JP2012080358A - Communication service network and communication service system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication service network capable of keeping a terminal number secret, while permitting an incoming call from a terminal having a trusting relationship with a user of the terminal on an incoming call side in accordance with a signal procedure and preventing an incoming call from a terminal other than that the user of the terminal on the incoming call side relies on.SOLUTION: A communication service network 20 which is connected to a plurality of terminals 10 and relays data transfer between the plurality of terminals 10 comprises a network interface part 21, an authentication part 22 and a communication acceptance part 23. The authentication part 22 authenticates the terminal 10 based on a terminal number of the terminal 10 transmitted through the network interface part 21 from the terminal 10 and a terminal number stored in the authentication part 22 beforehand. The network interface part 21 permits communication between the plurality of terminals 10 and the authentication part 22, communication between the authenticated terminals 10 and the communication acceptance part 23, and communication among the plurality of terminals 10 approved by the communication acceptance part 23.

Description

  The present invention relates to a communication service network that connects a plurality of terminals in a communicable manner, and a communication service system including the communication service network.

  Conventional communication services include a public communication service that provides a communication function between arbitrary terminals connected to a network (see Patent Document 1) and a dedicated line communication service that provides only a communication function between specific terminals (Non-Patent Document). 1).

JP-A-7-38669

"Dedicated line" Gigastream "", [online], NTT Communications, [Search September 8, 2010], Internet <http://www.ntt.com/gigast/>

  However, these communication services have problems in terms of accessibility and security as shown below.

<Problems of public line communication services>
Public line communication services are broadly divided into connectionless communication services and connection-oriented communication services. In either service, a number indicating the called terminal (called terminal number) is disclosed and the called terminal number. A user who knows can receive a call at the terminal on the called side as long as he / she is connected to the network anytime and anywhere. For example, the Internet is a typical connectionless service. In the case of the Internet, the terminal's FQDN (Fully Qualified Domain Name), URI (Uniform Resource Identifier) or IP (Internet Protocol) address is described above. Corresponds to the called terminal number. A telephone is a representative of the connection-oriented communication service. In the case of a telephone, the telephone number corresponds to the above-mentioned called terminal number.

  There is a desire to avoid incoming calls from terminals other than a specific terminal that the user of the called terminal trusts. For this reason, the following measures have been taken, but none of them is sufficient.

≪Concealing correspondence between called terminal number and called terminal≫
For example, in the case of a telephone, a device has been devised such as not describing a telephone number in the telephone directory, or changing the telephone number for each application to limit the number of people who teach the number. However, once the phone number was leaked, it was difficult to prevent incoming calls. In the case of the Internet, incoming calls can be prevented to some extent by dynamically changing the prefix and IP address used by the terminal using DHCP (Dynamic Host Configuration Protocol) or the like. However, there is a problem that it is impossible to prevent an attack when an address in use is leaked, and it is also difficult to receive a call from a terminal that originally wants to permit the incoming call.

≪Filtering by user equipment≫
For example, in the case of the Internet, there has been a contrivance such as filtering the IP packet source address and destination port number in the terminal to prevent unauthorized access to the application in the terminal. However, IP address spoofing cannot be prevented, and demerits such as exhausting the bandwidth of terminals and access lines cannot be avoided. In addition, since a global number (global IP address, FQDN, telephone number, etc.) is required as a number for the calling and called terminals to identify each other, identification of the communication partner by name identification and combination of personal information There was a risk of tracing the travel path.

<Problems with leased line services>
In the leased line service, incoming calls from terminals other than the specific terminal can be prevented by setting communication lines or communication paths between specific terminals in the network and between the terminals and the network. However, there are no functions such as provision of a dynamic communication function and concealment between terminals of a global ID (address, name or information that can be linked to them) of a communication partner.

  The present invention was devised to solve the above-described problems, and permits incoming calls from a terminal having a trust relationship with the user of the terminal on the called side by a signal procedure and permits communication. It is an object of the present invention to provide a communication service network and a communication service system capable of preventing any signal from a non-terminal from being transferred to a terminal on the called side and concealing the terminal number.

  In order to solve the above problems, a communication service network of the present invention is a communication service network that is connected to a plurality of terminals and relays data transfer between the plurality of terminals, and is a network interface connected to the plurality of terminals. An authentication unit that authenticates the plurality of terminals, and a communication approval unit that approves a connection through the network interface unit between the plurality of authenticated terminals. The terminal is authenticated based on the terminal number of the terminal transmitted from the network interface unit from the terminal number stored in advance in the authentication unit, and the network interface unit includes the plurality of terminals. And communication between the authentication unit, communication between the authenticated terminal and the communication approval unit, and communication between the plurality of terminals approved by the communication approval unit. Characteristic To.

  According to such a configuration, it is possible to prevent the communication service network, not the destination terminal, from receiving a call from a calling terminal that does not permit incoming calls.

