JP2007122256A - Network communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a network communication system for improving the working efficiency of maintenance. <P>SOLUTION: Server side communication equipment SN is connected through an IP network NW to client side communication equipment CN one to one, and the operation signals of a mouse MS and a keyboard KB are transmitted to the opposite server side communication equipment SN by the client side communication equipment CN, and the operation signal is received, and output to a server side computer SC by the server side communication equipment SN. Also, a monitor signal to be output from the server side computer SC is transmitted to client side communication equipment CN by the server side communication equipment SN, and the monitor signal is received, and output to the monitor MN by the client side communication equipment CN. Thus, it is possible to make this network communication system behave just like the server side computer SC and the client side monitor MN, a mouse MS and a keyboard KB are connected through an extension cable whose length is infinite. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a network communication system for accessing, for example, a server computer installed in a remote place from a network terminal installed in a company, a home, a store or the like.

  Currently, personal computers (hereinafter referred to as PCs) are installed in each company, home, store, etc., and connected to the Internet via this to browse the World-Wide Web (WWW) and exchange e-mails. It is carried out. A generally used PC is composed of components such as a CPU, a ROM, a RAM, and an HDD, and operates via an operating system (hereinafter referred to as an OS). However, with this method, there is a possibility that important information may disappear when a failure occurs in the OS or HDD, or the entire system may be destroyed by a virus attached to a malicious mail.

  In order to solve these problems, the number of client terminals called “thin clients” or “dumb terminals” is increasing in the market. These terminals eliminate the storage device such as HDD from the current PC and have the same function in the server side computer. The terminal itself does not store the data of each user, and all the data is stored in the server side computer. It is a mechanism for processing and saving. A general “thin client” or “dumb terminal” is a terminal specialized in use, and the basic structure is the same as a PC that is generally popular. In other words, a predetermined OS is operating on the client terminal, and the server side computer is connected via the OS (see, for example, Non-Patent Document 1).

“Blade Client Computer CLEARCUBE” <URL: http://www.hitachi-system.co.jp/clearcube/sp/index.html>

  However, as described above, in the “thin client” and “dumb terminal”, the configuration on the client side is basically a PC itself, and a server installed in a remote place for storing personal data and executing application software, etc. It was done on the side computer. In this case, since the client side terminal functions as a computer on which a conventional OS operates, if there is a security hole in the OS, there is a possibility of being hacked or cracked from the outside. In addition, OS update processing for each client terminal is required, and labor is required for maintenance work. Further, in the prior art, since the processing at the client side terminal depends on the OS, the OS operating on the server side computer is inevitably limited, and the server side OS cannot be freely selected. It was.

  The present invention has been made paying attention to the above circumstances, and its object is to provide network communication that gives freedom in selecting an OS and application software to be used, and can improve maintenance work efficiency and reliability. To provide a system.

  In order to achieve the above object, a network communication system according to the present invention connects an operation unit and a multimedia signal processing device on a client side to a server side computer via a communication network based on TCP / IP (Transmission Control Protocol / Internet Protocol). A network communication system for performing communication between a server-side communication device interposed between the server-side computer and the communication network, the client-side operation device and multimedia signal processing device, and the communication network. A client-side communication device interposed in the network. The server-side communication device converts a multimedia signal output from the video output terminal of the server-side computer into a TCP / IP packet and transmits the TCP / IP packet to the client-side communication device via the communication network. And receiving the TCP / IP packet representing the operation signal transmitted from the client side communication device via the communication network, converting it to the original signal format, and outputting it to the operation signal input terminal of the server side computer Means. The client-side communication device receives an operation signal output from the operation device, converts the operation signal into a TCP / IP packet, and transmits the TCP / IP packet to the server-side communication device via the communication network; Receiving means for receiving a TCP / IP packet representing the multimedia signal transmitted from a server-side communication device via a communication network, converting it to an original signal format, and outputting the original signal format to the multimedia signal processing device; It is.

