WO2007082989A1 - Set-up of a remote-control connection to a terminal device to be controlled - Google Patents

Set-up of a remote-control connection to a terminal device to be controlled Download PDF

Info

Publication number
WO2007082989A1
WO2007082989A1 PCT/FI2007/000015 FI2007000015W WO2007082989A1 WO 2007082989 A1 WO2007082989 A1 WO 2007082989A1 FI 2007000015 W FI2007000015 W FI 2007000015W WO 2007082989 A1 WO2007082989 A1 WO 2007082989A1
Authority
WO
WIPO (PCT)
Prior art keywords
connection
remote
terminal device
message
control
Prior art date
Application number
PCT/FI2007/000015
Other languages
French (fr)
Inventor
Martti Hakulinen
Original Assignee
Telcont Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telcont Oy filed Critical Telcont Oy
Priority to EP07704789A priority Critical patent/EP1982496A1/en
Publication of WO2007082989A1 publication Critical patent/WO2007082989A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B25/00Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
    • G08B25/01Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems characterised by the transmission medium
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications

Definitions

  • the present invention relates to data communications .
  • the present invention relates to a method, a computer program and a device for setting up and receiving a remote-control connection to/into a remote- control device.
  • Various objects such as property can be monitored in different ways in case of burglaries and fires .
  • One way of monitoring is so-called remote monitoring, where an object, such as a property, is provided with an automatic monitoring system, which in the event of a burglary or fire forwards the alarm data.
  • Alarms are transmitted, for example, over an alarm transmission system, conventionally based on a wired network (subscriber cable) .
  • a wired network subscriber cable
  • the Internet As the transmission path of the alarm, one can also use other public data transmission networks, such as the Internet.
  • the Internet comprises a global data transfer and service network.
  • Many different types of functions on top of the transport layer (Layer 4) are associated with it, these including a name service, e-mail, network management protocols, VoIP (Voice over IP) and a myriad of most different applications and protocols.
  • the transmission network itself which routes and couples on layers Ll, L2 and L3 , does not take a stand on the applications to be transported.
  • the ap- plications use most versatile description languages and protocols .
  • One problem with the Internet is the data security.
  • the information to be transmitted can be accessed in certain ways .
  • One such entity is called "hackers". Their primary purpose is to cause damage and problems to the object of a data intrusion.
  • Another entity includes, for example, industrial spies who try to gain the information desired by them from the network.
  • the operating systems and the operation of the applications may involve data security failures, enabling external entities to access information that was not originally intended for them.
  • VPN connections Virtual Private Network
  • MPLS techniques Multiprotocol Label Switching
  • intranet tunneling
  • tunneling private access point techniques
  • methods associated with the devices such as firewall techniques, accession lists, antivirus programs, etc.
  • Monitoring devices monitoring various objects and transmitting information to a control centre or receiving information in the event of an alarm are operationally relatively simple devices . Using the de- vices shall, however, be completely secure. In other words, under no circumstances shall an external, unauthorized entity gain access to the device control for example via an information network. Due to the aforementioned security factor, a big part of monitoring devices operates via a telephone network. In a telephone network, the sender and recipient have unambigu- ous identifiers, which in practice are impossible to forge.
  • monitoring devices can be made more complicated and more data secure for connection to a public data network (e.g. the Internet) .
  • a public data network e.g. the Internet
  • the operating systems and applications almost without exception have problems associated with the data security.
  • operating systems and applications must in practice be constantly updated in order to keep the data security level high enough.
  • HyperTerm, Telix, Procomm and similar communication protocols supporting serial communication are generally used as data transfer programs.
  • a physical connection is most usually series connection RS-232 or some other wired or wireless connection supporting serial communication, such as USB, IrDa, Bluetooth, Zig- Bee or the like.
  • serial communication such as USB, IrDa, Bluetooth, Zig- Bee or the like.
  • One specific objective of the invention is to enable remote control of a device with an IP address, such as an alarm relay, using a browser so that one avoids the use of common, normally used data security software and hardware, as well as their maintenance and updating.
  • the present invention relates to methods and terminal devices for setting up a remote-control con- nection to a remote connection device.
  • a method for setting up a remote- control connection to a remote connection device is characterized by that the relay device is used to receive from a first terminal device an electronic message containing a reference to the device to which there is a wish to set up a remote-control con- nection.
  • the relay device sends to the first terminal device an answerback message containing a login password to the remote connection device.
  • the relay device further sends to the remote connection device a con- trol message containing a reference to at least one application port to be opened in the remote connection device and the aforementioned login password.
  • the reference to the application port to be opened can also refer e.g. to the type of the connection to be set up (e.g. a browser connection, etc.) and not actually to the number of the port to be opened.
  • the relay device When the relay device receives an electronic message, it can determine the sender's identification data contained therein. If the identification data of the sender of the electronic message has not been beforehand saved to the relay device, then the sending of the answer-back message to the first terminal device can be prevented.
  • the identification data of the sender of an electronic message is e.g. the sender identifier of a short message in a mobile communication network.
  • the aforementioned electronic message can further contain information on at least one application port of a remote connection device to be opened.
  • the sender of an electronic message can request opening one or more application ports desired by him or her in a remote connection device.
  • the aforementioned answer-back message can comprise a reference to at least one application port to be opened in the remote connection device and/or the address of the remote connection device.
  • the answer-back message does not contain a reference to an application port to be opened in the remote connection device, one can e.g. assume that the user will use application ports generally used, such as TCP ports 80 or 443.
  • the answer-back message and/or the control message sent by the relay device can further comprise at least one change password.
  • One user may e.g. have only a login right to a given remote connection device.
  • Another user may in turn have e.g. a change right to the settings or information of the remote connection device.
  • users may be determined several different change right levels .
  • the invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above.
  • a method for setting up a remote-control connection to a remote connection device is characterized by the fact that from a relay device, a control message is received containing a reference to at least one application port to be opened as well as a login password.
