JP2009026031A - Thin client system, information processing method, and information processing program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology, which suppresses initial cost for introduction of a thin client system, and facilitates update thereof. <P>SOLUTION: In a storage device, a management server stores image data including an OS program and an application program for making processing to be executed, and transmits the image data to a client computer. The client computer stores the image data transmitted from the management server in a storage device. Then, the client computer implements virtual hardware, executes the OS program included in the image data transmitted from the management server on the virtual hardware, and executes the application program included in the image data transmitted from the management server under control by the OS program to execute processing. Upon completion of processing, the client computer deletes the image data stored in the storage device. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a thin client system.

  As one of the information management issues in the organization, the information stored in the computer is prevented from leaking outside due to loss or theft of computers or removable storage media such as USB (Universal Serial Bus) memory. Sometimes.

  As a technique for preventing such information leakage, there is a thin client system. The thin client system is a system in which a client computer used by a user is used as an input device and an output device, and only necessary minimum processing is performed by the client computer, and substantial processing is executed on the management server side. In this architecture, information and a program that handles the information are placed on a computer (conventional PC (Personal Computer), conventional server, blade PC, etc.) in an organization such as a company, and the computer (hereinafter referred to as a remote computer 102). ) From a remote location via a network to perform information processing. The client computer used by the user at this time is a thin client (hereinafter referred to as TC) that contains only the minimum necessary information and programs. The TC includes, for example, prohibiting data writing to the main body storage device, enabling / disabling execution of the main body and the connected external storage medium, prohibiting rewriting of an execution program, prohibiting activation of an unauthorized program, etc. There are limitations. The user can use a limited function only in a form in which no data remains, and information leakage from the TC can be prevented.

  In Patent Document 1, a tamper-resistant device is distributed to users, and the remote computer 102 is accessed and remotely controlled using authentication information in the device to reduce confidential information remaining in the operated client. A method for improving security when using a user's client is described.

JP 2005-235159 A

  The technique described in Patent Document 1 requires at least two devices, a remote computer 102 and a TC dedicated device, for the introduction of a thin client system. Therefore, the technique described in Patent Document 1 requires an introduction cost. In addition, the TC dedicated device has a hardware configuration in which a minimum amount of software is stored in an area where rewriting is difficult. Therefore, when updating the TC dedicated device, it is necessary to bring it into the manufacturer. In a company or the like, since a thin client system is configured by a large number of TCs, it takes time and cost to update all these TCs.

  The present invention has been made in view of such circumstances, and it is an object of the present invention to realize a technique that can suppress the initial cost of introducing a thin client system and can be easily updated.

  The present invention has been made in order to achieve the above object, and a client computer realizes a thin client by executing an OS program and an application program transmitted from a management server on virtual hardware. Features.

  The present invention is also a thin client system in which a client computer and a management server are connected, and the management server stores image data including an OS (Operating System) program and an application program for executing processing. A first storage device; and image data transmission processing means for transmitting image data stored in the first storage device to the client computer, wherein the client computer is transmitted from the management server. Execution means for storing the image data in the second storage device, virtual hardware realizing means for realizing virtual hardware, and executing the OS program included in the image data on the virtual hardware, An application included in the image data on the OS program Processing execution means for executing processing by executing a program, output means for outputting the executed processing result to an output device, and the image data stored in the second storage device when the processing is completed Deleting means for deleting.

  According to the technology of the present invention, since a thin client can be realized on virtual hardware of an existing computer, the introduction cost can be suppressed. In addition, since a thin client is realized by a general computer rather than a computer having a hardware configuration dedicated to the thin client, it is possible to easily update the thin client.

Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings.
<First Embodiment>
First, the first embodiment will be described.

  First, an example of a system configuration in the first embodiment will be described with reference to FIG.

  In FIG. 1, the system of this embodiment includes a client computer 101, a remote computer 102, a TCIMG (Thin Client Image) management server 103, a storage medium 104, a communication network 105, and the like. The client computer 101, the remote computer 102, and the TCIMG management server 103 are connected via a communication network 105.

  Each of the client computers 101 is a computer used by a user. Each remote computer 102 performs processing according to the request of each client computer 101. The TCIMG management server 103 authenticates a user who uses each client computer 101 and manages information for setting a use environment of the user who uses each client computer 101. Each of the client computer 101, the remote computer 102, and the TCIMG management server 103 is an information processing apparatus such as a PC.

  The storage medium 104 is owned by each user and is connected to the client computer 101 serving as a TC. The storage medium 104 is, for example, a USB memory, hard disk, memory card, CD-RW (Compact Disk ReWritable), DVD-RW / + RW / -RAM (Digital Versatile Disk Rerecordable Disc / ReWritable / Random Access Memory), Blu-ray In addition to portable storage devices such as Disc, HD DVD (High-Definition Digital Versatile Disc), flexible disk, MO (Magneto Optical Disk), mobile phone built-in memory, etc., hard disk built in client computer 101 Or a flash memory.

  The storage medium 104 stores TCIMG data 141, a TCIMG execution program (PG in the figure) 142, a VM (Virtual Machine) installation program 143, and the like.

  The TCIMG data 141 includes an OS (Operating System) program and an application program. This application program includes a program for causing the remote computer 102 to execute a process designated by the user, and a program for executing the process designated by the user by itself. Here, the processing executed by the remote computer 102 and the processing executed by the client computer 101 by the application program held by the TCIMG data 141 are not particularly limited. For example, image display processing, calculation, data search, etc. It is.

  The TCIMG execution program 142 executes the TCIMG data 141 after starting the VM installation program 143.

  The VM installation program 143 implements the conversion of the client computer 101 into a VM by installing a VM program (not shown) that the VM installation program 143 has in the client computer 101.

  The communication network 105 is arbitrary, and is, for example, a local area network (LAN), a wide area network (WAN), a public network, a dedicated line, the Internet, or the like.