  The communication service system of the present invention is a communication service system comprising the communication service network and a plurality of terminals connected to the network interface unit, wherein the authenticated terminal is a terminal number of the terminal. Is encrypted using a public key published by the communication service network and transmitted via the other authenticated terminal, and the communication approval unit decrypts the encrypted terminal number. The terminal number is recognized, and the terminal that has generated the message including the terminal number is specified.

  The communication service system of the present invention is a communication service system comprising the communication service network and a plurality of terminals connected to the network interface unit, wherein the communication approval unit is connected to the authenticated terminal. A shared secret key and a security association number corresponding to the shared secret key are allocated, and the authenticated terminal encrypts a message including the terminal number of the terminal using the shared secret key and supports the security An association number is assigned and transmitted via the other authenticated terminal, and the communication approval unit identifies the shared secret key based on the security association number, and identifies the shared The terminal number is recognized by decrypting the encrypted terminal number using a secret key, and the mem- ory including the terminal number is recognized. And identifies the terminal that generated the message.

  According to such a configuration, when an authenticated terminal transmits a message to the communication service network via another terminal, the terminal number can be kept secret from the other apparatus.

  The plurality of terminals adjust an incoming call permission condition for allowing an incoming call from the calling terminal to be accepted by the called terminal between the calling terminal and the called terminal, The terminal generates a registration permission token obtained by encrypting a registration permission condition indicating the condition that the terminal on the called side permits to register the incoming call permission condition in the communication approval unit and the terminal number. To the terminal on the side, the terminal on the calling side transmits the registration permission token and the incoming call permission condition to the communication approval unit, the communication approval unit decrypts the encryption of the registration permission token, The registration permission condition is evaluated, and if it is passed, the incoming call permission condition is stored in the communication approval unit. Thereafter, when a communication request is received from the calling terminal to the called terminal, the incoming call permission condition is set. Evaluate and pass the communication between the multiple terminals It may be configured to be sure.

  Further, the plurality of terminals adjust an incoming call permission condition for allowing the incoming terminal to accept incoming calls from the outgoing terminal between the outgoing terminal and the incoming terminal, The calling terminal generates a registration request token in which a registration request condition indicating a condition that the calling terminal permits to register the incoming call permission condition in the communication approval unit and the terminal number are encrypted. , To the terminal on the called side, and the terminal on the calling side transmits the registration request token and the incoming call permission condition to the communication approval unit, and the communication approval unit decrypts the encryption of the registration request token The registration request condition is evaluated, and if it is passed, the incoming call permission condition is stored in the communication approval unit. Thereafter, when a communication request is received from the calling terminal to the called terminal, the incoming call permission is received. If the conditions are evaluated and passed, the multiple terminals It may be configured to approve the trust.

  According to such a configuration, it is possible to permit only communication by a call from the calling terminal to the called terminal that has passed the incoming call permission condition registered in the communication service network. In addition, when registering an incoming call permission condition in the communication service network, it is possible to prevent an invalid registration confirmation from the terminal that has not adjusted the incoming call permission condition.

  In addition, the terminal sets a personal calling terminal number used for identifying the calling terminal in the called terminal for each called terminal, and sets the calling terminal for each calling terminal. Setting a personal called terminal number used to identify the called terminal on the terminal on the side, and transmitting the personal calling terminal number and the personal called terminal number to the communication approving unit, Sets the personal calling terminal number of the approved calling terminal and the personal called terminal number of the approved called terminal in the network interface unit, and the network interface unit sets the approved calling terminal number. When the signal including the personal called terminal number transmitted from the terminal on the side is received, the personal called terminal number included in the signal is When the signal is converted to the calling terminal number and transferred to the approved called terminal, and the signal containing the personal calling terminal number transmitted from the approved called terminal is received, The personal calling terminal number included in the signal may be converted into the personal called terminal number, and the signal may be transferred to the approved calling terminal.

  Further, the communication approval unit assigns a personal calling terminal number used for identifying the calling terminal in the called terminal for each called terminal, and for each calling terminal. Assigning a personal called terminal number used to identify the called terminal at the calling terminal, transmitting the personal calling terminal number to the called terminal, and sending the personal called terminal number to the calling terminal Transmitting to the terminal, the communication approval unit sets the personal calling terminal number of the approved calling terminal and the personal called terminal number of the approved called terminal in the network interface unit, When the network interface unit receives a signal including the personal called terminal number transmitted from the approved calling terminal, the network interface unit includes the parameter included in the signal. A signal including the personal calling terminal number transmitted from the approved called terminal is transferred by converting the terminal of the called terminal to the personal calling terminal number and transferring the signal to the approved called terminal. When received, the personal calling terminal number included in the signal may be converted into the personal called terminal number, and the signal may be transferred to the approved calling terminal.

  According to this configuration, communication can be performed without using the terminal numbers of the calling and called terminals, so that the terminal numbers can be kept secret from other devices.

