JP2005057571A - Connection confirmation information management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To appropriately function a burglar prevention system for appropriately confirming connection of units even if a user intentionally exchanges the unit and preventing burglar of a unit group by confirming connection of the units. <P>SOLUTION: A center (Z) 2 manages connection confirmation information used for confirmation of connection of the units (A)3 to (D)6, reads connection confirmation information from the unit and writes connection confirmation information to the unit. When the user intentionally exchanges the unit, regular connection confirmation information is written into the unit where connection confirmation information is necessary for rewriting. Thus, the burglar prevention system for permitting the units to appropriately confirm connection and for preventing burglar of the unit group by confirming connection between the units is appropriately functioned. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a system for managing connection confirmation information used by a plurality of devices to confirm connection between devices.

  For example, in order to prevent the vehicle from being stolen, in-vehicle devices perform connection confirmation, and when it is detected that the connection confirmation is normal, a plurality of in-vehicle devices operate normally. An anti-theft system configured such that a plurality of in-vehicle devices stop operating when it is detected that the connection confirmation is not normal has been considered. According to this, when a vehicle is stolen and the in-vehicle device is replaced maliciously by the thief, it is detected that the connection confirmation with the newly installed in-vehicle device is not normal by the thief. Thus, for example, the operation of the engine ECU is forcibly stopped, so that it is possible to drastically reduce the willingness on the side of the theft and appropriately prevent the vehicle from being stolen.

  By the way, there is a case where the thief does not maliciously change but the vehicle user intentionally replaces the in-vehicle device for the purpose of improving the function, for example. However, in this case, if accurate connection confirmation information is not stored in the newly installed in-vehicle device, it is detected that the connection confirmation is not normal for the in-vehicle device group, so the vehicle is stolen and the in-vehicle device is In spite of the fact that the vehicle has been replaced, the vehicle is stolen and it is erroneously determined that the in-vehicle device has been replaced, and there is a problem that the anti-theft system cannot function properly.

Here, there is one in which the center writes information in the in-vehicle device (for example, see Patent Document 1).
Japanese Patent No. 2876469

  However, what is described in Patent Document 1 described above is that the center writes information related to the in-vehicle device itself into the in-vehicle device, and thus the above-described problem has not been solved.

  The present invention has been made in view of the above-described circumstances, and the purpose of the present invention is to allow devices to appropriately perform connection confirmation even after the user intentionally replaces the devices. It is to provide a connection confirmation information management system capable of appropriately functioning a theft prevention system for preventing a group of devices from being stolen by performing a connection confirmation between them.

  According to the invention described in claim 1, the center transmits the connection confirmation information used for confirming the connection between the devices to each other through the communication network with the devices. Reads connection confirmation information and writes connection confirmation information to the device. As a result, the center manages the connection confirmation information, and when the user intentionally replaces the device by reading the connection confirmation information from the device or writing the connection confirmation information to the device, the center will By writing legitimate connection confirmation information on the devices attached to the device, the devices can properly confirm the connection even after the user intentionally replaces the devices. The anti-theft system that prevents the device group from being stolen by performing the connection check can function appropriately.

  According to the second aspect of the present invention, the center encrypts the reading of the connection confirmation information from the device and the writing of the connection confirmation information to the device. As a result, it is possible to prevent the connection confirmation information communicated between the center and the device from being unnecessarily decoded and to improve safety.

  According to the invention described in claim 3, the center reads the connection confirmation information from the device and the connection confirmation information to the device when the device is located in a specific area or in a specific time zone. Write. As a result, it is possible to prevent the connection confirmation information from being read or written in an unauthorized area or an unauthorized time zone by limiting the area or time zone in which the connection confirmation information is read or written. This can improve safety.

  According to the invention described in claim 4, the center reads connection confirmation information from the device and writes connection confirmation information to the device through a specific facility. As a result, by restricting the equipment that reads and writes the connection confirmation information, it is possible to prevent the connection confirmation information from being read and written by unauthorized equipment, and the safety can be further improved. it can.

  According to the invention described in claim 5, the center stores the owner information of the equipment and facilities, and when the owner information is valid, the center reads the connection confirmation information and confirms the connection to the equipment. Write information. As a result, it is possible to refuse reading of the connection confirmation information from the device and writing of the connection confirmation information to the device by a person other than the rightful owner of the device or equipment, and the safety can be further improved.