  In the example of FIG. 1, two each of the client computer 101 and the remote computer 102 are shown and one TCIMG management server 103 is shown, but the number of each of these devices is arbitrary and is not limited thereto. Not what you want. Moreover, although two users are shown, the number of users is arbitrary and is not limited thereto. The number of client computers 101 and the number of users may be the same or different. That is, a plurality of users may use one client computer 101, and one user may use a plurality of different client computers 101. Further, the number of client computers 101 and the number of remote computers 102 may be the same or different.

  Next, a configuration example of each device constituting the system will be described.

  First, a configuration example of the client computer 101 will be described with reference to FIG.

  2A, the client computer 101 includes a memory 201, a storage device 202, a bus 203, a CPU (Central Processing Unit) 204, I / O hardware 205, communication hardware 208, an output device 206, an input device 207, and the like. Have The memory 201, the storage device 202, the CPU 204, the I / O hardware 205, the communication hardware 208, and the like are connected by a bus 203.

  The storage device 202 is, for example, a hard disk drive (HDD), a storage medium such as a flash memory, a CD, or a DVD, and a drive device for the storage medium. The storage device 202 stores a host OS program 211. The output device 206 is, for example, a display device, a printer, a speaker, or the like. The input device 207 is, for example, a keyboard, a mouse, a scanner, or the like. The I / O hardware 205 controls output to the output device 206, input from the input device 207, and input / output to the storage medium 104. The communication hardware 208 controls communication with other computers via the communication network 105.

  The CPU 204 loads the host OS program 211 on the storage device 202 into the memory 201 and executes it. The CPU 204 executes the OS program 211 to control the I / O hardware 205 and communication hardware 208, load data from the storage device 202, and the like. Further, the CPU 204 loads the TCIMG execution program 142 from the storage medium 104 to the memory 201 and executes it by executing the host OS program 211. Further, the CPU 204 loads the VM installation program 143 into the memory 201 and executes it, thereby realizing the conversion of the client computer 101 into a VM.

  Here, when the storage medium 104 is not the portable storage device but the storage device 202, the storage device 202 further stores the TCIMG execution program 142 and the VM installation program 143, and does not store the TCIMG data 141. It is good to do so. In this case, the client computer 101 may acquire the TCIMG data 141 from the TCIMG management server 103 according to an operation example described later.

  Here, a configuration example of the client computer 101 when processing is performed by executing an application program included in the TCIMG data 141 will be described with reference to FIG.

  When the VM installation program 143 is executed, the VM 213 is realized on the physical hardware 212 and the host OS program 211 of the client computer 101. The physical hardware 212 is the above-described memory 201, storage device 202, bus 203, CPU 204, I / O hardware 205, communication hardware 208, and the like. The guest OS program included in the TCIMG data 141 is executed on the VM 213, and the application program included in the TCIMG data 141 is executed on the guest OS program. In this embodiment, a thin client is realized in the client computer 101 by the VM 213 and the TCIMG data 141.

  In this embodiment, the VM is realized by the host OS program 211 and the guest OS program. However, the present invention is not limited to this, and any VM may be used as long as it becomes a basis for realizing a thin client. For example, the VM may be realized on an application execution platform on application software such as a Web (World Wide Web) browser.

  Next, referring to FIG. 2C, the functions realized by executing the TCIMG execution program 142, the VM installation program 143, etc., and the guest OS program included in the TCIMG data 141 are executed. An example of a block diagram of functions realized by executing an application program included in the TCIMG data 141 on the program will be described.

  2C, the client computer 101 includes a TC execution unit 221, a TC 231 and the like. The TC execution unit 221 is a function realized by the CPU 204 executing the TCIMG execution program 142. The TC 231 is a function realized by the VM 213 executing the TCIMG data 141 and the like.

  The TC execution unit 221 includes an authentication request unit 222, an update unit 223, a VM execution unit 224, a deletion unit 225, and the like. The authentication request unit 222 requests the TCIMG management server 103 for authentication processing. The update unit 223 processes the update of the TCIMG data 141. The VM execution unit 224 instructs execution of the VM installation program 143. When the process by TC is completed, the deletion unit 225 deletes information related to the process executed by the VM in the memory 201, the storage device 202, and the like of the client computer 101.

  The TC 231 includes a reception unit 232, a remote operation unit 233, a stand-alone execution unit 234, a restriction unit 235, and the like. The accepting unit 232 accepts a process execution instruction. The remote operation unit 233 controls execution of processing requested to the remote computer 102. The stand-alone execution unit 234 performs processing executed by the client computer 101. The restriction unit 235 prohibits data writing to the memory 201 and the storage device 202 of the client computer 101, an external storage medium (not shown), and enables / disables the memory 201 and the storage device 202 and the connected external storage medium (not shown). Performs processing to execute restrictions as a thin client, such as computerization execution restriction, execution program rewrite prohibition, and unauthorized program activation prohibition. Although an example of the operation of the restriction unit 235 is not particularly described below, the process of monitoring, controlling, prohibiting, and the like as described above is always performed, and processing for executing restrictions as a thin client is performed. The processing itself of the restriction unit 235 is the same as that of the conventional thin client.

  Next, a configuration example of the remote computer 102 will be described with reference to FIG.

  In FIG. 3A, the remote computer 102 includes a memory 301, a storage device 302, a bus 303, a CPU 304, and communication hardware 305. The storage device 302 is, for example, a storage medium such as an HDD, CD, or DVD, and a drive device for the storage medium. The communication hardware 305 is a device that controls a network line with another computer.

  The storage device 302 stores an OS program 307 and a remote operated program 308. The CPU 304 implements functions such as control of the communication hardware 305 and loading of data from the storage device 302 by executing the OS program 307 loaded in the memory 301.

  Next, with reference to FIG. 3B, an example of a block diagram of functions realized by the CPU 304 executing the remote operation program 308 loaded into the memory 301 will be described.

  The remote computer 102 includes a request reception unit 311, a process execution unit 312, an output processing unit 313, and the like. The request reception unit 311 receives a process execution request from the client computer 101. The process execution unit 312 executes the process received by the request reception unit 311. The output processing unit 313 outputs the processing result executed by the processing execution unit 312 to the client computer 101.

  Next, a configuration example of the TCIMG management server 103 will be described with reference to FIG.

