JP6704380B2 - External server, communication system and communication method - Google Patents

Description

The present invention relates to an external server, a communication system and a communication method.

Conventionally, IT (Information Technology) related equipment such as a personal computer and a server is connected to the Internet. Furthermore, digital information home appliances such as televisions and digital cameras, and various sensor devices have come to be directly connected to the Internet, and such devices are called IoT (Internet of Things) devices (for example, refer to Patent Document 1).

JP, 2016-192126, A

In a general IoT service, a cloud server and a user terminal communicate via the Internet for the purpose of processing big data and reducing development costs. In this case, due to the security risk of the Internet, the safety becomes a major issue especially when operating a home IoT device such as a key sensor.
The present invention has been made in view of the above problems, and an external server that allows a terminal device to appropriately communicate with a home server depending on whether or not the home IoT device is a device requiring safety, communication An object is to provide a system and a communication method.

One aspect of the present invention is an external server arranged outside a home, the external server being capable of communicating with a home server that manages a home IoT (Internet of Things) device and a terminal device via the Internet. The home server and the terminal device can communicate with each other via a mobile communication network, and the terminal device communicates with the home server via the Internet and the external server in the first case. perform, in the second case, have lines communicating with the home server via the mobile communication network, as in the first is a if the home IoT device is a device that does not require a safety Then, the information to be communicated is not confidential information, and the second case is the case where the in-home IoT device is a device requiring security, or the information to be communicated is confidential information. This is the case, an external server.
The home server may or may not be a server physically located in the home. The home server only needs to be able to access the home network.

In one aspect of the present invention, the home IoT device may be equipped with an eSIM (Embedded Subscriber Identity Module).

In one aspect of the present invention, the in-home IoT device requiring security may be a key sensor that detects a locked state of a key.

In one aspect of the present invention, in the second case, the home server may connect to the home IoT device by SSL (Secure Socket Layer) using the eSIM.

In one aspect of the present invention, the external server may determine, in response to an inquiry from the terminal device, whether the case corresponds to the first case or the second case.

In one aspect of the present invention, the home server and the external server have first information indicating whether the home IoT device is a device that does not require safety or a device that requires safety. However, the external server may determine, based on the first information, whether the case corresponds to the first case or the second case.

In one aspect of the present invention, the external server may synchronize the first information included in the external server with the first information included in the home server.

In one aspect of the present invention, the terminal device may communicate with the home server via LTE (Long Term Evolution) in the second case.

In one aspect of the present invention, the external server may receive a posterior report regarding the communication content between the terminal device and the home server in the second case from the home server.

In one aspect of the present invention, the in-home server determines whether or not an abnormality has occurred in the home based on states of a plurality of in-home IoT devices, and the in-home server determines that an abnormality has occurred in the home. In the above, the external server receives information indicating that an abnormality has occurred from the home server, and the external server determines whether the abnormality that has occurred in the home corresponds to an abnormality that does not require a warning or a warning is issued. If the abnormality that occurs in the home corresponds to the abnormality that requires warning, the external server has second information that indicates whether the abnormality that requires the warning is present, and the external server indicates that the abnormality that requires the warning has occurred in the home. To the terminal device, and the terminal device may output an alert.

In one aspect of the present invention, the home server has third information which is information of a mesh network including the home IoT device and another home IoT device, and in the second case, the home server Is unable to connect to the home IoT device by the SSL, the home server connects to the other home IoT device by the SSL, and then the other home IoT device establishes a VPN (Virtual Private Network). It may be connected to the in-home IoT device via.

In one aspect of the present invention, the home server may include a line discriminating function at the time of receiving data.

In one aspect of the present invention, even in the second case, the terminal device may communicate with the home server via the Internet and the external server in a crime prevention emergency.

One aspect of the present invention includes a home server that manages a home IoT device, an external server arranged outside the home, and a terminal device, and the home server and the external server can communicate with each other via the Internet. The external server and the terminal device can communicate with each other via the Internet, and the home server and the terminal device can communicate with each other via a mobile communication network. , when the first communicates with the home server via the Internet and the external server, in the second case, have lines communicating with the home server via the mobile communication network, wherein the The case of 1 is a case where the in-home IoT device is a device that does not require safety, and the information to be communicated is not confidential information, and the second case is when the in-home IoT device is The communication system is a device that requires security or a case where the information to be communicated is secret information .

According to an aspect of the present invention, a home server that manages a home IoT device and an external server arranged outside the home can communicate via the Internet, and the external server and the terminal device can connect to the Internet. A communication method capable of communicating via a mobile communication network between the home server and the terminal device, wherein in the first case, the terminal device includes the Internet and the external device. and performing communication with the home server via the server, in the second case, the terminal device via the mobile communication network look including the step of communicating with the home server, the first The case is a case where the in-home IoT device is a device that does not require safety, and the information to be communicated is not confidential information, and the second case is a case where the in-home IoT device is not secure. It is a communication method that is a case requiring a device or a case where the information to be communicated is secret information .

According to the present invention, it is possible to provide an external server, a communication system, and a communication method that allow a terminal device to appropriately communicate with a home server depending on whether or not the home IoT device requires safety. ..

It is a figure which shows an example of a structure of the communication system to which the external server of 1st Embodiment was applied. It is a figure which shows the outline of a home server, an external server, a terminal device, etc. which are shown in FIG. FIG. 2 is a diagram showing an example of functional configurations of a home server and a terminal device shown in FIG. 1. It is a figure which shows an example of a function structure of the external server shown in FIG. It is a sequence diagram for explaining the processing executed in the first case. It is a sequence diagram for explaining the processing executed in the second case. It is a sequence diagram for demonstrating the process performed before step S304 of FIG. 6 in the communication system to which the external server of 2nd Embodiment was applied. It is a sequence diagram for demonstrating the process performed after step S311 of FIG. 6 in the communication system to which the external server of 3rd Embodiment was applied.

