaller than or equal to a second preset number, determining an authentication mode corresponding to the user identity authentication request as a local database authentication.
In an optional implementation manner, the device further comprises a prompt module, a first historical time window and a second historical time window, wherein the prompt module is used for judging whether the third number of the received user identity authentication requests is larger than or equal to a third preset number after the user identity authentication requests sent by the user terminal are received;
If yes, the prompt information which cannot be authenticated currently is fed back to the user terminal.
In an optional implementation manner, the device further includes a sending module, configured to send the user identity authentication request to a local database if the authentication mode corresponding to the user identity authentication request is local database authentication, and send an authentication result fed back by the local database to the user terminal.
In an optional implementation manner, the sending module is further configured to send the user identity authentication request to a unified identity authentication server and send an authentication result fed back by the unified identity authentication server to the user terminal if the authentication result fed back by the local database is authentication failure.
In an optional implementation manner, the device further includes a sending module, configured to send the user identity authentication request to a unified identity authentication server if the authentication mode corresponding to the user identity authentication request is unified identity authentication, and send an authentication result fed back by the unified identity authentication server to the user terminal.
In an optional implementation manner, the sending module is further configured to send the user identity authentication request to a local database if the authentication result fed back by the unified identity authentication server is authentication failure, and send the authentication result fed back by the local database to the user terminal.
In an alternative embodiment, the unified identity authentication is LADP authentication.
According to a third aspect of the present invention there is provided a computing device comprising a processor, a memory, a communication interface and a communication bus, the processor, the memory and the communication interface completing communication with each other via the communication bus;
the memory is used for storing at least one executable instruction, and the executable instruction enables the processor to execute the operation corresponding to the user identity authentication method.
According to a fourth aspect of the present invention, there is provided a computer storage medium having stored therein at least one executable instruction for causing a processor to perform operations corresponding to the user identity authentication method described above.
The user identity authentication method, the device, the computing equipment and the computer storage medium disclosed by the embodiment of the invention are used for receiving a user identity authentication request sent by a user terminal, acquiring service use data of the user terminal in a first historical time window, and determining an authentication mode corresponding to the user identity authentication request according to the service use data, wherein the authentication mode comprises at least one of local database authentication and unified identity authentication. The technical defects of high load of the authentication end caused by authentication of a single authentication end and slow or incapable processing of an authentication request are avoided, and the stability of authentication service is improved; and the scheme obtains and determines the authentication mode corresponding to the user identity authentication request according to the service usage data of the request initiating terminal, so that the matching degree of the authentication mode and the user identity authentication request can be improved, and the authentication efficiency and the authentication precision can be improved.
The foregoing description is only an overview of the present invention, and is intended to be implemented in accordance with the teachings of the present invention in order that the same may be more clearly understood and to make the same and other objects, features and advantages of the present invention more readily apparent.
Detailed Description
Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present invention are shown in the drawings, it should be understood that the present invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art.
Example 1
Fig. 1 shows a flowchart of a user identity authentication method according to an embodiment of the present invention. As shown in fig. 1, the method comprises the steps of:
Step S110, receiving a user identity authentication request sent by a user terminal.
Before using a certain business service in the user terminal, the user needs to initiate a user identity authentication request. For example, when a user wants to use the service of the mailbox application a, the user needs to initiate a user identity authentication request for using the service of the mailbox application a. The user identity authentication request may be a real-name authentication request or a non-real-name authentication request, which is not limited herein.
Step S120, obtaining service usage data of the user terminal in a first historical time window.
Unlike the prior art, the embodiment of the invention does not directly authenticate the user identity authentication request by the authentication end after receiving the user identity authentication request. And further acquiring service usage data of the user terminal in the first historical time window for determining the authentication mode which is the best match with the current user identity authentication request according to the service usage data.
The first history time window is specifically a certain history period. For example, the first historical time window may be the last day, or the last week, etc. The service usage data is specifically a usage time of each service recorded by the user terminal, etc. It should be understood herein that, in the embodiment of the present invention, the service usage data related to the user is obtained only under the authorization of the user, and is used only for authentication of the user itself.
And step S130, determining an authentication mode corresponding to the user identity authentication request according to the service use data, wherein the authentication mode comprises at least one of local database authentication and unified identity authentication.
The local database authentication specifically means that authentication is performed by using a local database on the server side of the business service corresponding to the user identity authentication request. For example, when a user wants to use the service of the mailbox application a, the user needs to initiate a user identity authentication request using the service of the mailbox application a, and then the local database authentication is to process the user identity authentication request by the local database at the service end side of the service of the mailbox application a so as to perform authentication.
The unified identity authentication specifically refers to that a unified identity authentication server is utilized to process a user identity authentication request for authentication. The unified identity authentication server may be responsible for identity authentication of a plurality of different service services, for example, the unified identity authentication server may provide user identity authentication for mailbox application a service, social software B service, and the like.