  4A, the TCIMG management server 103 includes a memory 401, a storage device 402, a bus 403, a CPU 404, I / O hardware 405, communication hardware 406, and the like. The storage device 402 is, for example, a storage medium such as an HDD, CD, or DVD, and a drive device for the storage medium. The I / O hardware 405 controls input / output such as output to the monitor and input from the keyboard. The communication hardware 406 controls network lines with other computers.

  The storage device 402 stores an OS program 407, a TCIMG management program 408, a TCIMG list table 411, and a user list table 412. The TCIMG list table 411 stores a list of various TCIMG data 141 used by the user. The user list table 412 holds a list of information about users. Further, the storage device 402 has a TCIMG storage area 421. The TCIMG storage area 421 stores various TCIMG data itself used by each user.

  The CPU 404 implements functions such as control of the communication hardware 405 and loading of data from the storage device 402 by loading and executing the OS program 407 in the memory 401.

  Next, an example of a block diagram of functions realized by the CPU 404 executing the TCIMG management program 408 and the like loaded into the memory 401 will be described with reference to FIG.

  4B, the TCIMG management server 103 includes an authentication unit 431, an update processing unit 432, and the like. The authentication unit 431 performs authentication processing for the client computer 101. The update processing unit 432 performs update processing of TCIMG data.

  Next, an example of the TCIMG list table 411 and the user list table 412 will be described.

  First, an example of the TCIMG list table 411 will be described with reference to FIG.

  In FIG. 5, each record of the TCIMG list table 411 has fields such as a TCIMG ID 501, customization content 502, a TCIMG version 503, a TCIMG hash value 504, and the like. TCIMG ID 501 is an identifier of TCIMG data. The customization content 502 is a customization content applied to the TCIMG data corresponding to the TCIMG ID 501. TCIMG version 503 is a version of TCIMG data corresponding to TCIMG ID 501. The TCIMG hash value 504 is a hash value of TCIMG data corresponding to the TCIMG ID 501.

  The administrator of the TC system generates a TCIMG list table 411 and stores it in the TCIMG management server 103 in advance, and stores TCIMG data in the TCIMG storage area 421 in advance. The TCIMG data includes an OS program that runs on the VM, an application program that executes processing on the thin client of the client computer 101, and the like. The TCIMG storage area 421 stores a plurality of TCIMG data. Each of these TCIMG data has different specifications and versions, for example. Here, it is assumed that the file name of each TCIMG data includes a TCIMG ID and a version, and that the TCIMG data can be specified if the TCIMG ID and the version are clear.

  In addition, when the administrator of the TC system upgrades the TCIMG data 141 of the client computer 101 or increases / decreases the customized version of the TCIMG, the TCIMG list table 411 is updated as necessary, and the TCIMG storage area The TCIMG data stored in 421 is updated.

  Next, an example of the user list table 412 will be described with reference to FIG.

  6, each record of the user list table 412 has fields such as a user ID 601, a password 602, an applied TCIMG ID 603, an applied TCIMG version 604, an updated TCIMG ID 605, and an updated TCIMG version 606. The user ID 601 is a user identifier. The password 602 is a password used for authentication when accessing the user's TCIMG management server corresponding to the user ID 601. The applied TCIMG ID 603 is a TCIMG ID of the TCIMG data 141 stored in the storage medium 104 used by the user corresponding to the user ID 601. The applied TCIMG version 604 is a version of the TCIMG data 141 stored in the storage medium 104 used by the user corresponding to the user ID 601. The updated TCIMG ID 605 is a TCIMG ID of TCIMG data that can be updated by the user's TCIMG execution program 142 corresponding to the user ID 601. The updated TCIMG version 606 is a version of TCIMG data that can be updated by the user's TCIMG execution program 142 corresponding to the user ID 601.

  Here, the field value “-” of the update TCIMG ID 605, the update TCIMG version 606, etc. in FIG. 6 indicates that there is no updatable TCIMG data.

  In the example of FIG. 6, an example in which one updatable TCIMG ID and version is stored for one user is shown, but this number is arbitrary, for example, for one user. On the other hand, a plurality of updatable TCIMG ID and version combinations may be stored.

  The administrator of the TC system generates a user list table 412 in advance and stores it in the TCIMG management server 103. The TC system administrator adds, changes, and deletes users. Further, the administrator of the TC system changes the user list table 412 when changing the TCIMG data 141 used by the user.

  Next, an operation example in the above-described system will be described.

  Here, an operation example in the above-described system will be described with reference to FIG.

  First, the user instructs the activation of the TCIMG execution program 142 by connecting the storage medium 104 to the I / O hardware 205 of the client computer 101.

  The CPU 204 of the client computer 101 executes the TCIMG execution program 142 loaded into the memory 201. The authentication request unit 222 of the TC execution unit 221 attempts connection by transmitting a connection request to the TCIMG management server 103 (S701). Next, the authentication request unit 222 determines whether or not connection with the TCIMG management server 103 is possible (S702). Although this process may be arbitrary, for example, it may be determined based on whether or not a connectable notification is received from the TCIMG management server 103 within a predetermined time after the connection request is transmitted.

  In the example of FIG. 7, the client computer 101 attempts to connect to the TCIMG management server 103 every time. However, the present invention is not limited to this, and the client computer 101 does not connect to the TCIMG management server 103 by following a user instruction, for example. It may be.

  As a result of the determination in S702, if connection is impossible, the process proceeds to S717 described later.

  If the connection is possible as a result of the determination in S702, the authentication request unit 222 receives the user ID and password (S703). For this purpose, the authentication request unit 222 displays a screen for inputting a user ID and a password on the display device of the output device 206 or the like.

  The user inputs his or her user ID, password, and the like using the input device 207 and the like. The authentication request unit 222 transmits an authentication request including the input user ID and password to the TCIMG management server 103 (S704).

  Here, the client computer 101 may cancel the connection request to the TCIMG management server 103, for example, according to a user instruction.

  Upon receiving the authentication request (S705), the authentication unit 431 of the TCIMG management server 103 performs an authentication process using the user ID and password included in the authentication request (S706). Therefore, for example, the authentication unit 431 refers to the combination of the user ID 601 and the password 602 for each record in the user list table 412 and includes the one that matches the combination of the user ID and the password included in the received authentication request. Determine whether or not.

