JP2008004110A - Device management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a device management system having a function for securely sharing a device without impairing a user's convenience, in a system of server client method. <P>SOLUTION: For connecting a device to a client so as to access from a server to the connected device, and for making the device connected to the client usable from a server side only by connecting the device without another operation, a client side is provided with a filter means which exclusively controls data transmission/reception between the device connected to the client and an application of the client, and data transmission/reception between the device and the server, and the server side is provided with a pseudo bus driver means which virtually functions as a device driver between a means for communication with the client and the application. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

The present invention relates to a technique for managing access to a device connected to a server via a network. In particular, the present invention relates to a technology that enables remote operation safely and easily in a system that can virtually use the device, as in the case where the device is directly connected to a server.

Remote servers such as personal computers (PCs) and workstations
A method of performing control using an information terminal such as C, a personal digital assistant (PDA), or a mobile phone has become common. Such a method is called a server client method. In the server client method, a large-scale server is shared between information terminals at hand, which are terminals on the client side, using a method such as time division. It is used when the processing capability of the terminal on the client side is low or when a certain level of security cannot be secured on the client side terminal. In the server client method, communication is performed between the server and the client via the Internet or an intranet. One of the reasons for the widespread use of these services is the provision of broadband low-cost services.

In the server client method, in order to control a remote server from the information terminal (client terminal) at hand, the server is installed with a program for controlling the server, and the server is controlled by the client terminal. Install a program to display the results. In addition, if there is a risk of eavesdropping or tampering with the communication path between the server and the client terminal, a virtual private network (
A program for constructing VPN) is used. In order to confirm whether the authority to control the server is given to the client terminal or the user who uses the client terminal, specific authentication information is stored in the client terminal or authentication information is stored in the client terminal. It is also common to connect a device that has been connected or to input biometric authentication information of a user into a client terminal and to check the client terminal or server.

Users who use the server and client terminal for business use display the results of remote operation of the server on the client terminal in offices, homes, cars, and other places outside the office, and execute the business using the programs on the server To do. Even if it is not for business, for example, a server installed in a home or data center and a client terminal are connected, a screen displayed on the server is displayed on the client terminal, and a program on the server is used to Processing (for example, reading and writing of e-mail, starting a browser program and browsing WEB information, etc.) is performed. Prior to the series of operations, communication between the server and the client terminal can be performed as necessary, for example, IPs.
It is protected by an encryption communication method such as ec VPN or SSL-VPN.

In this way, the server usage mode by the client terminal by the server client method can reduce the overall equipment cost and crisis management cost, and the probability of information loss compared to the case where the server client system is not used. It has the feature of providing the convenience of enabling necessary information processing regardless of the type of information terminal at hand anytime and anywhere. An example of a server usage mode using such an information terminal is described in Patent Document 1, for example.

In the server client method, the server is mostly installed at a location physically separated from the client terminal. In this case, the user uses a peripheral device (hereinafter referred to as a device in the present specification) connected to the information device such as a CD-ROM drive directly connected to the server from the client via the server. It is possible to do. However, operations such as taking out the CD-ROM are not easy, and the user feels inconvenient in this respect.

As a solution to this problem, for example, a CD-R on a network such as an intranet.
Some devices use so-called shared devices that can be accessed from any information device on the network, such as an OM drive, and virtually use a CD-ROM drive on the server. For example, Patent Literature 2 and Patent Literature 3 disclose a usage mode in which a device connected to the first device on the network is used from a second device different from the first device on the network. Yes.

JP 2005-235159 A US Pat. No. 6,904,489B2 US20050240712 US published patent gazette

However, Patent Document 2 does not disclose that a device is used from a device on the network to which the device is connected (the first device described above). Therefore, according to the method disclosed in this document, it is impossible to realize a configuration in which a device can be used from the server and the client in the configuration of the server client system, that is, any of the first, second, and other devices.

Further, in the method described in Patent Document 3, in the configuration of the server client system, it is not possible to easily use the device from both the server and the client, that is, both the first and second devices. .

In a thin client system such as a screen transfer type, since an actual processing apparatus is a server, it is desirable that a device is connected to a client at hand of a user and the connected device can be easily used from the server. In other words, it is necessary to switch between the device connection and disconnection processing performed by the client and the device usage processing performed independently by the client and the device usage processing performed by the server. Must be controlled exclusively so that the sending and receiving of data and the sending and receiving of requests and responses between the server and the device are performed correctly, and these switching processes must be performed so as not to impair the convenience of the user. There is.

The present invention has been made in view of the above circumstances. When a device is shared in the server client system, the convenience of the user is not impaired and the security in the system is improved.

The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

In order to connect the device to the client, and to access the connected device from the server, only the device is connected, and the device connected to the client from the server side can be used without any other operation. Filter means is provided on the client side for exclusive control of data transmission / reception between the device connected to the client and the client application and data transmission / reception between the device and the server. A pseudo bus driver means that virtually functions as a device driver is provided between the communication means with the client and the application.

Specifically, a server that executes an application program, a client that gives an instruction to execute the application program to the server, receives an execution result from the server, and an authentication server that authenticates the client are connected via a network. In the system, a device management system for controlling a device connected to the client from the server, wherein the client transmits / receives data to / from a device driver of the device connected to the client and Device management means for transmitting and receiving the data between the devices, the authentication server comprises device information holding and usage rights management means for managing the usage rights of each device in the device management system, and the server Work with Virtual device management means for controlling transmission / reception of data performed between the application and the device management means via the network according to the usage right held in the device information holding / righting management means, The management means includes a filter means for performing exclusive control between data transmission / reception between the device driver and the client application and data transmission / reception between the device driver and the server. To do.

ADVANTAGE OF THE INVENTION According to this invention, when sharing a device in a server client system, the security in a system can be improved, without impairing a user's convenience.

Embodiments of the present invention will be described below in detail with reference to the accompanying drawings. In addition, what attached | subjected the same reference number in drawing shows the component which has the same function, The detailed description is abbreviate | omitted for convenience of explanation.

<< First Embodiment >>
A first embodiment of a device management system according to the present invention will be described below with reference to the drawings.

FIG. 1 is a detailed block diagram of the device management system of this embodiment. The device management system of this embodiment includes an information center 102 including an authentication management server 101, a network 103, and a blade server 106, and a P connected to the network 103 of the information center.
C and other client devices.

The information center 102 is an area where the entrance / exit is normally restricted by the center that manages the information equipment, and the equipment to be installed is managed and monitored. The installation location of the information center 102 is not limited.
For example, the user may be installed in a place where a terminal such as a client device is used, or may be installed in a remote place. When a user uses a terminal in an office or the like, the information center 102 may be installed in a building of a business organization that manages the user. When a user is a general consumer and uses a server of a service providing company from home, a hotel, or a street, the information center 102 is installed in a building managed by an Internet service provider, a server rental company, an application service provider, or the like. Also good. In addition, it may be an area where servers are concentrated in a corner of a user's home or office.

The authentication management server 101 is a server that performs authentication and management of devices and users, and is managed by an administrator of the information center 102. Various types of data that the authentication management server 101 holds to realize these will be described later. The authentication management server 101 has a communication interface, C
Each function is realized by an information processing apparatus including a PU and a memory, and the CPU executes a program stored in the memory. The program that realizes each function is
You may acquire from another apparatus via a communication medium including a storage medium or a carrier wave, a digital signal, and a communication line.

The blade server 106 is a device having a plurality of servers or PCs therein, and includes a power source (not shown), an interface function for connecting the internal device and the network 103, a management device, and the like. In the present embodiment, a case where the PC-A 110, the PC-B 111, and the PC-C 112 are provided inside will be described as an example. Of course, the configuration of the blade server 106 is not limited to this, and other PCs and servers can be attached and detached.

The network 103 includes an authentication management server 101, PC-A 110, PC-B 111, P
C-C112 and the like are connected to each other. In the present embodiment, a network that performs communication using the TCP / IP protocol will be described below. Of course, communication according to other protocols may be performed.

The PC-A 110, PC-B 111, and PC-C 112 of this embodiment are configured inside the blade server 106, but the network 103 is not installed inside the blade server 106 or further inside the information center 102. It only has to exist above. PC-A
110, PC-B111, and PC-C112 are described as PCs, but may be servers, workstations, embedded devices, or information devices that execute OS and applications stored in storage media on memory and CPU. If it does not specifically limit.

FIG. 13 is a hardware configuration diagram of the PC-A 110. The PC-A 110 includes a storage 160 such as a hard disk drive and a flash memory, a CPU 110a, and a memory 1
10b and a communication interface 110c which is an interface for communication. P
In the C-A 110, each processing unit is realized by the CPU 110a executing a program read into the memory 110b. Each program is a storage medium,
Alternatively, it can be acquired from another device via a communication medium. Note that the communication medium includes a carrier wave, a digital signal, and a communication line.

The PC-A 110 performs calculations in accordance with user instructions. The calculation result is displayed on a display (not shown) connected to the PC-A 110 or the blade server 106. A virtual device manager 120 described later is installed in the storage 160 by the administrator. When the PC-A 110 is activated, the OS is read from the storage 160 into the memory 110b and executed by the CPU 110a, and then the virtual device manager 120 is read into the memory 110b and executed by the CPU 110a. Will be available.

The virtual device here is a mechanism that makes it possible to use a device connected to the PC-A 110 via the network 103 or the like as if it were a device directly connected to the PC-A 110. With this mechanism, a device connected to a remote place can be used in the same manner as a device physically connected to the PC-A 110.

The virtual device manager 120 is software that performs control for transmitting and receiving data to and from the device A 151 connected to the PC-A 110 via the network 103. A function for enabling the device A 151 to be virtually used in the same manner as when directly connected to the server is realized. Details will be described later together with the operation of the device management manager 123 described later.

The storage 160 stores data transmitted and received by the virtual device manager 120 and events generated in the virtual device manager 120 as a log 170. Details of the log 170 will be described later.

The PC-B 111 and the PC-C 112 also have the same configuration as the PC-A 110, have storages 161 and 162 therein, and virtual device managers 121 and 122, respectively.
Is installed and works after startup. Hereinafter, especially PC-A110, PC-B111,
When it is not necessary to distinguish the PC-C 112, the PC-A 110 will be described as a representative.

The storages 160 to 162 may not exist in the blade server 106 but may exist on the network 103.

Next, devices connected to the network 103 as client devices will be described.

In the present embodiment, PC-D 113, PC-E 114, and P are used as client devices.
A case where the C-F 115, the hub 116, and the PC-Z 117 connected through the firewall 105 and the Internet 104 are provided will be described as an example. PC-D1
An example will be described in which device A 151 is connected to device 13, device B 152 is connected to PC-F 115, device C 153 and device D 154 are connected to hub 116, and device Z 155 is connected to PC-Z 117. The connection configuration of each client apparatus and device is not limited to this.

The PC-D 113 is an information processing apparatus that performs calculations in accordance with user instructions, uses devices as necessary, and presents calculation results to the user. The hardware configuration and the method for realizing each processing unit are basically the same as those of the PC-A110. PC-D 113 is network 1
03 is connected via a network interface (not shown). The PC-D 113 includes a storage 163 such as a hard disk drive or a flash memory, a memory and a CPU (not shown), and performs calculations according to user instructions. The calculation result is PC-D1.
13 is displayed on a display (not shown) connected to 13. An instruction from the user is transmitted to the PC-D 113 via a user interface such as a keyboard and a mouse (not shown).

In the PC-D 113, a device management manager 123 described later is installed in the storage 163. When the PC-D 113 is activated, the storage 163
After the OS is read into the memory and becomes available by being executed by the CPU,
When the device management manager 123 is read into the memory and executed by the CPU, the connected device A 151 can be used as a virtual device in the PC-A 110. The storage 163 accumulates data transmitted and received by the device management manager 123 as a log 173. Details of the log 173 will be described later.

The device management manager 123 is software for the PC-D 113 to use the device A 151 as a virtual device of the PC-A 110 of the blade server 106. Details will be described later together with the operation of the virtual device manager 120.

The PC-E 114, PC-F 115, and PC-Z 117 basically have the same configuration as the PC-D 113, and have storages 164, 165, and 167, respectively. In addition, device management managers 124, 125, and 127 are realized. Each storage has a log 17
4, 175 and 177 are respectively stored.

Further, the hub 116 is obtained by cutting off a part of general PC functions such as a display screen from the PC-D 113. That is, it is connected to the network 103 via a network interface (not shown), and includes a storage 166 such as a hard disk drive or a flash memory, a memory and a CPU (not shown), and performs calculations. The hardware configuration and the method for realizing each processing unit are basically the same as those of the PC-A 110. Device management manager 1
26, and the storage 166 holds a log 176. After that, especially PC
When there is no need to distinguish between -D113, PC-E114, PC-F115, PC-Z117, and hub 116, PC-D113 will be described as a representative.

The device A 151 is a peripheral device connected to the information device, such as a CD-ROM or a printer. The device A 151 is connected to the PC-D 113 via a device connection interface. Interfaces for device connection include, for example, universal serial bus (USB), wireless USB, near field communication interface, infrared communication interface, serial port interface, parallel port interface, IE
Interfaces for connecting devices such as an EE 1394 interface, a PS / 2 interface (registered trademark), and an audio interface to a PC are conceivable. In the present embodiment, the case where the interface is USB will be described as an example, but the interface is not limited thereto.

The device A 151 is used as a virtual device in this system by the device management manager 123 installed in the connected PC-D 113. Hereinafter, the device management manager 123 is referred to as a device management manager that manages the device A 151.

In addition, the devices B152, C153, and D154 connected to each PC and the hub are peripheral devices similar to the device A151, and in this embodiment, are connected to the PC or the hub via the USB interface as an example. Hereinafter, the device A151 will be described as a representative when it is not necessary to distinguish the device A151, the device B152, the device C153, and the device D154.

Next, detailed configurations of the virtual device manager 120 of the PC-A 110 and the device management manager 123 of the PC-D 113 will be described.

FIG. 8 is a diagram for explaining the relationship between the device management manager 123 and the virtual device manager 120 and device drivers and applications. Here, PC-A
110 and the PC-D 113 will be described focusing on a software stack necessary for using the device A151.

The PC-D 113 includes a device management manager 123, a physical bus driver 1515,
Device class driver 1513, higher-level driver 1512, and application 151
1. The device management manager 123 includes a filter driver 1514,
A communication program 1510 and a GUI application 1509 are provided. For each driver, the side closer to the application 1511 is called the upper level, and the side closer to the device A 151 connected to the PC-D 113 is called the lower level. In the PC-D 113, the physical bus driver 1515, the filter driver 1514, the device class driver 1513, and the upper driver 1512 are stacked in this order from the lower order.

The PC-A 110 includes a virtual device manager 120 and a device class driver 150.
3, a higher-level driver 1502, and an application 1501. The virtual device manager 120 includes a pseudo bus driver 1504, a communication program 1508, and a GUI application 1507. The pseudo bus driver 1504 includes a startup physical device object 1505 and an enumerator function device object 1506 (hereinafter referred to as an enumerator 1506). In PC-A110, from the lower order,
The pseudo bus driver 1504, the device class driver 1503, and the upper driver 1502 are stacked in this order.

The physical bus driver 1515 is a program (device driver) that controls communication to the device A 151 connected on the physical bus connected to the PC-D 113. An interrupt from the device A 151 that monitors the state, connection, and disconnection of the device A 151 on the bus is sent to the OS.
The data transferred from the filter driver 1514 in the device management manager 123, which is a higher-level driver that notifies the higher-level device driver, of the device A15
1 and so on. Here, the physical bus is a universal serial bus (USB). A physical bus driver 1515 is prepared for each device A151 to be connected.

The device class driver 1513 is a program (device driver) provided corresponding to the type of the device A 151. A request transmitted from the application 1511 via the higher-level driver 1512 is converted into an instruction and data that can be understood by the device A 151 and transmitted via the device filter driver 1514 and the physical bus driver 1515. In addition, the response to the interrupt and command transmitted from the device A 151 is sent to the OS.
And sent to the host driver.

The upper driver 1512 is a program (device driver) that serves to collect one or more device class drivers 1513 provided corresponding to the type of the device A 151.
It is. A request sent from the application 1511 is sent to the device class driver 1513.
Are converted into instructions and data that can be understood by the device class driver 1513 and transmitted to the device class driver 1513. Also, responses to interrupts and instructions transmitted from the device class driver 1513 and other device class drivers are transmitted to the OS and the application 1511.

The filter driver 1514 is loaded on the memory of the PC-D 113 when the device A 151 is enabled as a device on the PC-D 113. Physical bus driver 151
5 and the device class driver 1513, and the device class driver 151
3 operates as a lower level driver.