  In the network communication system configured as described above, the server-side communication device and the client-side communication device are connected one-to-one via a communication network. Then, the operation signal of the operating device is transmitted to the opposite server-side communication device by the client-side communication device and input to the server-side computer. In addition, the multimedia signal output from the server side computer is transmitted to the client side communication device by the server side communication device and output to the multimedia signal processing device. As a result, it behaves as if the server-side computer and the multimedia signal processing device and the controller installed in the client-side system are connected by an infinite length extension cable via the communication network.

  Thereby, since there is no OS on the client side, there is no need to update the OS, and the system administrator only needs to perform maintenance on the server side computer. Therefore, it is possible to realize a network communication system that can improve maintenance work efficiency and reliability. In the prior art, since the communication processing on the client side depends on the OS, the OS that runs on the server side computer is inevitably limited. However, in the present invention, the server side computer is connected to the desired OS. It becomes possible to operate.

The network communication system of the present invention is also characterized by having the following various configurations.
1stly, the transmission means of each of the said server side communication apparatus and the client side communication apparatus is further equipped with the encryption means which encrypts the said TCP / IP packet, Each receiving means of the said server side communication apparatus and the client side communication apparatus Comprises decryption means for decrypting the original TCP / IP packet from the packet encrypted by the encryption means.
By performing encryption processing on packets transmitted through the communication network, it is possible to perform secure communication while maintaining confidentiality even when using a public network such as the Internet.

  Second, when the communication network is configured by a VPN (Virtual Private Network), the encryption means of each of the server side communication device and the client side communication device defines the TCP / IP packet as the VPN. The packet is converted into a VPN communication packet, and the decryption means of each of the server side communication device and the client side communication device converts the VPN communication packet into an original TCP / IP packet.

  In the above configuration, the server side computer and the client side operate as a gateway function that is connected in a completely transparent manner as a VPN tunnel encrypted by an encryption method such as IPSec (Internet Protocol Security). To do. In this way, it is possible to prevent dangers such as eavesdropping and falsification of transmission packets, and to use an existing network like a dedicated line.

Thirdly, it further comprises user authentication means for authenticating the user on the client side, and is connected to the server side computer only when authentication is confirmed by the user authentication means.
In the present invention, even when the session from the client side is disconnected, the use state can be maintained as it is on the server side computer. In this state, in order to establish a session again, it is necessary to perform user authentication. By combining with biometrics such as fingerprint authentication in addition to ID and password authentication that are conventionally used, user authentication can be performed easily and reliably, and safety can be improved. In addition, by introducing user authentication as described above, a single client-side system can be shared by a plurality of users.

  In the above network communication system, when an OS / application server is connected to the server-side computer, the server-side computer accesses the application server in response to an OS / application software selection request transmitted from the client-side communication device. Then, the OS / application software of the server side computer is set and updated.

  Since most conventional thin client systems use a predetermined OS for the client side terminal, the OS to be operated on the server side computer is inevitably determined. In the present invention, since there is no such limitation, by providing an OS / application server, the user can install a desired OS or application software on the server-side computer, and the user suits himself / herself. Environment can be constructed easily.

  Therefore, according to the present invention, it is possible to provide a network communication system that gives a degree of freedom in selecting an OS and application software to be used and can improve maintenance work efficiency and reliability.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
FIG. 1 is a block diagram showing an embodiment of a network communication system according to the present invention. In this system, a data center 1 in which a server computer is installed and a client system 2 can be connected via an IP (Internet Protocol) network NW.

  A LAN (Local Area Network) 11 is laid in the data center 1, and the LAN 11 is connected to the IP network NW via a gateway 12 and a router 13. The IP network NW uses, for example, a general Internet line based on existing TCP / IP. In the data center 1, server-side computers SC1 to SCn are installed for each user, and are connected to the LAN 11 respectively. In the present embodiment, the server side computers SC1 to SCn are assigned to each user one by one. However, a plurality of users may share one server side computer.