Therefore, the embodiment of the invention provides two identity authentication modes of local database authentication and unified identity authentication for the user, avoids the technical defects of high authentication end load, slow authentication request processing or incapability of processing caused by authentication by a single authentication end, and improves the stability of authentication service.
Example two
Fig. 2 is a schematic flow chart of a user identity authentication method according to a second embodiment of the present invention. As shown in fig. 2, the method comprises the steps of:
step S210, receiving a user identity authentication request sent by a user terminal.
In an alternative embodiment, after receiving the user identity authentication request sent by the user terminal, it may be determined whether the number of user identity authentication requests received in the current third historical time window is greater than or equal to a third preset number, and if so, a prompt message (which may be "please retry later") that the current authentication is not available is fed back to the user terminal. If not, executing the subsequent steps.
Step S220, obtaining service usage data of the user terminal in the first historical time window.
Step S230, determining a target business service corresponding to the unified identity authentication.
The unified identity authentication server may be responsible for identity authentication of a plurality of different business services, which are then target business services. For example, the unified identity authentication server may provide user identity authentication for mailbox application a service, social software B service, and the like, and then the mailbox application a service, social software B service are target service.
Step S240, judging whether a plurality of different target business service usage records exist in the business service usage data, if yes, executing step S250, and if not, executing step S260, step S270 or step S280.
The service usage data records the service usage condition of the service in the user terminal, and the service used by the user in the first historical time window can be determined through processing the service usage data. When the user uses a plurality of different target service in the first historical time window (i.e. there are a plurality of different usage records of the target service in the service usage data), step S250 is executed, and if there are no different usage records of the target service in the service usage data, the authentication mode corresponding to the user identity authentication request can be determined by any one of the methods in steps S260, S270 and S280.
Step S250, determining the authentication mode corresponding to the user identity authentication request as unified identity authentication.
When the user uses a plurality of different target business services in the first historical time window, the user is indicated to have the use requirements of the plurality of target business services in a future period of time, and the authentication mode corresponding to the user identity authentication request is determined to be unified identity authentication, so that the purpose of using a plurality of different target business services through one-time authentication can be realized through the unified identity authentication, and the user experience is improved.
Step S260, randomly selecting an authentication mode from the local database authentication and the unified identity authentication as the authentication mode corresponding to the user identity authentication request.
If the service usage data does not have a plurality of different usage records of the target service, a random number can be generated, and a corresponding authentication mode is randomly selected according to the random number. For example, if the random number is 0, the local database authentication is selected, and if the random number is 1, the unified identity authentication is selected.
Step S270, the authentication mode in the second historical time window is counted as the first number of user identity authentication requests of unified identity authentication, and the authentication mode corresponding to the user identity authentication requests is determined according to the first number.
Specifically, if the first number of the authentication modes in the second historical time window is larger than the first preset number, the authentication mode corresponding to the user identity authentication request is determined to be local database authentication, so that the load of the unified identity authentication server is reduced. If the authentication mode in the second historical time window is that the first number of the unified identity authentication is smaller than or equal to the first preset number, the authentication mode corresponding to the user identity authentication request is determined to be the unified identity authentication.
Step S280, counting the authentication modes in the second historical time window as the second number of the user identity authentication requests authenticated by the local database, and determining the authentication mode corresponding to the user identity authentication request according to the second number.
Specifically, if the number of authentication modes in the second historical time window is larger than the second preset number, the authentication mode corresponding to the user identity authentication request is determined to be unified identity authentication so as to reduce the authentication load of the local database terminal, and if the number of authentication modes in the second historical time window is smaller than or equal to the second preset number, the authentication mode corresponding to the user identity authentication request is determined to be local database authentication.
Therefore, the embodiment of the invention determines that the authentication mode corresponding to the user identity authentication request is unified identity authentication when determining that a plurality of different target service usage records exist in service usage data, thereby realizing the purpose of using a plurality of different target service by one-time authentication through the unified identity authentication when a user has the use requirements of a plurality of target service, improving the user usage experience and the authentication efficiency, determining the authentication mode corresponding to the user identity authentication request through a random determination mode when determining that a plurality of different target service usage records do not exist, improving the determination efficiency of the authentication mode, or determining the authentication mode corresponding to the user identity authentication request according to the number of the authentication requests corresponding to the unified identity authentication or the local database authentication in a second historical time window when determining that a plurality of different target service usage records do not exist, and avoiding overload of the unified identity authentication server or the local database.
Example III
Fig. 3 is a schematic flow chart of a user identity authentication method according to a third embodiment of the present invention. As shown in fig. 3, the method comprises the steps of:
step S310, receiving a user identity authentication request sent by a user terminal.