Hereinafter, embodiments of an external server, a communication system, and a communication method of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 1 is a diagram showing an example of the configuration of a communication system 1 to which the external server 13 of the first embodiment is applied. In the example shown in FIG. 1, the communication system 1 includes a home server 12, an external server 13, and a terminal device 14. The home server 12 is arranged, for example, in the home of the house A, which is the home of the user of the communication system 1, for example. The in-home server 12 manages in-home IoT (Internet of Things) devices 11 and 11-1 arranged in the house of the house A. The IoT devices 11 and 11-1 are devices that can be connected to the Internet IN, and are, for example, digital information home appliances such as lights, televisions, and digital cameras, and various sensor devices such as key sensors. The home server 12 may be physically located inside the house A or outside the house A. The home server 12 can access the home network and can manage the home IoT devices 11 and 11-1 arranged in the home of the home A.

In the example illustrated in FIG. 1, an eSIM (Embedded Subscriber Identity Module) 11A is installed in the home IoT device 11 and an eSIM 11A-1 is installed in the home IoT device 11-1. In another example, the home IoT devices 11 and 11-1 may not be equipped with the eSIM. That is, the eSIM may or may not be installed in all or part of the home IoT device.

In the example shown in FIG. 1, the external server 13 is a cloud server arranged outside the house of the house A. In another example, the external server 13 may be a server other than the cloud server arranged outside the house of the house A.
The home server 12 and the external server 13 can communicate with each other via the Internet IN. That is, in the example shown in FIG. 1, the home IoT devices 11 and 11-1 can be connected to the Internet IN via the home server 12.

The terminal device 14 is carried by a user of the communication system 1, for example. The external server 13 and the terminal device 14 can communicate with each other via the Internet IN. Further, the home server 12 and the terminal device 14 can communicate with each other not via the Internet IN but via the mobile communication network MN.

FIG. 2 is a diagram showing an outline of the home server 12, the external server 13, the terminal device 14 and the like shown in FIG. The home server 12 manages data (for example, music, photos, videos, etc.) received from the terminal device 14. The home server 12 includes a storage unit 12E such as a hard disk drive or a ROM (Read Only Memory). Data such as photographs, moving images, and music transmitted from the terminal device 14 is stored in the storage unit 12E. The data stored in the storage unit 12E can be read by the terminal device 14. In this case, the home server 12 functions as a file server for the terminal device 14. Further, the list IF1 of the home IoT devices 11 and 11-1 is registered and stored as the first information in the storage unit 12E.
All or part of the same data may be stored in the home server 12 and the external server 13 in synchronization.

The home server 12 sends and receives data to and from the terminal device 14 by communication. There are various methods for the communication performed by the home server 12. For example, for communication performed by the home server 12, short-range wireless communication using BLE (Bluetooth (registered trademark) Low Energy) or Wi-Fi (registered trademark), or mobile communication network MN such as LTE (Long Term Evolution) is used. There are methods such as wireless communication, infrared wireless communication, communication via the Internet IN and the external server 13.
Here, the case where the home server 12 can communicate with the terminal device 14 by BLE, Wi-Fi, LTE and the Internet IN will be described.

In this example, the home server 12 selects a communication method with the terminal device 14 depending on whether or not a router RT for performing short-range wireless communication by Wi-Fi is installed in the user's home. When the router RT is installed in the home of the user, the home server 12 exchanges data by Wi-Fi. When the router RT is not installed in the user's home, the home server 12 exchanges data via LTE or the internet IN.

The terminal device 14 is a portable device, and performs wireless communication according to a user operation. The terminal device 14 is, for example, a mobile phone, a smartphone, a mobile personal computer such as a tablet computer (tablet PC), or the like.

The home server 12 and the terminal device 14 include an identification chip for identifying a subscriber who subscribes to a service using the mobile communication network MN. The identification chip is, for example, SIM (Subscriber Identity Module). In this SIM, IMSI (International Mobile Subscriber Identity) is stored as a subscriber identifier ID for identifying a subscriber.
Communication services via the mobile communication network MN such as LTE are provided by communication carriers. The telecommunications carrier manages communication by the device of the subscriber by associating the IMSI (subscriber identifier ID) with the telephone number. By mounting the SIM, the home server 12 and the terminal device 14 can communicate with each other via the mobile communication network MN.

The subscriber identifier of the SIM mounted on the home server 12 is the identifier ID1. The subscriber identifier of the SIM attached to the terminal device 14 is the identifier ID2.

In the “router wireless LAN system”, the home server 12 exchanges data with the terminal device 14 via the router RT. The router RT may be provided in the home server 12.
In the “through LTE system”, the home server 12 exchanges data with the terminal device 14 via the mobile communication network MN such as LTE without passing through the router RT.
The home server 12 can also exchange data with the terminal device 14 via the Internet IN and the external server 13 without passing through the router RT.

Not all users who use the home server 12 or the terminal device 14 are familiar with communication settings such as Wi-Fi. If the user is not familiar with communication settings, the user may not know whether the router RT is installed in the house. Further, in the case of such a user, even if the user knows that the router RT is installed in the home, the user sets communication between the router RT and the home server 12, and the router RT and the terminal device 14. It is not always possible to set up communication between the two.
The home server 12 automatically supports the communication settings between the home server 12 and the terminal device 14 to support a user who is not familiar with the communication settings as described above.

FIG. 3 is a diagram showing an example of functional configurations of the home server 12 and the terminal device 14 shown in FIG. In the example illustrated in FIG. 3, the terminal device 14 includes a Wi-Fi wireless communication unit 14A, a BLE wireless communication unit 14B, an LTE wireless communication unit 14C, an operation unit 14D, a display unit 14E, and a CPU (Central Processing Unit). ) 14F, the memory|storage part 14G, and SIM14H. These respective units are mutually connected by an internal bus.
The Wi-Fi wireless communication unit 14A performs wireless communication with another communication device by the Wi-Fi system.
The BLE wireless communication unit 14B performs wireless communication with other communication devices by the BLE method.
The LTE wireless communication unit 14C performs wireless communication with another communication device by the LTE method.

The operation unit 14D includes an input device and receives a user operation. The input device includes a device such as a keyboard for inputting character information, a mouse, a pointing device such as a touch panel, a button, a dial, a joystick, a touch sensor, a touch pad, and the like.
The display unit 14E is controlled by the CPU 14F and displays an image, a GUI (Graphical User Interface), and the like. In this example, the operation unit 14D is a touch panel.

