JP4239802B2 - Multicast transmission method - Google Patents

Description

  The present invention relates to a technique for maintaining security strength in data distribution in an information control system that shares information by linking a control system that performs device control and the like and an information system that performs a plan management task and the like.

In the conventional method, a key providing terminal generates a common key for encrypting or decrypting the content to be delivered in the information distribution system, and then encrypts it with the encryption key of each information using terminal to generate encrypted key data. And delivered to the information providing terminal and each information using terminal by multicast or unicast. The information providing terminal and each information using terminal obtain the common key by receiving the encrypted key data delivered and extracting and decrypting only the portion with its own encryption key. (For example, see Patent Documents 1 and 2)
When a key is distributed by multicast, each information using terminal receives the decryption key when it first receives the multicast content that was encrypted with the new common key at the information providing terminal. Switch to the key. When the key is delivered by unicast, the key providing terminal switches from the terminal that has received the key switching instruction issued after receiving the key reception completion response from all the terminals that have delivered the key to the new common key. .

  After switching to the new common key, the old common key is immediately discarded.

Japanese Patent Laid-Open No. 2002-247022.

JP 2002-252607 A.

  In the above prior art, when an encryption key is distributed to each information use terminal by multicast, the encryption key is sent to all terminals that require the encryption key for reasons such as temporary stop of the terminal or temporary disconnection of the network. May not be distributed, or there may be a delay in the arrival of the encryption key depending on the terminal.

  In addition, the information using terminal that has received the new key discards the old key after switching the key. For this reason, in the information using terminal that could not receive the encryption key, even if the data provided by the information providing terminal is encrypted with the new key and multicast-distributed data is received, the data cannot be correctly decrypted due to the mismatch of the encryption key. In addition, when the information providing terminal cannot receive the new encryption key, data encrypted and distributed by the information providing terminal cannot be correctly decrypted even if the information using terminal receiving the new key receives it.

  Further, the above prior art is applied when only a fixed terminal transmits information. In a system in which multiple terminals in a group send information to each other, if the communication terminal joins or leaves the group frequently, the encryption on the sending and receiving sides of the information changes. Key mismatches are likely to occur, and information transmission in the system may be interrupted, or abnormal processing may occur due to failure to transmit correct information.

  Further, when a terminal leaves the group, in order to refuse data reception of the terminal that has left, a new key is distributed to other surviving terminals in the group, and switching to a new key is performed at each terminal. However, during the period until the distribution and switching of the new key is completed, the disconnected terminal can continue to receive data.

  The present invention relates to data distribution that frequently occurs between a plurality of bases or a plurality of nodes dispersed in a wide area in an information control system, while preventing a reduction in communication processing efficiency and occurrence of abnormal processing, Provide security protection technology.

  Specifically, by sharing the encryption key, a group of nodes that receive the same data that is multicast or unicast is formed. In order to maintain encryption strength, the group repeatedly distributes and switches encryption keys. In addition, when a node leaves the group, the period until a new key is distributed and switched to other nodes alive in the group is shortened in order to refuse data reception of the leaving node.

  The distribution of the encryption key is performed by unicasting to each node from the key management server, and is performed in advance of the switching timing. Further, members of the data reception group are changed by distributing and switching a new key except for a specific node. Based on the above.

  In one aspect of the present invention, a node using the encryption key always holds a plurality of old and new version keys. The communication header of the transmission data from the node in the group includes the version information of the encryption key used for encrypting the data. The node on the receiving side refers to the version information extracted from the header, selects a corresponding version key from a plurality of encryption keys held in the node, and uses it for decrypting the received data. By the above method, it is possible to prevent a failure in decrypting received data due to a mismatch in the version of the key used even during the period of distribution and switching of the encryption key.

  In the above group, each node holds a key corresponding to each node of a member other than its own node, and a subgroup is formed for each key, so that each node of each member has only one sub-subscriber. Form a group. If data reception by a specific node such as a node that has left the group is not performed, the subgroup to which the specific node does not belong until the key management server distributes a new key to change the group member. Data is transmitted after being encrypted using the key temporarily. When a plurality of nodes are excluded from reception targets, multiple encryption is performed using a subgroup key to which each node does not belong.

  Note that a node is a general term for the terminal and the controller.