  The data center 1 is provided with server side communication devices SN1 to SNn for each of the server side computers SC1 to SCn. The server side communication devices SN1 to SNn are input / output terminals of the server side computers SC1 to SCn, here, keyboard input terminals, mouse output terminals, monitor input terminals corresponding to keyboard input terminals, mouse input terminals, and monitor output terminals. And each terminal is cable-connected to a corresponding terminal of the server-side computers SC1 to SCn. Further, the server side communication devices SN1 to SNn have a connection terminal to the LAN 11, and are connected to the IP network NW via the LAN 11.

In addition, an application software storage server 14 is connected to the data center 1 on the LAN 11, and an OS or application software according to the designation of each user can be loaded on each server computer SC1 to SCn. it can.
The client side system 2 is provided with client side communication devices CN1 to CNn for each user. However, since these client side communication devices CN1 to CNn can be used by a plurality of users sharing one device, the client side communication devices for the number of users are not necessarily required. . The client side communication devices CN1 to CNn are monitor output terminals for connecting monitors MN1 to MNn as multimedia signal processing devices, keyboards KB1 to KBn as operation input devices, and a keyboard for connecting mice MS1 to MSn. An input terminal and a mouse input terminal are provided, and each terminal is cable-connected to a corresponding device terminal. Each of the client side communication devices CN1 to CNn has a connection terminal to the LAN 21 installed in the client side system 2, and is connected to the IP network NW via the gateway 22 and the router 23 by connecting to the LAN 21. The

  Here, configurations of the server side communication devices SN1 to SNn and the client side communication devices CN1 to CNn will be described. Hereinafter, the reference numerals of the server side communication devices SN1 to SNn are denoted by SN, and the reference numerals of the client side communication devices CN1 to CNn are denoted by CN. The reference numerals of the server side computers SC1 to SCn are described as SC, the monitors MN1 to MNn, the keyboards KB1 to KBn, and the reference numerals of the mice MS1 to MSn as MN, KB, and MS, respectively. FIG. 2 is a block configuration diagram of the server side communication device SN, and FIG. 3 is a block configuration diagram of the client side communication device CN.

  In FIG. 2, the server side communication device SN includes a monitor input terminal 201, a mouse output terminal 202, a keyboard output terminal 203, a keyboard output terminal 203, an A / D converter 204, a monitor signal processing unit 205, a mouse signal. A processing unit 206, a keyboard signal processing unit 207, a communication processing unit 208, and a LAN connector 209 are provided. The monitor input terminal 201, the mouse output terminal 202, and the keyboard output terminal 203 are connected to the monitor output terminal, the mouse input terminal, and the keyboard output terminal of the server-side computer SC by cables. The LAN connector 209 is connected to the LAN 11 in the data center 1.

  The monitor signal output from the server side computer SC is taken in by the monitor input terminal 201 and converted into a digital signal by the A / D converter 204. The digitized monitor signal is developed in the video RAM in the monitor signal processing unit 205 and supplied to the communication processing unit 208 in units of blocks. The communication processing unit 208 is configured by a hardware circuit having a transmission / reception function by TCP / IP and an encryption / decryption function by IPSec. With this configuration, TCP / IP packetization and encryption can be performed at a higher speed than when the above processing is performed by software, and the number of clients that can be connected can be increased. In the communication processing unit 208, the packetized and encrypted monitor signal is transmitted to the LAN 11 by the LAN connector 209 and transmitted to the client side system 2 via the IP network NW.

  In addition, the packetized and encrypted mouse signal transmitted from the client side system 2 arrives at the LAN connector 209 via the IP network NW. The packetized and encrypted mouse signal is decrypted by the communication processing unit 208, converted into the original format, and then input to the mouse signal processing unit 206. The converted mouse signal is put on a reference clock in the mouse signal processing unit 206 and input to the server-side computer SC through the mouse output terminal 202. The keyboard signal is also input to the server computer SC in the same manner as the mouse signal.