The storage unit 14G includes, for example, a hard disk drive, a ROM, and the like, and the storage unit 14G stores a program for controlling the terminal device 14 and the like.
In the case of the method via the router, the storage unit 14G stores key information KYR for the terminal device 14 to access the router RT. The key information KYR is, for example, an encryption key such as WEP (Wired Equivalent Privacy).
Here, when the in-home server 12 and the terminal device 14 exchange data with each other through the wireless LAN via router communication, the terminal device 14 uses the key information KYR for accessing the wireless communication provided by the router RT. .. In this example, the terminal device 14 is connected in advance to the wireless communication provided by the router RT. Therefore, the terminal device 14 stores the key information KYR in the storage unit 14G.

The CPU 14F executes a program stored in the storage unit 14G and controls each unit of the terminal device 14. For example, the CPU 14F controls the Wi-Fi wireless communication unit 14A, the BLE wireless communication unit 14B, and the LTE wireless communication unit 14C to perform wireless communication with other devices. Further, for example, the CPU 14F causes the storage unit 14G to store data such as images and sounds obtained by accessing the Internet IN. Further, the CPU 14F transmits these data stored in the storage unit 14G to the home server 12 via wireless communication.

The home server 12 includes a Wi-Fi wireless communication unit 12A, a BLE wireless communication unit 12B, an LTE wireless communication unit 12C, a CPU 12D, a storage unit 12E, and a SIM 12F. These respective units are mutually connected by an internal bus.

The Wi-Fi wireless communication unit 12A performs wireless communication with another communication device by the Wi-Fi system.
The BLE wireless communication unit 12B performs wireless communication with another communication device by the BLE method.
The LTE wireless communication unit 12C performs wireless communication with another communication device by the LTE system.

The storage unit 12E includes, for example, a hard disk drive and a ROM, and the storage unit 12E stores programs for controlling the home server 12.
In the case of the via-router method, the storage unit 12E stores key information KYR for the home server 12 to access the router RT. This key information KYR is the same key information as the key information KYR stored in the terminal device 14, and is, for example, an encryption key such as WEP. In this example, the home server 12 is not previously connected to the wireless communication provided by the router RT. Therefore, the home server 12 acquires the key information KYR from the terminal device 14 and stores it in the storage unit 12E.

The CPU 12D executes a program stored in the storage unit 12E and controls each unit of the home server 12. For example, the CPU 12D performs wireless communication with other devices by controlling the Wi-Fi wireless communication unit 12A, the BLE wireless communication unit 12B, and the LTE wireless communication unit 12C.

Further, the CPU 12D includes a selection unit 12D1 as its functional unit.
The selection unit 12D1 selects a communication method between the home server 12 and the terminal device 14 based on information (connection state information CD1) indicating a connection state of wireless communication with the terminal device 14. The connection status information CD1 is information indicating a list of wireless communication identification information of wireless communication that can be received by the terminal device 14. An example of this wireless communication identification information is SSID (Service Set Identifier) that identifies an access point of a wireless LAN.

A unique SSID is assigned to the access point. The access point notifies the surrounding wireless communication device of the SSID. Upon receiving the SSID from the access point, the terminal device 14 generates the connection status information CD1 listing the received SSID. The terminal device 14 notifies the home server 12 of the connection status information CD1 by BLE wireless communication.
When the router RT is installed in the house, the terminal device 14 receives the SSID of the router RT. In this case, the connection state information CD1 generated by the terminal device 14 includes the SSID of the router RT. Therefore, when the router RT is installed in the house, the connection state information CD1 that the terminal device 14 notifies the in-home server 12 includes the SSID of the router RT.
That is, the terminal device 14 notifies the in-home server 12 whether or not the router RT is installed in the home by the connection state information CD1.

The BLE wireless communication unit 12B receives the connection state information CD1 by BLE wireless communication. The selection unit 12D1 selects the communication method of the home server 12 based on the connection state information CD1 received by the BLE wireless communication unit 12B.
When the router RT is installed in the house, the connection state information CD1 includes the SSID of the router RT. In this case, the selection unit 12D1 selects the method via the router as the wireless communication method between the home server 12 and the terminal device 14.

As described above, when the home server 12 communicates with the router RT, the key information KYR is necessary.
When the method via the router is selected, the home server 12 receives the key information KYR from the terminal device 14 by BLE wireless communication. The home server 12 sets communication with the router RT based on the received key information KYR. As a result, the home server 12 transmits/receives data to/from the terminal device 14 by the route via router method.
The above setting method is merely an example. When this example is followed, that is, when the router-routed method is selected, even a user who is not good at network setting can send and receive data by the router-routed method.

FIG. 4 is a diagram showing an example of a functional configuration of the external server 13 shown in FIG.
In the example shown in FIG. 4, the external server 13 includes a communication unit 13A, a storage unit 13B, and a CPU 13C. The communication unit 13A communicates with the home server 12 and the terminal device 14 via the Internet IN. The storage unit 13B includes, for example, a ROM and a RAM (Random Access Memory). The storage unit 13B stores various programs for causing the external server 13 to function. The storage unit 13B may store a program downloaded from an external device via the Internet IN. The storage unit 13B stores the list IF1 as the first information in synchronization with the list IF1 stored in the storage unit 12E of the home server 12, for example.

The CPU 13C centrally controls the functions related to the external server 13 by executing various programs stored in the storage unit 13B. The CPU 13C includes, for example, a reception processing unit 13C1, a transmission processing unit 13C2, a registration processing unit 13C3, and a determination processing unit 13C4. The reception processing unit 13C1 receives various information from the Internet IN via the communication unit 13A. The reception processing unit 13C1 periodically receives the list IF1 from the home server 12 via the Internet IN. As a result, the external server 13 can have the information of the list IF1 synchronized with the information of the list IF1 of the home server 12.

The transmission processing unit 13C2 transmits various information to the Internet IN via the communication unit 13A. The registration processing unit 13C3 registers, for example, the list IF1 received by the reception processing unit 13C1 and stores the list IF1 in the storage unit 13B. The determination processing unit 13C4 determines whether it is the first case or the second case, which will be described later.