  According to the present invention, in a secure group formed by sharing an encryption key, a key mismatch is eliminated when updating the encryption key, downtime associated with the key update is reduced, and communication data leakage is prevented. Is possible.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a diagram illustrating an outline of a configuration of an information control system in which a control system that performs device control and the like and an information system that performs a plan management task in the present embodiment are linked. Here, an example of an information control system in which systems such as a head office 0101, a branch office 0102, factories 0103 and 0104 are mutually connected via a wide area network 0105 from gateways 0114, 0121, 0131 and 0141 installed at each base is shown. The main components are a key management server 0111 for generating and distributing encryption keys and managing nodes in the system installed in the head office 0101, and a business server for the head office 0101 that performs encrypted communication by multicast in the system. 0112, a terminal 0113, terminals 0122, 0123, 0124 of the branch office 0102, controllers 0132, 0133 of the factory 0103, terminals 0142 of the factory 0104, a controller 0143, and the like.

  The hardware of the key management server 0111 includes a storage device 0151, a processing device 0152, and a communication device 0153. The storage device 0151 has information on each terminal and controller, an encryption key associated with each terminal and controller, an encryption key unique to the terminal and controller received from each terminal and controller, information on each group, and information associated with each group The encryption key, software for managing the information and encryption key, and software for generating and distributing the encryption key are stored and processed by the processing device 0152. A communication device 0153 is connected to a communication medium 0302 to distribute keys to terminals 0113, 0122, 0123, 0124, 0142 and controllers 0132, 0133 at each base, and to receive a key request message. Used for.

  The hardware of the terminal 0113 includes a storage device 0161, a processing device 0162, and a communication device 0163. The storage device 0161 stores an encryption key unique to each terminal, an encryption key distributed from the key management server 0111, information on a group and a communication partner for data communication, and software for managing these encryption keys and information. And processed by the processing device 0162. The communication device 0163 is connected to the communication medium 0302 and is used for receiving an encryption key distributed from the key management server 0111, transmitting a key request message to the key management server 0111, and transmitting / receiving multicast communication within the group. The other terminals 0122, 0123, 0124, and 0142 have the same configuration.

  The hardware of the controller 0143 includes a storage device 0171, a processing device 0172, and a communication device 0173. The storage device 0171 stores an encryption key unique to each terminal, an encryption key distributed from the key management server 0111, information on a group performing data communication and a communication partner, and software for managing these encryption keys and information. And processed by the processing device 0172. The communication device 0173 is connected to the communication medium 0302 and is used for receiving an encryption key distributed from the key management server 0111, transmitting a key request message to the key management server 0111, and transmitting / receiving multicast communication within the group. The other controllers 0132 and 0133 have the same configuration.

  FIG. 2 is a diagram showing an outline of multicast communication in the information control system of this embodiment. The main components are the key management server 0111 that performs generation and distribution of encryption keys and management of nodes in the system in the information control system shown in FIG. A terminal 0122, a terminal 0113 of the head office 0101, a controller 0132 of the factory 0103, and a controller 0143 of the factory 0104 are shown.

  The encryption key 0212 held by the terminal 0122 and the encryption key 0213 held by the terminal 0113 are distributed from the key management server 0111, and are common keys associated with the group 0221. Also, the encryption key 0214 held by the terminal 0113, the encryption key 0215 held by the controller 0132, and the encryption key 0216 held by the controller 0143 are distributed from the key management server 0111 and are common keys associated with the group 0222. Note that the above key distribution 0241 is performed by unicast communication, and is encrypted with an encryption key unique to each node in order to maintain the confidentiality of the encryption key associated with the group to be distributed.

  By the key distribution 0241, the terminal 0122 and the terminal 0113 are joined to the group 0221, and the terminal 0113, the controller 0132, and the controller 0143 are joined to the group 0222. Data 0231 is multicast within group 0221 and data 0232 is multicast communication 0242 within group 0222. Since the data 0231 and 0232 are encrypted with the encryption keys associated with the groups 0221 and 0222, respectively, they can be received and decrypted only by the nodes in the group.

  The terminal 0122, the terminal 0113, the controller 0132, and the controller 0143 repeatedly transmit survival signals, and the key management server 0111 receives these survival signals and grasps the survival state (live or dead) of each node. ing.