  If no match is found as a result of the determination in S706, the authentication unit 431 terminates the process by transmitting information notifying connection permission to the client computer 101, for example. Receiving this information, the client computer 101 proceeds to the processing of S703 described above.

  If a match is found as a result of the determination in S706, the update processing unit 432 sends a response including information on the TCIMG data currently used by the user and TCIMG that can be upgraded to the client computer. 101 is transmitted (S707). Therefore, the update processing unit 432 refers to the combination of the user ID 601 and the password 602 for each record in the user list table 412 from the user list table 412 and matches the combination of the user ID and password included in the received authentication request. Search for records. Next, the update processing unit 432 extracts values such as an applied TCIMG ID 603, an applied TCIMG version 604, an updated TCIMG ID 605, and an updated TCIMG version 606 that are included in the retrieved record. The update processing unit 432 extracts, from the TCIMG storage area 421, TCIMG data having a file name including the extracted TCIMG ID 603 being applied and the TCIMG version 604 being applied. Next, the update processing unit 432 transmits a response including the extracted TCIMG data to the client computer 101. At this time, if the update processing unit 432 indicates that there is updateable TCIMG data, for example, the values of the extracted update TCIMG ID 605, update TCIMG version 606, etc. are not “−”, for example, the update TCIMG ID 605, update A response further including a value such as TCIMG version 606 is transmitted to the client computer 101.

  Specifically, for example, when an authentication request including the user ID “00000002” and the password “pass” is received, the update processing unit 432 applies the applied TCIMG ID 603 “0001” from the user list table 412 illustrated in FIG. ”, An applied TCIMG version 604“ 1.0 ”, an updated TCIMG ID 605“ 0001 ”, an updated TCIMG version 606“ 1.1 ”, and the like. The update processing unit 432 extracts, from the TCIMG storage area 421, TCIMG data having a file name including the IDs and versions “0001” and “1.0” of the TCIMG being applied. In this case, each of the updated TCIMG ID 605 and the updated TCIMG version 606 is “0001”, “1.1”, etc., indicating that there is updatable TCIMG data. Therefore, the update processing unit 432 transmits a response including the extracted TCIMG data, the updatable TCIMG ID “0001”, the updatable TCIMG version “1.1”, and the like to the client computer 101.

  When receiving the response (S708), the update unit 223 of the client computer 101 outputs the result included in the response to the output device 206 (S709). For this purpose, for example, the updating unit 223 outputs the TCIMG ID being applied, the version of the TCIMG being applied, the TCIMG ID that can be updated, the version of the TCIMG that can be updated, and the like included in the response to the output device 206. As described above, the response may or may not include an updatable TCIMG ID and version. When an updatable TCIMG ID, version, and the like are included, the updating unit 223 may further output information for accepting whether to update the TCIMG.

  With reference to FIG. 8, the example of the screen output to a display apparatus by the process of above-mentioned S709 is demonstrated.

  In FIG. 8, a screen 801 is an example in which a TCIMG ID being applied, a TCIMG version being applied, an updatable TCIMG ID, an updatable TCIMG version, and the like are displayed. The user can instruct whether to update the TCIMG by pressing one of the button 811 and the button 812 using the input device 207.

  If there are a plurality of combinations of TCIMG IDs and versions that can be updated, an update instruction for only one of the combinations may be accepted.

  The updating unit 223 determines whether or not an instruction to update TCIMG has been received (S710).

  If the result of determination in S710 is that an update instruction has not been received, processing proceeds to S717 described later.

  If the update instruction is accepted as a result of the determination in S710, the update unit 223 transmits an update request to the TCIMG management server 103 (S711). This update request includes the user ID received in S703 described above, the TCIMG ID requesting the update received in S710 described above, the version, and the like.

  When the TCIMG management server 103 receives the update request (S712), the update processing unit 432 transmits a response including the requested TCIMG data (S713). For this purpose, the update processing unit 432 extracts the TCIMG data of the file name including the TCIMG ID and the version included in the received update request from the TCIMG storage area 421, and transmits the extracted TCIMG data to the client computer 101. Further, the update processing unit 432 updates the user list table 412 (S714). For this purpose, for example, the update processing unit 432 searches the user list table 412 for a record including the user ID 601 that matches the user ID included in the received update request, and applies the applied TCIMG ID 603 and the applied TCIMG of the searched record. The value such as version 604 is rewritten to the TCIMG ID and version included in the received update request. Further, the update processing unit 432 sets, for example, a value that matches the TCIMG ID and the version included in the received update request among the values of the updated TCIMG ID 605 and the updated TCIMG version 606 of the retrieved record, for example, “-”, etc. Replace with a value indicating that there is no updatable TCIMG data.

  On the other hand, when the client computer 101 receives the response from the TCIMG management server 103 (S715), the updating unit 223 deletes the TCIMG data 141 of the storage medium 104, and converts the TCIMG data included in the received response into a new TCIMG data. The data 141 is stored (S716).

  Next, the VM execution unit 224 of the client computer 101 determines whether the VM installation program 143 is installed (S717). Although this determination may be arbitrary, for example, the determination may be made based on whether or not information indicating that the VM installation program 143 is installed in the memory 201.

  As a result of the determination in S717, if the VM installation program 143 is installed, the process proceeds to S719 described later.

  If the VM installation program 143 is not installed as a result of the determination in S717, the VM execution unit 224 copies the VM installation program 143 read from the storage medium 104 to the storage device 202 of the client computer 101 and installs it. (S718).

  When the VM installation program 143 is installed and executed, the VM 213 is realized in the client computer 101. The VM 213 copies the TCIMG data 141 read from the storage medium 104 to the storage device 202 of the client computer 101 (S719).

  When the VM 213 executes the guest OS program and application program included in the TCIMG data 141, the client computer 101 is realized as a thin client, and the TC 231 is realized (S720).

  At least one of the remote operation unit 233 and the stand-alone execution unit 234 of the client computer 101 performs processing executed on the thin client (S721). Details of this processing will be described later.