FIG. 5 is a sequence diagram for explaining the process executed in the first case.
In the first case, the information communicated between the terminal device 14 and the home server 12 is information about the home IoT device 11 that does not require safety, such as ON/OFF information of a lighting device. This is the case for information that is not confidential information.

In the example illustrated in FIG. 5, the list IF1 including the home IoT device 11 (for example, the lighting device) is registered and stored in the storage unit 12E of the home server 12.
In step S201, the reception processing unit 13C1 of the CPU 13C of the external server 13 periodically receives the list IF1 registered in the storage unit 12E of the home server 12, and synchronizes the list IF1.
In step S202, the registration processing unit 13C3 of the CPU 13C of the external server 13 registers the list IF1 received by the reception processing unit 13C1, and the storage unit 13B stores the list IF1.
In step S203, the terminal device 14 inquires of the external server 13 about the ID of the in-home IoT device 11. The inquiry also includes in which home the home IoT device 11 is present. Communication between the terminal device 14 and the external server 13 is performed via the Internet IN. In another example, communication according to, for example, LTE or Wi-Fi may be performed between the terminal device 14 and the external server 13.

Here, the home server 12 may be connected to the home IoT device 11 by SSL (Secure Socket Layer) using eSIM 11A installed in the home IoT device 11, for example. In another example, the home server 12 may connect to the home IoT device 11 by a method other than SSL.

In step S204, the determination processing unit 13C4 of the CPU 13C of the external server 13 refers to the list IF1 stored in the storage unit 13B.
In step S205, the determination processing unit 13C4 of the CPU 13C of the external server 13 determines based on the list IF1 whether the case corresponds to the first case or the second case. Specifically, the determination processing unit 13C4 is a home IoT device that does not require safety, and the in-home IoT device 11 that is the inquiry target is not the confidential information, and the information regarding the home IoT device 11 (for example, the lighting device) that is the inquiry target is It is determined that the first case is applicable.
In step S206, the external server 13 responds to the terminal device 14 with the determination result of step S205 (that is, the in-home IoT device 11 to be inquired is an in-home IoT device that does not require safety).

In step S<b>207, the terminal device 14 sends the ID of the home IoT device 11 to be operated by the terminal device 14 and the operation content (operation instruction) of the home IoT device 11 by the terminal device 14 to the external server 13 via the Internet IN. To send via.
In step S208, the external server 13 sends the ID of the home IoT device 11 to be operated by the terminal device 14 and the operation content (operation instruction) of the home IoT device 11 by the terminal device 14 to the home server 12 via the Internet IN. To send via.
Thus, even if a plurality of protocols (for example, Wi-Fi Halow (registered trademark), Z-Wave, etc.) are inundated in the home IoT device 11 and the like through the home server 12, the protocol conversion is centrally performed. By doing so, it is possible to use it from the user's perspective regardless of the protocol, and convenience is enhanced.
In step S208, the external server 13 can also directly transmit them to the home IoT device 11 via the Internet IN and LTE (without passing through the home server 12).

In step S209, the CPU 12D of the home server 12 refers to the list IF1 stored in the storage unit 12E.
In step S210, the CPU 12D of the home server 12 performs protocol conversion from the Internet protocol to the SSL protocol.
In step S211, the home server 12 uses, for example, the SSL using the eSIM 11A installed in the home IoT device 11 to identify the ID of the home IoT device 11 to be operated by the terminal device 14 and the home IoT device 11 by the terminal device 14. The operation content (operation instruction) is transmitted to the in-home IoT device 11. As a result, the in-home IoT device 11 is operated based on the operation instruction from the terminal device 14 (for example, the lighting device is switched from ON to OFF). In another example, in step S211, the home server 12 may transmit the ID of the home IoT device 11 and the operation content (operation instruction) to the home IoT device 11 by a method other than SSL.

FIG. 6 is a sequence diagram for explaining the process executed in the second case.
In the second case, the information communicated between the terminal device 14 and the home server 12 is a home IoT that requires security such as information on the unlocked/locked state of the key detected by the key sensor. This is information relating to the device 11-1 and is confidential information.

In the example illustrated in FIG. 6, the list IF1 including the home IoT device 11-1 (for example, a key sensor) is registered and stored in the storage unit 12E of the home server 12.
In step S301, the reception processing unit 13C1 of the CPU 13C of the external server 13 periodically receives the list IF1 registered in the storage unit 12E of the home server 12 and synchronizes the list IF1.
In step S302, the registration processing unit 13C3 of the CPU 13C of the external server 13 registers the list IF1 received by the reception processing unit 13C1, and the storage unit 13B stores the list IF1.
In step S303, the home server 12 connects to the home IoT device 11-1 by SSL using the eSIM 11A-1 installed in the home IoT device 11-1, for example.

In step S304, the terminal device 14 inquires of the external server 13 about the ID of the in-home IoT device 11-1. Communication between the terminal device 14 and the external server 13 is performed via the Internet IN. In another example, communication according to, for example, LTE or Wi-Fi may be performed between the terminal device 14 and the external server 13.

In step S305, the determination processing unit 13C4 of the CPU 13C of the external server 13 refers to the list IF1 stored in the storage unit 13B.
In step S306, the determination processing unit 13C4 of the CPU 13C of the external server 13 determines, based on the list IF1, whether the case corresponds to the first case or the second case. Specifically, in the determination processing unit 13C4, information regarding the in-home IoT device 11-1 (for example, a key sensor) that is the inquiry target is confidential information, and the in-home IoT device 11-1 that is the inquiry target is the in-home IoT device that requires safety. Yes, it is determined to correspond to the second case.
In step S307, the external server 13 responds to the terminal device 14 with the determination result of step S306 (that is, the in-home IoT device 11-1 to be inquired is the in-home IoT device requiring safety).

In step S308, the terminal device 14 switches the communication connection destination from the external server 13 to the home server 12 by an application installed in the terminal device 14, for example.
In step S<b>309, the terminal device 14 sends the ID of the home IoT device 11-1 to be operated by the terminal device 14 and the operation content (operation instruction) of the home IoT device 11-1 by the terminal device 14 to the home server 12. The data is transmitted via the mobile communication network MN (specifically, LTE).