  FIG. 3 is a diagram illustrating a functional configuration of the key management server 0111 that performs generation and distribution of encryption keys and management of groups and nodes. One key management server 0111 shown in FIG. 1 is installed in the system and may be multiplexed to improve reliability. Main components include a group management unit 0311 that manages a group using the group management table 0321, a node management unit 0312 that manages a node using the node management table 0322, and an encryption key generation that generates an encryption key. A unit 0313, a key distribution unit 0315 that distributes a key to each node via the communication medium 0302, an encryption / decryption unit 0314 that encrypts an encryption key to be transmitted and decrypts received data, and an encryption key generation unit 0313 There is a key storage database 0323 for storing the generated encryption key.

  The group management unit 0311 manages a group formed by sharing an encryption key using the group management table 0321. In order to maintain the encryption strength within each group, the encryption key generation unit 0313 repeatedly generates an encryption key associated with each group, and the key distribution unit 0315 encrypts each group that has joined each node. Distribute the key by unicast.

  When the node management unit 0312 notifies the node new subscription, the group management table 0321 is updated, and the encryption key of the group permitted to join by the key distribution unit 0315 is distributed to the node. In addition, when the node management unit 0312 notifies the node departure, the group management table 0321 is updated, and the encryption key generation unit 0313 newly generates the encryption key of the group to which the node has joined. The key is distributed by unicast to each node of other members of the group that has joined, excluding the member who has left.

  The node management unit 0312 receives the survival signal from each node via the communication medium 0302 and describes the survival state of the node in the node management table 0322. In addition, node authentication or the like is performed using information in the node management table 0322. In addition, when a change such as a new addition or withdrawal of a node is grasped by the survival signal, the change is notified to the group management unit 0311.

  FIG. 4 is a diagram illustrating a functional configuration of a node that transmits and receives data using an encryption key, such as a terminal 0113 or a controller 0143 installed in the system. It consists of an application 0403 that performs business and device control and middleware 0404 that manages encrypted communication and encryption keys via a communication medium 0302. The main components of the middleware 0404 are a key management unit 0411 and a key management unit 0411 that manage an encryption key distributed from a key management server and select an encryption key used for encryption and decryption of communication data. Encrypted transmission data using the received encryption key, encryption / decryption unit 0412 for decrypting the received data, multicast communication within the group via the communication medium 0302, and encryption key distributed from the key management server There is a data communication unit 0413 that performs reception, transmission of a key request message to a key management server, and the like, and a key storage database 0421 that stores encryption keys for multicast communication within a group distributed from the key management server.

  The key management unit 0411 manages the key storage database 0421 that stores the encryption key distributed from the key management server, and updates the key storage database 0421 every time an encryption key is received from the key management server. Also, if the corresponding version of the encryption key is not held for the group to which the node 0401 is subscribed, a key request message is transmitted to the key management server.

  The encryption / decryption unit 0412 extracts the encryption key of the destination group specified by the application 0403 from the key storage database 0421 for the transmission data received from the data communication unit 0413, and returns the encrypted encryption key to the data communication unit 0413. . In addition, when receiving multicast communication reception data from the data communication unit 0413, the corresponding encryption key is extracted from the key storage database 0421, decrypted, and returned to the data communication unit 0413.

  Upon receiving data from the application 0403, the data communication unit 0413 passes the data to the encryption / decryption unit 0412 and encrypts it. The data communication unit 0413 performs multicast communication of the encrypted data to a group designated via the communication medium 0302. The encrypted data received via the communication medium 0302 is transferred to the encryption / decryption processing unit 0412 and decrypted. The data communication unit 0413 delivers the decrypted data to the application 0403.

  Each function of each node is embodied on each node when the processing device 0152 or 0162 executes the program stored in the storage device 0151 or 0161. Each program may be stored in advance in a storage device in the node, or a removable storage medium or communication medium (a communication line or a carrier wave on the communication line) that can be used by the node when necessary. It may be introduced to the storage device via

  FIG. 5 is a diagram showing a group management table 0321 for managing a secure group in the key management server 0111. Main components include a group number 0501 that is an identifier for identifying a secure group formed by sharing an encryption key, and a subscription that describes the number of a node that is permitted to join each group in advance. Permitted node number 0502, current member node number 0503 describing the number of the node that is currently subscribed to each group and operating, group key 0504 storing the encryption key associated with each group, associated with each group There is a group key version 0505 that describes the current latest version information of the assigned encryption key.