  • the remote connection device opens the aforementioned at least one application port for a predetermined period of time.
  • the remote connection device further receives from a second terminal device a connection set-up to the aforementioned at least one application port within the predetermined period of time and requests a login password.
  • the connection set-up is accepted in case the login password received from the second terminal device corresponds to the login password received from the relay device in the control message.
  • the aforementioned application port can be closed in case the aforementioned predetermined period of time elapses and the second terminal device has not set up a connection to the remote connection device.
  • the application port can also be closed in case the login password given by the second terminal device is erroneous .
  • the control message sent by the relay device can also comprise at least one change password.
  • One user may e.g. have only a login right to a given remote connection device. Another user may in turn also have a change right to the settings or information of the remote connection device. By using several change passwords for the users, it is possible to determine different change right levels.
  • the second terminal device can be asked for a change password to execute the remote-control commands given.
  • the remote-control commands are not executed until a change password corresponding to the change password previously received by the remote connection device 'from the relay device is received from the sec- ond terminal device.
  • the invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above.
  • a third aspect of the invention there is presented a method for setting up locally a control connection to a device to be controlled.
  • the method is characterized by the fact that one sets up a local connection from a first terminal device to the device to be controlled.
  • the connection between the terminal devices can be wireless or wired.
  • the first terminal device requests from the device to be controlled connection parameters for the IP traffic, and in response to the request made, receives connection parameters from the device to be controlled.
  • the first terminal device sets up e.g. a PPP connection (Point to Point) to the device to be con- trolled.
  • PPP connection Point to Point
  • the first terminal device thinks that the device to be controlled is a network server and asks it for connection parameters for the IP traffic.
  • the device to be controlled operates like a DHCP server (Dynamic Host Configuration Protocol) , and the first terminal device thinks it is logging into the network.
  • the first terminal device accepts the connection set-up between the devices and sets up a browser connection to the device to be controlled by selecting a predetermined network address.
  • the invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above.
  • a fourth aspect of the invention there is presented a method for setting up locally a remote-control connection to a device to be controlled. The method is characterized by the fact that the terminal device to be controlled receives a connection request from the first terminal device.
  • the terminal device to be controlled receives a request for connection parameters from the first terminal device for the IP traffic and, in response to the request received, sends connection parameters to the first terminal device.
  • the terminal device to be controlled accepts the connection set-up between the devices and receives from the first terminal device a request for setting up a browser connection to a predetermined network address.
  • the invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above.
  • the invention also relates to terminal de- vices for implementing the methods presented above.
  • the characteristic features of the terminal devices are defined in the claims . Thanks to the present invention, a remote connection device or a device to be controlled can be controlled or remote-controlled so that the data security is not exposed to risk at the end of the device to be controlled. Further, thanks to the present invention, the computer executing the control need not be connected at any point to a company network or any other network to which one does not wish to allow it.
  • Fig. 1 represents one embodiment of the functioning of a method of the invention
  • Fig. 2 represents another embodiment of the functioning of a method of the invention
  • Fig. 3a represents one embodiment of terminal devices of the invention
  • Fig. 3b represents another embodiment of terminal devices of the invention
  • Fig. 4 is a flow chart illustrating one embodiment of the invention.
  • Fig. 1 represents one embodiment of the functioning of a method of the invention.
  • Fig. 1 illustrates three actual monitoring devices (Devices 1 (100), 3(104) and 4 (106) monitoring various objects such as a property, entrances etc.
  • Device 2 acts as the device receiving monitoring information. In other words, in an alarm situation, the alarm information from devices 1, 3 and 4 is sent to device 2.
  • the aforementioned devices can be connected to a public communication network 116, such as the Internet, directly or e.g. via a company network 114.
  • device 1 (100) there is wish to configure device 1 (100) .
  • a device to be remote-controlled must have been assigned a static IP address . In this manner, the device can be unambiguously pointed from any other device connected to the Internet .
  • device 1 (100) is remote- controlled via a browser user interface.
  • the device is capable of acting as a browser server.
  • the necessary protocol stack e.g. http or https
  • the application port typically is TCP port 80 or in the case of the https protocol typically TCP port 443. It is obvious that in addition to the aforementioned ports or instead of them, it is possible to use any other port numbers.
  • a maintenance man 112 Prior to setting up the actual remote-control connection to device 1 (100), a maintenance man 112 sends a message, e.g. a short message of a mobile communication network, from the terminal device 110 to a reception centre 112.
  • a message e.g. a short message of a mobile communication network
  • the form of the mes- sage is beforehand given.
  • the message contains a reference to the device to which there is a wish to set up a browser connection.
  • the telephone numbers of the users have been be- forehand determined in the reception centre 102.
  • This example uses dependable A subscriber identifier provided by the mobile communication network.
  • Device 2 (102) sends to the terminal device 110 of the maintenance man 112 a message containing at least the login password to the remote connection device.
  • the message can also contain the address of the remote connection device and/or one or more change passwords.
  • the passwords can be single-use so that they change every time.
  • Device 2 (102) sends a control message with the same content also to device 1 (100) .
  • the message can also contain one or more change passwords .
  • the message switching between devices 1 (100) and 2 (102) is implemented by using the solution presented in patent application FI20051148.
  • the method presented in patent application FI20051148 is characterized by the fact that the terminal device has been assigned an IP address .
  • at least one predetermined application port is opened from the terminal device toward the communication network.
  • Teen can send messages to this port.
  • the messages need not necessarily be filtered at all by a specific firewall.
  • the terminal device receives a first message into the application port.
  • the received first message contains a sender identifier which is an identifier separate from the IP address of the sender of the mes- sage.
  • the receiving terminal device extracts a sender identifier from the message and compares the extracted sender identifier to identifiers beforehand saved to the terminal device. If the extracted sender identifier corresponds to an identifier beforehand saved to the terminal device, then based on the extracted sender identifier, in response to the first message, an acknowledgement message containing the sender identifier of the terminal device's own is sent.