The embodiment of the invention can be executed by a preset middleware.
Step S320, obtaining service usage data of the user terminal in the first historical time window.
Step S330, determining an authentication mode corresponding to the user identity authentication request according to the service usage data, executing step S340 if the authentication mode is local database authentication, and executing step S350 if the authentication mode is unified identity authentication.
Step S340, the user identity authentication request is sent to the local database, and the authentication result fed back by the local database is sent to the user terminal.
If the authentication mode corresponding to the user identity authentication request is local database authentication, the user identity authentication request is sent to a local database. And the local database matches the stored data information with the information carried in the user identity authentication request, and determines whether the authentication passes or not according to a matching result. And feeding the authentication result back to the user terminal via the middleware.
In an optional implementation manner, if an authentication failure message fed back by the local database is received, the user identity authentication request is sent to the unified identity authentication server to perform authentication again, and an authentication result fed back by the unified identity authentication server is sent to the user terminal, so that authentication accuracy is improved. And if the re-authentication result of the unified identity authentication server is successful, feeding back a corresponding authentication success message to the user terminal.
Step S350, the user identity authentication request is sent to the unified identity authentication server, and the authentication result fed back by the unified identity authentication server is sent to the user terminal.
If the authentication mode corresponding to the user identity authentication request is unified identity authentication, the user identity authentication request is sent to a unified identity authentication server, and the unified identity authentication server processes the request to perform user identity authentication. The unified identity authentication in the embodiment of the invention can be LADP authentication, and the unified identity authentication server is a LADP authentication server, which is a lightweight unified authentication server. And further transmitting an authentication result fed back by the unified identity authentication server to the user terminal.
In an alternative embodiment, if an authentication failure message fed back by the unified identity authentication server is received, the user identity authentication request is sent to the local database, the local database performs authentication again, and an authentication result fed back by the local database is sent to the user terminal. If the re-authentication result is failure, the authentication failure message is fed back to the user terminal, and if the re-authentication result is successful, the authentication success message is fed back to the user terminal.
Taking fig. 4 as an example, a user identity authentication request initiated by a user terminal is sent to the middleware, and the middleware judges an authentication mode of the current user identity authentication request. If the authentication mode of the user identity authentication request is the local database authentication, the user identity authentication request is sent to the local database, and if the authentication mode of the user identity authentication request is the unified identity authentication, the user identity authentication request is sent to the unified identity authentication server. The middleware also feeds the authentication results fed back by the local database and the unified identity authentication server back to the user terminal.
Therefore, the embodiment of the invention receives the user identity authentication request by the middleware, and sends the request to the corresponding authentication end for authentication after determining the corresponding authentication mode, thereby avoiding the technical defects of high authentication end load, slow or incapable processing of authentication request processing caused by the authentication of a single authentication end and improving the stability of authentication service.
Example IV
Fig. 5 shows a schematic structural diagram of a user identity authentication device according to a fourth embodiment of the present invention. As shown in fig. 5, the apparatus 500 includes a receiving module 510, an acquiring module 520, and a determining module 530.
A receiving module 510, configured to receive a user identity authentication request sent by a user terminal;
an obtaining module 520, configured to obtain service usage data of the user terminal in a first historical time window;
A determining module 530, configured to determine an authentication mode corresponding to the user identity authentication request according to the service usage data;
The authentication mode comprises at least one of local database authentication and unified identity authentication.
In an alternative embodiment, the determining module 530 is further configured to determine a target business service corresponding to the unified identity authentication;
judging whether a plurality of different usage records of the target business service exist in the business service usage data;
if yes, determining that the authentication mode corresponding to the user identity authentication request is unified identity authentication.
In an alternative embodiment, the determining module 530 is further configured to randomly select one authentication mode from the local database authentication and the unified identity authentication as the authentication mode corresponding to the user identity authentication request if there are no multiple different usage records of the target service in the service usage data.
In an alternative embodiment, the determining module 530 is further configured to, if there are no usage records of a plurality of different target service in the service usage data, count a first number of user identity authentication requests in which the authentication mode is uniform identity authentication in the second historical time window;
if the first number is larger than the first preset number, determining an authentication mode corresponding to the user identity authentication request as local database authentication; and if the first number is smaller than or equal to the first preset number, determining an authentication mode corresponding to the user identity authentication request as unified identity authentication.
In an alternative embodiment, the determining module 530 is further configured to, if there are no usage records of a plurality of different target service in the service usage data, count a second number of user identity authentication requests authenticated by the local database in the authentication manner within the second historical time window;
if the second number is larger than a second preset number, determining an authentication mode corresponding to the user identity authentication request as unified identity authentication; and if the second number is smaller than or equal to a second preset number, determining an authentication mode corresponding to the user identity authentication request as a local database authentication.