The filter driver 1514 transmits a request transmitted from the communication program 1510 or the device class driver 1513 to the physical bus driver 1515 and returns a response transmitted from the physical bus driver 1515 to the communication program 1510 or the device class driver 1513. In addition, the communication program 1510 and the physical bus driver 151
The request and response between 5 and the request and response between the device class driver 1513 and the physical bus driver 1515 are validated, and either is invalidated. Which request and response is valid depends on the GUI application 150.
7 and the GUI application 1509, or at the timing of plug-in, plug-out, and ejection of the device A 151, or the timing of starting and ending the communication program 1510. Here, the plug-in changes the device A151 to P
Connecting to the physical bus of C-D113, plug-out, device A151 and PC-D
The disconnection with the 113 means that the eject means that the device A 151 is removed from the PC-D 113 and the operation is stopped in order to remove it.

When the filter driver 1514 invalidates a request from the device class driver 1513 to the physical bus driver 1515, the corresponding request is transmitted to the filter driver 1.
When it is input to 514, a response indicating invalidity is given to the device class driver 1513.
Or a response including a predetermined error such as “device is not valid” or “medium is not inserted into the device” as a device class driver 151
Reply to 3.

Similarly, when the filter driver 1514 invalidates a request from the communication program 1510 to the physical bus driver 1515, the corresponding request is the filter driver 1.
When it is input to 514, a response indicating invalidity is returned to the communication program 1510, or a predetermined error such as “device is not valid” or “medium is not inserted into the device” is included. The response is returned to the communication program 1510.

The filter driver 1514 is a device class driver 1 corresponding to the device A 151.
Corresponding to 513, it is loaded onto the memory of the PC-D 113. Connected device A
In the case where there are a plurality of 151, a device is prepared for each device A 151 or for each physical bus driver 1515 provided corresponding to the device A 151.

The communication program 1510 on the PC-D 113 side has a function of communicating with the communication program 1508 and the filter driver 1514. The communication program 1510 constantly monitors the status of the communication program 1508 and the filter driver 1514, and the filter driver 1514.
When an abnormality occurs in communication with the communication program 1508, an abnormality signal is transmitted to the communication program 1508. If communication with the filter driver 1514 does not recover at a predetermined time, the communication program 1508 further transmits an abnormal signal, causes the GUI application 1509 to display a status, and accepts a user instruction. For example, the device class driver 1 according to the user's instruction
A change is made so that a request from 513 is transmitted to the physical bus driver 1515, and communication between the communication program 1510 and the filter driver 1514 is interrupted. Further, the communication program 1510 transmits an abnormality signal to the filter driver 1514 when communication with the communication program 1508 becomes abnormal. If communication with the communication program 1508 does not return in a certain amount of time, an abnormal signal is further transmitted to the filter driver 1514, the state is displayed on the GUI application 1509, and a user instruction is received. For example, processing such as sending a request for deleting all enumerators 1506 and start-up physical device objects 1505 to the communication program 1508 or terminating the communication program 1510 itself is performed according to a user instruction. The communication program 1510 always communicates with the communication program 1508 and waits for notification of plug-out, plug-in, and eject from the device connected to the PC-D 113. When the communication program 1508 receives notification of plug-in, plug-out, and ejection of the device A 151, the communication program 1508 notifies the communication program 1508 so that the pseudo bus driver 1504 operates properly.

The pseudo bus driver 1504 is a physical bus driver 1515 on the PC-D 113 described later.
It is a program (device driver) that controls communication to the device. The device status on the bus and connection disconnection are monitored, an interrupt from the device is notified to the OS and the upper device driver, and data transferred from the upper device driver is transmitted to the device. The pseudo bus driver 1504 transfers the device A151 connected to the PC-D113 bus from the application 1501 operating on the PC-A110 to the PC-A110.
It is treated like a device connected to the other bus. The pseudo bus driver 1504 is PC-D
The device A 151 connected to 113 is recognized by the OS of the PC-A 110 as a device connected to a bus recognized by the OS as a pseudo bus of the PC-A 110. PC-A110
For the OS, the pseudo bus has the same function as the PC-D 113 bus described above. When loaded into the memory of the PC-A 110, the pseudo bus driver 1504 creates an enumerator function device object 1506 therein.

When the pseudo bus driver 1504 receives a notification indicating that the device A 151 is plugged in via the communication program 1510, the enumerator function device object 15
A startup physical device object 1505 corresponding to the device corresponding to 06 is generated, and the device A 151 can be used from the PC-A 110. When the pseudo bus driver 1504 receives a notification indicating that the device A 151 is plugged out via the communication program 1510, the pseudo bus driver 1504 notifies the enumerator function device object 1506 of the plugout. When the pseudo bus driver 1504 receives a notification indicating that the device A 151 is ejected, the pseudo bus driver 1504 notifies the enumerator function device object 1506 of the ejection.

In addition, the pseudo bus driver 1504 is configured so that the startup physical device object 1505 is a PC.
-When unloaded from the memory of A110 (hereinafter sometimes abbreviated as deletion), the state deleted through the communication program 1508 and the communication program 1510 is changed to PC-D11.
3 is notified. When the pseudo bus driver 1504 is instructed to delete the pseudo bus driver 1504 from the OS of the PC-A 110, all the physical device objects 1 for activation are
After deleting 505, the enumerator 1506 and the pseudo bus driver 1504 themselves are deleted. If an error occurs during each of the above processes, the pseudo bus driver 1504 transmits the content of the error to the communication program 1508. If an abnormality occurs in the communication contents when performing transmission to the communication program 1508, the pseudo bus driver 1504 performs initialization processing such as deleting all startup physical device objects 1505, and the communication program 1508.
Wait for the communication status to recover.

The enumerator function device object 1506 is a device object generated inside the pseudo bus driver 1504. Management of generation, deletion, and the like of a startup physical device object 1505 described later is performed. It also communicates with the communication program 1508. When receiving the parameter indicating the plug-in of the device A151 from the pseudo bus driver 1504 and the notification indicating the plug-in of the device A151 from the PC-D 113 via the communication program 1510 and the communication program 1508, the enumerator 1506 uses the received parameter. Then, a startup physical device object 1505 is created. Further, when the enumerator 1506 receives the plug-out or eject notification of the device A 151 from the pseudo bus driver 1504 from the PC-D 113 via the communication program 1510 and the communication program 1508, the enumerator 1506 corresponds to the device A 151 that has transmitted the plug-out or eject notification. Then, the startup physical device object 1505 generated is deleted.

The startup physical device object 1505 is a driver for operating the device A 151 virtually from the virtual device driver 120. It is generated every time the enumerator 1506 receives a notification that the device A 151 is plugged in via the communication program 1510 and the communication program 1508. That is, the startup physical device object 15
One 05 is generated for one device connected to the PC-D 113 and controlled from the pseudo bus on the PC-A 110. Therefore, the startup physical device object 1505 is
Consists of one or more objects. The startup physical device object 1505 is a PC-D.
113, a device ID transmitted by a plug-in operation of the device A 151 described later,
The serial number or the like is used to correspond to the device one-to-one, and the enumerator 1506
Managed.

A communication program 1508 on the PC-A 110 side realizes communication between the communication program 1510 and the pseudo bus driver 1504. Communication program 1508 is communication program 1
510 and the pseudo bus driver 1504 are always monitored, and the pseudo bus driver 1504 is monitored.
When an abnormality occurs in communication with the communication program 1510, an abnormality signal is transmitted to the communication program 1510. If communication with the pseudo bus driver 1504 does not return within a predetermined time, an abnormal signal is further transmitted to the communication program 1510. If an abnormality occurs, the communication program 150
8 displays a state on the GUI application 1507 and accepts a user instruction.
For example, in accordance with a user instruction, processing such as sending an instruction to erase all the physical device objects for activation 1505 and the pseudo bus driver 1504 to the OS, or terminating the communication program 1508 itself is performed. Communication program 1508 is communication program 1
When an abnormality occurs in communication with 510, an abnormality signal is transmitted to the pseudo bus driver 1504. If the communication with the communication program 1510 does not return within a predetermined time, an abnormal signal is further transmitted to the pseudo bus driver 1504 to display the status on the GUI application 1507 and accept the user's instruction. For example, in response to a user instruction, an instruction to delete all the physical device objects for activation 1505 and the pseudo bus driver 1504 is issued as PC-A.
It performs processing such as sending to the OS 110 and ending itself. Communication program 1508
Always communicates with the communication program 1510 and waits for notification of plug-out, plug-in, and eject from the device connected to the PC-D 113.

The device class driver 1503 and the upper driver 1502 have basically the same functions as those of the device management manager 123 having the same name, which will be described later.

Next, the policy table 1400, the device management table 200, and the user information database 300 held by the authentication management server 101 will be described. Authentication management server 10
1 controls access to each device together with the virtual device manager 120 and the device management manager 123.

In the policy table 1400, an access policy relating to a device managed by an administrator in this system is registered. For example, usage authority for each device, usage authority according to the client device to which the device is connected, and the like are registered. This table is set in advance by an administrator or the like. The policy table 1400 can be freely changed by the system administrator. In addition, by not setting the policy table 1400, it is possible to configure the system so that the rules on the device information table 200 cannot be automatically changed and can only be changed manually. The administrator configures the policy table 1400 according to the policy to be determined for the system managed by the administrator.

An example of the policy table 1400 is shown in FIG. As shown in this figure, the policy table 1400 includes a policy number 1401, a device name 1402, a connected application address 1403, and a connected application network interface ID for each policy.
1404, vendor ID 1405, product ID 1406, serial number 1407, device type 1408, exclusive control 1409, availability 1410, availability ID 1411 are recorded. Of course, other items may be recorded.

The policy number 1401 is an identification number that is automatically assigned to each policy when the administrator registers the policy in the policy table 1401. When the number of devices and devices that can be used on the system increases or decreases, a record of the device information table 200 described later is generated according to the policy registered in the policy table 1400. When devices or devices that apply to a plurality of policies increase or decrease on the system, the policies are applied in a predetermined priority order.

Device name 1402, connected application address 1403, connected application network interface ID 1404, vendor ID 1405, product ID 1406
, Serial number 1407, device type 1408, device information table 20 described later.
It is the same as the contents described in “0”, and shows information on the device or device. The administrator sets a device name, a connection application address, a connection application network interface ID, a vendor ID, a product ID, a serial number, and a device type condition for each policy. These details will be described in the description of the device information table 200.

The exclusive control 1409 is a value that defines whether or not use by another user is prohibited when the user uses the device. It is possible to set “required”, “possible”, “unnecessary”, and “unquestioned (*)”. “Unquestioned (*)” is basically handled in the same way as unnecessary, but may be configured to be automatically set for each device type and class. Here, the class is a device type that operates with the same device driver (class driver) such as a keyboard and a storage.

The availability 1410 indicates the behavior of the authentication management server 101 when permitting use of a device, and “possible”, “prohibited”, and “warning” can be set. The policy in which “available” is set is a policy that automatically makes the corresponding device or device available to the user described in the available ID 1411 described later. The policy in which “prohibited” is set is a policy in which a corresponding device or device is automatically unavailable to a user described in an available ID 1411 described later. The policy in which “warning” is set is a policy in which a corresponding device or device can be automatically used after a warning is displayed to a user described in an available ID 1411 described later. The warning display can be set for each policy.

Note that the mark * in the figure means unquestioned (no definition), and the management authentication server 101 matches the description content with actual information.

For example, in FIG. 2, the policy whose policy number 1401 is 1 is a device name 1402, connected application address 1403, connected application network interface ID 1404, serial number 1407, and device type 1408 are unquestioned policies. That is, the vendor ID 1405 is “1001” and the product ID 1406 is “1001”.
", The exclusive control 1409 is" unnecessary "regardless of the device name, connected application address, connected application network interface ID, serial number, and device type.
In the device information table 200, “Possible” and the usable ID 1411 are 20000001, 20000010, and the like.

In addition, the policy with the policy number 1401 of 2 is automatically set to 20000011 with the exclusive control “required” automatically for the device whose vendor ID is “1105” and the device type starts with “B Ltd.”. Policy.

The policy whose policy number 1401 is 3 is the address 1 of the connected application.
The exclusive control 1409 is automatically applied to a device connected to a client device having 403 is 192.168.1.1 and the network interface ID 1404 of the connected application is “00: 00: 00: 00: 00: 01”. “Unquestioned” and the availability 1410 are policies that are set to be usable for all users by displaying “warning”.

Further, the policy with the policy number 1401 of n is a setting policy that prohibits use of all devices. That is, when there is a request for registration of a device that is not registered in the policy table 1400, the authentication management server 101 refers to the field of the policy number 1401 being n, and the exclusive control 1409 is “unnecessary” in the device information table 200. The availability 1410 is set to “prohibited”.

Next, the device information table 200 will be described. The device information table 200 is
It manages information necessary for managing the access of each device connected to this system. Each record to be registered includes various kinds of information for identifying a device transmitted from the device management manager 123 together with a request (hereinafter referred to as a device connection request) for sharing the device managed by the device management manager 123 within the system. Information (hereinafter referred to as device information).
) Plus a policy registered in the policy table 1400. The virtual device manager 120 uses the device information table 200 to control the availability of each device.

From the device management manager 123, when a device is connected or removed, information for specifying a transmission source client device on the network 103 as device information (in this embodiment, an IP address and a MAC address). And information for identifying the device (in this embodiment, a vendor ID, a product ID, and a serial number) and at least information indicating whether the device is connected or disconnected are transmitted. The authentication management server 101 generates a record according to the policy table 1400 and registers it in the device information table 200.

When the client device itself is disconnected from the network 103, information for specifying the client device and information indicating that the client device is disconnected are transmitted to the authentication management server 101.

The authentication management server 101 manages, for example, when the number of devices increases / decreases, when a client device is disconnected, when the number of users using the system increases / decreases, and when the network configuration is changed. The device information table 200 is updated when the system configuration is changed, when the record of the policy table 1400 is changed, or when an instruction to update the device information table 200 is received from the administrator. Also,
As will be described later, the status is updated every predetermined period.

FIG. 3 is a diagram illustrating an example of the device information table 200. As shown in the figure, the device information table 200 includes a device ID 201, a device name 202, a connected application address 203, and a connected application network interface ID 204.
, Vendor ID 205, product ID 206, serial number 207, device type 208, exclusive control 209, status 210, usable ID 211, and usage user ID 212.

The device ID 201 is for uniquely identifying each device to be managed, and is automatically created every time there is a new registration request. The ID is a temporary ID that may be changed every time the authentication management server 101 or the device management manager 123 is activated or terminated, or a device is inserted or removed.

The device name 202 is a name for making it easy to call a device, and is set in advance by an administrator or a user. When the administrator sets, the device name is registered in the policy table 1400, and the policy table 1 is generated when the device information table 200 record is generated.
400 is extracted and registered. On the other hand, when the user sets, it is notified to the authentication management server 101 in the device information.

The connected application address 203 records the IP address of the client apparatus (PC-D 113 in the example of the device A 151) to which the device is connected. These are notified as device information. This address may be changed as appropriate even when the client apparatus is in use when the client apparatus moves between subnets.

In the network interface ID 204, a number indicating the ID of the network interface of the client apparatus (PC-D 113 in the example of the device A 151) to which the device is connected is recorded. When the network uses the TCP / IP protocol as in this embodiment, a MAC address is used as the network interface ID. Unlike the connection application address, the network interface ID 204 is unique to the device, and is not changed unless the device is changed.

The vendor ID 205, the product ID 206, and the serial number 207 are device identification numbers assigned in advance to the device itself. In the example of the device A151, the PC-
D113) is acquired as device information when the device is connected. These pieces of information are transmitted from the client device to the authentication management server 101 as device information. Each device is identified by a set of vendor ID, product ID, and serial number. The vendor ID and product ID are IDs uniquely assigned to each vendor and product. The serial number is
A number assigned to each product individually.

The device type 208 is a name given by a vendor or an administrator for the understanding of the user. When a vendor is attached, it is extracted from device information such as a descriptor, and is notified in the device information. On the other hand, when the administrator attaches it, it is registered in the policy database 1400 in advance.

The exclusive control 209 is definition information indicating whether or not use by other users is prohibited when the user uses the device. When the exclusive control 209 is “essential”, exclusive control is performed regarding the use of the device, and the device is protected from access by other users from the start of use of the device until the user ends use. When the exclusive control 209 is “possible”, the device is protected from use by other users only during a period in which information is transmitted to and received from the device. When the exclusive control 209 is “unnecessary”, the exclusive control is not performed. This information is extracted from the policy table 1400 and registered.