(First embodiment)
Hereinafter, a first embodiment of the present invention will be described with reference to FIGS. FIG. 1 schematically shows the overall configuration of the system. The connection confirmation information management system 1 includes a center (Z) 2 and devices (A) 3 to (D) 6. The center (Z) 2 is configured to be able to communicate with the device (A) 3 through a telephone network. The device (A) 3, the device (B) 4, and the device (C) 5 are connected through the first communication line 7, and the device (C) 5 and the device (D) 6 are in the second communication. Connected through line 8. These devices (A) 3 to (D) 6 are, for example, in-vehicle devices mounted on a vehicle.

  In this case, the device (A) 3 performs connection confirmation between the device (B) 4 and the device (D) 6. More specifically, the device (A) 3 confirms connection with the device (B) 4 through the first communication line 7. In addition, the device (A) 3 performs connection confirmation with the device (C) 5 through the first communication line 7. Further, the device (A) 3 performs connection confirmation with the device (D) 6 through the first communication line 7, the device (C) 5, and the second communication line 8. Each of the devices (B) 4 to (D) 6 performs connection confirmation with the device (A) 3. FIG. 2 shows a list of the connection confirmation relationships between the devices described above, and shows the connection confirmation path when each device confirms the connection with the connection confirmation target device. And each device performs connection confirmation by performing data communication, and when data communication is normally completed, it detects that the connection confirmation is normal, and when data communication is not completed normally, Detects that the connection check is not normal.

In the configuration described above, each of the center (Z) 2 and the devices (A) 3 to (D) 6 holds an encryption key that is used when the devices perform connection confirmation by encryption. FIG. 3 shows an encryption key held by each of the center (Z) 2 and the devices (A) 3 to (D) 6. In this case, the center (Z) 2 holds encryption keys for C _(za ), C _(zb) , C _(zc) , and C _(zd) , and the devices (A) 3 to (D) 6 It also holds information about the connection configuration and the encryptors held by each device.

The device (A) 3 holds C _(az) , C _(ab) , C _(ac) , and C _(ad) encryption keys. The device (B) 4 holds C _(bz) and C _(ba) encryption keys. The device (C) 5 holds C _(cz) and C _(ca) encryption keys. The device (D) 6 holds C _(dz) and C _(da) encryption keys.
Then, the device (A) 3 performs connection confirmation with each of the devices (B) 4 to (D) 6 as follows. Here, with reference to FIG. 4, a procedure in which the device (A) 3 performs connection confirmation with the device (B) 4 will be described as a representative.

The device (A) 3 generates a random number X1 (step S1), and transmits a signal m1 including the random number X1 to the device (B) 4. When the signal m1 is received from the device (A) 3, the device (B) 4 extracts the random number X1 from the signal m1 and encrypts the random number X1 with the encryption key C _(ba) to generate the random number X2 ( Step S2) and generating a random number Y1 (Step S3). Next, the device (B) 4 transmits a signal m2 including the random number X2 and the random number Y1 to the device (A) 3.

When the signal m2 is received from the device (B) 4, the device (A) 3 extracts the random number X2 and the random number Y1 from the signal m2, and identifies the random number X2, thereby encrypting the device (B) 4. It is determined whether or not has been performed normally (step S4). Next, when the device (A) 3 detects that the encryption is normally performed by the device (B) 4, the random number Y1 is encrypted with the encryption key C _(ab) to generate the random number Y2 (step S5). ), A signal m3 including the random number Y2 is transmitted to the device (B) 4.

  When the signal m3 is received from the device (A) 3, the device (B) 4 extracts the random number Y2 from the signal m3 and identifies the random number Y2, whereby the device (A) 3 performs normal encryption. It is determined whether or not it has been performed (step S6). Next, when the device (B) 4 detects that the encryption is normally performed in the device (A) 3, the device (B) 4 transmits a signal m4 to the device (A) 3. The device (A) 3 detects that the data communication with the device (B) 4 has been normally performed by receiving the signal m4 from the device (B) 4, and the device (B) 4 It detects that the connection is normal.

  The device (A) 3 encrypts the connection confirmation with the device (B) 4 in this way, and encrypts the connection confirmation with the device (C) 5 by the same procedure. At the same time, the connection confirmation with the device (D) 6 is also encrypted. In other words, in the configuration described above, the devices (A) 3 to (D) 6 prevent theft of the device group by confirming the connection to each other, and the connection confirmation is performed between all the devices. When it is detected that the device is normal, it operates normally as a device group. On the other hand, when it is detected that the connection confirmation between any of the devices is not normal, the device group stops operating. It is configured as follows. Note that the encryption method used for connection confirmation may be a public key encryption method in which encryption is performed with a public key and decryption is performed with a secret key, and encryption and decryption are performed with the same secret key. A secret key cryptosystem may be used.