  This table is updated in real time according to the processing, and using the information stored in this table, processing for distributing and updating keys to each group, authentication processing when a node joins each group, and the like are performed.

  FIG. 6 is a diagram showing a node management table 0322 for managing the nodes in the system in the key management server 0111. As main components, a node number 0601 that describes an identifier for identifying each node in the system, an address 0602 that describes the address of each node on the network, and a living state that describes the life or death state of each node 0603, node key 0604 for storing the encryption key associated with each node, node key version 0605 for describing the current latest version information of the encryption key associated with each node, and information regarding authentication of each node There is authentication information 0606 to be used.

  This table is updated in real time according to the process, and the key distribution to each group and the update process are performed using the information stored in this table.

FIG. 7 is a flowchart showing the flow of processing in the key management server 0111 when a certain node newly joins the receiving group and when a certain node is deleted from the receiving group based on the survival signal.
In 0701, when the survival signal of the node received by the key management server 0111 indicates a change from the dead state to the live state,
In 0702, the key management server 0111 authenticates the node that has received the survival signal. For authentication, the node authentication information 0606 described in the node management table 0322 shown in FIG. 6 is referred to. If authentication fails, the process ends.
If the authentication is successful, in 0703, the “live state” item for the node in the node management table 0322 is changed from “DEAD” to “ALIVE”.
In 0704, the number of the group desired to join is received from the node.
In 0705, “subscription permitted node number” in the group management table 0321 shown in FIG. If the node is allowed to join a group that wants to join,
In 0706, the node number is added to the “currently subscribed member node number” section of the group management table for the group to which the node is permitted to join.
In 0707, the key of the group permitted to join is transmitted to the node, and the process is terminated.

In 0701, if the node survival signal received by the key management server is changed from a live state to a dead state,
In 0711, the “survival status” item of the node management table is changed from “ALIVE” to “DEAD” for the node that has received the survival signal.

  In 0712, the group to which the node is subscribed is searched from the group management table shown in FIG.

  In 0713, the number of the node is deleted from the item of “currently joining node number” regarding the group searched in 0712 in the group management table.

  In 0714, a new key for the group searched in 0712 is generated.

  In 0715, if the search of all the groups to which the node has joined has not been completed, the processes of 0712, 0713, and 0714 are repeated.

  If all the groups have been searched, in 0716, the generated key is distributed to other surviving nodes other than the node, and the process is terminated.

  FIG. 8 is a diagram showing an outline of the encryption key switching method according to received data in each node. The main components are node A0801, node B0802, and node C0803, which are joined to the same group as the key management server 0111. These nodes correspond to the terminals 0113, 0122, 0123, 0124, 0142, the business server 0112, and the controllers 0132, 0133, 0143 shown in FIG.

The number of encryption key versions held in the key storage area 0841 of each node depends on the system. In this embodiment, four versions of keys can be stored. In the figure, Ver. 1 (0844), Ver. 2 (0843), and Ver. 3 (0842) are stored. When the key is distributed next time, a new key is stored in the free space. After that, when a new key is distributed, Ver. 1 (0844) which is the oldest key is deleted, and a new key is distributed to an empty area.
In 0811, the key management server 0111 distributes the group Ver. 2 key to the node A 0801, the node B 0802, and the node C 0803 by unicast.
In 0821, Node B 0802 encrypts data with the distributed Ver. 2 key and transmits data.
In 0831, upon receiving the data transmitted by the node B 0802, the node C 0803 refers to the version information of the encryption key stored in the header, extracts the Ver. 2 key, and decrypts it.

In 0812, the key of the group Ver. 3 is distributed from the key management server 0111 to the node A 0801 and the node C 0803, but not distributed to the node B 0802 yet.
In 0822, the node A 0801 takes out the distributed Ver. 3 key, encrypts it, and transmits the data.
In 0832, when the node C0803 receives the data transmitted by the node A0801, the node C0803 refers to the version information of the encryption key stored in the header and decrypts it with the Ver.3 key.
In 0823, since the node B 0802 has not received the distributed Ver. 3 key, it encrypts the data with the Ver. 2 key and transmits data.
In 0833, upon receiving the data transmitted by the node B 0802, the node C 0803 refers to the encryption key version information stored in the header, extracts the Ver. 2 key, and decrypts it.