In step S310, the CPU 12D of the home server 12 refers to the list IF1 stored in the storage unit 12E.
In step S311, the CPU 12D of the home server 12 performs protocol conversion from the LTE protocol to the SSL protocol.
In step S312, the home server 12 uses the SSL using the eSIM 11A-1 installed in the home IoT device 11-1 to determine the ID of the home IoT device 11-1 to be operated by the terminal device 14 and the terminal device 14. The operation content (operation instruction) of the home IoT device 11-1 is transmitted to the home IoT device 11-1. As a result, the home IoT device 11-1 is operated based on the operation instruction from the terminal device 14, and, for example, the key to be detected by the key sensor is switched from the unlocked state to the locked state.

In step S313, the home server 12 periodically transmits the communication data (communication content) from the terminal device 14 to the home server 12 in step S309 to the external server 13 as a posterior report.

<Summary of First Embodiment>
In the communication system 1 to which the external server 13 of the first embodiment is applied, as shown in FIG. 1, an in-home server 12 that manages in-home IoT devices 11 and 11-1, and an external server 13 that is placed outside the home. , And a terminal device 14. Further, the home server 12 and the external server 13 can communicate with each other via the Internet IN. The external server 13 and the terminal device 14 can communicate with each other via the Internet IN. Further, the home server 12 and the terminal device 14 can communicate with each other via the mobile communication network MN without going through the Internet IN. In the first case, the terminal device 14 communicates with the home server 12 via the Internet and the external server 13. In the second case, the terminal device 14 communicates with the home server 12 via the mobile communication network MN (specifically, LTE, for example).
As described with reference to FIG. 5, the first case is a case where the in-home IoT device 11 is a device that does not require safety (for example, a lighting device), and information to be communicated (for example, a lighting device). (ON/OFF information of) is not confidential information.
As described with reference to FIG. 6, the second case is a case where the in-home IoT device 11-1 is a device that requires security (for example, a key sensor that detects a locked state of a key), or , When the information to be communicated (for example, the information on the unlocked state/locked state of the key detected by the key sensor) is secret information.
The method of distribution in the first case/second case is an example, and can be arbitrarily determined. The first case and the second case are examples, and the present invention is not limited to this. That is, a third case that does not correspond to the first case or the second case may be provided, and another action may be taken in the third case.
As shown in FIG. 1, the home IoT device 11 is equipped with the eSIM 11A, and the home IoT device 11-1 is equipped with the eSIM 11A-1.
Therefore, in the communication system 1 to which the external server 13 of the first embodiment is applied, the terminal device 14 appropriately selects the in-home server depending on whether or not the in-home IoT devices 11 and 11-1 are devices that require safety. 12 can be communicated. When the in-home IoT device 11-1 requires safety (second case), it is possible to obtain a sense of security for the user by performing communication that ensures a high degree of safety.

In the communication system 1 to which the external server 13 of the first embodiment is applied, in the second case, in step S312 of FIG. 6, the home server 12 uses the eSIM 11A-1 as the SSL to connect to the home IoT device 11-1. Connecting.
Therefore, in the communication system 1 to which the external server 13 of the first embodiment is applied, it is possible to suppress the operation of the in-home IoT device 11-1 by spoofing.

In the communication system 1 to which the external server 13 of the first embodiment is applied, the external server 13 responds to the inquiry from the terminal device 14 in step S203 of FIG. 5 or step S304 of FIG. 6 or step S205 of FIG. In step S306 in FIG. 6, it is determined whether the case corresponds to the first case or the second case.
Therefore, in the communication system 1 to which the external server 13 of the first embodiment is applied, it is more determined than whether the home server 12 determines whether the first case or the second case applies. The home server 12 can be simplified.

In the communication system 1 to which the external server 13 of the first embodiment is applied, as described with reference to FIGS. 5 and 6, the in-home IoT device 11 (for example, a lighting device) and the in-home IoT device 11-1 (for example, a key The list IF1 including sensors is registered and stored in the storage unit 12E of the home server 12. That is, the home server 12 has the list IF1 (first information) indicating whether the home IoT devices 11 and 11-1 are devices that do not require safety or devices that require safety.
The list IF1 including the in-home IoT device 11 (for example, lighting device) and the in-home IoT device 11-1 (for example, key sensor) is registered by the CPU 13C of the external server 13 in step S202 of FIG. 5 or step S302 of FIG. It is registered by the unit 13C3 and stored in the storage unit 13B. That is, the external server 13 has a list IF1 (first information) indicating whether the in-home IoT devices 11 and 11-1 are devices that do not require safety or devices that require safety.
In step S205 of FIG. 5 or step S306 of FIG. 6, the external server 13 determines whether it corresponds to the first case or the second case based on the list IF1 (first information). To do.
Further, in step S201 of FIG. 5 or step S301 of FIG. 6, the external server 13 synchronizes the list IF1 (first information) of the external server 13 with the list IF1 (first information) of the home server 12.
Therefore, in the communication system 1 to which the external server 13 of the first embodiment is applied, the external server 13 can accurately determine whether it corresponds to the first case or the second case. it can.

In the communication system 1 to which the external server 13 of the first embodiment is applied, the home server 12 post-reports the communication data (communication content) from the terminal device 14 to the home server 12 in step S309 in step S313 of FIG. Is transmitted to the external server 13. That is, the external server 13 receives from the home server 12 an after-the-fact report about the contents of communication between the terminal device 14 and the home server 12 in the second case.
Therefore, in the communication system 1 to which the external server 13 of the first embodiment is applied, the external server 13 can convert the communication content in step S309 of FIG. 6 not via the external server 13 into big data. That is, the external server 13 has higher specifications than the home server 12, and the ability to analyze big data, for example, is superior to the home server 12.

As described above, in the communication system 1 to which the external server 13 of the first embodiment is applied, the eSIM 11A-1 is introduced into the in-home IoT device 11-1 that requires safety such as a key sensor. Then, the terminal device 14 and the home server 12 are connected by a mobile communication network MN such as a cellular line (LTE) of a communication carrier without going through the Internet IN in the first place. Further, the home server 12 and the home IoT device 11-1 such as a key sensor are connected by SSL using the eSIM 11A-1. As a result, safe data communication becomes possible between the terminal device 14 and the home IoT device 11-1.
As described above, according to the communication system 1 to which the external server 13 of the first embodiment is applied, it is possible to avoid the security risk of the Internet IN and perform communication with a high degree of safety. As a result, a sense of security for the user of the communication system 1 can be obtained.