  Further, the communication approval unit confirms the content of the incoming call permission condition with the terminal on the calling side and the terminal on the called side using the encrypted terminal signal, and the terminal on the calling side and the terminal on the called side When approval by the terminal is obtained, the personal calling terminal number and the personal called terminal number may be stored in association with the incoming call permission condition.

  According to such a configuration, communication can be performed without using the terminal number even when the incoming call permission condition is confirmed with the calling and called terminals, so that the terminal number can be kept secret from other devices.

  According to the present invention, an incoming call from a terminal having a trust relationship with a user of a called terminal is permitted by a signal procedure, and any signal from a terminal that does not allow communication is transferred to the called terminal. And the terminal number can be kept secret.

1 is a diagram schematically showing a communication service system according to an embodiment of the present invention. It is a figure which shows typically the table memorize | stored in the communication approval part. It is a figure which shows typically the table memorize | stored in the communication approval part. It is a figure for demonstrating the operation example of the communication service system of FIG. It is a figure for demonstrating the operation example of the communication service system of FIG.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings as appropriate. As shown in FIG. 1, a communication service system 1 according to an embodiment of the present invention includes a plurality of terminals 10 (10A, 10B, 10C,...) And a communication service network 20.

<Terminal>
The plurality of terminals 10 are telephone terminals, and include an operation unit 11 including buttons and the like, a display unit 12, a microphone 13, a speaker 14, and a control unit 15 that controls them.

<Communication service network>
The communication service network 20 is communicably connected to a plurality of terminals 10 and is a network (network) for relaying data transfer between the plurality of terminals 10. The network interface unit 21, the authentication unit 22, and communication approval Unit 23.

<Network interface part>
The network interface unit 21 is a server that is communicably connected to the terminal 10. The network interface unit 21 includes communication between the plurality of terminals 10 and the authentication unit 22, communication between the authenticated terminal 10 and the communication approval unit 23, and a plurality of terminals approved by the communication approval unit 23. It is configured to allow communication 10 between them and prevent other communication.

<Authentication part>
The authentication unit 22 is a server that is communicably connected to the network interface unit 21 and authenticates the terminal 10. The authenticated terminal 10 can communicate with another authenticated terminal 10 using the communication service network 20 by the approval by the communication approval unit 23 described later. The authentication unit 22 includes a terminal number that is a number by which the communication service network 20 can uniquely identify the terminal 10, and an authentication key (a public key and a private key or a shared secret key) corresponding to the terminal number. , Is stored in the terminal number storage unit 22a. This terminal number is known only to the corresponding terminal 10 and the communication service network 20, and other terminals 10 cannot specify the terminal 10 corresponding to the terminal number using the terminal number. . In the present embodiment, the terminal number storage unit 22a stores the profile information of the caller (the user of the calling terminal 10), for example, the address, name, gender, age, occupation, hometown, etc. It is stored in association with the terminal number of the terminal 10.

<Communication approval department>
The communication approval unit 23 is a server communicably connected to the network interface unit 21, and in order to approve communication via the network interface unit 21 between a plurality of authenticated terminals 10, the communication approval condition storage unit 23 a. Is provided. In the communication approval condition storage unit 23a, for each terminal number of the terminal 10, when the terminal 10 is the calling side, the personal called terminal number for identifying the called terminal and the called terminal are stored. A personal call terminal number for identifying the terminal 10, an incoming call permission condition for the callee terminal to receive a call from the terminal 10, and a terminal number of the callee terminal are associated with each other as an incoming call permission condition table. It is stored (see FIG. 2). Here, as an incoming call permission condition, a time zone (day of the week etc.) in which communication is possible between the calling terminal 10 and the called terminal, the positions of the calling terminal 10 and the called terminal, and the upper limit of the total number of communication , The upper limit of the total communication time, and other presence information of the originating terminal 10 and the called terminal.

  Further, in the communication approval condition storage unit 23a, for each terminal number of the terminal 10, when the terminal 10 is a called terminal, a registration number that permits registration of an incoming permission condition to the terminal 10 and registration are permitted. The terminal number of the calling terminal and the personal called terminal number assigned by the calling terminal 10 when registration is permitted are associated and stored as an incoming call permission condition registration permission table (see FIG. 3).

<Operation example>
Subsequently, an operation example of the communication service system 1 will be described by taking as an example a case where the terminal 10A is the calling terminal and the terminal 10B is the called terminal. The communication service system 1 makes it possible to register in the communication approval unit 23 a condition for permitting a call from the terminal 10A to arrive at the terminal 10B by sequentially performing the operations (1) to (3). 10A and 10B actually communicate via the communication service network 20 by the operations (4) and (5). In addition to the communication service network 20, the terminals 10A and 10B are assumed to have existing communication means capable of mutual authentication, concealment of communication contents, defense of impersonation, and the like. As such communication means, the terminals 10A and 10B are directly connected by blue tooth (registered trademark), or a security association is established on the Internet by IPsec (Security Architecture for the Internet Protocol), HTTP (Hyper Text Transfer Protocol), or the like. And connecting.