  FIG. 9 is a diagram illustrating an overview of a communication message used for encryption communication within a group and an overview of a communication message when performing multicast communication by excluding a plurality of specific nodes in real time.

  The communication message 0901 includes a header 0902 and encrypted data 0903 obtained by encrypting data transmitted from the node using an encryption key associated with the group.

  The header 0902 is associated with the communication header 0904 that stores information such as the destination of multicast communication and the destination of unicast communication, and the group used to create the encrypted data 0903 at the source node. Version information 0905 of the encryption key that has been received. The encryption key version information 0905 is referred to when a node that receives the communication message 0901 selects an encryption key for decrypting the encrypted data 0903.

  An example of a communication message when performing multicast communication excluding three nodes is also shown. Note that the encryption keys associated with the subgroups that do not include each of the three excluded nodes are the key (1), the key (2), and the key (3), respectively.

  The version information 0911 of the key A and the encrypted data 0912 encrypted with the key (1) are combined to create encrypted data 0922 encrypted with the key (2) in 0941. The encrypted data 0922 and the version information 0921 of the key (2) used for encryption are combined and encrypted with the key (3) in 0942 to create encrypted data 0933. The encrypted data 0933 is transmitted with the version information 0932 of the key (3) used for encryption and the communication header 0931 added thereto. The communication header 0931 and the version information 0932 of the key (3) which is the last encrypted key are stored in the header 0951. The header 0951 is the same as the header 0902.

  FIG. 10 is a flowchart showing a process of switching the version of the encryption key used for decryption according to the received data at each node.

  At 1001, data that has undergone multicast communication is received.

  In 1002, the version information of the encryption key used for encryption is extracted from the header of the received data of 1001.

In 1003, if the version information extracted in 1002 and the corresponding version key are held,
At 1004, the corresponding version key is extracted and the key is switched.

  In 1005, the received data of 1001 is decrypted using the key switched in 1004.

In 1003, if the version information extracted in 1002 and the corresponding version key are not held,
In 1006, the received data of 1001 is discarded.

  In step 1007, the key management server is requested to send a key of the corresponding version, and the process ends.

FIG. 11 is a diagram showing a breakdown of encryption keys associated with subgroups held in each node. Here, an example in which a node A 1101, a node B 1102, a node C 1103, a node D 1104, and a node E 1105 are joined to a certain group is shown. Note that the node A 1101, the node B 1102, the node C 1103, the node D 1104, and the node E 1105 correspond to the terminals 0113, 0122, 0123, 0124, and 0142, the business server 0112, and the controllers 0132, 0133, and 0143 in the information control system shown in FIG. .
As keys corresponding to the node A 1101, the node B 1102, the node C 1103, the node D 1104, and the node E 1105, the key (1) 1111, the key (2) 1112, the key (3) 1113, the key (4) 1114, and the key (5) 1115 Prepare. Each node does not have a key associated with its own node, but has a key associated with all nodes other than its own node in the group. For example, the node A 1101 does not have the key (1) 1111, but has the other keys (2) 1112, the key (3) 1113, the key (4) 1114, and the key (5) 1115. The same applies to the other nodes.

  As described above, a subgroup excluding only one of each of node A1101 to node E1105 is formed, such as a subgroup of node B1102, node C1103, node D1104, and node E1105 having key (1) 1111. When it is desired to perform multicast transmission within a group except for a specific node, it is preferable to perform transmission by encrypting with an encryption key of a subgroup not including the node.

  For example, when node A 1101 performs multicast transmission to a group and attempts to refuse reception by node D 1104, node A 1101 switches from the encryption key of the group to the encryption key of subgroup 1114 to which node D 1104 has not joined, and performs encryption. Multicast transmission. At this time, the node A 1101, the node B 1102, the node 1103, and the node 1105 can receive and decrypt the data, but the node D 1104 does not have the corresponding encryption key even if the data is received, so the decryption refers to the data. I can't do it.