Further, in the communication system 1 to which the external server 13 of the first embodiment is applied, the communication via the external server 13 is performed in the first case, and the communication via the external server 13 is not performed. Even in such a case, the communication data (communication content) from the terminal device 14 to the home server 12 is periodically transmitted to the external server 13 as a posterior report. Therefore, in the communication system 1 to which the external server 13 of the first embodiment is applied, the expandability can be improved, and it corresponds to big data (that is, the communication content not via the external server 13 is also converted to big data). be able to.

[Second Embodiment]
FIG. 7 is a sequence diagram for explaining a process executed before step S304 of FIG. 6 in the communication system 1 to which the external server 13 of the second embodiment is applied.
In the example shown in FIG. 6, the home server 12 manages the home IoT devices 11 and 11-1 arranged in the home of the home A, but in the example shown in FIG. 7, the home server 12 is installed in the home of the home A. It manages the in-home IoT devices 11, 11-1, 11-2 arranged. The home IoT device 11 is, for example, a lighting device, the home IoT device 11-1 is, for example, a key sensor, and the home IoT device 11-2 is, for example, a digital camera.

In the example illustrated in FIG. 7, the list IF1 including the home IoT devices 11, 11-1, and 11-2 is registered and stored in the storage unit 12E of the home server 12.
In step S401, the reception processing unit 13C1 of the CPU 13C of the external server 13 periodically receives the list IF1 registered in the storage unit 12E of the home server 12 and synchronizes the list IF1.
In step S402, the registration processing unit 13C3 of the CPU 13C of the external server 13 registers the list IF1 received by the reception processing unit 13C1, and the storage unit 13B stores the list IF1.
In step S403, the registration processing unit 13C3 of the CPU 13C of the external server 13 registers the warning pattern. For example, when the in-home IoT device 11-1 (key sensor) continues to detect the locked state of the key, but the in-home IoT device 11 (lighting device) switches from the OFF state to the ON state (that is, the suspicious If there is a possibility that a person has entered the house, etc.) is registered as a warning pattern.

In step S404, the home server 12 connects to the home IoT device 11-2 (digital camera) by SSL using the eSIM mounted on the home IoT device 11-2 (digital camera).
In step S405, the home server 12 connects to the home IoT device 11 (lighting device) by SSL using the eSIM 11A installed in the home IoT device 11 (lighting device).
In step S406, the home server 12 connects to the home IoT device 11-1 (key sensor) by SSL using the eSIM 11A-1 installed in the home IoT device 11-1 (key sensor).
In step S407, the home server 12 receives the information on the ON/OFF state of the home IoT device 11 (lighting device) from the home IoT device 11 (lighting device).
In step S408, the home server 12 receives information on the unlocked/locked state of the key detected by the home IoT device 11-1 (key sensor) from the home IoT device 11-1 (key sensor).

In step S409, the information on the ON/OFF state of the in-home IoT device 11 (lighting device) received by the in-home server 12 from the in-home IoT device 11 (lighting device) in step S407, and the in-home server 12 in step S408 by the in-home server 12 in step S408. Information on the unlocked state/locked state of the key detected by the in-home IoT device 11-1 (key sensor) received from 11-1 (key sensor) is transmitted to the external server 13. The transmission timing may be a periodic synchronization timing or may be set arbitrarily.
In step S410, the external server 13 refers to the warning pattern.
When the information received from the home server 12 by the external server 13 in step S409 corresponds to the warning pattern, that is, for example, the home IoT device 11-1 (key sensor) continues to detect the locked state of the key. If the in-home IoT device 11 (lighting device) is switched from the OFF state to the ON state, the external server 13 sends an alert to the terminal device 14 in step S411.
In step S412, the display unit 14E of the terminal device 14 displays the alert pop-up screen. The processes after steps S304, S305, S306 are the same as the processes after steps S304, S305, S306 described with reference to FIG. For example, by operating instructions, the in-home IoT device 11-2 (digital camera) can be switched to the ON state, and the in-home state can be confirmed.

<Summary of Second Embodiment>
In the communication system 1 to which the external server 13 of the second embodiment is applied, the in-home server 12 has an abnormality in the home based on the information on the states of the plurality of in-home IoT devices 11 and 11-1 received in steps S407 and S408. Is determined.
When the home server 12 determines that an abnormality has occurred in the home, the external server 13 receives from the home server 12 information indicating that the abnormality has occurred in step S409.
In the external server 13, a warning pattern as second information indicating whether the abnormality occurring in the house corresponds to an abnormality that does not require a warning or an abnormality that requires a warning is registered in step S403. ing. In step S410, the external server 13 collates the warning pattern with the states (for example, ON/OFF state) of the in-home IoT devices 11 and 11-1.
When the abnormality occurring in the house corresponds to the abnormality requiring the warning, the external server 13 transmits information indicating that the abnormality requiring the warning occurs in the house as an alert to the terminal device 14 in step S411. The terminal device 14 outputs an alert by displaying a pop-up screen in step S412. In addition, the terminal device 14 transmits an operation instruction to a predetermined in-home IoT device among the in-home IoT devices 11, 11-1, 11-2 as necessary.
Therefore, in the communication system 1 to which the external server 13 of the second embodiment is applied, it is possible to improve the user's comfort and satisfaction of the communication system 1.