  On the other hand, as shown in FIG. 3, the client side communication device CN includes a monitor output terminal 301, a mouse input terminal 302, a keyboard input terminal 303, a D / A converter 304, a monitor signal processing unit 305, a mouse. A signal processing unit 306, a keyboard signal processing unit 307, a communication processing unit 308, and a LAN connector 309 are provided. The monitor output terminal 301, the mouse input terminal 302, and the keyboard input terminal 303 are connected to the monitor MN, mouse MS, and keyboard KB by cables. The LAN connector 309 is connected to the LAN 21 in the client side system 2.

  The packetized and encrypted monitor signal transmitted from the server-side computer SC is captured by the LAN connector 309 via the IP network NW and supplied to the communication processing unit 308. Similar to the communication processing unit 208 of the server side communication device SN, the communication processing unit 308 is configured by a hardware circuit having a transmission / reception function by TCP / IP and an encryption / decryption function by IPSec. The packetized and encrypted monitor signal is decrypted by the communication processing unit 308 and converted into the original format. The converted monitor signal is developed in the video RAM in the monitor signal processing unit 305 and then converted into an analog signal by the D / A converter 304. Then, the signal is output from the monitor output terminal 301 to the monitor MN.

  A mouse signal input from the mouse MS is captured by the mouse input terminal 302 and supplied to the communication processing unit 308 in block units via the mouse signal processing unit 306. In the communication processing unit 308, the packetized and encrypted mouse signal is transmitted to the LAN 21 by the LAN connector 309 and transmitted to the server computer SC via the IP network NW. The keyboard signal is also transmitted to the server computer SC in the same manner as the mouse signal.

  FIG. 4 shows the product shape of the server-side communication device. The server-side communication device SN is configured in a box shape in which a monitor input terminal 201, a mouse output terminal 202, a keyboard output terminal 203, and a LAN connector 209 are arranged. Further, as shown in FIG. 5, a board shape including a substrate 51 provided with a monitor input terminal 201, a mouse output terminal 202, a keyboard output terminal 203, and a LAN connector 209 can be used. By connecting the connector 52 of this board to the PCI bus or the like of the server side computer SC, the server side computer SC and the server side communication device SN can be integrated.

  On the other hand, the client side communication device CN is also configured in the same box shape as the server side communication device SN shown in FIG. In addition to the box shape, the client-side communication device CN can be configured, for example, as a type built into a monitor display or a type built into a keyboard body.

Next, the operation of the network communication system configured as described above will be described.
When the client-side communication device CN is activated, a session for each user is established with the server-side communication device SN installed for accessing the server-side computer SC. , 22. Each user can use the server-side computer SC by performing personal authentication using an ID and a password in order to identify the individual user. As for the authentication method, it is effective to use biometrics (biometric authentication) together in order to improve safety. When using biometrics in combination, a biometric sensor is provided in the client side communication device CN, or external connection is possible. In the authentication process itself, the sensor information may be performed by either the server side computer SC or the client side communication device CN.

  After the session is established, operation signals for the client-side mouse MS and keyboard KB are transmitted from the client-side device CN to the server-side communication device SN and input to the server-side computer SC. The server side computer SC operates based on the input operation signal. The monitor output of the server side computer SC is transmitted as a monitor signal to the client side device CN via the server side communication device SN. As a result, the operation result is displayed on the monitor MN connected to the client side device CN.

  That is, the server side computer SC and the keyboard KB, mouse MS, and monitor MN installed on the client side are equivalent to the state where they are connected with an infinite length of extension cable, and the user is installed at a remote place at their desk. The server-side computer SC thus made can be used as its own PC.

  Furthermore, when the user goes out or travels, a server dedicated to him / herself from anywhere can be connected to the Internet by carrying the client side communication device CN, keyboard KB, mouse MS, and monitor MN. It becomes possible to connect to the side computer SC. In this case, when the client side communication device CN and the keyboard KB, the mouse MS, and the monitor MN of the present invention are already installed at the place of going out and business trip, the user goes out without carrying any equipment. It is possible to safely connect and use the server-side computer SC for personal use through personal authentication using the facilities at the business trip destination. At this time, since the communication path is encrypted by the VPN tunnel by IPSec, the confidentiality of the information is ensured.