  With the above configuration, it is possible to immediately reject data reception of a node that has left the group or a node that may have been hacked, or to finely set a node that rejects reception for each data. On the data receiving side, refer to the version information of the encryption key stored in the communication header to select and decrypt the corresponding key from the held keys. Because there is no data, it cannot be decrypted and data cannot be referenced. In addition, the sending node only needs to switch the key used for encryption from the group key to the subgroup key, so that the data distribution can be performed in order to refuse the reception of the specific node. It can be processed in real time without stopping or delaying.

  Note that the encryption keys of the above subgroups are for temporary use such as the distribution of new keys when a node leaves the group, the period until switching is completed, and so on. When the authentication is established and joined, the key management server generates and distributes to each member of the group. Also, when a node leaves the group, the use of the subgroup key of that node is rejected, so the distribution and switching of new keys to other surviving nodes for each subgroup to which the node belongs Is required.

  FIG. 12 is a flowchart showing a flow of encryption processing at the time of transmission and decryption processing at the time of reception in a node that performs communication when switching to a reception group that does not include a specific node in real time.

In 1201, when the communication process executed in the node is data transmission,
In 1202, the encryption key of the subgroup to which the node that refuses reception does not belong is extracted from the keys held by the node.

  In 1203, data to be transmitted is encrypted using the subgroup key extracted in 1502.

  In 1204, version information related to the subgroup key used for encryption in 1203 is entered in the header of the transmission data.

  If there is no other node that refuses reception in 1205, data is transmitted in 1206 and the process is terminated. In 1205, if there is another node that refuses reception, the flow returns to 1202.

In 1201, if the communication process executed in the node is data reception,
In 1211, data by multicast communication is received.

  In 1212, the corresponding subgroup key is extracted from the keys held by the node with reference to the key version information described in the communication header.

In 1213, if there is no corresponding subgroup key,
At 1215, the received data is discarded and the process is terminated.

In 1213, if there is a corresponding subgroup key,
In 1214, the data received in 1211 is decrypted using the subgroup key extracted in 1212.

  In 1216, if the data decrypted in 1214 is still encrypted with another subgroup key, the process returns to 1212.

  In 1216, if the data is not encrypted with another subgroup key, the process ends.

  FIG. 13 is a diagram showing an outline when the secure group management method is specifically applied to a remote monitoring system via a wide area network. Here, an example is shown in which an operator in the head office 1301 is in a remote location and monitors and operates a plurality of factories such as factories 1303, 1304, and 1305 that are interconnected via a wide area network 1305. In addition, there may be a case where a night service is performed like a factory 1303. Since a general wide area network that is not a dedicated line is used between the head office and the factory, it is necessary to protect the communication data in order to prevent data leakage or tampering during communication.

    Nodes 1312 and 1313 used by an operator in the head office 1301 belong to an operation group 1321 that operates factory equipment and manages production lines. Nodes 1314, 1315, and 1316 used by the operator belong to an equipment maintenance group 1322 that performs maintenance of equipment in the factory.

  The operation group 1321 shares information such as equipment control commands, production plans, production results, and the like, and the nodes 1303 and 1304 used in the factory transmit control data, production results, and other information to the group by multicast. Is done. In addition, information relating to the operation plan and maintenance of the equipment is shared among the nodes used in the equipment maintenance group 1322, and information relating to the operating status of each equipment is transmitted to the group from the nodes used in the factories 1303 and 1304 by multicast. Sent. Since different encryption keys are used for the operation group 1321 and the facility maintenance group 1322, information is not leaked outside the group, and unauthorized operators can operate the facilities in the factories 1303 and 1304 illegally. You cannot browse equipment data. Note that since the operator 1311 is a supervisory supervisor and has the authority to browse both information of the operation group 1321 and the facility maintenance 1322, both encryption keys of the two groups are distributed.

  Even an operator 1317 who has traveled to the branch office 1302 can receive information multicasted within the group to which the operator belongs by connecting the node to be used to the network. At this time, since information regarding the factories 1303 and 1304 is usually distributed to the branch office 1302 because the operator 1317 is present, the information is distributed by multicast. However, since the data to be multicast is encrypted with the key of the group to which the operator 1317 belongs, the node used by other people in the unauthorized branch 1302 can view the data even if the data regarding the factories 1303 and 1304 is distributed. It is not possible. As described above, in the remote monitoring system via the wide area network, it is possible to perform data distribution in which the recipients of information are restricted according to authority.