The status 210 is information indicating the usage status of the device. This information is acquired by the authentication management server 101 polling each connected client device every predetermined time. When the status 210 is “occupied”, this indicates a state in which the user is using the device while performing exclusive processing. When the status 210 is “in use”, the user is using the device without performing the exclusion process. When the status 210 is “communication”, the user uses the exclusive control only during communication, and indicates a situation in which the occupation state is quickly canceled as soon as communication is completed. When the status 210 is “unknown”, for example, the device management manager 123 cannot communicate with the authentication management server 101 without notification. When the status 210 becomes “unknown”, the authentication management server 101 is connected to the PC-D 113 in which the corresponding device management manager 123 is stopped and the device management manager 123 is installed after a predetermined time. Control device A 151 to stop. When the status 210 is “disconnected”, the virtual device manager 120 can communicate with the device management manager 123 but cannot communicate with the device management manager 123 and the device A 151. Further, when the status 210 is “unused”, it indicates that no client device is used.

The available ID 211 indicates the I / O of the user or group permitted to connect to the device.
D is recorded. This information is extracted from the policy table 1400. If a plurality of users or groups are permitted to connect to the device, the IDs of all permitted users or groups are registered. The usable ID 211 may be undefined, that is, no ID is registered. If undefined, any user or group is allowed to connect.

The user ID 212 records the ID of the user who is currently using the device. This information is acquired by the authentication management server 101 polling each connected device every predetermined time.

Next, the user information database 300 held by the authentication management server 101 will be described. This database 300 is a user authority that can be permitted by a user who requests a connection when a user requests a connection from a device outside the information center 102 connected to the network 103 to a device in the information center 102. Is used to determine (authenticate) whether or not This database is registered in advance by an administrator.

FIG. 4 is an example of a user information database 300 held by the authentication management server 101. As shown in the figure, the user information database 300 includes a user ID 301, a user name 302, an affiliation group 303, a certificate 304, a validity period 305, a certificate authenticable 306, a cryptographic hash method 307, a password 308, Each item of password authentication propriety 309 is registered for each user.

A user ID 301 is an ID for identifying a user, and is assigned in advance for each user. If the user's usage rights are not changed, there is no normal change. The user name 302 is a character string indicating the name of the user. The user name 302 is used when displaying usage information. The belonging group 303 is information indicating a group to which the user belongs. In the present embodiment, various usage rights are configured to be assigned in groups. Group 303
Indicates a group corresponding to the authority given to each user. One user may belong to a plurality of groups, that is, a plurality of groups may be registered in the belonging group 303. Moreover, the belonging group may be undefined. In the case of undefined, the user is not given any use authority.

The certificate 304 is information for specifying a public key certificate used for user authentication. Certificate 3
The public key certificate recorded as 04 needs to be one whose validity can be verified by the authentication management server. For example, the certificate management server 101 may have a certificate authority, and the certificate authority may issue the certificate authority.

The valid period 305 is a period in which the user has the right to use the PC or device in the blade server 106. If the validity period 305 is undefined, the user has no right to use the PC. In addition to setting the period using year, month, day, etc., the effective period can be set every Monday, from 8:45 to 17:15 every day. The validity period 305 can be set independently of the validity period of the public key certificate indicated in the certificate 304.

The certificate authentication permission 306 is information indicating whether or not certificate authentication is permitted. The cryptographic hash method 307 is a description of a cryptographic hash method in the case of authenticating using an accepted public key infrastructure. When the cryptographic hash method 307 is undefined, there is no restriction on the cryptographic hash method from the authentication management server. Even in this case, authentication cannot be performed by a method that is not implemented in a client (PC or the like used by a user). Password 308 is
This is the password when authentication is performed using a password. As the password 308, hashed information, encrypted information, and the like are recorded. Password authentication permission / inhibition 309 is:
This information indicates whether authentication is possible or impossible using a password.

The blade server 106 confirms authentication information with the authentication management server 101 to obtain authentication.
This is a case where the user acquires the authority to use the PC in the blade server 106 through authentication using a password or public key infrastructure based on the user information database 300.

In this embodiment, authentication is performed by 1) whether or not the accessing user is an authorized person to access the blade server 106, and 2) a PC in the blade server 106.
-After the allocation of A110, the process is performed in two stages: whether or not the user has authority to use resources (programs and virtual devices) of the PC-A110. In any case, the user sends an authentication request including at least user authentication information to the blade server 106 or PC-A.
The blade server 106 or the PC-A 110 that has transmitted the request to the server 110 and received the authentication request,
The authentication management server 101 is accessed, and the authentication is performed by collating with the record registered in the user information database 300. Here, the user authentication information means a user ID and password, or a signature corresponding to public key information registered for each user.

Next, the PC usage management table 400 used for managing the usage status of each PC in the information center 102 will be described. FIG. 5 is an example of the PC usage management table 400 held by the blade server 106.

In the PC usage management table 400, for each PC in the information center 102, a PC name 401,
Network name 402, IP address 403, MAC address 404, source terminal 405
, Use source network name 406, use source IP address 407, use source MAC address 40
8, user ID 409, status 410, connection start time 411, connection end time 412,
The operation confirmation time 413 is registered.

The PC name 401 is a PC name that identifies a PC in the information center 102. This is registered in advance by the administrator so that there is no duplication. The network name 402 is a name used when identifying a PC on the network. This is registered in advance by the administrator so that there is no duplication. For each PC, the network name 402 and the PC name 401 may be given the same name or different names.

The IP address 403 is an IP address assigned to each PC. The MAC address 404 is an address uniquely determined for the network interface on each PC.

The use source terminal 405 is the name of the client device that is remotely operating the PC in the information center 102 at this time. This name is also registered in advance by the administrator so that there is no duplication.
The administrator can freely set and change the name. When the PC in the information center 102 is not used by the client device, the use source terminal 405 is undefined. The use source network name 406 is a name used when identifying the use source on the network 103. The administrator registers in advance so that there is no duplication. The use source terminal 405 and the use source network name may be the same name.

The use source IP address 407 is an IP address of the client device. Source MAC
The address 408 is an address uniquely determined for the network interface of the client device.

A user ID 409 is a user ID of a user who uses the client device. When the client device is not used, the user ID 409 is undefined.

The status 410 is information indicating whether the PC is in operation. There are three types of information recorded in the status 410: “Active”, “Checking”, and “Standby”. A PC whose status 410 is “in operation” indicates that a user having an ID registered in the user ID 409 is being used through a client device specified by the user terminal 405. When the status 410 is “confirming”, it indicates that the authentication management server 101 is confirming whether or not the client device is using the PC, or that the confirmation is not completed. A PC whose status 408 is “standby” indicates that the client apparatus is waiting for use of the PC, that is, the client apparatus is not using the PC.

The connection start time 411 indicates the time at which the user specified by the user ID 409 starts operating the PC via the client device specified by the use source terminal 405. Connection end time 41
2 indicates the time when the user specified by the user ID 409 has finished the operation of the PC through the client device specified by the user terminal 405. The operation confirmation time 413 indicates the final time of communication performed when the virtual device manager 120 generates or disappears a channel from the authentication management server 101.

The blade server 106 updates this database every time there is a change in the usage status of each PC that constitutes the blade server 106.

Next, a process of setting a device in a sharable state and sharing the device after setting in the device management system of the present embodiment (hereinafter referred to as device sharing process) will be described. Here, the user remotely operates the PC-A 110 among the devices constituting the blade server 106 in the information center 102 using the PC-D 113 which is a client device, and P
A case where the device A 151 connected to the CD 113 can be shared will be described as an example. Of course, the procedure of the device sharing process is the same for other user terminals, devices constituting other blade servers 106, and other devices.

Here, the device sharing process is a process for exclusively using the device A 151 in the following two states.

In the first state, the device A 151 is available from the PC-D 113 but the PC-A 11
The second state is a state in which the device A 151 can be used from the PC-A 110 via the network, but cannot be used from the PC-D 110.

In the first state, an application operating on the PC-A 110 cannot recognize the device, but a request from the application operating on the PC-D 113 to the device A 151 is normally transmitted to the device A 151 and a response is received from the device A 151. Is replied.

In the second state, an application operating on the PC-A 110 causes the device A 151 to
Is normally transmitted to the device A151, and a response is returned from the device A151. However, from the application running on the PC-D 113, the device A
The request to 151 is not transmitted to the device, and a response including an error is returned from the device management manager 123.

Whether the system operates in the first state or the second state is switched according to a user instruction. The device management manager 123 and the virtual device manager 120
When the communication is disconnected, the device management manager 123 performs processing so that the system operates in the first state.

Through the device sharing process described above, the user can use PC-A110 or PC-D1.
The device A 151 can be used exclusively (exclusively) from either of the 13 devices. By performing the process for exclusive control of the request as described above, the device A 151 can manage the device sequence when managing the request sequence from the application or managing the device state transition by the device driver. A151 does not cause a malfunction in the request from the device driver.

  FIG. 6 is a processing flow of device sharing processing in the above example.

The user gives an activation instruction to the PC-D 113 (501). The PC-D 113 that has received the activation instruction from the user loads and activates the OS and application from the storage 163 (502). Here, the OS and application may be loaded from a storage existing on the network. At this time, the device management manager 123 is also activated.

The device management manager 123 activated in step 502 acquires information on the device A 151 connected to the PC-D 113 (503). Information on the connected device is acquired by sending descriptor information, which is data related to information on the entire device, from the device side to the host in response to a request from the host (PC-D 113 in this embodiment) at startup. (504). The descriptor includes, for example, a code indicating the type of the device, a code of the device class, an ID of the manufacturer of the device,
Product ID, serial number, etc. are included. In the PC-D 113, a device driver for driving the device A 151 is read based on the device information acquired in step 503 and operates. The device management manager 123 realizes the function of the driver or filter driver of the device to be managed (here, the device A 151), thereby making the device sharable in the system, and transmitting / receiving information to / from the device. Control.

The device management manager 123 is a device A 151 connected to the PC-D 113.
Then, the device information extracted from the device information of the device A 151 acquired in step 503 is transmitted to the authentication management server 101 together with the device connection request (504). Upon receiving the device connection request and the device information, the authentication management server 101 collates with the data in the policy table 1400 and registers the policy relating to the device for which the device connection request has been made in the device information management table 200 (505).

On the other hand, when the activation of the PC-D 113 is completed, the PC-D 113 displays on the display that the activation has been completed (506). When the user confirms that the activation has been completed, the user gives an instruction to start using the PC constituting the blade server 106 in the information center 102.
In the present embodiment, the use start instruction is input of a user ID and a password.

When the PC-D 113 receives an instruction to start use from the user (507), the PC-D 113 uses the received user authentication information as a request to use the blade server 106 (hereinafter referred to as a server use start request). (508).

When the blade server 106 receives the server usage start request, the blade server 106 authenticates whether the user has an appropriate usage authority for the blade server 106 (509). Specifically, the blade server 106 transmits the user ID and password included in the use start request to the authentication management server 101 and requests authentication (510). The authentication management server 101 compares the received user authentication information with the user information database, performs authentication, and returns the result to the blade server 106. Here, it is authenticated whether or not the user has access authority to the blade server 106 itself.

When the blade server 106 receives a reply of successful authentication from the authentication management server 101, the blade server 106 determines that the accessing user is permitted to use the blade server 106, and configures the blade server 106. The PC to be used by the user is determined from the PCs. The PC may be appropriately allocated according to the order of use, allocated one-to-one to the user in advance, or allocated according to some authority allocated to the user. Good. The administrator decides which form to take.
Here, description will be made assuming that the blade server 106 assigns the PC-A 110 to the accessing user. The process is the same when other PCs are assigned.

When the blade server 106 determines that the PC to be assigned to the PC-D 113 is the PC-A 110, the blade server 106 checks the activation status of the PC-A 110 (511). If the PC-A 110 is not activated, a request to activate the PC-A 110 is made to the PC-A 110 (512). When the PC-A 110 is activated in accordance with the transmitted request (513), the PC-A 110 notifies the blade server 106 of information indicating completion of activation (514). When the PC-A 110 is already activated, for example, when the PC-A 110 has a server function and can be used simultaneously by a plurality of people and is always energized, the PC activation operation from step 511 is performed. Is unnecessary.

The operating status of the PC is determined by accessing the PC usage management table 400 and confirming the status 410 of the corresponding PC name 401. After startup, the assigned client device is added as the use source terminal 405 of the corresponding PC name 401.

On the other hand, when the PC-A 110 is activated, the virtual device manager 120 installed in the PC-A 110 confirms an available device (515). In particular,
The virtual device manager 120 sends the virtual device manager 1 to the authentication management server 101.
A request for investigating a device that can be used by the PC (PC-A 110 in this example) on which
Hereinafter, it is called an available device investigation request. ) Is transmitted (516).

The authentication management server 101 that has received the available device investigation request conducts device investigation and confirmation (517). Specifically, the authentication management server 101 that has received the available device investigation request first checks whether or not a new device has been newly registered, and updates the already held device information table 200 ( 518). The authentication management server 101
Upon receipt of the available device investigation request, each device currently registered in the device information table 200 is registered toward the device management manager of the client apparatus such as each PC or hub to which the device is connected. An inquiry is made as to whether each device that is still available is used (519).

The device management manager of each client device that has received an inquiry from the authentication management server 101 returns to the authentication management server 101 whether or not the device that has received the inquiry at this time can be used (520). In addition, each device management manager, as information indicating whether or not the device can be used, indicates that the device has been disconnected if it has already been disconnected.
Returns the current status of each device, such as “Occupied”, “In Use”, and “Communicating”. The authentication management server 101 updates the device information table 200 using the information received from each device management manager. When receiving information that the device is disconnected, the record relating to the device is deleted.

Then, the authentication management server 101 transmits the device registered in the device information table 200 to the virtual device manager 120 as the inquiry source as a currently available device (521).

Next, the virtual device manager 200 performs processing for sharing a device based on information in the device information table 200. At this time, since the virtual device manager 120 has not authenticated the user, it is not possible to perform the sharing process for a device with a usable ID restriction in the device information table when checking the available device. . Therefore, the virtual device manager 200 extracts devices that are registered in the device information table 200 and whose usable ID 211 is undefined, and creates a channel with these usable devices. Ready for communication (522,
523). When the authentication management server 101 receives an available device investigation request from the virtual device manager 120 (516), the authentication management server 101 does not make an inquiry to each device management manager 123, and is registered in the device information table 200 at that time. Then, it may be configured to extract a device whose usable ID 211 is undefined and send it back to the inquiring virtual device manager 120 (521). In this case, steps 517 to 520 are not performed.

The channel is generated by the virtual device manager 120 between the mutual IP address and the authentication management server 101 between the virtual device manager 120 and the device management manager included in the client device connected to each device received as the available device. Is performed by performing mutual authentication and key exchange on the basis of the information given from, and forming an encrypted communication path (523).

As an example of the mutual authentication method, the authentication management server 101 is operated by the device management manager 12.
3 is a method in which a preshared key (pre-shared key) is securely sent when device information is transmitted / received, and when a virtual device manager 120 returns a device to be used, and authentication is performed based on the pre-shared key. It is done. The method of mutual authentication is not limited to this method, and it is only necessary to confirm that the other party generating the channel is a specific device management manager and a virtual device manager.

After the mutual authentication is completed, an encryption key for exchanging ID information and data is exchanged between the virtual device manager 120 and the device management manager. Thereafter, the device management manager and the virtual device manager 120 using the encryption key exchanged here.
And communicate. For this reason, it is impossible to eavesdrop on communication for exchanging ID information and data with a third party. The encryption key may be a fixed value, but may be discarded every time it is used or after a certain period, and a new encryption key may be generated.

In the present embodiment, when a channel is generated between the virtual device manager 120 and the device management manager 123 in this way, it is said that the device managed by the device management manager 123 is in a sharable state. Communication paths that cannot be tapped by such third parties (
The channel) allows the PC-A 110 to control the device A151 in the same manner as when the device A151 is directly connected to the PC-A110.

In other words, in this embodiment, “device sharing” means that the PC-A 110 can perform processing in the same manner as when the device A 151 is directly connected to the PC-A 110.
-A110 is to operate. For example, the device A connected to the PC-D 113
151, when “device sharing” is realized, the PC-A 110 reads or resets the communication method and descriptor set in the device A 151 from the device A 151 via the device management manager 123 and the virtual device manager 120. Can be.

In addition, in PC-A110, when the device A151 has not been used in the past,
Install the necessary device drivers. Generally, when a device is shared, the operating system operating on the PC-A 110 automatically recognizes the newly added device and installs a device driver necessary for the operation of the device. I do. Such an installation operation occurs when a device that is used for the first time in the PC-A 110 is shared between the PC-A 110 and another device. If the device has been used in the past, a necessary driver is already installed in the PC. -It does not occur because it is installed on A110.

Note that if the operating system operating on the PC-A 110 automatically recognizes the device as described above and does not have a function for installing a necessary device driver, the administrator or the user manually operates the device. The driver is installed and the setting of the PC-A 110 is changed so that the device can be used.

In addition, when a plurality of users share the device A 151, each user may independently instruct resetting or communicate with each other. In such a case, the device management manager 123 changes the procedure so as not to accept the reset, or instead transmits the information already acquired from the device A 151 and stored in the device management manager 123. Constitute. Specifically, a predetermined response is made to specific communication from the virtual device manager 120.