[Third Embodiment]
FIG. 8 is a sequence diagram for explaining the process executed after step S311 of FIG. 6 in the communication system 1 to which the external server 13 of the third embodiment is applied.
In the example shown in FIG. 6, the home server 12 manages the home IoT devices 11 and 11-1 arranged in the home of the home A, but in the example shown in FIG. 7, the home server 12 is installed in the home of the home A. It manages the in-home IoT devices 11-1 and 11-3 arranged. The home IoT device 11-1 is, for example, a key sensor, and the home IoT device 11-3 is, for example, a leader home IoT device in a wireless mesh network. The reader premises IoT device has a function of transferring data to one or a plurality of home IoT devices. As a result, even if the data cannot be transmitted to the specific home IoT device once, the data can be sent again through the reader home IoT device that can transmit to the specific home IoT device.
According to the low-consumption wireless communication standard “Thread”, a wireless mesh network is formed in a home or an office to connect to the Internet.
In "Thread", a mesh network that connects wireless devices like a mesh is self-formed, and communication to a place where radio waves do not normally reach becomes possible. This mesh network is robust because it has a backup mechanism even if any device in the network fails.
In “Thread”, the IP communication network of the Internet is used as it is for wireless communication. In addition, the process of joining a new device to the network has been devised, and IoT also implements security measures that are becoming increasingly important. Since the Thread's end device can be in a sleep state for its own convenience, it can be driven by a battery for a long time.
"Thread" is an example of a wireless mesh network to which the external server 13 of the third embodiment can be applied, and the external server 13 of the third embodiment can be applied to any other wireless mesh network.

In the example illustrated in FIG. 8, the home server 12 has mesh network information as third information including the home IoT device 11-1 and the home IoT device 11-3 that is a leader device of the mesh network. That is, the home server 12 has information on the home IoT devices 11-1 and 11-3 included in the mesh network.

In the example illustrated in FIG. 8, in step S501, the home server 12 recognizes the home IoT device 11-3 that is the mesh network leader device. Preferably, the storage unit 12E of the home server 12 (and the storage unit 13B of the external server 13) stores information as to which of the home IoT devices 11-1 and 11-3 is the leader device as a list. Has been done.
In step S312, the home server 12 uses the SSL using the eSIM 11A-1 installed in the home IoT device 11-1 to determine the ID of the home IoT device 11-1 to be operated by the terminal device 14 and the terminal device 14. Although the operation content (operation instruction) of the in-home IoT device 11-1 is transmitted to the in-home IoT device 11-1 and the operation of the in-home IoT device 11-1 is tried, the operation fails.
In step S<b>502, the home server 12 sends the ID of the home IoT device 11-1 to be operated by the terminal device 14 and the operation content (operation instruction) of the home IoT device 11-1 by the terminal device 14 to the home IoT device 11. Instead of -1, the data is transmitted to the home IoT device 11-3 by SSL.
In step S503, the in-home IoT device 11-3 indicates the ID of the in-home IoT device 11-1 to be operated by the terminal device 14 and the operation content (operation instruction) of the in-home IoT device 11-1 by the terminal device 14 in the in-home IoT device. It is transmitted to the device 11-1 via a VPN (Virtual Private Network).

<Summary of Third Embodiment>
In the communication system 1 to which the external server 13 of the third embodiment is applied, in the second case, when the home server 12 cannot connect to the home IoT device 11-1 by SSL, the home server 12 performs step S502. At, the connection is made to the in-home IoT device 11-3 by SSL. Next, the home IoT device 11-3 connects to the home IoT device 11-1 via the VPN in step S502.
Therefore, in the communication system 1 to which the external server 13 of the third embodiment is applied, even if the home server 12 cannot connect to the home IoT device 11-1 by SSL, the terminal device 14 does not connect to the home IoT device 11-1. Can be operated. As a result, the safety and reliability of the communication system 1 can be improved.

<First Modification>
In the first modification of the communication system 1 to which the external server 13 of the first to third embodiments is applied, the home server 12 has a line discrimination function at the time of receiving data. Therefore, security can be improved.
Specifically, in the first modification, the home server 12 determines through which line the operation instruction of the home IoT device 11-1 is sent. The operation instruction of the in-home IoT device 11-1 requiring security is normally sent to the in-home server 12 via the mobile communication network MN (for example, LTE line). When the operation instruction of the in-home IoT device 11-1 requiring the security is sent to the in-home server 12 via the Internet IN instead of the mobile communication network MN (for example, LTE line), the in-home server 12 It is detected that the operation instruction is an illegal operation instruction. In that case, the home server 12 invalidates the operation instruction to the home IoT device 11-1.

<Second Modification>
In a security emergency, urgency becomes a top priority, reducing the need for security. Therefore, in a security emergency, it is not necessary to perform communication via the mobile communication network MN (specifically, LTE) in step S309 and SSL communication in step S312 as in the example shown in FIG.
Therefore, in the second modified example of the communication system 1 to which the external server 13 of the first to third embodiments is applied, even in the second case, in the case of a security emergency, the terminal device 14 is configured to connect to the Internet IN and the external server. It communicates with the home server 12 via 13. Therefore, it is possible to satisfy the demand for crime prevention in an emergency.
On the other hand, when the data of the facial photograph of the child captured by the in-home IoT device 11-2 (digital camera) is transmitted to the terminal device 14 at the time of non-crime emergency (normal time), the data of the facial photograph of the child is transmitted. It is sensitive information and corresponds to communications with high security needs. Therefore, as in the example shown in FIG. 6, it is necessary to perform communication via the mobile communication network MN (specifically, LTE) in step S309, and it is necessary to perform SSL communication in step S312.

<Third Modification>
In the third modified example of the communication system 1 to which the external server 13 of the first to third embodiments is applied, for example, information on the ON/OFF state of the in-home IoT device 11 (lighting device) is obtained by the big data processing of the external server 13. Depending on the (sensor information) (that is, when there is a risk of leakage of personal information such as the user's time at home), even if the in-home IoT device 11 (lighting device) does not originally require security, "security required" Is dynamically changed to "," and the same processing as the processing shown in FIG. 6 is executed.

Each unit included in the home server 12, the external server 13, and the terminal device 14 in each of the above embodiments may be realized by dedicated hardware, or may be realized by a memory and a microprocessor. May be

Each unit included in the home server 12, the external server 13, and the terminal device 14 is configured by a memory and a CPU (central processing unit), and realizes the function of each unit included in the home server 12, the external server 13, and the terminal device 14. The function may be realized by loading a program for doing so into a memory and executing it.