  • the solution presented in FI20051148 can be used in encrypting the message switching between devices .
  • a message or a part of it can be encrypted using an encryption key which is generated e.g. by utilizing the value of the moment of transmission of the time counter of the device.
  • the devices can be synchronized so as to have the same time base by means of a specific procedure.
  • an encrypted message can be decrypted by utilizing e.g. the value of the moment of transmission of the time counter of the device.
  • Device 1 (100) keeps the port open e.g. for a predetermined period of time (e.g. 30 seconds) or for a period of time shown by the message received from device 2 (102) .
  • the maintenance man 112 uses his computer 108 to set up a browser connection to the address http : //193.3.66.9/ or a secured connection to the address https : //193.3.66.9/ , to which device 1 (100) responds by asking the device making the connection for a password to open a remote-control connection.
  • the procedure continues in a normal manner, i.e. device 1 (100) can be remote-controlled by means of the connection that has been set up.
  • device 1 closes its application port. In a corresponding manner, if no login takes place within a timeout control or of the password is the wrong one, the port can be closed.
  • the procedure is performed e.g. from a company network, it is completely possible that some- body could "hijack" the connection and thus operate the user interface, making changes. In that case, the one that originally logged in is not able to control the situation. Due to this, the method uses a separate change password i.e. a command by which the changes made during the remote-control connection enter into force. In this manner, the hijacker is in practice not able to change anything during the remote-control connection because he or she does not know the necessary change password. In other words, in the user interface it is possible to change parameters or other settings, but they do not enter into force until the change password has been provided. In one embodiment of Fig. 1 there can be more than one password in use that is used to ensure transfer from a change level to another .
  • Fig. 2 represents another embodiment of the functioning of a method of the invention.
  • a remote-control connection was set up to the device to be controlled.
  • a local control connection is set up directly to the device to be controlled.
  • serial communication it is possible to operate by the browser basis either via an ordinary http connection or via a secured https connection.
  • the device to be controlled is shown to the computer making the connection as "a network", although the devices are communicating solely with one another .
  • the computer 208 thinks that device 206 is a network server and asks it for parameters for the IP traffic.
  • device 206 operates like a DHCP server (Dynamic Host Configuration Protocol) and the computer 208 thinks that it is logging into the network.
  • DHCP server Dynamic Host Configuration Protocol
  • the user is notified thereof, whereby he or she can start up the browser and select a predetermined network address (an IP address) .
  • the user starts up the procedure using a normal http/https procedure by using given port numbers (e.g. TCP port 80 or 443) . Proceeding in a manner such as this, there is a normal browser communication between device 206 and the computer 208.
  • the connection is set down.
  • While device 206 is shown as a server, it does not, however, know how to route. In this manner, it is ensured that the computer 208 is not allowed to access the company network 212 and nothing is allowed to access the computer 208 from the company network 212. In the foregoing, a solution is presented wherein the browser use is achieved so that the computer 208 is not physically or logically in the network in which the device 206 to be controlled is disposed.
  • the present invention necessitates only one user interface tool which can be used to control or remote-control the device.
  • the device to be controlled or some other part of the network does not need to be provided with a separate physical-level network interface (e.g. RJ45 interface).
  • the invention provides the substantial advantage that the computer performing the control does not need to be connected to a client's company network.
  • a public network Fig. 1, device 1 (100) and the computer (108)
  • one does not need any network- level interface (e.g. RJ45, and above all, the com- puter performing the control operations does not need to be protected in any ways, although the device to be controlled (100) is connected to a public communication network.
  • serial communication in the solution of Fig. 2 presented above is, in addition, advantageous because the device is usually provided with a series port (ports) and the computer has either a COM port or a USB port, which can be easily transformed to have the RS-232 level by means of a cable.
  • wireless methods such as IrDa, Bluetooth, ZigBee, etc. While e.g. Bluetooth and ZigBee are consistent with the 802.xxx Standard, it is irrelevant herein because the connection in question is only used in the communication between the browser and the device as "a virtual cable” .
  • Fig. 3a represents one embodiment showing a more detailed structure of a relay device 302 and a remote connection device 304.
  • the relay device 302 is connected to the Internet 300 (connection 316) and to a mobile communication network 308 (connection 319) via a communication interface 310.
  • the relay device 302 Via the communica- tion interface 310, the relay device 302 is configured to receive from the mobile communication network 308 an electronic mail containing a reference to the device to which there is a wish to set up a remote- control connection.
  • the electronic message can, in ad- dition, contain information on one or more application ports to be opened from the remote connection device. In other words, the user requests that a given port/given ports be opened.
  • the electronic message preferably refers to the short message of a mobile communication network 308. It can, however, be any other message of a communication network, based on which the user can be identified as being reliable.
  • the communication interface 310 is configured to send to the sender of the electronic message an an- swer-back message containing a login password to the remote connection device 304.
  • Saved beforehand to the memory of the relay device 302 can be a number of sender identifiers that are compared to the sender identifier of the electronic message.
  • the answer-back message contains, in addition, a reference to at least one application port to be opened in the remote connection device, as well as the address of the remote connection device 304 (e.g. the IP address of the remote connection de- vice ) .
  • the application port to be opened can be the same as was requested in the electronic message.
  • the relay device 302 can define the port(s) to be opened.
  • the reference to the port to be opened can also refer to the type of the connection to be set up (e.g. browser connection etc.) and not actually to the number of the port to be opened.
  • the senders of the electronic messages may have been beforehand determined various access rights to different remote connection devices.
  • a given user may have solely a login right to one remote connection device and not a right of change.
  • Another user may have both a login right and a right of change to the same remote connection device. Due to this reason, in one embodiment, the answer-back message further contains one or more change passwords . In using more than one change password, it is possible to determine more than one level to the rights of change.