Note that the channel information generated here is transmitted to the authentication management server 101 (591).
The authentication management server 101 updates the device information table 200 using the received information (592).

  With the above processing, the PC-A 110 can be used by the user of the PC-D 113.

Next, the user requests use of the PC-A 110 via the PC-D 113. That is,
When the PC-D 113 receives an instruction to use the PC-A 110 from the user, the PC-D 1
13 generates a request for using the PC (hereinafter referred to as a PC use request), and converts it into PC-A1.
10 (524). This PC use request includes information for identifying the user, such as a user ID and a password.

The PC-A 110 receives the PC user request and performs login processing (525). In the login process, first, the PC-A 110 transmits information specifying the user included in the user request to the authentication management server 101. The authentication management server 101 compares the received information for identifying the user with the information stored in the user information database 300, authenticates the user, and returns the result to the PC-A 110. It should be noted that the PC-A 110 may be held in advance only for the items necessary for user authentication during login among the items in the user information database 300, and the PC-A 110 may perform authentication during login. .

Next, the virtual device manager 120 checks available devices. Here, the virtual device manager 120 extracts available devices for the logged-in user. The procedure for extracting an available device is basically the same as that described in 516 above. The ID of the logged-in user may be transmitted to the authentication management server 101 at the time of inquiring, and only a response in which the user ID is registered as an available ID may be received.

Similar to the above-described processing, the authentication management server 101 inquires the device management manager of the client device to which the device is connected for all the devices registered in the device information table 200, receives a reply, Device information table 20
After 0 is updated, it is returned to the inquiring virtual device manager 120 (529-532).
). As described above, the authentication management server 101 refers to the device information table 200 in response to an available device investigation request, and selects a device currently registered as usable by the user as a virtual device as an inquiry source. A reply may be sent to the manager 120 (532).

In the first check of available devices (516 to 521), since the user is not specified, the sharing process, that is, for the device for which the available ID is limited,
The communication channel could not be set. However, after the user login (525), a device whose usable ID contains the user ID or the ID of the group to which the user belongs can be used. Accordingly, a communication path (channel) is established with the device that can be newly used at this time, as described above (533 to 534).

At the stage of preparation for communication with available devices (533), a list of available devices is displayed on the screen of the PC-A 110, the PC-D 113, or a screen that can be confirmed by an administrator in the information center 102. It may be configured. In this case, a list of currently shared devices and connectable devices is displayed on these screens. Devices that are in the device sharing list at the previous end time held by the virtual device manager 120 and that are currently available can perform channel generation without user instruction, that is, device sharing. It can be configured so that the administrator or the user can set whether or not to perform the sharing setting for a device that can share the device without an instruction from the user.

The generated channel information is transmitted to the authentication management server 101 (593). The authentication management server 101 updates the device information table 200 according to the received channel information (594). Thereafter, use of the PC-A 110 is started (535).

Here, available device check, available device investigation request, device investigation and confirmation, device availability inquiry, device information acquisition, device information transmission available device reply (526 to 534), channel generation information transmission 593 And table update 59
4 is repeatedly executed as needed during the use of the PC (535), and the device information table of the authentication management server 101 is always updated to the latest state.

Here, it is desirable to periodically check available devices by the virtual device manager 120 after the user logs in. The virtual device manager 120 periodically checks the device information table 200 and checks whether the sharing is possible due to the status change.

On the other hand, the device information table 200 is updated by the device management manager 120 together with information indicating the state after the change every time a state change relating to the device, such as a change in device connection status or a change in status, occurs. 101 is notified.

Through the above processing, the device management manager 123 and the virtual device manager 120 operate and communicate, whereby the device A 151 can operate as a device of the PC-A 110. In other words, device sharing is realized for the device A 151.

Next, processing at the end of device sharing in the device management system of this embodiment will be described. FIG. 7 is a processing flow at the end of the device sharing process of the present embodiment.

As shown in this figure, the user remotely operates the PC-A 110 using the PC-D 113, terminates the use of the device A 151, and releases the device A 151 to other users.

The user issues a device use end instruction to the PC-D 113 (601). PC-D1
13 receives a device use end instruction from the user, the virtual device manager 12
A device use end request (hereinafter referred to as a device use end request) is transmitted to 0 (60).
2). Upon receiving the device use end request, the virtual device manager 120 checks the use end device (603). Specifically, the virtual device manager 120
In PC-A 110, it is determined whether or not the use of the device may be terminated.

For example, when an application on the PC-A 110 or another client device is using the target device for the device usage termination request, the usage cannot be terminated. In this case, the end process is waited until these applications and other client apparatuses end the use of the target device of the device use end request. In this case, the PC-D 113 is notified that the device instructed cannot be terminated. The PC-D 113 notifies the user of the received notification by display or the like.

This notification is not necessarily performed. For example, the notification may be configured only when the use cannot be ended even after waiting for a predetermined time or more. Of course, in the use end device check (603), if the use can be ended, the use end device transmission, which is a notification of the end of the use of the device, is sent to the authentication management server 101 together with the information for specifying the device. (604).

Next, upon receiving the use end device transmission, the authentication management server 101 checks and confirms the device (605). Specifically, the device management manager 1 of the device usage termination request source
In step 606, device release information that is information indicating that the use of the instructed device has been completed is transmitted (606).

The device management manager 123 checks and confirms the device (607). Here, an investigation such as checking whether or not there is a response from the device is performed. If there is no response, the status of the corresponding device in the device information table 200 is set to “unknown”.

On the other hand, when a normal response is obtained from the device, the device management manager 123
The channel established with the virtual device manager 120 is discarded (608), and when the channel is successfully discarded, channel discard information, which is information indicating that the channel has been discarded, is transmitted to the authentication management server 101. (609).

Upon receiving the channel discard information, the authentication management server 101 updates the device information table 200 (610). That is, at this time, the authentication management server 101 sets the status 210 of the device information table 200 for the device whose channel is discarded, for example,
Change from “Occupied”, “In Use”, “Communicating”, etc. to “Unused”.

The authentication management server 101, the device management manager 123, and the virtual device manager 120 store the data 190 or 163 as the logs 191, 173, and 170, respectively, as data transmitted or received in the series of operations described with reference to FIGS. 160
To record.

Next, the PC-A 110 in the device sharing process of the device management system according to the present embodiment.
Details of processing of the pseudo bus driver 1504 and communication program 1508 on the side, and the communication program 1510 and filter driver 1514 on the PC-D 113 side will be described.

FIG. 14 is a diagram when the PC-D 113 is activated in the device sharing process of the present embodiment (502 in FIG. 6).
) Is a diagram for explaining processing of a filter driver 1514 and a communication program 1510.

Upon receiving an activation instruction for the PC-D 113 from the user, the device management manager 123 first loads the communication program 1510 onto the memory of the PC-D 113 and activates it (1605). Similarly, the filter driver 1514 is activated (1606). The communication program 1510 performs filter driver open processing (1607), and the filter driver 1514 becomes available from the communication program 1510. Next, an event wait request is transmitted from the communication program 1510 to the filter driver 1514 (1608).
The filter driver 1514 enters an event waiting state (1609).

In the event waiting state, the filter driver 1514 can transmit an interrupt issued from the device A 151 to the communication program 1510, and the communication program 1510 can transmit an instruction to the filter driver 1514. In the event waiting state, the filter driver 1514 reads data stored on the PC-D 113 or receives a user instruction input from the GUI application 1509 via the communication application 1510, thereby issuing the data from the device A151. The received interrupt can be set to be transmitted to the device class driver 1513. In the case of setting to transmit an interrupt to the device class driver 1513, the device A151 can be directly operated from the PC-D 113 after the activation (502) in FIG. Here, the communication program 15
10 fails to open the filter driver 1514, the communication program 1510 notifies the GUI application 1509 that the filter driver 1514 has failed to open, and records error information in the log in the PC-D 113, thereby managing authentication. Server 10
Report the error to 1. The GUI application 1509 includes a filter driver 1514
When a notification that the opening of the screen has failed is received, a screen indicating that is displayed on a display device (not shown).

Next, processing of the pseudo bus driver 1504 and the communication program 1508 when the PC-A 110 is activated (513 in FIG. 6) will be described. FIG. 15 is a diagram for explaining processing of the pseudo bus driver 1504 and the communication program 1508 when the PC-A 110 is activated (513 in FIG. 6) in the device sharing processing of this embodiment.

When receiving an instruction to start the PC-A 110 from the user, the virtual device manager 120
First, the pseudo bus driver 1504 is loaded onto the memory of the PC-A 110 and activated (1601). Next, the pseudo bus driver 1504 creates an enumerator 1506 (1602). Next, the virtual device manager 120 executes the communication program 1603.
Is loaded into the memory of the PC-A 110 and activated (1603). Communication program 150
8 opens the pseudo bus driver 1504 (1604), and the pseudo bus driver 1504 becomes available from the communication program 1508. If the communication program 1508 fails to open the pseudo bus driver 1504, the communication program 15
08 notifies the GUI application 1507 that the opening of the pseudo bus driver 1504 has failed, records error information in a log in the PC-A 110, and reports an error to the authentication management server 101. The GUI application 1509 is a filter driver 1
When the notification that the opening of 514 has failed is received, a screen indicating the notification is displayed on a display device (not shown).

Next, the pseudo bus driver 1504 in the channel generation (523 and 534 in FIG. 6).
Processing for generating a channel between the virtual device manager 120 of the PC-A 110 and the device management manager 123 of the PC-D 113 using the communication program 1508, the communication program 1510, and the filter driver 1514 will be described. FIG. 16 is a diagram for explaining processing of the pseudo bus driver 1504, the communication program 1508, the communication program 1510, and the filter driver 1514 during channel generation in the device sharing processing of the present embodiment.

When generating a channel, first, the communication program 1508 transmits a channel generation request to the communication program 1510 (1611). Next, the communication program 1510 transmits a response to the channel generation request (1612). The channel generation request 1611 includes information for selecting a key used for encrypted communication performed between the communication program 1508 and the communication program 1510. Further, the response 1612 to the channel generation request includes information for determining a key used for encrypted communication performed between the communication program 1508 and the communication program 1510.

Through transmission / reception of the channel generation request 1611 and the response 1612 to the channel generation request, the communication program 1508 and the communication program 1510 generate a channel (encrypted communication path) in which the communication content is not exposed even if the communication content of the two parties is intercepted, and the communication To start. As encryption key information used in the channel generation request 1611 and the response 1612 to the channel generation request, the encryption key information uniquely generated by the communication program 1508 and the communication program 1510, the encryption uniquely obtained by the GUI application 1507 and the GUI application 1509 Key information, encryption key information already stored in the PC-A 110 or PC-D 113, or encryption key information generated by the authentication management server 101 may be used.

After transmission / reception of the channel generation request 1611 and the response 1612, the communication program 1508 waits for a reception event (1613). In addition, the communication program 1510 transmits a filter start request 1614 to the filter driver 1514. After the filter driver 1514 receives the filter start request, the filter process is started (1615). The filter driver 1514 exclusively transmits the data of the device A 151 input / output via the physical bus driver 1515 to the communication program 1510. Be able to handle it. Next, communication program 1
510 is in a reception event waiting (1616) state.

Here, the initialization process of the device A 151 when the filter driver 1514 receives the filter start request and starts (1615) the filter process will be described.

When the filtering process is started, a request from the device class driver 1503 is
The data is transmitted to the device A 151 via the filter driver 1514, and the device A 151 can be used from the PC-A 110. If the PC-D 113 is using the device A 151 when the filter driver 1514 receives the filter start request, a process conflict occurs. In order to avoid this, in the device management system of this embodiment, the filter driver 15
When 14 starts the filtering process, the request cancellation process from the PC-D 113 and the initialization process of the device A 151 are performed as shown below, and the P for the device A 151 is processed.
The request from the C-A 110 and the PC-D 113 is managed so as not to conflict. Details of the processing will be described below.

FIG. 22 is a flowchart for explaining processing and communication of the OS and each device driver at the start of the filter in the device management system of the present embodiment.

When the filter start request 1704 is received and the filter process is started, the filter driver 15
14 performs a cancel process for a request that has not been processed among requests that have been issued to the device A 151, and sends a cancel request to the device class driver 15.
13 (2201).

When the cancellation processing of all issued requests is completed, the filter driver 1514
Performs initialization of the device A151 so that the device A151 responds normally to the request transmitted from the communication program 1510 (2202).

The initialization is performed by a method such as sending a notification that the device A 151 has been inserted / removed to the OS 1702 or issuing a command for re-enabling the device A 151 once it is invalidated.

When the filter driver 1514 performs this initialization, the same processing as when the device A 151 is reconnected after being disconnected from the PC-D 113 is performed on the PC-D 113. Specifically, a request for data such as an ID (initialization request) is transmitted from the OS 1702 to the device A 151 via the device class driver 1513 (2203 to 2205). The device A 151 sends a response to all data requests such as IDs to the device class driver 151.
3 (2206 to 2208). When the filter driver 1514 receives the initialization request, the filter driver 1514 receives the data such as the ID of the device A 151 that holds the received initialization request without transmitting it to the device A 151 as a response to the request.
To the device class driver 1513. Here, the data such as the ID of the device A 151 held by the filter driver 1514 is acquired at the time of the previous plug-in processing or the like.

When a request for the device A 151 is transmitted from the device class driver 1513 after the initialization request processing is completed (2209), the filter driver 1514 indicates that the device A 151 exists but cannot be processed. Data is transmitted to the device class driver 1513 (2210). The error data is, for example, “appropriate media is not inserted in device A 151” or “device A 151 is being prepared”, and a message corresponding to the manufacturer and type of device A 151 is selected. .

After the process 2210 is performed, the filter driver 1514 returns a response including error data indicating that the request cannot be processed to the device class driver 1513 in response to the request transmitted from the device class driver 1513. The request from the class driver 1513 is blocked.

Thereafter, the control is switched so that the system operates in the above-described second state (the device A 151 can be used from the PC-A 110 but cannot be used from the PC-D 113). More specifically, from the application operating on the PC-A 110, the device A 151 is obtained.
Is sent to the device A 151 for processing, and a response is sent back from the device A 151. However, the application running on the PC-D 113 sends a request to the device A1.
The request to 51 is not transmitted to the device, but a response including an error is returned from the device management manager 123.

When the filter driver 1514 can return an appropriate error to the request transmission from the device class driver 1513, the filter driver 1514 notifies the pseudo bus driver 1514 that the device A 151 is connected. This process is the same as 1704 to 1719 shown in FIG.

When the filter driver 1514 performs the above processing, the device A151 can be used by the user in the same manner as the device A151 is directly connected to the PC-A110 independently of the request from the PC-D 113 to the device A151. I can do it. That is, the physical bus driver 1
The communication program 151 exclusively transmits data of the device A 151 input / output via the 515.
It can be controlled so that 0 can be handled.

In the processing of channel generation 523 and 534 in FIG. 6, when a plurality of devices on the PC-D 113 are filtered, it is determined that the devices are usable by the usable device reply 521 or the usable device reply 532 in FIG. Only the filter driver 1514 corresponding to the device determined by the virtual device manager 120 is subjected to the filter start processing, and the device connected from the PC-A 110 to the PC-D 113 can be used.

Next, after the processing of FIG. 6 is finished, the device A 151 can be shared and can be operated as the device of the PC-A 110, and data is transmitted and received between the device management manager 123 and the virtual device manager 120. Details of the control will be described with reference to FIG. Here, in a state in which the PC-A 110 and the PC-D 113 are communicating via the network 103, the user connects the device A151 connected to the PC-D 113 to the PC.
-It is assumed that it is going to use from A110.

When the device A 151 is connected to the PC-D 113, the physical bus driver 151 for the physical bus (USB bus in this embodiment) of the PC-D 113 to which the device A 151 is connected.
5 detects the device A 151 and instructs an OS (not shown) to load a program (device driver) on the memory so as to prepare for using a device driver corresponding to the device A 151. Then, the OS loads a predetermined device driver group.

Normally, the host driver 1512, the device class driver 1513, and the physical bus driver 1515 are interposed in the data transmission / reception between the application 1511 and the device A 151. However, when the user uses the device A151 from the PC-A110, the PC-D
On the 113 side, a filter driver 1514 that is a part of the device management manager 123 is loaded at an appropriate location on the memory, and is arranged between the physical bus driver 1515 and the device class driver 1513.

While the PC-D 113 is operating, when the device management manager 123 is loaded on the memory and is operating, the device management manager 123 appropriately monitors the device type and physical bus.

In general, when using the device A 151 from the application 1511 of the PC-D 113, the device management manager 123 performs communication between the device class driver 1513 and the physical bus driver 1515 via the filter driver 1514 according to the user's intention. The device class driver 1513, the physical bus driver 1515, and the filter driver 1514 are appropriately operated as shown in FIG.