(1) At the time of service contract A user who owns the terminal 10 </ b> A and a user who owns the terminal 10 </ b> B implement a contract for using the communication service network 20. The company terminal 24, which is a computer communicably connected to the authentication unit 22, receives the terminal numbers of the terminals 10A and 10B and the respective authentication keys based on an operation by the company of the communication service network 20, and the authentication unit To 22. The authentication unit 22 acquires the terminal numbers of the terminals 10A and 10B and the respective authentication keys, and stores them in association with each other. At this stage, the communication condition storage unit 23a of the communication approval unit 23 is blank, and the network interface unit 21 transfers the signals transmitted from the terminals 10A and 10B to the authentication unit 22.

(2) Authentication When the terminal 10A is turned on based on a user operation, the terminal 10A is communicably connected to the authentication unit 22 via the network interface unit 21. The terminal 10A transmits the terminal number A stored in advance in the terminal 10A to the authentication unit 22 via the network interface unit 21. The authentication unit 22 receives the terminal number A, searches the terminal number storage unit 22a using the received terminal number A, and if the received terminal number A exists in the terminal number storage unit 22a, the terminal 10A Authenticate. Such authentication is performed while concealing the terminal number from other devices using, for example, existing technology such as 802.1x. The authentication unit 22 transmits to the network interface unit 21 a communication permission signal that permits communication between the terminal 10A and the communication approval unit 23 with respect to the authenticated terminal 10A. When the network interface unit 21 receives the communication permission signal, the network interface unit 21 performs setting for permitting communication between the terminal 10A corresponding to the communication permission signal and the communication approval unit 23. These processes are performed in the same manner for the terminal 10B.

(3) Registration of Approval Conditions As shown in FIG. 4, the terminal 10A and the terminal 10B adjust an incoming call permission condition for the call from the terminal 10A to the terminal 10B in the communication service network 20 through the existing security association ( Step S1).

  The items of the incoming call permission conditions to be adjusted include, for example, the date and time of communication, the communication application, the location of the terminal 10 on the destination side, the situation of the terminal 10 on the destination side (a specific example will be described later), and the calling side Information on the location of the terminal 10, the status of the terminal 10 on the originating side, the profile of the user (sender) of the terminal 10 on the originating side, and the like. As an adjustment method, for example, for each item of the incoming call permission condition, the called terminal 10 transmits options that the called terminal 10 can agree to the calling terminal 10, and the calling terminal 10 For example, an option that the originating terminal 10 can agree with is selected from the received options, and the selected result is returned to the destination terminal 10.

Here, a specific example of adjustment of the incoming call permission condition will be described.
(1) Encounters in the real world (circles, parties, etc.) If two people you met in the real world have an anonymous and conditional trust relationship, you can use their own terminals (mobile phones) adjust. Here, as the incoming call permission condition, the following items can be used.
Caller profile: The terminal that sent the registration request for incoming call permission conditions (cell phone with adjusted incoming call permission conditions)
Date and time when communication is possible: 19: 00-22: 00
Status of the terminal 10 on the called side: excluding work and sleeping (uses presence information collected by existing technology)
Location of terminal 10 on arrival side: Tama area Application: Telephone

(2) Encounter in virtual space (conditional anonymous SNS (Social Network Service)) An SNS service provider connects an SNS server to the communication service network 20. The SNS server uses the Internet or the like to publish personal destination terminal numbers in the communication service network 20 and conditions for users who can receive calls to the personal destination terminal numbers, and recruits alumni associations, district autonomous members, and the like. Here, as the incoming call permission condition, the following items can be used.
Caller profile: Male living in the Tama area (guaranteed by the authentication unit 22 of the communication service network 20)
Application: Web browser

(3) Virtual space (conditional anonymous SNS (Social Network Service) encounter (continuation of (2) mentioned above)
The originating terminal 10 accesses a closed SNS server connected to the communication service network 20, generates a trust relationship between users of the service using the SNS service, and then uses the service of the user via the SNS server. Adjust the call acceptance conditions between the two.
Here, the following items can be used as an incoming call permission condition for a call from the terminal 10 on the calling side to the terminal 10 of another SNS user.
Caller profile: Resident in Tama area, 30-40 years old, male (guaranteed by authentication unit 22)
Date and time of communication: 19: 00-22: 00 on weekdays, or the situation of the terminal 10 on the weekend side: Except during work and sleeping (uses presence information collected by existing technology)
Location of called terminal 10: Any application: Telephone Expiration date: One month

  Subsequently, the terminal 10B uses the public key (which may be the same as or different from the public key used for authentication by the authentication unit 22) disclosed to the authenticated terminal 10 by the authentication unit 22. The terminal number B of the terminal 10B, the registration number B that changes every time the terminal 10B permits registration of the incoming call permission condition, and the registration permission condition B that is a condition that permits registration of the incoming call permission condition, , The registration permission token B of the terminal 10B is generated. The registration permission condition includes, for example, information related to the time limit for registration of the incoming call permission condition, the location of the terminal 10A on the calling side, the profile of the caller, and the like. The reason why the registration number and the registration permission condition are included in the registration permission condition is to prevent an invalid registration confirmation request from being made to the terminal 10B on the called side. Since the registration permission token generated here looks like a random number to the external device, the external device cannot specify the terminal 10B using the registration permission token.