  • the processing means 306 are configured to cre- ate the content of the answer-back message for the first terminal device 110 in response to the identification of the sender of the aforementioned electronic message.
  • the communication interface 310 is further configured to send to the remote connection device 304 a control message containing a reference to at least one application port to be opened in the remote connection device 304, as well as the aforementioned login password.
  • the application port to be opened is a TCP port (TCP, Transmission Control p Control) .
  • the control message further contains one or more change passwords, the operations associated with which were explained in the foregoing.
  • the remote connection device 304 is connected merely to the Internet 300 (connec- tion 318) .
  • the remote connection device 304 comprises a communication interface 312 configured to receive from the relay device 302 a control message containing a reference to at least one application port to be opened, as well as a login password.
  • the processing means 314 are configured to open the aforementioned at least one application port for a predetermined period of time.
  • the processing means 314 are configured to close the aforementioned application port in case the aforementioned predetermined period of time elapses and no message has been received into the application port.
  • the communication interface 312 is further configured to receive from the second terminal device a connection set-up to the aforementioned at least one application port within the predetermined period of time.
  • the second terminal device refers e.g. to the computer used by the maintenance man and connected to the Internet.
  • the processing means 314 are configured to ask the second terminal device for the login pass- word and to accept the connection set-up in case the login password received from the second terminal device corresponds to the login password received from the relay device 302 in the control message.
  • the processing means 314 are further con- figured to close the aforementioned port in case the login password given by the second terminal device was erroneous .
  • the control message sent by the relay device 302 can contain at least one change password.
  • the login password gives one the right to check the existing information, but only upon the reception of the change password one is given the right to validate the changes made. Due to this reason, the communication interface 312 is configured to receive remote-control commands from the second terminal device via the remote-control connection that has been set up; the processing means 314 are configured to ask the second terminal device for a change password for validating the remote-control commands given and to completely execute the remote-control commands only after a change password corresponding to the change password received earlier by the remote connection device 304 from the relay device 302 has been received from the second terminal device.
  • a given user may have solely a login right to a given remote connection device and not at all a right of change.
  • FIG. 3b represents one embodiment showing a more detailed structure of the terminal device 320 and the remote connection device 322.
  • the connection 330 between the terminal device 320 and the remote connection device 322 is a local connection.
  • the terminal device 320 comprises processing means 324 configured to set up a local connection to the remote connection device 322.
  • the physical interface between the devices can be wired or wireless .
  • the processing means 324 are further configured to ask the remote connection device 322 for connection parameters in response to the request made. If the terminal device 320 is the portable computer of the maintenance man, then it has a program installed thereon that sets up e.g. a PPP connection (PPP, Point to Point) to the remote connection device.
  • PPP Point to Point
  • the portable computer thinks that the remote connection device is a network server which it asks for connection parameters for the IP traffic.
  • the processing means 324 are configured to accept the connection set-up between the terminal device 320 and the remote connection device 322 and to set up a browser connection to the remote connection device 322 by selecting a predetermined network address.
  • the re- mote connection device 322 does not, however, know how to route IP packets. Due this, the terminal device 320 cannot connect to the local network to which the remote connection device 322 is possibly connected.
  • the remote connection device 322 comprises a communication interface 322 configured to receive a connection request and a connection parameter request for the IP traffic from the terminal device 320.
  • the communication interface 332 is further configured to send connection parameters to the terminal device 320 in response to the request received.
  • the processing means 336 are configured to accept the connection setup between the remote connection device 322 and the terminal device 320; and the communication interface 332 is configured to receive from the terminal device 320 a request for setting up a browser connection to a predetermined network address .
  • the processing means 306, 314, 324, 336 comprise e.g. a processor and a memory connected to it.
  • the memory can refer to an individual memory or memory area or memories or memory areas, which can contain a RAM memory (Random Access Memory) , a ROM memory (Readonly Memory), etc.
  • the memory can contain other applications or software components, which are not described in greater detail herein.
  • the memory can also contain a computer program (or at least its part) , which, having been run on the processor, executes at least a part of the method steps presented in the invention.
  • the processor may, in addition, contain a memory which can contain a computer program (or its part) , which, having been run on the processor, can execute at least a part of the method steps presented in the invention.
  • Fig. 4 represents one embodiment showing a solution in accordance with the invention.
  • the maintenance man 400 has got a telephone and a data processor, e.g. a computer, a PDA device or a mobile phone equipped with an Internet access in his disposal .
  • a data processor e.g. a computer, a PDA device or a mobile phone equipped with an Internet access in his disposal .
  • the maintenance man 400 gives (step 406) a normal phone call to the relay device/the reception center 402.
  • the reception center 400 may let the call to be set up ring, but the substantial fact is that the reception center 402 actively releases the call (step 410). In other words, the reception center 402 disconnects the call set-up. Prior to disconnecting the call set-up, the reception center, however, iden- tifies the caller based on the number (A subscriber) , which number is transmitted to the reception center 402 in connection with the call set-up.
  • the reception center opens a predetermined application port at a predetermined IP address (step 412) .
  • the application port is a browser port 443, by means of which it is possible to set up an encrypted browser connection.
  • the application port is kept open for a predetermined period of time keeping it waiting for the set-up of the browser connection, e.g. for 10 seconds.
  • the maintenance man 400 knows beforehand a WWW or an IP address associated with the reception center 402. Within the aforementioned period of time, the maintenance man 400 sets up a browser connection to the open application port (step 414) , and the reception center 402 opens a WWW page for the mainte- nance man 400 in response to the set-up of the browser connection.
  • the maintenance man 400 identifies himself in front of the reception center 402 e.g. by means of a password or his own telephone number (step 416) . In case for the identification, an identifier other than the telephone number is used, the identifier to be used is beforehand given and the reception center 402 has associated the identifier to be used and the telephone number of the maintenance man to one another.