However, when the device A 151 is used from the PC-A 110 as in the premise here, the filter driver 151 includes the physical bus driver 1515 and the device class driver 15.
Direct communication with 13 is prohibited. That is, the request and response between the communication program 1510 and the physical bus driver 1515 are validated. Device A151
The filter driver 1514 is loaded when a series of device drivers connected to the PC-D 113 are loaded onto the memory, and all communication between the device class driver 1513 and the physical bus driver is performed via the filter driver 1514. However, the configuration may be such that it is performed manually when the user gives an instruction, or the application 1501 on the PC-A 110.
You may comprise so that it may be performed when there exists an instruction | indication from.

The device class driver 1513 and the physical bus driver 1515 with which the filter driver 1514 communicates differ depending on the type of device to be used and / or the physical bus to which the device is connected. For this reason, the device class driver 1513 and the physical bus driver 1515 are appropriately changed every time they are loaded on the memory.

On the other hand, the virtual device manager 120 is operating in the PC-A 110. The virtual device manager 120 transmits the device A 151 via the GUI application 1507.
When the instruction to use the device is received, the virtual device manager 120 checks whether the device A 151 can be used in the PC-A 110 as described above.
The process proceeds so that the device A151 can be used from the C-A110.

A device A151 is connected to the PC-D 113, and the device A151 is connected from the PC-A110.
When the conditions for using the device are satisfied, the information on the device A 151 is transmitted to the pseudo bus driver 1504 via the communication program 1508 and the communication program 1510 in which the communication path has already been established. The pseudo bus driver 1504 loaded in the memory generates and operates two programs of an activation physical device object 1505 and an enumerator 1506 therein.

The enumerator 1506 communicates with the communication program 1508 and instructs the OS (not shown) to load the startup physical device object 1505 on the memory in order to prepare for using the device driver corresponding to the device A 151. Then, the OS loads according to the instruction.

From the application 1501 used by the user on the PC-A 110 to the device A 151
When communication is performed, data is stored in the upper driver 1502 and the device class driver 1
503, the physical device object for activation 1505, the enumerator 1506, the communication program 1508, the communication program 1510, the filter driver 1514, and the physical bus driver 1515 are transmitted to the device A 151. Responses and interrupts for transmission data are transmitted in reverse order.

That is, a request for the device A 151 issued from the device class driver 1503 is transmitted from the startup physical device object 1505 corresponding to the device A 151 to the enumerator 1506, and via the communication program 1508, the PC-D 113.
Sent to. A response to the transmitted request is transmitted in reverse order from the PC-D 113 to the device class driver 1503 via the communication program 1508, the enumerator 1506, and the startup physical device object 1505. Device A during transmission and reception
Requests and responses to 151 are not communicated with requests and responses to other devices by communication program 1510 and communication program 1508.
Control data such as D and request number is added. Finally, the control data added at the stage when the request is transmitted to the device A 151 or the stage when the response is returned to the device class driver 1503 is removed.

As described above, a request for a device issued by the device class driver 1503 is transmitted from the pseudo bus driver 1504 to the communication program 1510 through the communication program 1508. The response to the transmitted request is transmitted from the communication program 1510 to the device class driver 1503 via the communication program 1508 and the pseudo bus driver 1504 in reverse order. On the way, control data such as ID and request number is added to the request and response to the device by the communication program 1510 and the communication program 1508 so as not to be confused with the request and response to other devices.

At this time, the communication program 1508 monitors the content of communication, and for some communication,
The communication program 1508 itself responds to the pseudo bus driver 1504 without sending a request to the communication program 1510 via the network 103, or the transmission is delayed. It has a function to reduce the amount of communication.

Specifically, the communication program 1508 holds in advance responses to requests that have been determined in advance, such as periodically alive confirmations, and when these requests are received from the pseudo bus driver 1504, the communication program 1508 is registered. Reply to self-pseudo bus driver 150
Reply to 4. The setting of the function for reducing the communication amount is performed by the GUI application 15.
07 or a GUI application 1509 to receive an instruction from the user. Alternatively, an instruction from a system administrator is accepted via the authentication management server 101.

When the PC-A 110 and the PC-D 113 are set to be in the hibernation or suspend state for power saving, the device A 151 is in the hibernation or suspend state while being available from the PC-A 110. There is. In such a case, the OS notifies the communication program 1508, the communication program 151, and the notification indicating that the OS is suspended or suspended.
0, transmitted to the filter driver 1514 and the pseudo bus driver 1504. The pseudo bus driver 1504 and the filter driver 1514 are configured to display a warning on the screens of the PC-A 110 and the PC-D 113, respectively, so as not to enter a pause or suspend state.
An instruction is given to the applications 1507 and 1509, and an error is transmitted to the OS. The OS that has received the error is prevented from entering a sleep or suspended state.

Depending on the setting of the user, when the device A 151 is available from the PC-A 110 and the PC-A 110 and the PC-D 113 are in a suspended or suspended state,
A communication program 15 that has received a notification from the OS indicating that it will be in a suspended or suspended state
08, communication program 1510, filter driver 1514, pseudo bus driver 1504
Instructs the GUI applications 1507 and 1509 to display a warning on the screens of the PC-A 110 and the PC-D 113, deletes all the physical device objects for startup 1505 on the pseudo bus driver, and sets the communication program 1508, 1510, processing to end communication between the filter driver 1514 and the pseudo bus driver 1504. Note that the communication ended here is the communication program 1508, 151 in the normal resumption procedure when the PC-A 110 or PC-D 113 returns from the paused or suspended state.
0, the filter driver 1514, and the pseudo bus driver 1504 start again.

Next, data format conversion when the device A151 is used from the PC-A 110 will be described.

A request to the device A 151 generated from the application 1511 on the PC-D 113 is sent to the device A 151 via the upper driver 1512, the device class driver 1513, the filter driver 1514, the physical bus driver 1515, and various programs as described above. Sent.

However, in the application 1501 operating on the PC-A 110, the device A
When transmitting / receiving a request to / from 151, information unique to the PC-A 110 is included in the request exchanged between the programs. The information unique to the PC-A 110 is, for example, address information of a memory or buffer that performs DMA (direct memory access) transfer.

If such a request including information unique to the PC-A 110 is directly transmitted to a program such as the communication program 1510, the filter driver 1514, and the physical bus driver 151 operating on the PC-D 113, each program on the PC-D 113 cannot be referred to. Cannot access normal addresses and operate normally as a device management system.

In the device management system of this embodiment, in order to avoid the above problem, when information such as a request and a response is transmitted and received between the programs, the data format is converted, and the information included in the request and the response operates. Manage not to depend on PC. Details of the processing will be described below.

23 shows data transmitted / received between the pseudo bus driver 1504 and the communication program 1508, data transmitted / received between the communication program 1508 and the communication program 1510, and data transmitted / received between the communication program 1510 and the filter driver 1514. FIG. 6 is a diagram for explaining a data structure of data and a data structure conversion process.

The request and response handled by the pseudo bus driver 1504 have the structure format shown in the structure 2351. The structure 2351 includes data A2301, data B2302,.
, Data N2303, pointer A2304, and pointer B2305. A pointer A 2304 and a pointer B 2305 indicate memory addresses (logical addresses) of information stored in the memory 2352 on the PC-A 110. Each stored information is data X2
306, data Y2307. Note that the memory 2352 is a memory area loaded with the structure 2351, a memory area specially provided for device processing, or a device bus having a different property from the memory loaded with the structure 2351. This is a memory area specially provided for device processing such that the controller driver for controlling the device can be directly accessed without going through the CPU.

On the other hand, between the pseudo bus driver 1504 and the communication program 1508, the communication program 1
508 and communication program 1510, communication program 1510 and filter driver 1
Data transmitted / received to / from 514 has a structure format shown in structure 2353. The structure 2353 includes data A2308, data B2309,..., Data N2310, data X
2311 and data Y2312. That is, data itself is stored in a structure transmitted / received over the PC instead of the pointer. The pseudo bus driver 1504, the communication program 1508, the communication program 1510, and the filter driver 1514 are the structure 2
By transmitting / receiving data in the format 353, the requests requested by each other are transmitted / received, and responses to the requests are transmitted / received.

The pseudo bus driver 1504 receives the request stored in the structure 2351 from the device class driver 1503. The request stored in the structure 2351 is generated by the device class driver 1503 according to an instruction given from the higher-level driver 1502 or the application 1501 that is a higher-level driver of the device class driver 1503.

The pseudo bus driver 1504 converts the data indicating the request stored in the structure 2351 and the data stored in the memory 2352 into the format of the structure 2353, and converts the data having the format of the converted structure 2353 into the communication program 1508. Send to. Further, the pseudo bus driver 1504 receives data having the format of the structure 2353 from the communication program 1508, converts the data into the format of the structure 2351, and transmits the data to the application 1501 via the device class driver 1503 and the upper driver 1502. At this time, for example, data to be stored in the memory 2352 such as the data X 2306 and the data Y 2307 are stored in the memory 2.
Expand on 352. The data expanded on the memory 2352 is used for other drivers, applications, and the OS 1701.

On the PC-D 113 side, the request and response handled by the filter driver 1514 have a structure format as shown in the structure 2354.

The structure 2354 stores data A2313, data B2314,..., Data N2315, a pointer C2316, and a pointer D2317. A pointer C2316 and a pointer D2317 indicate memory addresses (logical addresses) of information stored in the memory 2355 on the PC-D 113, and the stored information includes data X2318 and data Y23, respectively.
19. The memory 2355 is a device in which the structure 2354 is loaded or is different from the memory in which the structure 2354 is loaded, and the controller driver that controls the device bus can directly access the device without using the CPU. This is a memory area specially provided for the above processing.

The filter driver 1514 receives the structure 2353 transmitted from the communication program 1510.
Is converted into the structure 2354 format and stored in the filter driver 1514. At this time, for example, when the data X 2311 and the data Y 2312 are data to be stored in the memory 2355, they are expanded on the memory 2355. The data expanded in the memory 2355 is used for other device drivers and the OS 1702. Filter driver 15
14 determines whether data X2318 and data Y2319 should be expanded on the memory 2355 according to a predetermined policy. This policy is set and changed by the user.

The data stored in the structure 2351, the structure 2353, the structure 2354, the memory 2352, and the memory 2355 includes header information such as request length, number, data body to be transmitted, device number to be transmitted, and the like. Information, such as the type and number of the internal interface of the device to be transmitted, the nature and type of the request to be transmitted, and status information being executed.

The pseudo bus driver 1504 and the filter driver 1514 are configured as described above so that the memory address information recorded in the data and the data indicated by the memory address are correctly transmitted and received between the pseudo bus driver 1504 and the filter driver 1514. The data structure is converted between the structures 2351 and 2353 and between the structures 2353 and 2354, respectively. By performing this conversion, it is possible to avoid occurrence of an error by referring to memory address information present in data transmitted / received between the pseudo bus driver 1504 and the filter driver 1514 on an inappropriate device.

Here, how the request included in the request transmitted to the pseudo bus driver 1504 is transmitted again from the pseudo bus driver 1504 to the device A 151, and the response to the request is returned to the pseudo bus driver 1504. Explain how.

The request transmitted to the pseudo bus driver 1504 is, as described above, the PC-D 113.
It is converted into a structure 2353 that does not have a pointer that references the internal memory. If the converted structure 2353 does not conform to the specifications of the protocol that can be used in the network 103, the communication program 1508 converts it into a second request that has a format that can be transmitted on the network 103.

Specifically, the second request is obtained by adding a header or the like necessary for the network protocol to the structure 2353. For example, when the TCP / IP protocol is available on the network 103, the second request includes a header length and a packet length, an identifier, a flag, a lifetime, a protocol number, a header checksum, a start point IP address, and an end point IP address. , And a structure 2353 which is an option and data.

The communication program 1508 transmits this second request to the communication program 1510 via the network 103.

The communication program 1510 extracts the structure 2353 from the received second request and transmits it to the filter driver 1514. The filter driver 1514 includes a structure 2353
Is converted to a structure 2354 as described above.

That is, the filter driver 1514 copies the data X2318 and the data Y2319 to the memory 2355, and stores the write destination memory addresses in the pointer C2316 and the pointer D2317, respectively. Here, the filter driver 1514 receives the data X23.
18 and the data Y2319 check whether the capacity is less than the capacity that can be stored in the memory 2355, and if necessary, the capacity is secured.

The request converted into the structure 2354 is sent by the filter driver 1514.
The data is transmitted to the device A 151 via the physical bus driver 1515.

The device A 151 returns a response to the request transmitted from the physical bus driver 1515 to the physical bus driver 1515 via a bus controller and a bus (not shown). The filter driver 1514 uses the pointer C2316 and the pointer D2317 as the response received from the physical bus driver 1515 to send data X2318 and data Y2
If 319 is referenced, it is converted to a structure 2353 that does not have a pointer to refer to the memory in the PC-D 113 as described above, and includes data X2318 and data Y2319 itself,
The converted structure 2353 is transmitted to the communication program 1510.

The communication program 1510 uses the transmitted information of the structure 2353 to create a second response in a format that can be transmitted on the network 103 according to the specifications of the protocol that can be used on the network 103. Specifically, the second response is the structure 235.
3 is added with a header necessary for the network protocol. For example, if the TCP / IP protocol is available on the network 103, the second response is:
It includes a structure 2353 which is a header length and a packet length, an identifier, a flag, a lifetime, a protocol number, a header checksum, a start point IP address, an end point IP address, options and data.

The communication program 1510 transmits this second response to the communication program 1508 via the network 103.

The communication program 1508 extracts the structure 2353 from the transmitted second response and transmits it to the pseudo bus driver 1504. The pseudo bus driver 1504 includes the structure 235.
3 is converted to a structure 2351 as described above.

That is, the pseudo bus driver 1504 copies (or moves) the data X2306 and the data Y2307 to the memory 2352, and stores the write destination memory addresses in the pointer A2304 and the pointer B2305, respectively. Here, the pseudo bus driver 1504
It is checked whether the size of the data X2306 and the data Y2307 is equal to or smaller than the capacity of the area that can be stored in the memory 2352, and if necessary, the capacity is secured.

As described above, in the conversion from the structure 2353 to the structure 2354 by the filter driver 1514, the data X2318 and the data Y2319 are copied or moved to the memory 2355, and the write destination memory addresses are stored in the pointer C2316 and the pointer D2317. Is performed according to a predetermined policy. This policy is on the memory of the PC-D 113 and is used when the second request received by the filter driver 1514 is transmitted to the physical bus driver 1515.

Similarly, the conversion from the structure 2354 by the filter driver 1514 to the structure 2353 including the data X2318 and the data Y2319 in the memory 2355 is also performed according to the above policy.

The policy is determined by the user when a device driver or other program is installed on the PC-D 113 by the user or when the device is used, or is notified from the authentication management server 101 to the PC-D 113. Stored in the memory of the PC-D 113.

This policy is defined in accordance with at least one of a device type (class) such as the device A 151, a device manufacturer, a device type, a device serial number, and a bus or controller number to which the device is connected. It is done. The information such as the device type (class) and the device manufacturer is read by the program such as a device driver on the PC-D 113 from the identifier held in the device when the device is connected to the PC-D 113. , Stored in the memory on the PC-D 113.

Data X2 on the memory 2355 indicated by the pointer C2316 and the pointer D2317 in the conversion from the structure 2354 to the structure 2353 by the filter driver 1514
Copying or moving of the data 318 and the data Y2319 to the structure 2353 is performed according to a predetermined policy. This policy is predetermined in the memory of the PC-D 113. When the filter driver 1514 transmits the response received from the physical bus driver 1515 to the pseudo bus driver 1504 via the communication programs 1510 and 1508, this policy is used. Used for.

Similarly, in the conversion from the structure 2353 to the structure 2351 by the pseudo bus driver 1504, the data X2306 and the data Y2307 are copied or moved to the memory 2352, and the write destination memory addresses are stored in the pointer A2304 and the pointer B2305. Is also performed according to a predetermined policy. This policy is on the memory of the PC-A 110 and is used when the pseudo bus driver 1504 transmits the received response to the device class driver 1503.

The policy stored in the PC-A 110 is determined by the user when a device driver or other program is installed in the PC-A 110 by the user or when the device is used, or the authentication management server 101. Is transmitted to the PC-A 110 and stored in the memory on the PC-A 110.

Similarly, the policy stored in the PC-D 113 is determined by the user when a device driver or other program is installed in the PC-D 113 by the user, or when the device is used. The data is transmitted from the management server 101 to the PC-D 113 and stored in the memory on the PC-A 113.