  Subsequently, the called-side terminal 10B transmits the registration permission token B to the calling-side terminal 10A through the existing security association (step S2). When the originating terminal 10A receives the registration permission token B transmitted from the terminal 10B, the originating terminal 10A sets the personal terminating terminal number A for identifying the terminating terminal 10B and adjusts it in step S1. As the incoming call permission condition, the registration permission token B, the personal called terminal number A for identifying the called terminal 10B by the calling terminal 10A, and the number generated for the terminal 10A to distinguish from other registration approval processing (registration) The request number A) and the signal with the terminal number A are transmitted to the communication approval unit 23 via the network interface unit 21 as an incoming call permission condition registration request message (steps S3 and S4).

  When receiving the incoming permission condition registration request message, the communication approval unit 23 decrypts the registration permission token B in the message with the secret key, extracts the terminal number B, the registration number B, and the registration permission condition B, and evaluates them. . The registration permission condition is, for example, within a day after the registration number B is generated when the registration permission condition can be registered, and the place where the originating terminal 10A connects to the network interface unit is the destination terminal 10B. Within 100 meters from the location, the profile information such as address, gender, age, etc. claimed by the originating terminal 10A during adjustment of the incoming call permission conditions is consistent with the profile information of the caller managed by the network. When the profile information of the caller is included in the registration permission condition B, the communication approval unit 23 reads the caller profile information from the terminal information storage unit 22a of the authentication unit 22 and sends the call within the registration permission condition. Compare with profile information. At this time, the communication approval unit 23 recognizes the terminal number B and identifies the terminal 10B that has generated the registration permission token B including the terminal number B.

  If the terminal number B is valid, the registration permission condition B passes, and the registration number B is not recorded in the incoming call permission condition registration permission table, the communication approval unit 23, based on the decrypted terminal number B, The incoming call permission condition and the registration number B are transmitted to the terminal 10B via the network interface unit 21 as a registration confirmation request message (steps S5 and S6).

  When the terminal 10B receives the registration confirmation request message, the terminal 10B confirms the registration number B and the incoming call permission condition. If the terminal 10B matches the incoming call permission condition agreed by the terminal 10B, the terminal 10B identifies the terminal 10A. In addition to setting the terminal number B, the terminal 10B transmits a signal including the personal calling terminal number B for identifying the terminal 10A as a registration approval message to the communication approval unit 23 via the network interface unit 21 (steps S7 and S8). ).

  Upon receiving the registration approval message, the communication approval unit 23 records the registration number B, the calling terminal number A, and the personal called terminal number A in the incoming call permission condition registration permission table corresponding to the called terminal 10B. Is recorded in the incoming call permission condition table corresponding to the terminal 10A, the personal called terminal number A, the personal calling terminal number B, the incoming call permission condition B, and the called terminal number B. Subsequently, the communication approval unit 23 transmits a registration approval message including the registration request number A and the processing result of the registration request to the terminal 10A via the network interface unit 21 (steps S9 and S10).

  When the terminal 10A receives the registration approval message, the terminal 10A confirms the registration request number A in the received registration approval message, and causes the display unit 12 to display the personal called terminal number A and the processing result of the registration request. Thereafter, when the user of the terminal 10A wants to communicate with the terminal 10B, the terminal 10B can receive a call from the terminal 10A by operating the operation unit 11 and inputting the personal called terminal number A. It becomes.

(4) Communication Approval Processing As shown in FIG. 5, first, the terminal 10A sends a communication request message including the terminal number of the terminal 10A and the personal called terminal number A of the terminal 10B based on the operation of the operation unit 11 by the user. It transmits to the communication approval part 23 via the network interface part 21 (step S21, S22).

  When receiving the communication request message, the communication approval unit 23 receives the personal call terminal number B indicating the terminal 10A viewed from the terminal 10B, the terminal number B, Search the incoming call permission conditions and evaluate the incoming call permission conditions. If the incoming call permission condition is acceptable, that is, if the incoming call permission condition indicates that communication between the terminal 10A and the terminal 10B is possible at the present time, the communication between the terminal 10A and the terminal 10B is approved. Then, the network interface unit 21 is set to transfer so that the personal called terminal number A given to the data packet transmitted from the terminal 10A to the terminal 10B is converted into a personal calling terminal number and transferred to the terminal 10B. And a network interface unit that transmits a transfer setting signal for performing transfer setting so that the terminal 10B converts the personal calling terminal number B into the personal called terminal number A and transfers it to the terminal 10A for the data packet transmitted to the terminal 10A. 21 (step S23), and the network interface unit 21 performs transfer setting based on the received transfer setting signal. A, and it transmits the transfer setting response signal to the communication authorization unit 23 (step S24).