  FIG. 14 is a diagram showing an outline when the secure group management method is specifically applied to information distribution and information sharing services in public spaces. Here, contents such as advertisements and services for visitors 1411 to 1415 who have visited the public space 1401 and services such as information sharing and chat between visitors are provided, and staff 1421 to 1424 working in the public space 1401 are provided. Examples of business communication and business information sharing are shown below. Here, multicast communication is performed in order to efficiently distribute information to an unspecified number of visitors or a plurality of staff members. In addition, services such as information distribution are provided to people in public space 1401, and information distribution or information sharing is performed only while a visitor or staff is staying in public space 1401 or for a certain period of time during the stay. Shall join the group.

  As main components of the system, a content distribution server or business management server 1402 connected to a network in the public space 1401, a key management server 1403, wireless access points 1404 to 1407 in the public space 1401, and a terminal 1439 for staff Etc. Visitors 1411 to 1415 and staff 1421 to 1424 have portable terminals 1431 to 1438 having wireless functions for receiving information sharing and sharing information.

  Staffs 1421 to 1423 have joined a staff group 1443 so that information related to the work is not leaked to other than the staff, and the work information from the work management server 1402 is multicast to the group, and within the group Business staff communicate and share business information. Visitors 1412 to 1414 subscribe to groups 1441 and 1442 that are associated with each service according to the service they receive. Depending on the service content, you will be charged, so you can avoid receiving data from visitors who haven't paid for it, or continuing to receive data even after the visitor has finished using the service, and charging visitors extra. Therefore, a group is formed for each service, and a visitor joins the group only while receiving the service.

  Unspecified visitors come into the public space 1401, and the visitor and staff stay in a fluid manner. Therefore, when the visitor 1411 visits the public space 1401, the visitor 1411 is subscribed to the group 1441 and provided with a service, so that the mobile terminal 1431 of the visitor 1411 has an encryption key associated with the group 1441. To distribute. In addition, when a visitor 1415 who is subscribed to the group 1441 and has received the service leaves the public space, or the valid period of the service provision ends, the other visitors 1411 to 1413 remaining in the group 1441 New encryption keys associated with the group 1441 are distributed to the mobile terminals 1431 to 1433.

  Similarly, when the staff 1423 is replaced with the staff 1424, the staff 1421 and 1422 that remain in the group 1443 and the mobile terminals 1436 and 1439 and the terminal 1438 of the staff 1424 that are replaced and newly joined are assigned to the group 1443. Distribute the new associated encryption key.

  As described above, communication in a secure group is realized even in a system in which nodes that perform communication are unspecified and fluid.

  FIG. 15 is a diagram showing an outline of processing in the gateway node when the secure group management method is applied to a system in which different types of networks having different security levels are interconnected.

  In a wide area network, a LAN in a base, a system of another company, etc., security levels may differ from each other due to differences in network characteristics and status. Therefore, nodes belonging to different networks may not be able to form a group by sharing the same encryption key. Therefore, it is preferable to form a group of nodes connected to the wide area network, a group of nodes connected to the LAN in one base, or the like. Although the groups share different encryption keys, the type of encryption key, the update cycle, etc. are set according to the level of security required for each network. Depending on the network, communication can be set without using an encryption key.

  In order to share data across groups with different security levels, gateway nodes belonging to a plurality of different groups are placed and data is relayed between the groups. The outline of processing in the gateway node is shown below.

  In 1511, the node 1503 of the group (2) transmits a data transfer request to the gateway node 1502. The transfer request includes information related to the data requested to be transferred (data ID, data transmission source address, etc.), data transfer destination (address of node in group (2) or subgroup ID), transfer information Communication method (unicast or multicast), transfer method (transfer as it is or after decryption with the encryption key of group (1) at gateway node 1502 and then transfer after encryption with encryption key of group (2)), etc. Include information.

  In 1512, the gateway node 1502 authenticates the node 1503 of the group (2) that issued the transfer request.

In 1513, the gateway node 1502 transmits the authentication result to the node 1503 of the group (2). If authentication is successful,
In 1514, the gateway node 1502 registers transfer settings for the group (2).

  In 1515, the node 1501 of the group (1) encrypts the transmission data.

  In 1516, the node 1501 of the group (1) performs multicast transmission of the encrypted data.

  In 1517, upon receiving the data registered for transfer, the gateway node 1502 performs data processing (decryption and encryption, or nothing) according to the registered contents.