Further, a program for realizing the functions of the respective units included in the home server 12, the external server 13, and the terminal device 14 is recorded in a computer-readable recording medium, and the program recorded in this recording medium is read into the computer system. Alternatively, the processing may be performed by executing. The “computer system” mentioned here includes an OS and hardware such as peripheral devices.

Further, the “computer system” also includes a homepage providing environment (or display environment) if a WWW system is used.
Further, the “computer-readable recording medium” refers to a portable medium such as a flexible disk, a magneto-optical disk, a ROM, a CD-ROM, or a storage device such as a hard disk built in a computer system. Further, the "computer-readable recording medium" means to hold a program dynamically for a short time like a communication line when transmitting the program through a network such as the Internet or a communication line such as a telephone line. In this case, a volatile memory inside a computer system that serves as a server or a client in that case holds a program for a certain period of time. Further, the program may be for realizing a part of the functions described above, or may be a program for realizing the functions described above in combination with a program already recorded in the computer system.

Although the embodiment of the present invention has been described in detail above with reference to the drawings, the specific configuration is not limited to this embodiment, and appropriate modifications may be made without departing from the spirit of the present invention. it can. You may combine the structure described in each embodiment mentioned above.

DESCRIPTION OF SYMBOLS 1... Communication system, 11... Home IoT device, 11A... eSIM, 11-1... Home IoT device, 11A-1... eSIM, 11-2... Home IoT device, 11-3... Home IoT device, 12... Home server, 12A... Wi-Fi wireless communication unit, 12B... BLE wireless communication unit, 12C... LTE wireless communication unit, 12D... CPU, 12D1... Selection unit, 12E... Storage unit, 12F... SIM, 13... External server, 13A... Communication unit , 13B... Storage unit, 13C... CPU, 13C1... Reception processing unit, 13C2... Transmission processing unit, 13C3... Registration processing unit, 13C4... Judgment processing unit, 14... Terminal device, 14A... Wi-Fi wireless communication unit, 14B... BLE wireless communication unit, 14C... LTE wireless communication unit, 14D... Operation unit, 14E... Display unit, 14F... CPU, 14G... Storage unit, 14H... SIM, A... House, CD1... Connection status information, ID1... Identifier, ID2 ... identifier, IF1... first information, IN... Internet, KYR... key information, MN... mobile communication network, RT... router

Claims (15)

An external server located outside the house,
The external server is capable of communicating with a home server that manages a home IoT (Internet of Things) device and a terminal device via the Internet,
The home server and the terminal device can communicate with each other via a mobile communication network,
The terminal device,
In the first case, communicating with the home server via the Internet and the external server,
In the second case, it has lines communicating with the home server via the mobile communication network,
The first case is a case where the in-home IoT device is a device that does not require safety, and information to be communicated is not confidential information,
The second case is a case where the in-home IoT device is a device requiring safety, or a case where the information to be communicated is confidential information.
External server. An eSIM (Embedded Subscriber Identity Module) is installed in the home IoT device,
The external server according to claim 1. The in-home IoT device that requires security is a key sensor that detects the locked state of the key.
The external server according to claim 1 or 2. In the second case, the home server connects to the home IoT device by SSL (Secure Socket Layer) using the eSIM.
The external server according to claim 2 . The external server determines, in response to an inquiry from the terminal device, whether the case corresponds to the first case or the second case.
The external server according to any one of claims 1 to 4 . The in-home server and the external server have first information indicating whether the in-home IoT device is a device that does not require safety or a device that requires safety,
The external server determines, based on the first information, whether the case corresponds to the first case or the second case.
The external server according to claim 5 . The external server synchronizes the first information included in the external server with the first information included in the home server.
The external server according to claim 6. In the second case, the terminal device communicates with the home server via LTE (Long Term Evolution).
The external server according to any one of claims 1 to 7 . The external server receives, from the home server, a posterior report about the communication content between the terminal device and the home server in the second case.
The external server according to any one of claims 1 to 8. The home server determines whether or not an abnormality has occurred in the home based on the states of the plurality of home IoT devices,
When the in-home server determines that an abnormality has occurred in the home, the external server receives information indicating that an abnormality has occurred from the in-home server,
The external server has second information indicating whether the abnormality occurring in the house corresponds to an abnormality that does not require a warning or an abnormality that requires a warning,
When the abnormality that occurred in the house corresponds to the abnormality that requires the warning, the external server transmits information indicating that the abnormality that requires the warning has occurred in the house to the terminal device, and the terminal device issues an alert. Output,
The external server according to any one of claims 1 to 9. The home server has third information, which is information of a mesh network including the home IoT device and other home IoT devices,
In the second case, when the home server cannot connect to the home IoT device by the SSL, the home server connects to the other home IoT device by the SSL and then the other home IoT device. The home IoT device is connected to the home IoT device via a VPN (Virtual Private Network),
The external server according to claim 4 . The home server has a line discrimination function when receiving data,
The external server according to any one of claims 1 to 11 . Even in the second case, the terminal device communicates with the home server via the Internet and the external server in a crime prevention emergency.
The external server according to any one of claims 1 to 12. A home server for managing the home IoT device;
An external server located outside the house,
Equipped with a terminal device,
The home server and the external server can communicate with each other via the Internet,
The external server and the terminal device can communicate with each other via the Internet,
The home server and the terminal device can communicate with each other via a mobile communication network,
The terminal device,
In the first case, communicating with the home server via the Internet and the external server,
In the second case, communicating with the home server via the mobile communication network,
The first case is a case where the in-home IoT device is a device that does not require safety, and information to be communicated is not confidential information,
The second case is a case where the in-home IoT device is a device requiring safety, or a case where the information to be communicated is confidential information.
Communications system. A home server that manages the home IoT device and an external server located outside the home can communicate via the Internet,
The external server and the terminal device can communicate via the Internet,
A communication method in which the home server and the terminal device can communicate via a mobile communication network,
In the first case, the terminal device communicates with the home server via the Internet and the external server;
In the second case, the terminal device communicates with the home server via the mobile communication network,
The first case is a case where the in-home IoT device is a device that does not require safety, and information to be communicated is not confidential information,
The second case is a case where the in-home IoT device is a device requiring safety, or a case where the information to be communicated is confidential information.
Communication method.

Images