  Subsequently, the communication approval unit 23 transmits a communication approval message indicating that the communication between the terminal 10A and the terminal 10B has been approved to the terminal 10A via the network interface unit 21 (steps S25 and S26).

(5) Communication Process Subsequently, the terminal 10A assigns the personal called terminal number A to the data packet addressed to the terminal 10B and transmits it to the network interface unit 21 (step S27). When receiving the data packet, the network interface unit 21 converts the personal called terminal number A into the personal calling terminal number B and transfers it to the terminal 10B.

  On the other hand, the terminal 10B assigns the personal calling terminal number B to the data packet addressed to the terminal 10A and transmits it to the network interface unit 21 (step S27). Upon receiving the data packet, network interface unit 21 converts personal calling terminal number B into personal called terminal number A and transfers it to terminal 10A.

The communication service system 1 including the communication service network 20 according to the embodiment of the present invention permits an incoming call from the terminal 10A having a trust relationship with the user of the terminal 10B on the called side by a signal procedure and performs communication. It is possible to prevent any signal from a terminal that is not permitted (for example, the terminal 10C) from being transferred to the terminal 10B on the called side and to conceal the terminal number. That is, the personal called terminal number of the called terminal 10B is known only to the user of the terminal 10A having a trust relationship, and the personal calling terminal number of the calling terminal 10A is known only to the user of the terminal 10B having a trust relationship. The terminal number of the originating terminal 10A is not known to the user of the terminating terminal 10B, and the terminal number of the terminating terminal 10B is unknown to the user of the originating terminal 10A. Data communication by a call from the terminal 10A on the side to the terminal 10B on the destination side is possible.
Further, according to the communication service system 1, since the communication service network 20 prevents the incoming call from the terminal that does not allow incoming calls, not the incoming terminal 10B, data from a terminal that does not allow incoming calls (for example, the terminal 10C) receives data from the incoming side. The communication band of the access line between the terminal 10B and the communication service network 20 is not compressed, and processing for discarding the data by the terminal 20B on the called side becomes unnecessary. For this reason, when a sensor, an actuator terminal, or the like having a weak communication band or processing performance is used as the terminal 10, it is possible to improve communication quality and battery life.
Further, according to the communication service system 1, when a home appliance installed in the user's home or outdoors is used as the terminal 10, the communication service network 20 manages the approval of access to the terminal 10 from the manufacturer side server. This eliminates the need for management such as filter setting for the terminal 10 that is a local device.
In addition, according to the communication service system 1, since a global number (global IP address, FDQN, telephone number, etc.) is not used as a number for the originating and called terminals 10 to identify each other, the communication partner by name identification It is possible to prevent the identification of the name and the trace of the movement route.

<Specific example>
With regard to the above-described (4) communication approval process and (5) communication process, connectionless communication using the existing IP protocol may be employed as communication between the terminals 10A and 10B and the network interface unit 21. In this case, as the personal calling terminal number and personal called terminal number, FQDN (Fully Qualified Domain Name), SIP-URI (Session Initiation Protocol-Uniform Resource Identifier), IP ( An Internet Protocol (MAC) address, a Media Access Control (MAC) address, or the like can be used. Hereinafter, a case where FQDN is used will be described.

(4) Communication approval process The terminal 10A searches for the IP address of the terminal 10B by the DNS protocol using the FQDN corresponding to the personal called terminal number of the terminal 10B as a key. Based on the terminal number of the calling terminal 10A and the personal called terminal number, the communication approval unit 23 retrieves the called terminal number and the incoming call permission condition from the incoming call permission condition table. The communication permission between the terminal 10A and the terminal 10B is set. The network interface unit 21 assigns an unused IP address to the called terminal 10B at the interface between the terminal 10A and the communication service network 20, and responds to the terminal 10A using the DNS protocol.

(5) Communication processing The terminal 10A assigns the IP address of the terminal 10B notified by the DNS protocol to the data packet addressed to the terminal 10B, and transmits the data packet to the network interface unit 21. The network interface unit 21 converts the destination of the received data packet into an IP address assigned to the terminal 10B, and also converts the unused IP address to the address of the originating terminal 10A on the interface between the terminal 10B and the communication service network 20. An address is allocated and transmitted to the terminal 10B.

  As mentioned above, although embodiment of this invention was described, this invention is not limited to the said embodiment, A design change is possible suitably in the range which does not deviate from the summary of this invention, For example, the following modifications and these combinations are possible. It can be implemented.