  When the process to be executed on the thin client is completed, the deletion unit 225 deletes the information related to the process executed by the TCIMG data 141 and the VM in the memory 201 and the storage device 202 of the client computer 101 (S722).

  As described above, by deleting the data for realizing the thin client after performing the processing, it is possible to prevent the thin client from being used without performing the authentication processing described above.

  Here, with reference to FIG. 9, an operation example of the above-described processing of S721 will be described.

  The accepting unit 232 of the client computer 101 determines whether the processing to be executed is to be performed by the remote computer 102 or to be performed stand-alone (S901). For this purpose, the reception unit 232 may output information for allowing the user to specify a process to be executed to the output device 206 or the like. The user uses the input device 207 to specify a process to be executed. Each of the processes that can be executed by the TC 231 is determined in advance as to be processed by the remote computer 102 or to be executed as a stand-alone process, and the reception unit 232 performs processing according to the specified process. Judge whether to do.

  If the result of determination in S901 is that processing is to be performed by the remote computer 102, the accepting unit 232 activates the remote operation unit 233 (S902). The remote operation unit 233 connects to the remote computer 102 (S903). The remote operation unit 233 transmits information (hereinafter referred to as operation information) obtained by the user operating the input device 207 to the remote computer 102 as input information for the remote computer 102 (S904).

  When the request reception unit 311 of the remote computer 102 receives the operation information (S905), the process execution unit 312 performs a process according to the received operation information (S906). The output processing unit 313 transmits the processing result to the client computer 101 (S907).

  When the processing result transmitted from the remote computer 102 is received (S908), the remote operation unit 233 of the client computer 101 outputs the processing result to the output device 206 (S909).

  In addition, the process performed by above-mentioned S904-S909 is arbitrary. For example, the client computer 101 transmits information indicating a change in the cursor position using a mouse or keyboard as operation information, and the remote computer 102 transmits screen information that has been processed to change the cursor position or the like in accordance with the operation information. The client computer 101 may output the screen information to the display device of the output device 206. In addition, the client computer 101 transmits a calculation, a data request, etc. as operation information, and the remote computer 102 transmits result information as a result of processing such as calculation, data search, etc. according to the operation information, and the client computer 101 The result information may be output to a display device, a speaker device, a printer, or the like of the output device 206.

  The remote operation unit 233 determines whether the process is finished (S910). This determination may be arbitrary. For example, the determination may be made based on whether or not the user inputs an end instruction using the input device 207.

  As a result of the determination in S910, when the process is completed, the process proceeds to the above-described process in S722. Depending on the instruction input from the input device 207, the processing in the remote computer 102 may be terminated and the processing in S911 described later may be performed.

  If the result of determination in S910 is that processing has not ended, processing returns to S904 described above.

  On the other hand, as a result of the determination in S901, in the case of processing in a stand-alone manner, the receiving unit 232 activates the stand-alone execution unit 234 (S911). The stand-alone execution unit 234 executes processing instructed by the user (S912), and outputs the execution result to the output device 206 (S913). The processing executed here is arbitrary. For example, screen information for displaying a screen as a result of changing the cursor position with a mouse or keyboard may be output to the display device of the output device 206. In addition, result information obtained as a result of processing such as calculation and data search may be output to the output device 206.

  The stand-alone execution unit 234 determines whether the process is finished (S914). This determination may be arbitrary. For example, the determination may be made based on whether or not the user inputs an end instruction using the input device 207.

  As a result of the determination in S914, when the process ends, the process proceeds to the above-described process in S722. Depending on the instruction input from the input device 207, the processing in the client computer 101 may be terminated and the processing in S902 described above may be performed.

  If the result of determination in S914 is that processing has not ended, processing returns to S912 described above.

  As described above, the client computer 101, which is a general computer, instead of the hardware dedicated to the thin client, is converted into a thin client, and the user can perform information processing using the client computer. In addition, the thin client can be easily updated online from the management server.

  Since conventional thin clients are uniformly manufactured, it is difficult to customize the functions of the thin client such as software to be installed and settings thereof for each user.

According to the above embodiment, a thin client can be realized by an existing computer, and the introduction cost can be suppressed. At that time, applications that can be used on existing computers can be used as they are. Further, the thin client can be easily updated, and the contents to be updated can be customized for each user.
<Second Embodiment>
Next, a second embodiment will be described.

  The second embodiment described below differs from the first embodiment described above in that the remote computer 102 can be used or cannot be used depending on whether a predetermined condition is satisfied. Hereinafter, only differences from the above-described first embodiment will be described in detail.

  FIG. 10 shows a configuration example of the second embodiment.

  In FIG. 10, the isolation control device 1001 is further connected to the communication network 105, and the remote computer 102 is connected to the communication network 105 via the isolation control device 1001. The isolation control device 1001 includes an isolation control unit 1011. The quarantine control unit 1011 normally blocks data input to the remote computer 102. When receiving a communication quarantine release request to the client computer 101 transmitted from the TCIMG management server 103, the quarantine control unit 1011 is transmitted from the client computer 101. The data is output to the remote computer 102.

  The isolation control unit 1011 may be realized by executing a program (all not shown) loaded in a memory by an arithmetic device such as a CPU, or may be realized by dedicated hardware. A combination of these may also be used.

  The storage medium 104 has a TCIMG execution program 1021 instead of the TCIMG execution program 142 of the first embodiment described above. The TCIMG execution program 1021 realizes, in addition to the functions realized by the above-described TCIMG execution program 142, a function of transmitting authentication information for requesting the communication isolation release of the isolation control device 1001 to the TCIMG management server 103. Is for. Details of this function will be described later.

  In the example of FIG. 10, two client computers 101, two remote computers 102, and an isolation control device 1001 are shown, and one TCIMG management server 103 is shown. However, these numbers may be arbitrary. However, one remote computer 102 is connected to one isolation control device 1001. One client computer 101 accesses one or more remote computers 102. Here, the processes performed by each remote computer 102 are those requested by one client computer 101, and the processes requested by other client computers 101 are not performed. That is, when one isolation control device 1001 cancels communication isolation, there is one client computer 101 that requests processing from the remote computer 102 connected to the isolation control device 1001.