This policy is determined according to the type (class) of the device such as the device A 151, the device manufacturer, the device type, the device serial number, and the bus or controller number to which the device is connected. The ID information such as the device type (class) and the manufacturer of the device includes an identifier held in the device when the device is connected to the PC-D 113, and a program (such as a device driver on the PC-D 113). For example, the physical bus driver 1515) reads out and holds it in the memory of the PC-D 113, and the filter driver 1514 notifies the pseudo bus driver 1504 via the communication application 1510 and the communication application 1508, for example.

The device management manager 123 reads the ID information held on the memory of the PC-D 113, specifies a policy that conforms to the ID information, and uses it. In addition, the device management manager 123 transmits the read ID information to the virtual device manager 120 of the PC-A 110 via the network. The virtual device manager 120 identifies and uses a policy that conforms to the received ID information.

As described above, by operating the virtual device manager 120 and the device management manager 123, respectively, the application on the PC-D 113 and the PC-A 110 are displayed.
Thus, the device A151 can be operated.

The filter driver 1514 communicates between the communication program 1510 and the physical bus driver 1515 and the device class driver 1513 depending on whether the device A 151 is used as a PC-D 113 device or a PC-A 110 device. One of the communication with the physical bus driver 1515 is blocked and exclusive control is performed. By switching so that one can be used, the user uses the device B152 from the PC-D 113 and the PC-A 110 as if the PC and the device are connected. The switching of communication by the filter driver 1514 is automatically performed according to an instruction from the communication program 1510 or the communication program 1508 via the communication program 1510. Or
These communication programs are performed according to instructions from the GUI application 1507 and GUI application 1509.

When switching occurs, the application 1501 and the application 1511
The device driver and application are initialized from the GUI application or the communication application so that the upper driver 1502, the upper driver 1512, the device class driver 1503, and the device class driver 1513 operate normally. For example, the device A 151 is configured to transmit a signal that is once pseudo-hot-plugged to the OS, each application, and each device driver. Such initialization of each device driver and application is performed by the communication program 1508 and the communication program 1510.
It is always executed when an unauthorized communication is detected, or when an operation of each device driver or application is detected.

Next, after the channel generation (523 and 534) shown in FIG. 6 is completed and the virtual device manager 120 can control the device A151, an instruction to use the device A151 is given to the virtual device manager 120. The operation in this case will be described. FIG.
These are the flow explaining operation | movement of the device management manager 123 and the virtual device manager 120 at the time of device utilization in the device management system of this embodiment. Here, processing when a trigger is applied from the virtual device manager 120 side will be described.

When the channel generation (523 and 534) shown in FIG. 6 is finished and the virtual device manager 120 can control the device A151, an instruction to use the device A151 is given to the virtual device manager 120 (start 700). ), The virtual device manager 120 confirms whether or not the device A 151 operates (701). Specifically, the virtual device manager 120 sends a predetermined command to the device management manager 123 and inquires whether or not the status of the device A 151 can be acquired and whether or not communication is possible. Alternatively, it is confirmed whether a communication path is secured. And
Judgment is made based on the reply from the device management manager 123.

If it is not operating, it is confirmed that the device A 151 is in an illegal state.
1 and the authentication server 101 and the virtual device manager 120
170 (702). When the description in the log 170 is completed, the virtual device manager 120 ends the processing for the given command illegally (716). At this time, the virtual device manager 120 may notify the user of an error message indicating unauthorized termination. Further, it may be configured to automatically perform communication termination processing with the device A 151 upon receiving a notification of an illegal state. Further, the operation confirmation may be performed a plurality of times, and the notification may be continued even if the operation confirmation is performed a plurality of times.

On the other hand, when the operation of the device A 151 is confirmed in step 701, the virtual device manager 120 notifies the authentication management server 101 and the device management manager 123 for survival confirmation as necessary (703). By this processing, the authentication management server 101 and the device management manager 123 can confirm that the channel with the device A 151 is established.

Next, the virtual device manager 120 determines whether or not an instruction (for example, from the PC-A 110) that triggers the use of the device A151 has been received (704). If it is determined that there is no instruction to trigger, the process returns to step 701.

On the other hand, if it is determined that there is a trigger instruction, the virtual device manager 120 generates a transaction according to the device interface protocol (
705). The generated transaction is converted into a protocol defined in the network protocol and transmitted to the device management manager 123 (706).

Next, the virtual device manager 120 determines whether the transaction (data) has reached the device management manager 123 correctly, and if the transaction has not reached correctly, the number of times does not exceed a predetermined number.

Specifically, first, the virtual device manager 120 includes a device management manager 123.
It is determined whether or not the number of times that the data has not reached correctly reaches the specified number (707).
).

If the specified number of times has been reached, the virtual device manager 120 determines that the communication is in an unauthorized state, notifies the authentication management server 101 of this, and records it in the log 170.
Information that communication is in an unauthorized state may be recorded in the log 191 of the authentication management server 101. The virtual device manager 120 terminates illegally after the description in the log 170 is completed (709). The virtual device manager 120 may notify the user of the error, or may automatically enter a process for terminating communication with the device A 151.

On the other hand, if the number of times has not reached the specified number in step 707, the virtual device manager 120 checks whether the data has arrived correctly at the device management manager 123 (710). More specifically, when it is determined that the response to the transmitted data is illegal, or when there is no response by a predetermined time, it is determined that the data has not been reached correctly. If it is determined that it has not reached correctly, the number of times of not reaching correctly is incremented by 1, and the process returns to step 707.

If the data has arrived correctly in step 710, the virtual device manager 12
0 checks whether there is a transaction that has not been transmitted (711). If there is an untransmitted transaction, the process returns to step 706 to repeat the process.

If there is no untransmitted transaction, the virtual device manager 120 checks whether there is a transaction to be received (712). This is determined based on whether or not transmission of a predetermined amount of data has been completed when the communication path between the two is set.

If there is a transaction to be received, the virtual device manager 120 converts the received data into a device interface protocol (713). Next, the extracted data is transmitted to the device driver (714), and the process returns to step 712.

On the other hand, if there is no transaction to be received in step 712, the virtual device manager 120 ends the process (715).

In the above process, when the process ends improperly (steps 716 and 709), the authentication management server 101, the device management manager 123, and the virtual device manager 120
Re-checks the devices that can be properly used when the processing ends abnormally, and updates the device information management table 200 in the authentication management server 101. In other words, if the device can be reconfirmed, the virtual device driver 120 performs normal communication again, and if the channel can be generated, the virtual device driver 120 generates the status, and the status of the device information table 200 is “occupied”, “communication”,
“In use”.

Next, after the channel generation (523 and 534) shown in FIG. 6 is completed and the device management manager 123 becomes able to control the device A151, the device A151 transmits information to the device management manager 123. The operation of will be described. FIG. 10 is a flow for explaining the operations of the device management manager 123 and the virtual device manager 120 when a device is used in the device management system of this embodiment. here,
Processing when a trigger is applied from the device A 151 side will be described.

After the channel generation (523 and 534) shown in FIG. 6 is completed and the device management manager 123 becomes able to control the device A151, the device A151 transmits information to the device management manager 123 (start 800). Manager 1
23 confirms whether the device A 151 operates (801). The operation check is shown in FIG.
It is the same as the processing of.

If it is not operating, it is confirmed that the device A 151 is in an illegal state.
1 and the authentication server 101 and the device management manager 123
173 (802). The device management manager 123 terminates illegally after completing the description in the log 173 (816). At this time, the device management manager 123 may notify the user of an error message indicating unauthorized termination. Furthermore, it may be configured to automatically perform communication termination processing with the device A 151 upon receiving a notification of an illegal state. Further, the operation check may be performed a plurality of times, and the notification may be continued even if the operation confirmation is performed a plurality of times.

On the other hand, when the operation of the device A 151 is confirmed in step 801, the device management manager 123 notifies the authentication management server 101 and the virtual device manager 120 for survival confirmation as necessary (803). With this processing, the authentication management server 101 and the virtual device manager 120 can confirm that the channel with the device A 151 is established.

Next, the device management manager 123 determines whether an instruction (for example, from the PC-A 110) that triggers the use of the device A 151 has been received (804). If it is determined that there is no trigger instruction, the process returns to step 801.

On the other hand, if it is determined that there is a trigger instruction, the device management manager 123 generates a transaction according to the device interface protocol (
805). The generated transaction is converted into a packet defined by a network protocol and transmitted to the virtual device manager 120 (806).

Next, the device management manager 123 determines whether or not the transaction (data) has reached the virtual device manager 120 correctly, or if the transaction has not reached correctly, the number of times does not exceed the number specified in advance.

Specifically, first, the device management manager 123 sets the virtual device manager 120.
It is determined whether or not the number of times that the data has not reached correctly reaches the designated number (807)
).

If the specified number has been reached, the device management manager 123 determines that the communication is in an unauthorized state, notifies the authentication management server of this, and records it in the log 173. Information that communication is in an unauthorized state may be recorded in the log 191 of the authentication management server 101. The device management manager 123 terminates illegally after the description in the log 173 is completed (809). The device management manager 123 may notify the user of the error, or may automatically enter a process for terminating communication with the device A151.

On the other hand, if the number of times does not reach the specified number in step 807, the device management manager 123 checks whether the data has arrived correctly at the virtual device manager 120 (810). Here, when it is determined that it has not reached correctly, the number of times of not reaching correctly is incremented by 1, and the processing returns to step 807.

If the data has arrived correctly in step 810, the device management manager 12
3 checks whether a transaction that has not been transmitted remains (811).
If an untransmitted transaction remains, the process returns to step 806 to repeat the process.

If no unsent transaction remains, the device management manager 123 checks whether there is a transaction to be received (812).

If there is a transaction to be received, the device management manager 123 converts the received data into a device interface protocol (813). Then, the extracted data is transmitted to the device driver (814), and the process returns to step 812.

On the other hand, if there is no transaction to be received in step 812, the device management manager 123 ends the process (815).

In the above process, when the process ends improperly (steps 816 and 809), the authentication management server 101, the device management manager 123, and the virtual device manager 120.
Re-checks the devices that can be properly used when the processing ends abnormally, and updates the device information management table 200 in the authentication management server 101. That is, if the device can be reconfirmed, the device management manager 120 performs normal communication again. If the channel can be generated, the device management manager 120 generates a channel, and sets the status of the device information management table 200 to “occupied” ”And“ in use ”.

The logs 191, 170, and 173 accumulated by the authentication management server 101, the virtual device manager 120, and the device management manager 123 by the above operation are management applications installed on the authentication management server 101 or other management devices by the network administrator. Is displayed.

FIG. 11 shows an example of a log management screen displayed by the management application. The management log shown in the figure includes logs 191, 170, and 173 stored in the authentication management server 101, the virtual device manager 120, and the device management manager 123.
01 is collected and stored in its own storage 190 or memory.

The application (management application) for this display is the authentication management server 10.
It may be other than 1. In that case, the display is performed with permission from the authentication management server 101. In a configuration in which a plurality of information centers 102 and blade servers 106 exist, the management application collects logs from an authentication management server other than the authentication management server 101 and the application managed by the management application, and displays a combination of the collected logs. Also good.

The device management screen 1000 is a screen for managing devices displayed by the management application. In the device management screen 1000, the accumulated logs 191, 170,
173, number 1001, time 1002, device ID 1003, device name 1004,
Address (source) 1005, network interface ID (source) 1006, application ID 1007, address (host) 1008, network interface ID (host) 1009, application ID 1010, vendor ID 1011, product ID 1012, serial number 1013, device name 1014, user ID1015,
Each item of information 1016 and remarks 1017 is displayed.

A number 1001 is a number for managing the log, and is automatically given every time the log is accumulated. Time 1002 is the date and time when the log was recorded. Information 1016 includes a log 170
, 173, 191 display the details of the events recorded as logs.

An address (source) 1005 and an address (host) 1008 indicate the addresses of the source and host (destination). Network interface ID (source) 1
006 and the network interface ID (host) 1009 are the source and host (
Destination network interface ID. Remark 1017 includes
Information that cannot be displayed in the information 1016, for example, information that prompts the administrator to pay attention, information 1016
Information supplementing is displayed.

Other items are the same as the items with the same names in the device information table 200, the user information database 300, and the PC usage management table 400 described with reference to FIGS.

In addition, the authentication management server 101 is equipped with a management application having a function of retrieving each information displayed on the device management screen 1000. By displaying the information shown on the device management screen 1000 by the management application, it is possible to instantly grasp which device or device is in what state, and the convenience of the entire system is improved. For example, by searching and displaying only information when unauthorized authentication occurs, and monitoring it, it is possible to find unauthorized access and take countermeasures. Also, by searching, displaying, and monitoring only information when the device cannot be properly used, it is possible to detect and deal with problems occurring in the system at an early stage. Furthermore, the operational error of the administrator can be reduced by making the display easier to see compared to listing the entire log by the management application. As a result, the security of the entire system is improved.

Further, the logs 191, 170, and 173 collected by the authentication management server 101 are copied to a server different from the authentication management server 101 at the time of collection, and measures for preventing falsification are performed. The log subjected to the tampering prevention measures can be used for verifying where and how information is illegally processed and taken out when an illegality such as information leakage occurs in a company. At this time, it is necessary not to give the authority to change the log for which tampering prevention measures have been taken to devices such as the authentication management server and the system administrator.

Next, after the channel generation (523 and 534) shown in FIG. 6 is completed, a new device that can be used by the user from the PC-A 110 (hereinafter referred to as device A 151a).
) Will be described plug-in processing when connected to the PC-D 113. FIG. 17 is a flowchart for explaining the operation when a new device A 151a is connected to the PC-D 113 in the device management system of this embodiment.

When a new device A 151a is connected (plugged in) to the PC-D 113, the PC-D
The OS 1702 on 113 detects the plug-in and notifies the filter driver 1514 of the plug-in (1703). The filter driver 1514, the communication program 1510, and the communication program 1508 sequentially transmit plug-in notifications to the communication program 1510, the communication program 1508, and the pseudo bus driver 1504 (1704 to 1706).

Here, the virtual device manager 120 determines whether or not the user can use the new device A 151a. If the new device A 151a is available, the virtual device manager 120 generates a startup physical device object 1505 in the pseudo bus driver 1504 ( 1707). As described above, a plurality of startup physical device objects 1505 can be created in the virtual device manager 120, and in principle are created corresponding to each device.

The pseudo bus driver 1504 returns an event wait request to the communication program 1508 (
1708), the communication program 1508 enters an event waiting state.

The pseudo bus driver 1504 requests the OS 1701 of the PC-A 110 to check device connection validity / invalidity (1709). The OS 1701 makes an object pointer request to the pseudo bus driver 1504 and other bus drivers in order to confirm whether the device connection is valid or invalid (1710). The pseudo bus driver 1504 and other bus drivers are
An object pointer such as a start physical device object 1505 or an enumerator 1506 corresponding to the driver managed by itself is transmitted to the OS 1701 (1711). Next, the OS 1701 requests the device name of the device A 151a whose existence has been confirmed (1
712). In response to this, the pseudo bus driver 1504 and other bus drivers transmit the device name of the device A 151a managed by itself to the OS 1701 (1713). Next, the OS 1701 requests the ID of the device A 151a whose existence has been confirmed (171).
4). In response to this, the pseudo bus driver 1504 and the other bus drivers identify the device ID of the device A 151a managed by the pseudo bus driver 1504, the manufacturer ID of the device, and the product ID.
Information is transmitted to the OS 1701 (1715). When the above processing is completed normally, OS1
701 permits the pseudo bus driver 1504 to start using the device A 151a (17
16). Also, the device and ID descriptors returned here are the filter driver 1
514 is information received from the device A 151a, which is a plug-in notification (1704-1).
706) to the pseudo bus driver 1504.

When the device information acquisition process (plug-in process) 1710 to 1715 is not normally performed, the OS 1701 informs the user that the device A 151a cannot be normally used, such as a graphical user interface (GUI) application 1501 or the like. And is recorded in a log of the PC-A 110 or the authentication management server 101. Next, the pseudo bus driver 1504 and the communication program 1508 are the communication program 1
510 and the filter driver 1514 are notified of plug-in completion (1717, 1718).
). The communication program 1510 transmits an event wait request to the filter driver 1514 (1719).

Through the above processing, a device newly connected to the PC-D 113 can be used from the PC-A 110.

Next, after the channel generation (523 and 534) shown in FIG.
A plug-out process when the device A 151 that can be used from 10 is disconnected from the PC-D 113 or cannot be used by the user will be described. FIG. 18 is a flowchart for explaining the operation when the device A 151 is disconnected from the PC-D 113 or made unavailable (plug-out) in the device management system of this embodiment.

When device A 151 is plugged out from PC-D 113, O on PC-D 113
In step S1702, the plug-out is detected, and the filter driver 1514 is notified of the plug-out (1801). The filter driver 1514, the communication program 1510, and the communication program 1508 sequentially transmit plug-out notifications to the communication program 1510, the communication program 1508, and the pseudo bus driver 1504 (1802-1804).