<Modification 1>
In the embodiment, the terminal 10 generates the registration permission token by encrypting the terminal number using the public key, but the shared secret key used with the shared secret key stored in the terminal number storage unit 22a. A registration permission token may be generated using a security association number indicating. However, in order to prevent name identification by the security association number, it is desirable to change the security association number in a short cycle so that the external device looks like a random number. In this case, the communication approval unit 23 assigns a shared secret key and a security association number corresponding to the shared secret key to the authenticated terminal 10B, and the terminal 10B includes the terminal number of the terminal 10B. The message is encrypted using the shared secret key, the corresponding security association number is assigned, and transmitted via the terminal 10A (steps S2 to S4), and the communication approval unit 23 is based on the security association number. Identifying the shared secret key, recognizing the terminal number by decrypting the encrypted terminal number using the identified shared secret key, and identifying the terminal 10B that generated the message including the terminal number It will be.

<Modification 2>
In the above-described embodiment, the registration request for the incoming call permission condition is transmitted from the terminal 10B on the called side. However, the following sequence starting from the terminal 10A on the calling side is also possible. That is, instead of distributing the registration permission token from the called terminal 10B to the calling terminal 10A (step S2), the calling terminal 10A encrypts the terminal number, the registration request number, and the registration request condition of the 10A. The registered registration request token is generated and distributed to the destination terminal 10B (step S2 ′, the destination terminal 10B adds the registration request token and transmits a registration request for an incoming call permission condition (step S3 ′). , S4 ′), the communication approval unit 23 decrypts the registration request token, the terminal number of the originating terminal 10A is valid, the registration request number is not in use, and the registration request condition is In the case of acceptance, a registration confirmation request may be made to the originating terminal 10A (steps S5 ′ to S10 ′) In this case, an operation flow in which the terminals 10A and 10B in FIG. In addition, Shin authorization unit 23 can be recorded the registration request numbers in use in the incoming permission condition table.

<Modification 3>
Further, in step S1 of the embodiment, the originating terminal 10A encrypts the terminal number of the terminal 10A and the registration request number and distributes them to the terminating terminal 10B, and the terminating terminal 10B It is included in the registration permission token and encrypted again and transmitted to the originating terminal 10A (step S2), and the communication approval unit 23 decrypts the registration permission token and obtains the terminal number of the originating terminal 10A and the incoming call. It may be determined that the registration permission token is not used by a third party by comparing the terminal number of the terminal that has transmitted the registration request for the permission condition (steps S3 and S4).

Similarly, in step S1 of the second modification, the terminal 10B on the called side encrypts and distributes the terminal number and the registration number of the terminal 10B to the calling terminal, and the calling terminal 10A requests to register them. The token is re-encrypted and transmitted to the called terminal 10B (step S2 '), and the communication approval unit 23 decrypts the registration request token and obtains the terminal number of the called terminal 10B and the incoming call. It may be determined that the registration request token is not used by a third party by comparing with the terminal number of the terminal that has transmitted the registration request for permission conditions (steps S3 ′, S4 ′). In this case, the operation flow is obtained by exchanging the terminal 10A and the terminal 10B in FIG.

<Modification 4>
In the above embodiment, the incoming terminal 10B evaluates the incoming call permission condition in step S6, but the incoming terminal 10B includes the incoming call permission condition in the registration permission token B in step S2. 10A, the originating terminal 10A transmits a request for registration of an incoming call permission condition including the registration permission token B to the communication approval unit 23 via the network interface unit 21, and the communication approval unit 23 A configuration may be adopted in which the token is decrypted and the obtained incoming call permission condition is registered in the incoming call permission condition table (steps S3 and S4).

  Similarly, in step S2 ′ of the second modification, the originating terminal 10A includes the incoming call permission condition in the registration request token and transmits it to the terminal 10B, and the called terminal 10B receives the incoming call containing the registration request token. A configuration in which a registration request for permission conditions is transmitted to the communication approval unit 23 via the network interface unit 21, and the communication approval unit 23 decrypts the registration request token and registers the obtained reception permission conditions in the reception permission condition table. (Steps S3 ′ and S4 ′). In this case, the operation flow is obtained by exchanging the terminal 10A and the terminal 10B in FIG.

<Modification 5>
In the embodiment, the terminal 10 sets the personal calling terminal number and the personal called terminal number and notifies the communication service network 20 of the personal calling terminal number. However, the communication approval unit 23 may set and notify the terminal 10 of it. . Note that the method of determining the personal calling terminal number and the personal called terminal number is not limited to the above-described one, and the terminal 10 or the communication approval unit 23 generates a random number or the like to generate the personal calling terminal number and the personal called terminal number. It may be configured to be set differently for each pair of the calling terminal and the called terminal.