  Next, an example of a functional block diagram of the client computer 101 will be described with reference to FIG.

  In FIG. 1101, the client computer 101 includes a TC execution unit 1101 instead of the TC execution unit 221 of the first embodiment described above. The TC execution unit 1101 further includes a communication isolation release unit 1111 in addition to the authentication request unit 222, the update unit 223, the VM execution unit 224, and the deletion unit 225. The communication isolation cancellation unit 1111 transmits a cancellation authentication request including authentication information for requesting communication isolation cancellation.

  Others are the same as those in the first embodiment described above, and will be omitted.

  Next, a configuration example of the TCIMG management server 103 will be described with reference to FIG.

  FIG. 12A shows a hardware configuration example of the TCIMG management server 103. In FIG. 12A, the storage device 402 of the TCIMG management server 103 further stores a quarantine management program 1201.

  FIG. 12B is an example of a functional block diagram of the TCIMG management server 103. In FIG. 12B, the TCIMG management server 103 further includes a quarantine management unit 1211. The isolation management unit 1211 is a function realized by executing the isolation management program 1201 loaded into the memory 401 by the CPU 404. The quarantine management unit 1211 performs an authentication process or the like using information included in the cancellation authentication request transmitted from the client computer 101, and transmits a communication isolation cancellation request to the remote computer 102.

  Next, an operation example in the above-described system will be described.

  Here, an operation example in the above-described system will be described with reference to FIG. Note that the same processing as in the first embodiment will be briefly described, and only different processing will be described in detail.

  In the normal state, the isolation control unit 1011 of the isolation control device 1001 stops outputting data to the remote computer 102. That is, in the normal state, the remote computer 102 is isolated from the communication network 105.

  First, the user instructs the activation of the TCIMG execution program 142 by connecting the storage medium 104 to the I / O hardware 205 of the client computer 101.

  The CPU 204 of the client computer 101 executes the TCIMG execution program 142 loaded into the memory 201. The authentication request unit 222 of the TC execution unit 221 attempts connection by transmitting a connection request to the TCIMG management server 103 (S1301). Next, the authentication request unit 222 determines whether or not connection to the TCIMG management server 103 is possible (S1302).

  If the result of determination in S1302 is that connection is not possible, the process ends.

  As a result of the determination in S1302, if the connection is possible, the authentication request unit 222 receives the user ID and password (S1303). The authentication request unit 222 transmits an authentication request including the input user ID and password to the TCIMG management server 103 (S1304).

  Upon receiving the authentication request (S1305), the authentication unit 431 of the TCIMG management server 103 performs authentication processing using the user ID and password included in the authentication request (S1306). After this authentication, the update processing unit 432 transmits a response including information on the TCIMG currently used by the user and information on the TCIMG that can be upgraded to the client computer 101 (S1307).

  When receiving the response (S1308), the updating unit 223 of the client computer 101 outputs the result included in the response to the output device 206 (S1309).

  The updating unit 223 determines whether or not an instruction to update TCIMG has been received (S1310).

  If the result of determination in S1310 is that an update instruction has not been received, processing proceeds to S1317 described later.

  As a result of the determination in S1310, when an update instruction is accepted, the update unit 223 transmits an update request to the TCIMG management server 103 (S1311). This update request includes the user ID received in S1303 described above, the TCIMG ID requesting the update, the version, and the like.

  When receiving the update request (S1312), the update processing unit 432 of the TCIMG management server 103 transmits a response including the requested TCIMG data (S1313). Further, the update processing unit 432 updates the user list table 412 (S1314).

  On the other hand, when the response from the TCIMG management server 103 is received (S1315), the update unit 223 of the client computer 101 deletes the TCIMG data 141 of the storage medium 104, and converts the TCIMG data included in the received response into new TCIMG data. 141 is stored (S1316).

  Next, the VM execution unit 224 of the client computer 101 determines whether the VM installation program 143 is installed (S1317).

  As a result of the determination in S1317, if the VM installation program 143 is installed, the process proceeds to S1319 described later.

  If the VM installation program 143 is not installed as a result of the determination in S1317, the VM execution unit 224 copies the VM installation program 143 read from the storage medium 104 to the storage device 202 of the client computer 101 and installs it. (S1318).

  The processing from S1301 to S1318 described above is the same as the processing from S701 to S718 in the first embodiment described above.

  Next, the communication isolation cancellation unit 1111 of the client computer 101 transmits a cancellation authentication request to the TCIMG management server 103 (S1319). This release authentication request includes a TCIMG hash value, a TCIMG ID and version, status information of the client computer 101, and the like. The communication isolation release unit 1111 calculates a hash value from the TCIMG data 141 of the storage medium 104. Further, the communication isolation release unit 1111 acquires the status information of the client computer 101. This status information is not particularly limited. For example, for example, whether anti-virus software is running, whether spyware is running, whether software that prohibits screen capture or copy paste is running This indicates whether or not the client computer 101 becomes a problem when operating as a thin client. The communication isolation release unit 1111 transmits a release authentication request including a TCIMG hash value, a TCIMG ID and version, status information of the client computer 101, and the like to the TCIMG management server 103.

  When the cancellation authentication request is received (S1320), the quarantine management unit 1211 of the TCIMG sensing server 103 determines whether both the hash value and the state information included in the cancellation authentication request satisfy a condition that enables authentication (S1320). S1321). Therefore, the quarantine management unit 1211 refers to the TCIMG ID 501 and the TCIMG version 503 of each record in the TCIMG list table 411 and searches for a match with the combination of the TCIMG ID and the version included in the release authentication request. Next, the quarantine management unit 1211 extracts the TCIMG hash value 504 of the corresponding record, and determines whether or not the extracted TCIMG hash value 504 matches the hash value included in the release authentication request. As a result of this determination, if they match, the quarantine management unit 1211 determines that the hash value included in the release authentication request satisfies a condition for enabling authentication. Further, the quarantine management unit 1211 determines whether or not the state information included in the release authentication request satisfies a condition for enabling authentication. Specifically, for example, the quarantine management unit 1211 indicates that the status information indicates that anti-virus software is operating, spyware is not operating, and software that prohibits screen capture and copy paste is operating. Or the like, it is determined that the condition information included in the release authentication request satisfies a condition for enabling authentication.