  • the reception center 402 checks that the identifier is associated with the telephone number which caused the opening of the application port. If the password or telephone number transmitted by the maintenance man was the wrong one, the reception center 402 closes the application port opened by it.
  • the maintenance man 400 uses the browser connection to transmit to the reception center 402 a ref- erence to the remote connection device 404 to which the maintenance man 400 wishes to set up a remote connection.
  • the reference is e.g. a device identifier (the device name or number) or any other similar identifier individualizing the remote connection device.
  • the reception center 402 uses the browser connection to transmit to the maintenance man 400 a login password to the remote connection device 404.
  • the information to be transmitted to the maintenance man 400 can contain, in addition, the address of the remote con- nection device and/or one or more change passwords.
  • the passwords can be single-use so that they change every time.
  • the reception center 402 can send the same login password also to the remote connection device 404 via a data transfer network such as the Internet (step 418) .
  • a port to be opened such as preferably a TCP port (port 80 or 443), can be defined for the remote connection de- vice.
  • the information to be transmitted to the remote connection device 404 can also contain one or more change passwords and, optionally, for how long the remote connection device 404 will keep the aforemen- tioned port open after the message has been received.
  • the application port to be opened can also be predetermined.
  • the reception center 402 does not send any information concerning an application port to be opened to the remote connection device 404 but, in that case, the remote connection device 404 opens a predetermined application port.
  • the re- ception center 402 closes the application port opened by it (420) .
  • the message switching between the reception center 402 and the remote connection device 404 is preferably implemented by using the solution presented in patent application FI20051148.
  • the method presented in patent application FI20051148 is characterized by the fact that the terminal device has been assigned an IP address. Moreover, at least one predetermined application port is opened from the terminal device to- wards the communication network. Sandra can send messages to this port. The messages need not necessarily be filtered at all by a specific firewall.
  • the terminal device receives a first message into the application port.
  • the received first message contains a sender identifier which is an identifier separate from the IP address of the sender of the message.
  • the receiving terminal device extracts a sender identifier from the message and compares the extracted sender identifier to identifiers beforehand saved to the ter- minal device. If the extracted sender identifier corresponds to an identifier beforehand saved to the terminal device, then based on the extracted sender iden- tifier, in response to the first message, an acknowledgement message containing the sender identifier of the terminal device's own is sent.
  • the solution presented in FI20051148 can be used in encrypting the message switching between devices .
  • a message or a part of it can be encrypted using an encryption key which is generated e.g. by utilizing the value of the moment of transmission of the time counter of the device.
  • the devices can be synchronized so as to have the same time base by means of a specific procedure.
  • an encrypted message can be decrypted by utilizing e.g. the value of the moment of transmission of the time counter of the device.
  • the remote connection device 404 opens an application port (step 422) and keeps the port open e.g. for a predetermined period of time (e.g. 30 seconds) or for a period of time determined by the reception center 402.
  • the maintenance man 400 uses e.g. his com- puter to set up (step 424) a browser connection e.g. to the address http: //193.3.66.9/ or a secured connection e.g. to the address http: //193.3.66.9 , to which the remote connection device 404 responds by asking the device making the connection for a login password.
  • a browser connection e.g. to the address http: //193.3.66.9/ or a secured connection e.g. to the address http: //193.3.66.9
  • the remote connection device 404 responds by asking the device making the connection for a login password.
  • the remote connection device 404 if the maintenance man 400 has made changes to the settings or functions of the remote connection device 404 during the remote-control connection, then the remote connection device 404 asks the maintenance man for a change password during the remote-control connection. Once the remote-control session terminates, the remote connection device 404 closes the application port (step 428) . Similarly, if no login takes place within the timeout or if the password is the wrong one, the port can be closed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Emergency Management (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A remote connection between a second terminal device and a remote connection device is established by using a relay device and a first terminal device. The first terminal device sends a remote control connection request to the relay device, with a reference to the remote connection device. The relay device sends to the first terminal device an answer-back message containing a login password to the remote connection device. Furthermore, the relay device sends to the remote connection device a control message containing a reference to at least one application port to be opened in the remote connection device as well as the aforementioned login password. The connection is established between the second terminal device and the remote connection device by using the information sent by the relay device. Also disclosed is a local connection establishment by using a DHCP technology.

Description

SET-UP OP A REMOTE-CONTROL CONNECTION TO A TERMINAL DEVICE TO BE CONTROLLED
FIELD OF THE INVENTION
The present invention relates to data communications . The present invention relates to a method, a computer program and a device for setting up and receiving a remote-control connection to/into a remote- control device.
BACKGROUND OF THE INVENTION
Various objects such as property can be monitored in different ways in case of burglaries and fires . One way of monitoring is so-called remote monitoring, where an object, such as a property, is provided with an automatic monitoring system, which in the event of a burglary or fire forwards the alarm data. Alarms are transmitted, for example, over an alarm transmission system, conventionally based on a wired network (subscriber cable) . As the transmission path of the alarm, one can also use other public data transmission networks, such as the Internet. The Internet comprises a global data transfer and service network. Many different types of functions on top of the transport layer (Layer 4) are associated with it, these including a name service, e-mail, network management protocols, VoIP (Voice over IP) and a myriad of most different applications and protocols. In all the aforementioned cases, the transmission network itself, which routes and couples on layers Ll, L2 and L3 , does not take a stand on the applications to be transported. To transmit the information, the ap- plications use most versatile description languages and protocols . One problem with the Internet is the data security. On application level, the information to be transmitted can be accessed in certain ways . Generally speaking, there are entities operating on different bases that wish to access the information managed or transmitted by other parties . One such entity is called "hackers". Their primary purpose is to cause damage and problems to the object of a data intrusion. Another entity includes, for example, industrial spies who try to gain the information desired by them from the network.
Another factor in the data security problem is the weaknesses in the operating systems and applications . The operating systems and the operation of the applications may involve data security failures, enabling external entities to access information that was not originally intended for them.