In an alternative embodiment, the device further includes a prompt module (not shown in the figure) configured to determine, after the receiving the user identity authentication request sent by the user terminal, whether a third number of received user identity authentication requests in a third historical time window is greater than or equal to a third preset number;
If yes, the prompt information which cannot be authenticated currently is fed back to the user terminal.
In an optional embodiment, the apparatus further includes a sending module (not shown in the figure), configured to send the user identity authentication request to a local database if the authentication mode corresponding to the user identity authentication request is local database authentication, and send an authentication result fed back by the local database to the user terminal.
In an optional implementation manner, the sending module is further configured to send the user identity authentication request to a unified identity authentication server and send an authentication result fed back by the unified identity authentication server to the user terminal if the authentication result fed back by the local database is authentication failure.
In an optional implementation manner, the device further includes a sending module, configured to send the user identity authentication request to a unified identity authentication server if the authentication mode corresponding to the user identity authentication request is unified identity authentication, and send an authentication result fed back by the unified identity authentication server to the user terminal.
In an optional implementation manner, the sending module is further configured to send the user identity authentication request to a local database if the authentication result fed back by the unified identity authentication server is authentication failure, and send the authentication result fed back by the local database to the user terminal.
In an alternative embodiment, the unified identity authentication is LADP authentication.
The specific implementation process of each module in the device may refer to the corresponding description in the method embodiment, and will not be repeated herein.
Therefore, the technical defects that the load of the authentication end is high, the authentication request is slow to process or can not be processed due to the authentication of the single authentication end are overcome, the stability of authentication service is improved, and the authentication mode corresponding to the user identity authentication request is obtained and determined according to the service usage data of the request initiating end, so that the matching degree of the authentication mode and the user identity authentication request can be improved, and the authentication efficiency and the authentication precision can be improved.
Example five
A fifth embodiment of the present invention provides a non-volatile computer storage medium, where at least one executable instruction is stored, where the computer executable instruction may perform the user identity authentication method in any of the foregoing method embodiments.
Example six
Fig. 6 shows a schematic structural diagram of a computing device according to a sixth embodiment of the present invention. The specific embodiments of the present invention are not limited to a particular implementation of a computing device.
As shown in FIG. 6, the computing device may include a processor 602, a communication interface (Communications Interface) 604, a memory 606, and a communication bus 608.
Wherein the processor 602, the communication interface 604, and the memory 606 communicate with each other via a communication bus 608. Communication interface 604 is used to communicate with network elements of other devices, such as clients or other servers. The processor 602 is configured to execute the program 610, and may specifically perform relevant steps in the above-described user identity authentication method embodiment.
In particular, program 610 may include program code including computer-operating instructions.
The processor 602 may be a central processing unit CPU, or an Application-specific integrated Circuit ASIC (Application SPECIFIC INTEGRATED Circuit), or one or more integrated circuits configured to implement embodiments of the present invention. The computing device may include one or more processors of the same type, such as one or more CPUs, or of different types, such as one or more CPUs and one or more ASICs.
A memory 606 for storing a program 610. The memory 606 may comprise high-speed RAM memory or may further comprise non-volatile memory (non-volatile memory), such as at least one disk memory. The program 610 may be specifically configured to cause the processor 602 to perform the user identity authentication method in any of the above-described method embodiments.
The algorithms or displays presented herein are not inherently related to any particular computer, virtual system, or other apparatus. Various general-purpose systems may also be used with the teachings herein. The required structure for a construction of such a system is apparent from the description above. In addition, embodiments of the present invention are not directed to any particular programming language. It will be appreciated that the teachings of the present invention described herein may be implemented in a variety of programming languages, and the above description of specific languages is provided for disclosure of enablement and best mode of the present invention.
In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the above description of exemplary embodiments of the invention, various features of the embodiments of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the apparatus of the embodiments may be adaptively changed and disposed in one or more apparatuses different from the embodiments. The modules or units or components of the embodiments may be combined into one module or unit or component and, furthermore, they may be divided into a plurality of sub-modules or sub-units or sub-components. Any combination of all features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or units of any method or apparatus so disclosed, may be used in combination, except insofar as at least some of such features and/or processes or units are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings), may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments herein include some features but not others included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments can be used in any combination.
Various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that some or all of the functionality of some or all of the components according to embodiments of the present invention may be implemented in practice using a microprocessor or Digital Signal Processor (DSP). The present invention can also be implemented as an apparatus or device program (e.g., a computer program and a computer program product) for performing a portion or all of the methods described herein. Such a program embodying the present invention may be stored on a computer readable medium, or may have the form of one or more signals. Such signals may be downloaded from an internet website, provided on a carrier signal, or provided in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The use of the words first, second, third, etc. do not denote any order. These words may be interpreted as names. The steps in the above embodiments should not be construed as limiting the order of execution unless specifically stated.