DESCRIPTION OF SYMBOLS 1 Communication service system 10 (10A, 10B, 10C) Terminal 20 Communication service network 21 Network interface part 22 Authentication part 23 Communication approval part

Claims (8)

A communication service network connected to a plurality of terminals and relaying data transfer between the plurality of terminals,
A network interface connected to the plurality of terminals;
An authentication unit for authenticating the plurality of terminals;
A communication approving unit that approves connection through the network interface unit between the plurality of authenticated terminals;
With
The authentication unit authenticates the terminal based on the terminal number of the terminal transmitted from the terminal via the network interface unit and the terminal number stored in advance in the authentication unit,
The network interface unit includes communication between the plurality of terminals and the authentication unit, communication between the authenticated terminal and the communication approval unit, and the plurality of terminals approved by the communication approval unit. A communication service network characterized by allowing communication between them. A communication service system comprising: the communication service network according to claim 1; and a plurality of terminals connected to the network interface unit,
The authenticated terminal encrypts a message including the terminal number of the terminal using a public key published by the communication service network, and transmits the encrypted message via the other authenticated terminal.
The communication approval system recognizes the terminal number by decrypting the encrypted terminal number, and identifies the terminal that has generated the message including the terminal number. A communication service system comprising: the communication service network according to claim 1; and a plurality of terminals connected to the network interface unit,
The communication approval unit assigns a shared secret key and a security association number corresponding to the shared secret key to the authenticated terminal,
The authenticated terminal encrypts a message including the terminal number of the terminal using the shared secret key, assigns a corresponding security association number, and transmits the message via the other authenticated terminal.
The communication approval unit identifies the shared secret key based on the security association number, and decrypts the encrypted terminal number using the identified shared secret key. Recognize the number and identify the terminal that generated the message containing the terminal number

A communication service system characterized by that. The plurality of terminals adjust an incoming call permission condition for allowing the incoming terminal to accept incoming calls from the outgoing terminal between the outgoing terminal and the incoming terminal,
The terminal on the called side generates a registration permission token obtained by encrypting a registration permission condition indicating a condition for allowing the terminal on the called side to register the incoming call permission condition in the communication approval unit and the terminal number. To the calling terminal,
The terminal on the calling side transmits the registration permission token and the incoming call permission condition to the communication approval unit,
The communication approval unit decrypts the encryption of the registration permission token, evaluates the registration permission condition, and if it passes, stores the incoming call permission condition in the communication approval unit. 4. The communication service system according to claim 2, wherein when the communication request to the terminal is received, the incoming call permission condition is evaluated, and if the communication request is passed, the communication between the plurality of terminals is approved. . The plurality of terminals adjust an incoming call permission condition for allowing the incoming terminal to accept incoming calls from the outgoing terminal between the outgoing terminal and the incoming terminal,
The calling terminal generates a registration request token in which a registration request condition indicating a condition that the calling terminal permits to register the incoming call permission condition in the communication approval unit and the terminal number are encrypted. , Send to the terminal on the called side,
The terminal on the calling side transmits the registration request token and the incoming call permission condition to the communication approval unit,
The communication approval unit decrypts the encryption of the registration request token, evaluates the registration request condition, and if it passes, stores the incoming call permission condition in the communication approval unit. 4. The communication service system according to claim 2, wherein when the communication request to the terminal is received, the incoming call permission condition is evaluated, and if the communication request is passed, the communication between the plurality of terminals is approved. . The terminal sets a personal calling terminal number used to identify the calling terminal in the called terminal for each called terminal, and for each calling terminal, sets the personal calling terminal number. Setting a personal called terminal number used to identify the terminal on the called side in the terminal, and sending the personal calling terminal number and the personal called terminal number to the communication approving unit;
The communication approval unit sets the personal calling terminal number of the approved calling terminal and the personal called terminal number of the approved called terminal in the network interface unit,
The network interface unit
When a signal including the personal called terminal number transmitted from the approved calling terminal is received, the personal called terminal number included in the signal is converted into the personal calling terminal number and the signal is Forward to the approved called terminal,
When a signal including the personal calling terminal number transmitted from the approved called terminal is received, the personal calling terminal number included in the signal is converted into the personal called terminal number and the signal is The communication service system according to claim 4 or 5, wherein the communication service system transfers to the approved terminal on the originating side. The communication approval unit assigns a personal calling terminal number used to identify the calling terminal in the called terminal for each called terminal, and for each calling terminal, Assigns a personal called terminal number used to identify the called terminal in the terminal, transmits the personal calling terminal number to the called terminal, and sends the personal called terminal number to the calling terminal Send to
The communication approval unit sets the personal calling terminal number of the approved calling terminal and the personal called terminal number of the approved called terminal in the network interface unit,
The network interface unit
When a signal including the personal called terminal number transmitted from the approved calling terminal is received, the personal called terminal number included in the signal is converted into the personal calling terminal number and the signal is Forward to the approved called terminal,
When a signal including the personal calling terminal number transmitted from the approved called terminal is received, the personal calling terminal number included in the signal is converted into the personal called terminal number and the signal is The communication service system according to claim 4 or 5, wherein the communication service system transfers to the approved terminal on the originating side. The communication approving unit confirms the content of the incoming call permission condition with the terminal on the calling side and the terminal on the called side using the encrypted terminal signal, and is based on the terminal on the calling side and the terminal on the called side The communication service system according to claim 6 or 7, wherein when the approval is obtained, the personal calling terminal number and the personal called terminal number are stored in association with the incoming call permission condition.

Images