To improve the data security, there are protection methods associated with the transmission net- work, such as VPN connections (Virtual Private Network) , MPLS techniques (Multiprotocol Label Switching) , intranet, tunneling, private access point techniques, as well as methods associated with the devices, such as firewall techniques, accession lists, antivirus programs, etc. Common to all these aforementioned methods is the fact that the detrimental operation is primarily directed to Layer L4 and above it, especially if as the protocol of Layer 4 (the transport layer) , a connection-oriented TCP (Transmission Control Protocol) is used.
Monitoring devices monitoring various objects and transmitting information to a control centre or receiving information in the event of an alarm are operationally relatively simple devices . Using the de- vices shall, however, be completely secure. In other words, under no circumstances shall an external, unauthorized entity gain access to the device control for example via an information network. Due to the aforementioned security factor, a big part of monitoring devices operates via a telephone network. In a telephone network, the sender and recipient have unambigu- ous identifiers, which in practice are impossible to forge.
On the other hand, monitoring devices can be made more complicated and more data secure for connection to a public data network (e.g. the Internet) . In such a device there typically is an operating system and a number of applications enabling a more data secure way of sending information and receiving control data from a public data network. However, as was stated earlier, the operating systems and applications almost without exception have problems associated with the data security. Moreover, operating systems and applications must in practice be constantly updated in order to keep the data security level high enough.
Another problem associated with the various operating systems and necessary applications used in monitoring devices is that they are too "heavy" and incur additional expenses and cause maintenance problems of the monitoring device, whose operation as such is quite simple. On the other hand, there often is a need to use the user interface to access the device, by way of introduction, maintenance, testing, test run, temporary process display or the like, for example. A usual procedure is to use e.g. a series port, through which, mainly on a text editor basis, the operations are run.
HyperTerm, Telix, Procomm and similar communication protocols supporting serial communication are generally used as data transfer programs. A physical connection is most usually series connection RS-232 or some other wired or wireless connection supporting serial communication, such as USB, IrDa, Bluetooth, Zig- Bee or the like. A problem with the solution described above is, however, the fact that the device, e.g. a computer, to be connected to the device being controlled, can gain access to a company network via the device being controlled. On the other hand, the device to be connected can expose the company network, to which the device being controlled is connected, to a data security risk.
Various alarm and/or monitoring devices can be controlled or remote-controlled utilizing the data- secure methods presented above. However, the methods presented above are complicated and typically require an operating system such as Microsoft Windows™ or Linux to operate .
OBJECTIVE OF THE INVENTION
It is an objective of the invention to eliminate the drawbacks referred to above or at least significantly to alleviate them. One specific objective of the invention is to enable remote control of a device with an IP address, such as an alarm relay, using a browser so that one avoids the use of common, normally used data security software and hardware, as well as their maintenance and updating.
StJMMARY OF THE INVENTION
The present invention relates to methods and terminal devices for setting up a remote-control con- nection to a remote connection device.
According to a first aspect of the invention, there is presented a method for setting up a remote- control connection to a remote connection device. The invention is characterized by that the relay device is used to receive from a first terminal device an electronic message containing a reference to the device to which there is a wish to set up a remote-control con- nection. The relay device sends to the first terminal device an answerback message containing a login password to the remote connection device. The relay device further sends to the remote connection device a con- trol message containing a reference to at least one application port to be opened in the remote connection device and the aforementioned login password. The reference to the application port to be opened can also refer e.g. to the type of the connection to be set up (e.g. a browser connection, etc.) and not actually to the number of the port to be opened.
When the relay device receives an electronic message, it can determine the sender's identification data contained therein. If the identification data of the sender of the electronic message has not been beforehand saved to the relay device, then the sending of the answer-back message to the first terminal device can be prevented. The identification data of the sender of an electronic message is e.g. the sender identifier of a short message in a mobile communication network.
The aforementioned electronic message can further contain information on at least one application port of a remote connection device to be opened. In other words, the sender of an electronic message can request opening one or more application ports desired by him or her in a remote connection device. Further, the aforementioned answer-back message can comprise a reference to at least one application port to be opened in the remote connection device and/or the address of the remote connection device. In case the answer-back message does not contain a reference to an application port to be opened in the remote connection device, one can e.g. assume that the user will use application ports generally used, such as TCP ports 80 or 443. The answer-back message and/or the control message sent by the relay device can further comprise at least one change password. One may have beforehand saved in the relay device different operation levels for remote connection devices for different users. One user may e.g. have only a login right to a given remote connection device. Another user may in turn have e.g. a change right to the settings or information of the remote connection device. By using several change passwords, users may be determined several different change right levels .
The invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above.
According to a second aspect of the invention, there is presented a method for setting up a remote-control connection to a remote connection device. The method is characterized by the fact that from a relay device, a control message is received containing a reference to at least one application port to be opened as well as a login password. The remote connection device opens the aforementioned at least one application port for a predetermined period of time. The remote connection device further receives from a second terminal device a connection set-up to the aforementioned at least one application port within the predetermined period of time and requests a login password. The connection set-up is accepted in case the login password received from the second terminal device corresponds to the login password received from the relay device in the control message.
The aforementioned application port can be closed in case the aforementioned predetermined period of time elapses and the second terminal device has not set up a connection to the remote connection device. The application port can also be closed in case the login password given by the second terminal device is erroneous .
The control message sent by the relay device can also comprise at least one change password. One user may e.g. have only a login right to a given remote connection device. Another user may in turn also have a change right to the settings or information of the remote connection device. By using several change passwords for the users, it is possible to determine different change right levels.
Once the second terminal device is logged into the remote connection device and has given remote-control commands via the remote-control connection, the second terminal device can be asked for a change password to execute the remote-control commands given. The remote-control commands are not executed until a change password corresponding to the change password previously received by the remote connection device 'from the relay device is received from the sec- ond terminal device.
The invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above. According to a third aspect of the invention, there is presented a method for setting up locally a control connection to a device to be controlled. The method is characterized by the fact that one sets up a local connection from a first terminal device to the device to be controlled. The connection between the terminal devices can be wireless or wired. The first terminal device requests from the device to be controlled connection parameters for the IP traffic, and in response to the request made, receives connection parameters from the device to be controlled. In other words, the first terminal device sets up e.g. a PPP connection (Point to Point) to the device to be con- trolled. The first terminal device thinks that the device to be controlled is a network server and asks it for connection parameters for the IP traffic. Preferably, the device to be controlled operates like a DHCP server (Dynamic Host Configuration Protocol) , and the first terminal device thinks it is logging into the network. The first terminal device accepts the connection set-up between the devices and sets up a browser connection to the device to be controlled by selecting a predetermined network address.
The invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above. According to a fourth aspect of the invention, there is presented a method for setting up locally a remote-control connection to a device to be controlled. The method is characterized by the fact that the terminal device to be controlled receives a connection request from the first terminal device.
Further, the terminal device to be controlled receives a request for connection parameters from the first terminal device for the IP traffic and, in response to the request received, sends connection parameters to the first terminal device. The terminal device to be controlled accepts the connection set-up between the devices and receives from the first terminal device a request for setting up a browser connection to a predetermined network address. The invention also relates to a computer program for setting up a remote-control connection to a remote connection device configured to execute the method steps referred to above.
The invention also relates to terminal de- vices for implementing the methods presented above. The characteristic features of the terminal devices are defined in the claims . Thanks to the present invention, a remote connection device or a device to be controlled can be controlled or remote-controlled so that the data security is not exposed to risk at the end of the device to be controlled. Further, thanks to the present invention, the computer executing the control need not be connected at any point to a company network or any other network to which one does not wish to allow it.
Furthermore, the solution presented in the invention is easy and simple to implement.
LIST OF FIGURES
In the following section, the invention will be described in detail by means of embodiment examples, in which
Fig. 1 represents one embodiment of the functioning of a method of the invention;
Fig. 2 represents another embodiment of the functioning of a method of the invention;
Fig. 3a represents one embodiment of terminal devices of the invention;
Fig. 3b represents another embodiment of terminal devices of the invention; and Fig. 4 is a flow chart illustrating one embodiment of the invention.
DETAILED DESCRIPTION OF THE INVENTION
Fig. 1 represents one embodiment of the functioning of a method of the invention. Fig. 1 illustrates three actual monitoring devices (Devices 1 (100), 3(104) and 4 (106) monitoring various objects such as a property, entrances etc. Device 2 acts as the device receiving monitoring information. In other words, in an alarm situation, the alarm information from devices 1, 3 and 4 is sent to device 2. The aforementioned devices can be connected to a public communication network 116, such as the Internet, directly or e.g. via a company network 114.
In this example, there is wish to configure device 1 (100) . A device to be remote-controlled must have been assigned a static IP address . In this manner, the device can be unambiguously pointed from any other device connected to the Internet . In a preferred embodiment of the invention, device 1 (100) is remote- controlled via a browser user interface. For the remote control, the device is capable of acting as a browser server. In other words, it is provided with the necessary protocol stack (s) (e.g. http or https) using a given application port or ports. In the case of an http protocol, the application port typically is TCP port 80 or in the case of the https protocol typically TCP port 443. It is obvious that in addition to the aforementioned ports or instead of them, it is possible to use any other port numbers. Prior to setting up the actual remote-control connection to device 1 (100), a maintenance man 112 sends a message, e.g. a short message of a mobile communication network, from the terminal device 110 to a reception centre 112. Preferably, the form of the mes- sage is beforehand given. The message contains a reference to the device to which there is a wish to set up a browser connection. In case as the message, a short message of a mobile communication network is used, the telephone numbers of the users have been be- forehand determined in the reception centre 102. This example uses dependable A subscriber identifier provided by the mobile communication network.
Device 2 (102) sends to the terminal device 110 of the maintenance man 112 a message containing at least the login password to the remote connection device. The message can also contain the address of the remote connection device and/or one or more change passwords. The passwords can be single-use so that they change every time. Device 2 (102) sends a control message with the same content also to device 1 (100) .
In the message to be sent to device 1 (100) , one de- termines the port to be opened, preferably a TCP port
(port 80 or 443,) as well as the login password. The message can also contain one or more change passwords .
In the message it is also possible to define for how long device 1 (100) will keep the aforementioned port open after the message has been received.
Preferably, the message switching between devices 1 (100) and 2 (102) is implemented by using the solution presented in patent application FI20051148. The method presented in patent application FI20051148 is characterized by the fact that the terminal device has been assigned an IP address . In addition, at least one predetermined application port is opened from the terminal device toward the communication network. Anyone can send messages to this port. The messages need not necessarily be filtered at all by a specific firewall. The terminal device receives a first message into the application port. The received first message contains a sender identifier which is an identifier separate from the IP address of the sender of the mes- sage. The receiving terminal device extracts a sender identifier from the message and compares the extracted sender identifier to identifiers beforehand saved to the terminal device. If the extracted sender identifier corresponds to an identifier beforehand saved to the terminal device, then based on the extracted sender identifier, in response to the first message, an acknowledgement message containing the sender identifier of the terminal device's own is sent.
Further, the solution presented in FI20051148 can be used in encrypting the message switching between devices . A message or a part of it can be encrypted using an encryption key which is generated e.g. by utilizing the value of the moment of transmission of the time counter of the device. The devices can be synchronized so as to have the same time base by means of a specific procedure. In a corresponding manner, an encrypted message can be decrypted by utilizing e.g. the value of the moment of transmission of the time counter of the device.