  The maintenance of the server side computer SC is all performed in the data center 1, and each user does not need to perform the maintenance of the PC as in the past. Which OS is installed by the user and what application is to be used are instructed to the application storage server 14 installed in the data center 1, and the necessary OS and application software are provided from there. By loading the dedicated server side computer SC, the setting can be easily performed.

  As described above, in this embodiment, there is a one-to-one correspondence between the server-side communication device SN installed in the data center 1 and the client-side communication device CN installed in the client-side system 2 via the IP network NW. Connected. The operation signals of the mouse MS and the keyboard KB are transmitted by the client side communication device CN to the opposite server side communication device SN and input to the server side computer SC. The monitor signal output from the server computer SC is transmitted to the client communication device CN by the server communication device SN and output to the monitor MN. This behaves as if the server-side computer SC and the monitor MN, mouse MS, and keyboard KB installed in the client-side system 2 are connected by an infinite length extension cable via the IP network NW. .

  Therefore, according to the above embodiment, since there is no OS in the client side system 2, there is no need to update the OS, and the system administrator only performs maintenance on the server side computer SC in a batch at the data center 1. Can be done. Thereby, it is possible to realize a network communication system capable of improving maintenance work efficiency and reliability. In the prior art, since the communication processing on the client side depends on the OS, the OS operating on the server side computer SC is inevitably limited. However, in the present invention, the server side computer is operated with the desired OS. The SC can be operated. As a result, the user can easily construct an environment suitable for himself / herself, and the OS maker and application maker can also perform new business such as on-demand billing supply of OS and applications.

  Further, the operation signal and the monitor signal transmitted / received between the server side communication device SN and the client side communication device CN are TCP / IP packetized and encrypted by IPSec, and are transmitted by VPN via the existing IP network. Communication takes place. With this configuration, it is possible to ensure the security of the communication path between the remote data center 1 and the client side system 2.

  The present invention is not limited to the above embodiment. In the above embodiment, mouse signals and keyboard signals are used as operation signals, and monitor signals are used as multimedia signals. However, in the present invention, transmission / reception is performed between the server side communication device SN and the client side communication device CN. The signals are not limited to these signals. For example, an audio signal can be applied as a multimedia signal. In this case, the server-side communication device SN has a voice input terminal, and by connecting the terminal to a voice output terminal of the server-side computer SC, the server-side communication device SN takes in a voice signal output from the server-side computer SC, and the client-side communication device It is possible to transmit to the CN. On the other hand, the client-side communication device CN includes an audio output terminal, and by connecting a speaker device to the audio output terminal, the client-side communication device CN takes in an audio signal transmitted from the server-side communication device SN and serves as a multimedia signal processing device. Enable output to speaker device.

  Further, a voice input terminal may be provided in the client side communication device CN, and a voice output terminal may be provided in the server side communication device SN. In this way, a microphone can be connected to the audio input terminal of the client side communication device CN, and the collected audio can be converted into digital data and input to the server side computer SC. Furthermore, by providing a video input terminal in the client side communication device CN and a video output terminal in the server side communication device SN, a video signal from a camera connected to the video input terminal of the client side communication device CN is transmitted to the server side computer SC. It is possible to do so. With this configuration, it is possible to easily construct a bidirectional communication system using video and audio, such as a video conference system.

In addition, the system configuration of the data center 1 and the client side system 2, the block configuration of the server side communication device SN and the client side communication device CN, and the operation procedure and contents thereof can be variously modified without departing from the gist of the present invention. Can be implemented.
In short, the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. Further, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, you may combine suitably the component covering different embodiment.