  Now, as shown in FIG. 5, a case where the user intentionally replaces the device (D) 6 with the device (P) 9 will be described. In this case, the user makes a device replacement application to the center (Z) 2. The application may be made by mailing paper or electronically using a telephone line. The center (Z) 2 checks whether or not the device (P) 9 is a legitimate property of the user and confirms whether or not the replacement of the device is valid. The center (Z) 2 informs the user if the replacement of the device is not valid, and contacts the police if necessary. On the other hand, if the replacement of the device is valid, The connection confirmation information is written in the following procedure.

  First, the power source of the vehicle is cut off, and the device (D) 6 is replaced with the device (P) 9. Next, the vehicle is turned on, the device (A) 3 is operated to connect the device group and the center (Z) 2, and the processing shown in FIG. 6 is performed.

  The center (Z) 2 investigates the connection status of the device group (device (A) 3 to device (P) 9) through the device (A) 3 (step S11). Next, the center (Z) 2 confirms that the device (D) 6 has been replaced with the device (P) 9 based on the connection status of the device group, and generates connection confirmation information in accordance with this change (step). S12).

  Next, the center (Z) 2 investigates a change in the connection confirmation information, and specifies a device that needs to be rewritten as the connection confirmation information (step S13). In this case, the center (Z) 2 determines that it is necessary to rewrite the connection confirmation information of the device (A) 3 and the device (P) 9, and rewrites the connection confirmation information of the device (A) 3 (step S14). Subsequently, the connection confirmation information of the device (P) 9 is rewritten (step S15).

In this case, the center (Z) 2 encrypts the connection confirmation information for the device (A) 3 with the encryption key C _(za) and transmits it to the device (A) 3, and the device (A) 3 2 decrypts the connection confirmation information received from 2 with the encryption key C _(az) as the decryption key. Thereby, it is possible to prevent the connection confirmation information for the device (A) 3 from being unnecessarily decoded. The connection confirmation information for the device (A) 3 here is, for example, a connection confirmation path between the device (A) 3 and the device (P) 9, an encryption key used for connection confirmation, and the like.

  Next, the center (Z) 2 transmits connection confirmation information for the device (A) 3 to the device (A) 3 through the telephone network, and then creates connection confirmation information for the device (P) 9 (step S15). (P) The connection confirmation information for 9 is transmitted to the device (A) 3 through the telephone network. When the connection confirmation information for the device (P) 9 is received from the center (Z) 2, the device (A) 3 transmits the connection confirmation information for the device (P) 9 to the device (P) 9. And the apparatus (P) 9 will memorize | store the connection confirmation information with respect, when the connection confirmation information with respect to itself is received from the apparatus (A) 3 (step S16).

In this case, the center (Z) 2 encrypts the connection confirmation information with the encryption key C _(zp) and transmits it to the device (P) 9 through the device (A) 3, and the device (P) 9 2 decrypts the connection confirmation information received from the device (A) 3 using the encryption key C _(pz) as the decryption key. Thereby, it is possible to prevent the connection confirmation information for the device (P) 9 from being unnecessarily decoded. The connection confirmation information for the device (P) 3 here is, for example, a connection confirmation path between the device (P) 9 and the device (A) 3 and an encryption key used for connection confirmation.

  Through the processing described above, when the device (D) 6 is replaced with the device (P) 9, the center 2 receives the connection confirmation information when the device (D) 6 is replaced with the device (P) 9. Regular connection confirmation information is written in the device that needs to be changed, that is, in this case, the device (A) 3 and the device (P) 9.

  By the way, in the configuration described above, when the current position signal indicating the current position of the device group transmitted from the device group is received at the center (Z) 2, the current position of the device group is identified, and the device group It is also possible to configure to send connection confirmation information only when located in a specific area. This assumes that the connection confirmation information of the device group mounted on the vehicle can be changed only near the home, for example. It is also possible to configure so that the connection confirmation information is transmitted only in a specific time zone. This assumes that the connection confirmation information of the device group mounted on the vehicle can be changed only from 12:00 to 17:00 on Sunday, for example. This makes it difficult for the vehicle thief to illegally change the connection confirmation information. In this case, the specific area and the specific time zone may be set by an administrator who manages the system, or may be set by a user who uses the device group.

  The above describes the case where the center (Z) 2 writes the connection confirmation information to the device. However, the center (Z) 2 reads the connection confirmation information from the device as necessary. It is possible to write the connection confirmation information to the device after identifying the read connection confirmation information.