Here, the virtual device manager 120 determines whether or not the device A 151 can be plugged out, such as whether there is an application using the device A 151.

If plug-out is possible, the pseudo bus driver 1504 performs a procedure for erasing the startup physical device object 1505 described below.

First, the pseudo bus driver 1504 transmits an event wait request to the communication program 1508 (1805) and requests the OS 1701 to confirm device connection invalidity (180).
6).

The OS 1701 makes an object pointer request to the pseudo bus driver 1504 and other bus drivers to confirm invalidity of the device connection (1807). The pseudo bus driver 1504 and other bus drivers transmit object pointers such as a physical device object for activation 1505 and an enumerator 1506 corresponding to the driver managed by the pseudo bus driver 1504 to the OS 1701. Here, the pseudo bus driver 1504 transmits that the object pointer corresponding to the device A 151 is invalid (1808).

When the above processing is normally completed, the OS 1701 permits the pseudo bus driver 1504 to end the device (1809). If the process does not complete successfully, the device cannot be terminated. When the procedures 1806 to 1808 are not normally performed, the pseudo bus driver 1504 instructs the user to display on the GUI application 1507 via the communication program 1508 that the device A 151 cannot be normally plugged out. It is shown to the user and recorded in the log of the PC-A 110 or the authentication management server 101.

Next, the pseudo bus driver 1504 and the communication program 1508 respectively notify the communication program 1510 and the filter driver 1514 of plug-out completion (1811,
1812). At this time, the startup physical device object 1505 generated for the device A 151 disappears (1810). The communication program 1510 transmits an event wait request to the filter driver 1514 (1813), and the device A 151 is connected to the P by the above processing.
Plugged out from C-D113.

Note that plug-out is not possible (in use) in determining whether plug-out is possible after 1804
In the case where it is determined that the plug-out is not completed, a plug-out impossible notification is similarly transmitted from the pseudo bus driver 1504 to the filter driver 1514 via the communication program 1508 and the communication program 1510.

At the time of plug-in and plug-out of the new device described with reference to FIGS. 17 and 18, the new filter driver 1514 is not installed or uninstalled. For this reason, even if the PC-D 113 is a system that does not give the user the authority to install the device driver, or even if the OS of the PC-D 113 is limited for thin clients, the user Replaces the newly plugged-in device with PC-A11
It can be easily used from 0 and can be safely removed (plugged out).

Next, when a communication error occurs in the device driver during the processing of the plug-in described above or while using the device after plug-in, or when the user plugs out the device The operation of the system will be described with reference to FIG.

FIG. 26 is a state transition diagram of the usage state of the device A 151 managed by the device management manager 123. The device management manager 123 manages the state of the device A 151 as one of the following three states. That is,
“Control is possible from PC-A110, an error response is returned to PC-D113, and PC-A1
State 2601 that is "connectable to 10",
“The PC-A110 cannot detect it, it can be controlled from the PC-D113,
A state 2602 that is “connectable to A110”;
“The PC-A110 cannot detect it, it can be controlled from the PC-D113,
The state 2603 is “unable to connect to A110”.

Immediately after the device A151 is connected to the PC-D 113, the device A151 is in the state 2
602 is recorded in the device management manager 123. In this state 2602,
The device A 151 can be used from an application on the PC-D 113 or the like.

In this state 2602, after the plug-in operation described with reference to FIG. 17 is completed and the device management manager 123 receives the plug-in completion notification 1718, the device management manager transitions to the state 2601 (2611). 123 recognizes and records. In this state 2601, the device A 151 can be controlled from an application on the PC-A 110. Further, a request to the device A 151 transmitted from an application on the PC-D 113 does not reach the device A 151 because a request including an error is returned from the filter driver 1514. As a result, the PC
-It cannot be controlled from D113.

When the plug-out processing described with reference to FIG. 18 is performed from the state 2601, the state of the device A 151 transitions to the state 2602 (2612), and the transition state is recognized and recorded by the device management manager 123.

The state of the device A 151 is the state 2601, and an error is detected in the virtual device manager 120, or the device A 151 described with reference to FIG.
When the plug-out process is performed, the state of the device A 151 changes to the state 2603 (
2613).

The state 2603 is provided to make the plug-out device A151 temporarily unable to reconnect to the PC-A 110. By transitioning to this state 2603, when an error relating to the device A151 is detected in the virtual device manager 120, or when the device A151 is plugged out by a user instruction,
The device management manager 123 can plug in the device A 151 and prevent the same error from occurring again.

The state 2603 transitions to the state 2602 by physically disconnecting the device A 151 from the device bus and then physically connecting the device A 151 again (2614). In order to use a device once stored in the device management manager 123 as being in the state 2603 from an application on the PC-A 120 again, the user needs to physically disconnect it from the device bus.

Next, FIG. 24 shows the operation of the system when the power of the PC-D 113 or PC-A 110 is turned off, or the transition to the hibernation state or the suspend state (power saving state) occurs.
And it demonstrates using FIG.

FIG. 24 is a sequence diagram in the case where the PC-D 113 has been powered off or has entered a hibernation state or a suspend state. The device management manager 12 can be switched from the OS of the PC-D 113 to the power-off or hibernation or suspend state.
3 (2401), the device management manager 123 determines that the authentication management server 10
1 and the virtual device manager 120 are sent a disconnect request (2402, 2403).

Upon receiving the disconnection request 2402, the authentication management server 101 updates the table (601), and updates the table indicating the relationship between devices connected in the system and devices such as the PC-A 110 and the PC-D 113, for example. I do.

The virtual device manager 120 that has received the disconnection request 2403 completes the request being processed related to the device connected to the PC-D 113 that is being processed in the virtual device manager 120 (2407). The completion method depends on the type of device, but for example, a response including error information such as occurrence of a timeout is transmitted to the request. Next, the virtual device manager 120 invalidates a device driver related to the device connected to the PC-D 113 (2408). Next, the virtual device manager 120 discards the communication channel established with the device management manager 123 (disconnects the session) (2409).

Discard communication channel (disconnect session) (2409) and complete request being processed (2
407) and driver invalidation (2408) are performed in order to minimize the possibility that the device driver will hang up due to the loss of communication with the device management manager 123. (2407) and driver invalidation (240
It is desirable to perform the process 8) and then discard the communication channel that has timed out (disconnect session). The device management manager 123 that has transmitted the disconnection request performs plug-out processing for all devices (2404), and the device driver of the device that has been successfully plug-out is unloaded from the memory of the PC-D 113 (
2405). Next, the device management manager 123 discards (disconnects sessions) all communication channels established with the virtual device manager 120 (2406).

The order of communication channel destruction (session disconnection) (2406), device plug-out processing (2404), and revalidation (2405) depends on the device driver and device A15.
In order to minimize the possibility that the firmware operating on 1 will hang up due to the interruption of communication with the virtual device manager 120, the device plug-out processing (2404) or re-activation (2405) is performed first. ), And then discarding the communication channel that has timed out (disconnecting the session) (2406) is desirable.

FIG. 25 is a sequence diagram in the case where the power-off process is started in the PC-A 110 or the transition to the hibernation state or the suspend state occurs. O of PC-A110
When the virtual device manager 120 is instructed by the virtual device manager 120 to start the power-off process from S or enter the hibernate state or the suspend state (2501), the virtual device manager 120
A disconnection request is transmitted to the authentication management server 101 and the device management manager 123 (250
2,2503).

Upon receiving the disconnection request 2502, the authentication management server 101 updates the table (601), and updates the table indicating the relationship between devices connected in the system and devices such as the PC-A 110 and the PC-D 113, for example. I do.

The device management manager 123 that has received the disconnection request 2503 performs plug-out processing for all devices related to the PC-A 110 (2504), and device drivers of devices that have successfully been plug-out are re-enabled (2505). . This revalidation process 250
5, a restart signal is transmitted to the device A 151. For this reason, reactivation processing 2
After 505, the blocking of the request from the device class driver 1513 shown in the processing 2210 is released, and the device A 151 can be used from the application on the PC-D 113.

Next, the device management manager 123 discards the communication channel established with the virtual device manager 120 (disconnecting the session) (2406).

The order of communication channel destruction (session disconnection) (2406), device plug-out processing (2504), and revalidation (2505) depends on the device driver and device A15.
In order to minimize the possibility that the firmware operating on the device 1 hangs up when communication with the virtual device manager 120 is interrupted, the device plug-out processing (2504) or re-activation (2505) is performed first. ), And the communication channel that has timed out later is discarded (session disconnection) (2406).

The reason for performing the processing 2505 for re-enabling the invalidated device driver will be described. Peripheral devices such as the device A 151 operate according to instructions from the OS of the connected PC-D 113 and the device driver after the power is turned on. Requests transmitted from a device driver to a device are generally managed in order. Therefore, when canceling the blocking of the request, by invalidating and re-enabling the device and the device driver, the state of the device is initialized, and the device can be newly used from the application on the PC-D 113.

The virtual device manager 120 that has transmitted the disconnection request receives the virtual device manager 120.
Complete the request being processed related to all devices that are processing within (2507)
. Although the completion method depends on the type of device, for example, a response to a request including error information such as occurrence of a timeout is transmitted. Next, the virtual device manager 120 invalidates the device driver related to the device connected to the PC-D 113 (2508). Next, the virtual device manager 120 discards (disconnects the session) all communication channels established with the device management manager 123 (session disconnection).
2409).

Discard communication channel (disconnect session) (2409) and complete request being processed (2
507) and driver invalidation (2508) are performed in order to minimize the possibility that the device driver will hang up due to the loss of communication with the device management manager 123. (2507) and driver invalidation (250
It is desirable to perform the process 8), and thereafter, discard the communication channel (disconnect session) (2409).

Here, the procedures 2402 and 2502 for transmitting the disconnection request to the authentication management server 101 are not essential, and which state the device connected to the PC-D 113 becomes in the state transition described with reference to FIG. As long as the virtual device manager 120 and the device management manager 123 can share the same.

Next, the system operation when a communication timeout is detected in the virtual device manager 120 or the device management manager 123 and the communication channel constructed by the virtual device manager 120 or the device management manager 123 is discarded (session is disconnected). Will be described with reference to FIGS.

FIG. 27 is a sequence diagram when the device management manager 123 determines that a timeout has occurred in the PC-D 113 because the communication with the virtual device manager 120 cannot be confirmed for a predetermined time.

When the device management manager 123 detects a timeout (2701), the device management manager 123 transmits a detection result indicating that the timeout has been detected to the authentication management server 101 (2702). Upon receiving the detection result, the authentication management server 101 updates the table (610), and the device connected in the system, for example, PC-A110 or P
The table indicating the relationship with the device such as the CD 113 is updated.

The device management manager 123 that detected the timeout is the virtual device manager 1
20 performs the plug-out processing of the device on the PC-D 113 related to the device 20 (2504), and the device driver of the device that has succeeded in the plug-out, that is, the upper driver 1512
The device class driver 1513 and the filter driver 1514 are enabled again (25
05).

In the re-enabling process 2505, the filter driver 1514 transmits a restart signal to the device A 151, and cancels the blocking of the request from the device class driver 1513 shown in 2210. Through these processes, the device A151 is connected to the PC-D1.
13 applications can be used.

Next, the device management manager 123 discards the communication channel established with the virtual device manager 120 (disconnecting the session) (2406).

The order of communication channel destruction (session disconnection) (2406), device plug-out processing (2504), and revalidation (2505) depends on the device driver and device A15.
In order to minimize the possibility that the firmware operating on the device 1 hangs up when communication with the virtual device manager 120 is interrupted, the device plug-out processing (2504) or re-activation (2505) is performed first. ), And then discarding the communication channel that has timed out (disconnecting the session) (2406) is desirable.

FIG. 28 is a sequence diagram in the PC-A 110 when the virtual device manager 120 determines that a time-out has occurred because the communication with the device management manager 123 cannot be confirmed for a predetermined time. When the virtual device manager 120 detects a timeout (2801), the virtual device manager 120 transmits a detection result indicating that the timeout has been detected to the authentication management server 101 (2802). Upon receiving the detection result, the authentication management server 101 updates the table (610), and updates the table indicating the relationship between devices connected in the system and devices such as the PC-A 110 and the PC-D 113, for example. Do.

The virtual device manager 120 that has detected the timeout processes the request being processed for the device related to the device management manager 123 on the PC-D 113 (2407). The processing method depends on the type of the device, but for example, a response to the request including error information such as occurrence of timeout is transmitted. Next, the virtual device manager 120 invalidates a device driver related to the device connected to the PC-D 113 (2408). Next, the virtual device manager 120
The communication channel established with the device management manager 123 is discarded (session disconnection) (2409).

Discard communication channel (disconnect session) (2409) and complete request being processed (2
407) and driver invalidation (2408) are performed in order to minimize the possibility that the device driver will hang up due to the loss of communication with the device management manager 123. (2407) and driver invalidation (240
It is desirable to perform the process 8), and then discard the communication channel that has timed out (disconnect session) (2409).

Here, the procedures 2702 and 2802 for transmitting the detection result to the authentication management server 101 are not essential. It is only necessary for the virtual device manager 120 or the device management manager 123 to detect which state the device connected to the PC-D 113 is in in the state transition described with reference to FIG.

When the communication between the virtual device manager 120 and the device management manager 123 is restored, the state of the device connected to the PC-D 113 is shared between the virtual device manager 120 and the device management manager 123, and the shared result is the authentication management server. 101. Next, details of the device management screen generated and displayed by the virtual device manager 120 will be described. FIG. 12 is an example of a device management screen of the virtual device manager 120.

As shown in the figure, the device management screen 900 includes an authentication management server display unit 901, connected PC hub display units 902, 905, 908, 911, and device display units 903, 906, 9
09, 912 and connection disconnection instruction units 904, 907, 910, 913.

When the virtual device manager 120 is activated, the authentication management server 1 designated in advance is activated.
A request is sent to 01 to obtain available device information.

In the authentication management server 101, after successful user authentication, device management information is sent from the device management manager 123 to the virtual device manager 120. According to the received device management information, the virtual device manager 120 manages information on available devices and the like.

In FIG. 12, the authentication management server display unit 901 displays the authentication management server 101 with which the virtual device manager 120 is communicating. In the example illustrated in FIG. 12, a state in which the virtual device manager 120 has successfully communicated with the authentication management server 101 is displayed. Here, what is displayed as 192.168.0.1 is the address of the authentication management server 101.

In the status 920, the status of the authentication management server 101 is displayed. here,
What is available user ID and what user name is displayed as the status. In the example of FIG. 12, a state in which the user A is authenticated is displayed.

The connected PC hub display sections 902, 905, 908, and 911 display information on the connected PC and hub. In addition, devices currently used by the user are displayed in different colors.

The device display sections 903, 906, 909, and 912 have device names and statuses,
Information such as the user ID is displayed, and information such as which device the user can use is displayed in an easy-to-understand manner.

Connection disconnection instruction units 904, 907, 910, and 913 display options that the user can give instructions such as device use, exclusive use, use stop, and reservation. The virtual device manager 120 makes a use reservation for a device that is currently being used by another person by receiving a press of a reservation button. When the device becomes available, the authentication management server 1
01 or the device management manager 123 is notified that it can be used. Upon receiving the notification, the device management manager 123 notifies the user that it can be used. In the example of FIG. 12, devices that can be used by the user are indicated by hatching, and operations that can be performed by the user are indicated by bold buttons so that the user can easily operate the device.

The server client method using the PC-A 110 in the blade server 106 using the PC-D 113 has been described above.

Similar to the example described above, any PC in the blade server 106 can be used from the client apparatus connected to the network 103 and the Internet 104, and the devices A151 to Z155 can be used.

Here, the hub 116 does not have a function as a PC, but has an internal management manager 126.
And an embedded device having a storage 176. Even when using a PC that is not connected to a device, such as the PC-E 114, it is possible to use a device connected to another PC or the like as in the PC-D 113 example. The same applies to a case where a plurality of devices such as the hub 116 are connected.

Further, the same applies to the case where a PC or device on the network 103 is used using the PC-Z 117 via the Internet 104 and the firewall 105. However, in this case, it is desirable that the PC-Z 117 has an encryption application 190 for encrypting communication on the Internet 104 and performs communication after encryption.

As described above, according to the device management system of this embodiment, the virtual device manager 120 in which a device connected to an information device such as a PC on which the device management manager 123 operates is installed on the server is virtually Set to be connected to. Therefore, the device can be safely and simply connected between an information terminal at hand such as a PC or a thin client operated by the user at hand and a server installed at a location separated from the place where the user uses the information terminal at hand. Can be shared with other users, and the convenience of users is improved. In addition, it is possible to improve security when using the system by performing authentication in the procedure for sharing the device and setting a rule as to whether or not the user can use the device.