  If the condition is not satisfied as a result of the determination in S1321, the process proceeds to S1323 described later.

  As a result of the determination in S1321, if the condition is satisfied, the isolation management unit 1211 transmits a communication isolation release request to the isolation control device 1001 (S1322). Here, the quarantine control apparatus 1001 that transmits the communication quarantine cancellation request is connected to the remote computer 102 that executes the processing of the client computer 101 that transmitted the cancellation authentication request.

  When there are a plurality of quarantine control devices 1001, for example, a table (not shown) in which the user ID is associated with the identification information of the remote computer 102 and the quarantine control device 1001 in advance is stored in the storage device 402. With reference to this table, the identification information of the quarantine control device 1001 to which the communication quarantine release request is to be transmitted is acquired from the user ID further included in the release authentication request, and the communication quarantine is released to the quarantine control device 1001 of the acquired identification information Send a request.

  Next, the quarantine management unit 1211 transmits the result information of the processing in S1321 described above to the client computer 101 (S1323). The quarantine management unit 1211 transmits result information including whether the hash value and the state information are not satisfied, when it is determined that authentication is possible or not.

  On the other hand, when the isolation control device 1001 receives the communication isolation release request (S1324), the isolation control unit 1011 releases the communication isolation (S1325). The quarantine control unit 1011 outputs data input thereafter to the remote computer 102.

  When the client computer 101 receives the result information from the TCIMG management server 103 (S1326), the communication isolation release unit 1111 includes information indicating that the hash value condition is not satisfied in the result information. It is determined whether or not (S1327).

  As a result of the determination in S1327, if the relevant information is included, the communication isolation release unit 1111 deletes the information related to the processing executed by the TCIMG data 141 and the VM in the memory 201, the storage device 202, etc. of the client computer 101. (S1328), the process proceeds to S1301 described above.

  If the corresponding information is not included as a result of the determination in S1327, the communication isolation cancellation unit 1111 determines whether the result information includes information indicating that the condition of the state information is not satisfied ( S1329).

  As a result of the determination in S1329, if the corresponding information is included, the communication isolation cancellation unit 1111 outputs information indicating that the state of the client computer 101 does not satisfy the condition to the output device 206 (S1330). The communication isolation release unit 1111 shifts to the above-described processing of S1319 when the state is improved and a re-authentication instruction is input from the input device 207.

  Here, an example of a screen in which information indicating that the state does not satisfy the condition is displayed on the display device of the output device 206 will be described with reference to FIG. In FIG. 14, a screen 1401 is an example of a screen for notifying that anti-virus software is not operating. When the user activates anti-virus software or the like and then presses the button 1411 using the input device 207, the communication isolation release unit 1111 proceeds to the above-described processing of S1319.

  Returning to FIG. 13, if the result of the determination in S <b> 1329 does not include the corresponding information, it indicates that the authentication is possible, so the VM 213 uses the TCIMG data 141 read from the storage medium 104 as the client computer. 101 is copied to the storage device 202 (S1331). Next, the VM 213 executes the guest OS program and the application program included in the TCIMG data 141, thereby realizing the client computer 101 as a thin client and the TC 231 (S1332).

  The processes in S1331 and S1332 are the same as S719 and S720 in the first embodiment.

  Although the subsequent processing is not shown in FIG. 13, it is the same as S721 and S722 of the first embodiment described above. That is, at least one of the remote operation unit 233 and the stand-alone execution unit 234 of the client computer 101 executes processing. When the process execution is completed, the deletion unit 225 deletes the TCIMG data 141 stored in the storage device 202 of the client computer 101.

  As described above, in the second embodiment, it is possible to confirm whether there is no problem when the client computer 101 is made into a thin client, and to perform information processing as a thin client only when there is no problem. As a result, it is possible to improve the safety of the thin client when realizing the thin client with an existing computer, and to improve the performance of preventing information leakage.

  The embodiment of the present invention has been described in detail with reference to the drawings. However, the specific configuration is not limited to this embodiment, and design changes and the like within a scope not departing from the gist of the present invention are included. .

  Specifically, for example, in the above-described embodiment, an example has been described in which the user is instructed to execute the process to be executed by the remote computer 102 or the stand-alone process. It is not done. For example, for each user, it may be determined whether the processing to be executed is executed by the remote computer 102 or whether the processing is performed stand-alone. In this case, the TCIMG data may differ depending on whether the processing to be executed is executed by the remote computer 102 or whether the processing is performed stand-alone. In this case, the user list table 412 of the TCIMG management server 103 further stores which process each user performs, and the TCIMG management server 103 stores this information at any timing. You may transmit to the computer 101. FIG.

  Further, for example, in the above-described second embodiment, the client computer 101 includes information indicating that the state information does not satisfy a predetermined condition in the result information transmitted from the TCIMG management server 103. When the re-authentication instruction is input, the hash value and the state information are transmitted again. However, the present invention is not limited to this. For example, when the client computer 101 receives result information including information indicating that the state information does not satisfy a predetermined condition, the client computer 101 monitors its own state thereafter, and when the state is changed, The hash value and state information may be transmitted to the TCIMG management server 103 again.

1 is a diagram illustrating an example of a system configuration in a first embodiment of the present invention. 3 is a diagram illustrating a configuration example of a client computer in the embodiment. FIG. In the same embodiment, it is a figure which shows the structural example of a remote computer. In the same embodiment, it is a figure which shows the structural example of a TCIMG management server. In the same embodiment, it is a figure which shows an example of a TCIMG list table. In the same embodiment, it is a figure which shows an example of a user list table. FIG. 6 is a diagram showing an operation example in the same embodiment. In the same embodiment, it is a figure which shows the example of a screen. FIG. 6 is a diagram showing an operation example in the same embodiment. FIG. 9 is a diagram illustrating a system configuration example in a second embodiment. 3 is a diagram illustrating a configuration example of a client computer in the embodiment. FIG. In the same embodiment, it is a figure which shows the structural example of a TCIMG management server. FIG. 6 is a diagram showing an operation example in the same embodiment. In the same embodiment, it is a figure which shows the example of a screen.