  As described above, according to the first embodiment, the center (Z) 2 manages the connection confirmation information used in the connection confirmation of the devices (A) 3 to (D) 6 and connects from the devices. Since the configuration is such that the confirmation information is read and the connection confirmation information to the device is written, for example, when the user intentionally replaces the device (D) 6 with the device (P) 9, the center (Z) 2 By writing regular connection confirmation information in the device (A) 3 and the device (P) 9, the devices can appropriately perform connection confirmation even after the user intentionally replaces the devices. The anti-theft system for preventing the theft of the device group can be appropriately functioned by confirming the connection between the devices.

  In addition, since the center (Z) 2 is configured to read the connection confirmation information from the device and write the connection confirmation information to the device by encryption, the center (Z) 2 is communicated between the center (Z) 2 and the device. It is possible to prevent unnecessary connection confirmation information from being decoded unnecessarily, and safety can be improved.

  The center (Z) 2 reads the connection confirmation information from the device and writes the connection confirmation information to the device only when the device group is located in a specific area or during a specific time zone. If it is configured, it is possible to prevent the connection confirmation information from being read or written in an unauthorized area or an unauthorized time period by limiting the area or time zone in which the connection confirmation information is read or written. Can increase safety.

(Second Embodiment)
Next, a second embodiment of the present invention will be described with reference to FIG. In addition, description is abbreviate | omitted about the same part as above-mentioned 1st Embodiment, and a different part is demonstrated.
In the first embodiment described above, the center (Z) 2 is configured to transmit the connection confirmation information directly to the device (A) 3 through the telephone network. On the other hand, the second embodiment The center (Z) 2 transmits connection confirmation information to the read / write dedicated device 10 (specific equipment in the present invention) through the telephone network, and the read / write dedicated device 10 and the device (A) 3 The read / write-only device 10 is configured to transmit connection confirmation information to the device (A) 3 when connected by wire (for example, the cable 11) or cordless.

  This is a method for writing connection confirmation information when there is no in-vehicle device having a function capable of connecting to the telephone network. Specifically, it is conceivable that after an in-vehicle device is assembled by a vehicle manufacturer, after an in-vehicle device is replaced or newly installed at a maintenance shop or a car accessories store. Note that the read / write device 10 may be connected to the first communication line 7 without being connected to the device (A) 3.

  As described above, according to the second embodiment, the center (Z) 2 reads the connection confirmation information from the device and writes the connection confirmation information to the device through the read / write dedicated device 10. Because it is configured, by restricting the equipment that reads and writes the connection confirmation information, it is possible to prevent the connection confirmation information from being read and written by unauthorized equipment, and to improve safety. Can do.

(Other embodiments)
The present invention is not limited to the above-described embodiment, and can be modified or expanded as follows.
The configuration is not limited to the configuration applied to the device group mounted on the vehicle, and may be the configuration applied to the device group mounted on another device.

The figure which shows schematically the whole structure of the 1st Embodiment of this invention. A diagram showing the connection confirmation target devices and connection confirmation paths for each device Diagram showing the encryption key of the center and each device Sequence Diagram 3 equivalent diagram 4 equivalent diagram The figure which shows schematically the whole structure of the 2nd Embodiment of this invention.

Explanation of symbols

In the drawings, 1 is a connection confirmation information management system, 2 is a center, 3 to 6 are devices, 9 is a device, and 10 is a read / write-only device (specific equipment).

Claims (5)

A system that manages connection confirmation information used by multiple devices to confirm connection between devices,
A connection confirmation information management system comprising a center for reading connection confirmation information from a device and writing connection confirmation information to the device by communicating the connection confirmation information with the device through a communication network. In the connection confirmation information management system according to claim 1,
The center is a connection confirmation information management system characterized in that the connection confirmation information read from the device and the connection confirmation information written to the device are encrypted. In the connection confirmation information management system according to claim 1 or 2,
The center confirms the connection by reading the connection confirmation information from the device and writing the connection confirmation information to the device when the device is located in a specific area or at a specific time zone. Information management system. In the connection confirmation information management system according to any one of claims 1 to 3,
A connection confirmation information management system in which the center reads connection confirmation information from a device and writes connection confirmation information to the device through a specific facility. In the connection confirmation information management system according to any one of claims 1 to 4,
The center stores equipment and facility owner information, and when the owner information is valid, the center reads connection confirmation information from the equipment and writes connection confirmation information to the equipment. Confirmation information management system.

Images