1 is a block diagram showing the overall configuration of a network communication system according to an embodiment of the present invention. The block diagram which shows the structure of the server side communication apparatus of the said embodiment. The block diagram which shows the structure of the client side communication apparatus of the said embodiment. The external view which shows the product shape of the server side communication apparatus of the said embodiment. The side view which shows the other example of the product shape of the server side communication apparatus of the said embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... Data center, 2 ... Client side, NW ... IP network, SC1-SCn ... Server side computer, SN1-SNn ... Server side communication apparatus, 11 ... LAN, 12 ... Gateway, 13 ... Router, 14 ... Application software storage server CN1 to CNn: Client side communication device, MN1 to MNn ... Monitor, KB1 to KBn ... Keyboard, MS1 to MSn ... Mouse, 21 ... LAN, 22 ... Gateway, 23 ... Router, 201 ... Monitor input terminal, 202 ... Mouse output Terminals 203 ... Keyboard output terminals 204 ... A / D converter 205 ... Monitor signal processing unit 206 ... Mouse signal processing unit 207 ... Keyboard signal processing unit 208 ... Communication processing unit 209 ... LAN connector 301 ... Monitor output terminal 302... Mouse input terminal 303. -Board input terminal 304 ... D / A converter 305 ... Monitor signal processing unit 306 ... Mouse signal processing unit 307 ... Keyboard signal processing unit 308 ... Communication processing unit 309 ... LAN connector 51 ... Board 52 ... connector.

Claims (5)

A network communication system for connecting a client-side controller and a multimedia signal processing device to a server-side computer via a communication network based on TCP / IP (Transmission Control Protocol / Internet Protocol),
A server-side communication device interposed between the server-side computer and the communication network;
A client-side communication device interposed between the client-side controller and multimedia signal processing device and the communication network;
The server-side communication device converts a multimedia signal output from the multimedia output terminal of the server-side computer into a TCP / IP packet and transmits the TCP / IP packet to the client-side communication device via the communication network. Receiving the TCP / IP packet representing the operation signal transmitted from the client side communication device via the communication network, converting it to the original signal format, and outputting it to the operation signal input terminal of the server side computer Means and
The client side communication device receives an operation signal output from the operation device, converts it into a TCP / IP packet, and transmits the TCP / IP packet to the server side communication device via the communication network; and the server side Receiving means for receiving a TCP / IP packet representing the multimedia signal transmitted from a communication device via the communication network, converting the packet into an original signal format, and outputting the original signal format to the multimedia signal processing device. A characteristic network communication system. The transmission means of each of the server side communication apparatus and the client side communication apparatus further comprises an encryption means for encrypting the TCP / IP packet,
The receiving means of each of the server side communication apparatus and the client side communication apparatus further comprises a decoding means for decoding the original TCP / IP packet from the packet encrypted by the encryption means. Network communication system.   When the communication network is configured by a VPN (Virtual Private Network), the encryption means of each of the server side communication device and the client side communication device uses the TCP / IP packet as a VPN communication packet defined in the VPN. 3. The network communication system according to claim 2, wherein the decryption means of each of the server side communication device and the client side communication device converts the VPN communication packet into an original TCP / IP packet.   2. The network communication system according to claim 1, further comprising user authentication means for authenticating the user on the client side, and connected to the server side computer only when authentication is confirmed by the user authentication means. . A network communication system for connecting a client-side controller and a multimedia signal processing device to a server-side computer to which an OS / application server is connected via a TCP / IP communication network,
A server-side communication device interposed between the server-side computer and the communication network;
A client-side communication device interposed between the client-side controller and multimedia signal processing device and the communication network;
The server-side communication device converts a multimedia signal output from the multimedia output terminal of the server-side computer into a TCP / IP packet and transmits the TCP / IP packet to the client-side communication device via the communication network. Receiving the TCP / IP packet representing the operation signal transmitted from the client side communication device via the communication network, converting it to the original signal format, and outputting it to the operation signal input terminal of the server side computer Means and
The client side communication device receives an operation signal output from the operation device, converts it into a TCP / IP packet, and transmits the TCP / IP packet to the server side communication device via the communication network; and the server side Receiving means for receiving a TCP / IP packet representing the multimedia signal transmitted from a communication device via the communication network, converting it to an original signal format, and outputting the original signal format to the multimedia signal processing device;
In response to an OS / application software selection request transmitted from the client side communication device, the server side computer accesses the application server to set and update the OS / application software of the server side computer. A network communication system.

Images