In addition, according to the present embodiment, the filter driver that exclusively controls the data transmission / reception partner with the physical bus driver that operates the device on the client side is provided, and the physical bus driver is artificially communicated with the communication program on the server side Since the pseudo bus driver that operates in the same manner as described above is provided, it is possible to use the device connected to the client from the server side without any other operation just by connecting the device (plug and play).

Since the server and the device are virtually connected, it is possible to reduce confidential information remaining in the information device such as the operated PC, and in the server client type information processing system, the security of the user when using the information device is reduced. Can be improved.

In addition, according to the present embodiment, when the server and the client side are turned off or shifted to the suspend or hibernation state, or when communication between the server and the client is interrupted, By canceling the block or disabling and enabling the device, and connecting to the client, prohibiting the use from the client and making the device available from the server available again from the client, Convenience can be improved.

<< Second Embodiment >>
Next, a second embodiment to which the present invention is applied will be described. This embodiment basically has the same configuration as that of the first embodiment described above. However, in the first embodiment, the communication program 1508 and the communication program 1510 communicate directly via the network 103, but in this embodiment, communication is performed via a remote operation program. The remote operation program is a communication between two programs operating on two PCs via a network, and all or one of the PC screens on which the other program operates on the PC screen on which one program operates. The part is displayed. The user displays the screen of the other PC on the screen of one PC while the remote operation program is operating. At this time, all input operations using the mouse, keyboard, microphone, etc. to the PC physically used by the user are transmitted to the remotely operated PC, so that the user can easily from a remote location. The PC can be operated remotely.

The differences from the first embodiment will be described below. Other processes are the same as those in the first embodiment.

FIG. 19 illustrates software necessary for data transmission / reception control when sharing a device between the PC-A 110 and the PC-D 113 shown in FIG. 1 of the first embodiment in the device management system of the present embodiment. FIG.

In the device management system shown in the first embodiment, the communication program 1508 and the communication program 1510 communicate directly via the network 103. On the other hand, in this embodiment, the communication program 1508 communicates with the remote operation program 1901 loaded on the memory of the PC-A 110, and the communication program 1510 of the PC-D 113 is the PC-D.
The remote operation program 1902 loaded on the memory 113 is communicated. Then, the remote operation program 1901 and the remote operation program 1902 communicate with each other.

The remote operation program 1901 and the remote operation program 1902 are stored in the PC-D1 by the user.
13 is a program that implements functions such as logging in to the PC-A 110 from 13 and displaying the processing result of the program operating on the memory of the PC-A 110 on the screen of the PC-D 113.

The remote operation program 1901 is subjected to a predetermined authentication and the remote operation program 190.
2 is connected. Therefore, the virtual device manager 120 does not need to make an authentication request to the device management manager 123. Accordingly, the IP address information of the authentication management server 101 necessary for accessing the authentication management server 101 is held inside the PC-D 113, or information for accessing the authentication management server 101 is input to the user. There is no need to be forced. Information such as whether or not the device A 151 is connected and a policy such as the type of device that may be connected are transmitted from the authentication management server 101 to the device management system via the virtual device manager 120. For this reason, in this embodiment, the PC
The information processing apparatus having only a simple function, such as a thin client, may be used on the D113 side.

In this embodiment, since the authentication management server 101 is not accessed from the device management manager 123 side of the PC-D 113, the processing flow at the time of device sharing processing and the processing flow of the device sharing end processing are as follows.

FIG. 20 is a processing flow of device sharing processing in the device management system of this embodiment. Here, the same reference numerals are given to the same processes as those in FIG. 6 of the first embodiment.

In the present embodiment, the device management manager 123 and the virtual device manager 120 communicate via a remote operation program 1901 and a remote operation program 1902.

As shown in this figure, the process flow of the device sharing process of this embodiment is basically the same as that shown in FIG. 6 of the first embodiment. However, in the processing flow of this embodiment, unlike the processing flow of the device sharing processing shown in the first embodiment, 504, 505, and 515 in FIG.
The processes of ˜523, 591, 592, 529, 530, and 531 are omitted. This is because the device management manager 123 does not access the authentication server 101 as described above.

Unlike the processing flow of the first embodiment, after channel generation (534), the generated channel information is transmitted from the virtual device manager 120 to the authentication management server 101 via the remote operation program 1901 (channel). Generation information transmission processing; 2001)
. This means that the device management manager 123 grants the usage authority of all devices under the management of the device management manager 123 to the virtual device manager 120 connected via the remote operation program 1902.

Next, a processing flow of device sharing end processing in the device management system of the present embodiment will be described with reference to FIG. Here, the same reference numerals are given to the same processes as those in FIG. 7 of the first embodiment.

The processing flow at the time of device sharing end processing of this embodiment is basically the same as the processing shown in FIG. 7 of the first embodiment. However, in this embodiment, device release information transmission (606) is not performed from the authentication management server 101. Instead, the virtual device manager 120 transmits device release information, which is information indicating that the use of the instructed device has ended, to the device management manager 123 that is the device use end request source (2101). Further, when the channel established with the virtual device manager 120 is discarded and the channel is successfully discarded, the channel management information is not transmitted from the device management manager 123 to the authentication management server 101 (609). Instead, after the channel is discarded (608), the virtual device manager 120 transmits channel discard information, which is information indicating that the channel has been discarded, to the authentication management server 101 (2102). This is because the device management manager 123 does not access the authentication server 101 as described above.

As described above, in the processing flow shown in FIG. 20 and FIG. 21, even if the device management manager 123 does not hold data indicating an access destination address such as an IP address of the authentication management server 101, the processing flow. Is established.

As described above, according to the device management system of this embodiment, the virtual device manager 120 in which a device connected to an information device such as a PC on which the device management manager 123 operates is installed on the server is virtually Set to be connected to. Therefore, the device can be safely and simply connected between an information terminal at hand such as a PC or a thin client operated by the user at hand and a server installed at a location separated from the place where the user uses the information terminal at hand. Can be shared with other users, and the convenience of users is improved. In addition, it is possible to improve security when using the system by performing authentication in the procedure for sharing the device and setting a rule as to whether or not the user can use the device.

In addition, according to the present embodiment, the filter driver that exclusively controls the data transmission / reception partner with the physical bus driver that operates the device on the client side is provided, and the physical bus driver is simulated between the server side and the communication program. Since the pseudo bus driver that operates in the same manner as described above is provided, it is possible to use the device connected to the client from the server side without any other operation just by connecting the device (plug and play).

Since the server and the device are virtually connected, it is possible to reduce confidential information remaining in the information device such as the operated PC, and in the server client type information processing system, the security of the user when using the information device is reduced. Can be improved.

Furthermore, in the device management system of this embodiment, the remote operation program 1901
And the remote operation program 1902 do not start communication, the device management manager 12
3 and the virtual device manager 120 are not connected. For this reason, the virtual device manager 120 does not need to issue an authentication request to the device management manager 123, and can simplify the device processing flow as compared with the device management system of the first embodiment. Necessary communication costs do not occur. In addition, since the management authentication server 101 and the device management manager 123 do not communicate directly, it is possible to simplify the network configuration.

As described above, the device management system described in the first and second embodiments includes the network 103 via the virtual device manager 120, the device management manager 123, and the authentication management server 101 via the PC-D 113, which is a client device. By managing the devices connected to the device, sharing of the devices in the system can be realized safely and conveniently for the user.

Further, according to the first and second embodiments, even a device connected to another client device can be used as if it were a device directly connected to the server 106. Become. That is, even if the device is connected to another client device, no special configuration is required for each client device in order to use the device. Therefore, the device can be configured in the same way whether it is virtually connected to the server or directly connected to the server, and the manufacturing cost of the entire system can be reduced.

Further, according to the first and second embodiments, the authentication management server 101 manages device permission and disapproval, and it is set so that a device that is not permitted cannot be used as a shared device (virtual device). it can. For this reason, it is possible to appropriately manage the devices connected to the network 103, and in the server client system, it is possible to improve the safety when sharing the device with a server at a remote location.

In the first and second embodiments, a server client system has a configuration in which main programs and data are stored on the server side, and the client side mainly has a configuration that only gives operation instructions to the server. Therefore, it is possible to provide an information processing system that improves security and convenience when using the client while retaining the feature of reducing confidential information remaining in the client device on the operation side.

In the first and second embodiments, since the device behaves as if it is connected to the server, a security tool such as a virus checker or a program for using and managing the device such as a program for operating the device. Need only be installed on the server side, and the program need not be installed on the client side. For this reason,
There is an effect of further reducing the cost of the entire system.

In the first and second embodiments described above, the information device corresponding to the server and the client is described as a PC. However, one and both of them are a server and a Personal Digit.
al Assistants (PDA), workstation, high-performance copier, cash dispenser (ATM), mobile phone, digital still camera, music playback (recording) device, point-of-sale product management system, street corner terminal, Intelligent Transport System
An ems (ITS) transmitter, a ticket machine, a payment terminal, a vending machine, an entrance / exit management device, a game machine, a public telephone, a portable terminal for order taking, and the like may be used. In these cases, the same effect can be obtained.

It is a block diagram of the device management system of a first embodiment. It is an example of the policy table of 1st embodiment. It is a figure which shows an example of the device information table of 1st embodiment. It is an example of the user information database which the authentication management server of 1st embodiment hold | maintains. It is an example of a PC usage management table held by the blade server of the first embodiment. It is a processing flow of the device sharing process of 1st embodiment. It is a processing flow at the time of completion | finish of the device sharing process of 1st embodiment. It is explanatory drawing of the relationship between the device management manager of 1st embodiment, a virtual device manager, a device driver, and an application. It is a flow explaining operation | movement at the time of device utilization of 1st embodiment. It is a flow explaining operation | movement at the time of device utilization of 1st embodiment. It is an example of the log management screen displayed by the management application. It is an example of the device management screen of the virtual device manager of 1st embodiment. It is a hardware block diagram of PC-A of 1st embodiment. It is explanatory drawing of the starting process at the time of the device sharing process of the filter driver and communication program of 1st embodiment. It is explanatory drawing of the starting process at the time of the device sharing process of the pseudo bus driver and communication program of 1st embodiment. It is explanatory drawing of the process at the time of producing | generating a channel in the pseudo bus driver of 1st embodiment, a communication program, and a filter driver. It is a flow explaining operation | movement when a new device is connected to PC-D of 1st embodiment. It is a flow explaining operation | movement when the device A of 1st embodiment is plugged out from PC-D. It is a figure explaining communication of the program of a second embodiment. It is a processing flow of the device sharing process of 2nd embodiment. It is a processing flow of the device sharing end process of the second embodiment. It is the process and communication flow between each driver at the time of the filter start in the device management system of 1st embodiment. It is a figure explaining the conversion of the data transmitted / received between each PC of 1st embodiment. It is a figure explaining the sequence in case the power supply is cut | disconnected in the PC-D of embodiment, or it transfers to a dormant state or a suspend state. It is a figure explaining the sequence in case the power supply is cut | disconnected in the PC-A of embodiment or the transition to a dormant state or a suspend state occurs. It is a state transition diagram of the usage state of the device A managed by the device management manager of the embodiment. In PC-D of embodiment, it is a figure explaining a sequence when a device management manager detects timeout in communication with a virtual device manager. 6 is a diagram illustrating a sequence when a virtual device manager detects a timeout in communication with a device management manager in the PC-A according to the embodiment. FIG.

Explanation of symbols

101: Authentication management server, 102: Information center, 103: Network, 104: Internet, 105: Firewall, 106: Blade server, 110: PC-A, 1
11: PC-B, 112: PC-C, 113: PC-D, 114: PC-E, 115: P
C-F, 116: hub, 117: PC-Z, 120: virtual device manager, 121:
Virtual device manager 122: Virtual device manager 123: Device management manager 124: Device management manager 125: Device management manager 126:
Device management manager 127: Device management manager 151: Device A 15
2: Device B, 153: Device C, 154: Device D, 155: Device Z, 16
0: storage, 161: storage, 162: storage, 163: storage, 16
4: storage, 165: storage, 167: storage, 170: log, 171: log, 172: log, 173: log, 174: log, 175: log, 176: log, 177
: Log, 1501: Application, 1502: High-level driver, 1503: Device class driver, 1504: Pseudo bus driver, 1505: Physical device object for activation, 1506: Enumerator function device object, 1507: GUI application, 1508: Communication program, 1509 : GUI application, 1510: Communication program, 1511: Application, 1512: Upper driver, 1513: Device class driver, 1514: Filter driver, 1515: Physical bus driver

Claims (10)

In a system in which a server that executes an application program, an instruction to execute the application program to the server, a client that receives an execution result from the server, and an authentication server that authenticates the client are connected via a network.
A device management system for controlling a device connected to the client from the server,
The client includes device management means for transmitting and receiving data to and from the server while transmitting and receiving data to and from a device driver of a device connected to the client,
The authentication server includes device information holding and usage right management means for managing usage rights of each device in the device management system,
The server controls transmission / reception of data performed via the network between an application operating in the server and the device management unit according to the usage right held in the device information holding usage right management unit. A virtual device management means,
The device management system includes a filter unit that performs exclusive control between data transmission / reception between the device driver and the client application and data transmission / reception between the device driver and the server. . In a system in which a server that executes an application program, an instruction to execute the application program to the server, a client that receives an execution result from the server, and an authentication server that authenticates the client are connected via a network.
A device management system for controlling a device connected to the client from the server,
The client includes device management means for transmitting / receiving data to / from the server while transmitting / receiving data to / from a device driver of a device connected to the client,
The authentication server includes device information holding and usage right management means for managing usage rights of each device in the device management system,
The server controls transmission / reception of data performed via the network between an application operating in the server and the device management unit according to the usage right held in the device information holding usage right management unit. A virtual device management means,
The virtual device management unit transmits / receives data to / from a device connected to the client via the device management unit, and operates as a driver of the device for an application operating in the server A device management system comprising a driver means. The device management system according to claim 2,
The pseudo bus driver means includes
A startup device object that is generated when the device connects to the client and operates the device;
An enumerator that generates the activation device object in association with the device when the device is connected, and deletes the activation device object generated in association with the device when the connection of the device is released A device management system comprising: The device management system according to claim 2 or 3,
The client and the server each have a remote operation program,
The device management system and the virtual device management unit respectively transmit and receive the data via the remote operation program. A device management system according to any one of claims 2 to 4,
When the pseudo bus driver means receives a notification indicating that a new device is connected to the client from the device management means, the OS (Operatorio) of the server
n System), the pseudo device driver performs device information acquisition processing necessary to operate as a device driver of the newly connected device, and when the device information acquisition processing is normally completed, A device management system that notifies the device management means of normal completion. A device management system according to any one of claims 2 to 5,
The server comprises display means;
When the virtual device management unit receives a notification indicating that the connection with the device already connected to the client is disconnected from the device management unit, the virtual device management unit determines whether there is an application using the device,
The pseudo bus driver means, when it is determined that there is no application in use, performs a procedure necessary to end the operation of the device as a device driver,
When the procedure is normally completed, the device management means is notified of the normal completion, and when the procedure is not normally completed, the display means is notified of the fact. system. The device management system according to any one of claims 1 to 6,
When the virtual device management means is in a state in which the server can control a device connected to the client, upon receiving notification from the OS of the server that the server enters a hibernation state for power saving, Notify the server OS of the error,
When the server is in a state in which the server can control a device connected to the client, the device management means receives the notification from the OS of the client that the server is in a sleep state for power saving. A device management system characterized by notifying an OS of an error. A server that executes an application program, a client that gives an instruction to execute the application program to the server, receives an execution result from the server, and an authentication server that authenticates the client are connected via a network and connected to the client The client in the device management system for controlling the device from the server,
Comprising device management means for transmitting / receiving data to / from the server and transmitting / receiving data to / from the device driver of the device connected to the client;
The device management means includes a filter means for performing exclusive control between data transmission / reception between the device driver and the client application and data transmission / reception between the device driver and the server. A server that executes an application program, a client that gives an instruction to execute the application program to the server, receives an execution result from the server, and an authentication server that authenticates the client are connected via a network and connected to the client The server in the device management system for controlling the device from the server,
The server has a right to use each device in the device management system, which is held in the authentication server, for transmission and reception of data performed via the network between an application operating in the server and the device management unit. Virtual device management means for controlling according to
The virtual device management unit includes a pseudo bus driver unit that transmits and receives data to and from a device connected to the client and operates as a driver of the device for an application operating in the server. Server. In a device management system in which a server that executes an application program, an instruction to execute the application program to the server, a client that receives an execution result from the server, and an authentication server that authenticates the client are connected via a network. A device sharing method for sharing a device connected to the client for controlling from the server,
The client requests the server to start using the remote operation program,
Upon receiving the use start request, the server accesses the authentication server to authenticate the requesting client,
When the authentication is successful, the server accesses the authentication server, extracts a device that can be used by the client that requested the start of use,
The server forms a communication path that allows the extracted device to be used with the client, and notifies the authentication server that the communication path has been formed.

Images