  In 1518, the gateway node 1502 transfers the registered data to the node 1503 of the group (2).

  In 1519, the node 1503 of the group (2) decrypts the received data.

It is a figure which shows the outline | summary of a structure of the information control system which linked | related the control system which performs apparatus control, etc., and the information system which performs plan management work etc. It is a figure which shows the outline | summary of the multicast communication in an information control system. It is a figure which shows the module structure of the key management server which performs production | generation and distribution of an encryption key, and management of a group or a node. It is a figure which shows the module structure of the node which transmits / receives data using an encryption key. It is a figure which shows the group management table for managing a secure group in a key management server. It is a figure which shows the node management table for managing a node in a system in a key management server. It is a flowchart which shows the flow of a process in a key management server when a certain node newly joins a receiving group based on a survival signal, and when a certain node is deleted from a receiving group. It is a figure which shows the outline | summary of the switching method of the encryption key according to the received data in each node. It is a figure which shows the outline | summary of the communication message in the case of performing the outline of the communication message used for the encryption communication within a group, and a some specific node in real time, and performing multicast communication. It is a flowchart which shows the flow of the switching process of the version of the encryption key used for the decoding according to the received data in each node. It is a figure which shows the breakdown of the encryption key matched with the subgroup hold | maintained at each node. It is a flowchart which shows the flow of the encryption process at the time of the transmission in the node which performs communication, and the decoding process at the time of reception when switching to the receiving group which does not include a specific node. It is a figure which shows the outline | summary at the time of applying this invention to the remote monitoring system via a wide area network. It is a figure which shows the outline | summary at the time of applying this invention to the information delivery and information sharing service in a public space. It is a figure which shows the outline | summary of a process at the time of applying this invention to the system which connected the heterogeneous network from which a security level differs.

Explanation of symbols

0111: Key management server, 0113, 0122 to 0124, 0142: Terminal, 0132, 0133: Controller, 0321: Group management table, 0322: Node management table, 0502: Subscription permitted node number, 0503: Current joining member node number, 0504 : Group key, 0505: Group key version, 0601: Node number, 0602: Address, 0603: Survival state, 0604: Node key, 0605: Node key version, 0606: Authentication information, 0901: Communication message, 0902: Header, 0903 : Encrypted data, 0904: Communication header, 0905: Version information of encryption key.

Claims (3)

  In a multicast transmission method of a group consisting of a server and a plurality of nodes formed by sharing an encryption key,
  An encryption key generation unit of the server generates a first encryption key common to the group of the plurality of nodes;
  The encryption key distribution unit of the server distributes the generated first encryption key to the plurality of nodes via a communication medium,
  A data communication unit of the node receives the distributed first encryption key;
  The encryption key management unit of the node stores the received first encryption key in a storage unit included in the node,
  The encryption key management unit of the node stores, in the storage unit, a plurality of second encryption keys that do not correspond to one different node other than its own node,
  If the server receives information that a particular node of the group has left,
  An encryption key generation unit of the server generates a third encryption key common to a new group that does not correspond to the detached node;
  An encryption key distribution unit of the server distributes the generated third encryption key to the nodes of the new group via a communication medium;
  Until the distribution of the new encryption key of the group is completed,
  The encryption unit of the node of the new group selects a second encryption key that does not correspond to the detached node from the plurality of second encryption keys,
  The encryption unit of the node of the new group encrypts the data transmitted by the node using the selected second encryption key,
  The data communication unit of the node of the new group multicasts the encrypted data transmitted by the node
The multicast transmission method characterized by the above-mentioned.   The multicast transmission method according to claim 1,
  The decryption unit of the node that has received the data transmitted by the node refers to the identification information of the encryption key used for encrypting the data transmitted by the node, which is included in the header of the received data. ,
The decryption unit of the node extracts the encryption key that matches the identification information from the plurality of encryption keys stored in the storage unit of the receiving node based on the identification information of the encryption key,
  The decryption unit of the node decrypts the received data transmitted by the node using the encryption key.
The multicast transmission method characterized by the above-mentioned.   The multicast transmission method according to claim 2,
  A multicast transmission method, wherein a decryption unit of the node that distributes data transmitted by the node performs multiple encryption with the plurality of second encryption keys.

Images