Explanation of symbols

101: Client computer
201: Memory, 202: Storage device, 203: Bus, 204: CPU, 205: I / O hardware, 206: Output device, 207: Input device, 208: Communication hardware, 211: OS program, 212: Physical hardware , 213: VM, 221: TC execution unit, 222: authentication request unit, 223: update unit, 224: VM execution unit, 225: deletion unit, 231: TC, 232: reception unit, 233: remote operation unit, 234 : Stand-alone execution unit, 235: Restriction unit, 102: Remote computer, 301: Memory, 302: Storage device, 303: Bus, 304: CPU, 305: I / O hardware, 306: Communication hardware, 307: OS program 308: Remote operated program, 311: Request receiving unit, 312: Processing execution unit, 323: Output processing , 103: TCIMG management server, 401: memory, 402: storage device, 403: bus, 404: CPU, 405: I / O hardware, 406: communication hardware, 407: OS program, 408: TCIMG management program, 411 : TCIMG list table, 412: User list table, 421: TCIMG storage area, 431: Authentication unit, 432: Update processing unit, 104: Storage medium, 141: TCIMG data, 142: TCIMG execution program, 143: VM installation program, 1001: Isolation control device, 1011: Isolation control unit, 1021: TCIMG execution program, 1101: TC execution unit, 1111: Communication isolation release unit, 1201: Isolation management program, 1211: Isolation management unit

Claims (9)

A thin client system in which a client computer and a management server are connected,
Management server
A first storage device for storing image data including an OS (Operating System) program and an application program for executing processing;
Image data transmission processing means for transmitting the image data stored in the first storage device to the client computer,
The client computer is
Execution means for storing image data transmitted from the management server in a second storage device;
Virtual hardware realization means for realizing virtual hardware;
Processing execution means for executing an OS program included in the image data on the virtual hardware and executing an application program included in the image data on the OS program;
Output means for outputting the executed processing result to an output device;
A thin client system comprising: deletion means for deleting the image data stored in the second storage device when the processing is completed. A thin client system in which one or more client computers used by each of a plurality of users and a management server are connected,
Management server
A first storage device for storing image data for each user;
Image data transmission processing means for transmitting, to the client computer, image data of a user using the client computer among the image data stored in the first storage device,
The client computer is
Execution means for storing image data transmitted from the management server in a second storage device;
Virtual hardware realization means for realizing virtual hardware;
Processing execution means for executing an OS program included in the image data on the virtual hardware and executing an application program included in the image data on the OS program;
Output means for outputting the executed processing result to an output device;
A thin client system comprising: deletion means for deleting the image data stored in the second storage device when the processing is completed. The thin client system according to claim 1 or 2,
The client computer is further connected to a portable recording medium in which image data is stored,
The client computer is
The execution means replaces the image data stored in the storage medium with the image data transmitted from the management server, and further stores the image data read from the storage medium in the second storage device. A thin client system characterized by The thin client system according to claim 1 or 2,
The management server is further connected to a processing execution device that executes processing instructed by the client computer, and data transmitted from the client computer is input to the processing execution device only when it is permitted,
The client computer is
Authentication request means for transmitting authentication information of image data stored in the second storage device to the management server;
The management server is
The first storage device further stores authentication information for each image data;
Authentication means for determining whether or not the authentication information transmitted from the client computer and the authentication information for each image data stored in the first storage device match;
A thin client system, further comprising: permission means for permitting communication between the client computer and the processing execution device if they match as a result of the determination. The thin client system according to claim 3,
The management server is
An update processing means;
The first storage device further stores updatable image data for each user,
The image data transmission processing means further outputs information notifying the presence or absence of updatable image data to the client computer,
When the update processing means receives an image data update request from the client computer, the update processing means transmits the requested image data to the client computer,
The client computer is
When the execution means receives image data in response to an image data update request transmitted from the management server, the execution means further replaces the received image data with image data stored in the storage medium. A featured thin client system. The thin client system according to claim 4,
The client computer is
The authentication request means further transmits status information indicating the status of the client computer together with the authentication information,
The management server is
Whether the authentication unit matches the authentication information transmitted from the client computer with the authentication information for each image data stored in the first storage device, and the state transmitted from the client computer Determine whether the information meets certain conditions,
As a result of the determination, the permission unit matches the authentication information transmitted from the client computer with the authentication information for each image data stored in the first storage device, and is transmitted from the client computer. When the status information satisfies a predetermined condition, communication between the client computer and the processing execution device is permitted. The thin client system according to claim 4,
If the authorization means does not match the authentication information transmitted from the client computer and the authentication information for each image data stored in the first storage device as a result of the determination, the authentication information is sent to the client computer. Send information notifying that does not match,
The client computer is
The deletion unit deletes the image data stored in the second storage device when receiving the information transmitted from the management server and notifying that the authentication information does not match. Client system. An information processing method by a thin client system in which a client computer and a management server are connected,
In the management server having an OS (Operating System) program and a first storage device that stores image data including an application program for executing processing,
Transmitting the image data stored in the first storage device to the client computer,
In the client computer having the second storage device,
Storing the image data transmitted from the management server in a second storage device;
Implementing virtual hardware; and
Executing an OS program included in the image data on the virtual hardware and executing an application program included in the image data on the OS program;
An output step of outputting the executed processing to an output device;
And a step of deleting the image data stored in the second storage device when the processing is completed. An information processing program by a thin client system in which a client computer and a management server are connected,
In the management server having an OS (Operating System) program and a first storage device that stores image data including an application program for executing processing,
Transmitting the image data stored in the first storage device to the client computer,
In the client computer having the second storage device,
Storing the image data transmitted from the management server in a second storage device;
Implementing virtual hardware; and
Executing an OS program included in the image data on the virtual hardware and executing an application program included in the image data on the OS program;
An output step of outputting the executed processing to an output device;
And a step of deleting the image data stored in the second storage device when the processing is completed.

Images