Device 1 (100) keeps the port open e.g. for a predetermined period of time (e.g. 30 seconds) or for a period of time shown by the message received from device 2 (102) . The maintenance man 112 uses his computer 108 to set up a browser connection to the address http : //193.3.66.9/ or a secured connection to the address https : //193.3.66.9/ , to which device 1 (100) responds by asking the device making the connection for a password to open a remote-control connection. Once the connection has been successfully set up, the procedure continues in a normal manner, i.e. device 1 (100) can be remote-controlled by means of the connection that has been set up.
Once the remote-control session terminates, device 1 (100) closes its application port. In a corresponding manner, if no login takes place within a timeout control or of the password is the wrong one, the port can be closed.
In a manner presented above, browser use can be made possible; although the application port (or ports) would be closed as normally. In addition, the procedure presented above starts from message switch- ing of different types of media (e.g. message switching of a mobile station tax) , so it is impossible to track the control event itself.
If the procedure is performed e.g. from a company network, it is completely possible that some- body could "hijack" the connection and thus operate the user interface, making changes. In that case, the one that originally logged in is not able to control the situation. Due to this, the method uses a separate change password i.e. a command by which the changes made during the remote-control connection enter into force. In this manner, the hijacker is in practice not able to change anything during the remote-control connection because he or she does not know the necessary change password. In other words, in the user interface it is possible to change parameters or other settings, but they do not enter into force until the change password has been provided. In one embodiment of Fig. 1 there can be more than one password in use that is used to ensure transfer from a change level to another .
Fig. 2 represents another embodiment of the functioning of a method of the invention. In the embodiment of Fig. 1, a remote-control connection was set up to the device to be controlled. In the embodiment of Fig. 2, a local control connection is set up directly to the device to be controlled. By means of the method presented in Fig. 2, by means of serial communication, it is possible to operate by the browser basis either via an ordinary http connection or via a secured https connection. In this embodiment, the device to be controlled is shown to the computer making the connection as "a network", although the devices are communicating solely with one another .
One installs onto the computer 208 of the maintenance man 210 a program which sets up a connec- tion, e.g. a PPP connection (Point to Point Protocol), to device 206. The computer 208 thinks that device 206 is a network server and asks it for parameters for the IP traffic. In other words, device 206 operates like a DHCP server (Dynamic Host Configuration Protocol) and the computer 208 thinks that it is logging into the network. Once the login is completed, the user is notified thereof, whereby he or she can start up the browser and select a predetermined network address (an IP address) . The user starts up the procedure using a normal http/https procedure by using given port numbers (e.g. TCP port 80 or 443) . Proceeding in a manner such as this, there is a normal browser communication between device 206 and the computer 208. Once the control procedures are completed, the connection is set down.
While device 206 is shown as a server, it does not, however, know how to route. In this manner, it is ensured that the computer 208 is not allowed to access the company network 212 and nothing is allowed to access the computer 208 from the company network 212. In the foregoing, a solution is presented wherein the browser use is achieved so that the computer 208 is not physically or logically in the network in which the device 206 to be controlled is disposed.
Thanks to the present invention, one necessitates only one user interface tool which can be used to control or remote-control the device. The device to be controlled or some other part of the network does not need to be provided with a separate physical-level network interface (e.g. RJ45 interface). The invention provides the substantial advantage that the computer performing the control does not need to be connected to a client's company network. Further, in the solution of a public network (Fig. 1, device 1 (100) and the computer (108)) one does not need any network- level interface (e.g. RJ45, and above all, the com- puter performing the control operations does not need to be protected in any ways, although the device to be controlled (100) is connected to a public communication network.
Using serial communication in the solution of Fig. 2 presented above is, in addition, advantageous because the device is usually provided with a series port (ports) and the computer has either a COM port or a USB port, which can be easily transformed to have the RS-232 level by means of a cable. On the other hand, it is possible to use wireless methods, such as IrDa, Bluetooth, ZigBee, etc. While e.g. Bluetooth and ZigBee are consistent with the 802.xxx Standard, it is irrelevant herein because the connection in question is only used in the communication between the browser and the device as "a virtual cable" .
Fig. 3a represents one embodiment showing a more detailed structure of a relay device 302 and a remote connection device 304. The relay device 302 is connected to the Internet 300 (connection 316) and to a mobile communication network 308 (connection 319) via a communication interface 310. Via the communica- tion interface 310, the relay device 302 is configured to receive from the mobile communication network 308 an electronic mail containing a reference to the device to which there is a wish to set up a remote- control connection. The electronic message can, in ad- dition, contain information on one or more application ports to be opened from the remote connection device. In other words, the user requests that a given port/given ports be opened. The electronic message preferably refers to the short message of a mobile communication network 308. It can, however, be any other message of a communication network, based on which the user can be identified as being reliable.
The communication interface 310 is configured to send to the sender of the electronic message an an- swer-back message containing a login password to the remote connection device 304. Saved beforehand to the memory of the relay device 302 can be a number of sender identifiers that are compared to the sender identifier of the electronic message. In case the sender of the message cannot be found in the memory, the sending of the answer-back message is prevented. In one embodiment, the answer-back message contains, in addition, a reference to at least one application port to be opened in the remote connection device, as well as the address of the remote connection device 304 (e.g. the IP address of the remote connection de- vice ) . The application port to be opened can be the same as was requested in the electronic message. In case the electronic message does not individualize an application port, the relay device 302 can define the port(s) to be opened. The reference to the port to be opened can also refer to the type of the connection to be set up (e.g. browser connection etc.) and not actually to the number of the port to be opened.
The senders of the electronic messages may have been beforehand determined various access rights to different remote connection devices. A given user may have solely a login right to one remote connection device and not a right of change. Another user may have both a login right and a right of change to the same remote connection device. Due to this reason, in one embodiment, the answer-back message further contains one or more change passwords . In using more than one change password, it is possible to determine more than one level to the rights of change. In other words, the processing means 306 are configured to cre- ate the content of the answer-back message for the first terminal device 110 in response to the identification of the sender of the aforementioned electronic message.
The communication interface 310 is further configured to send to the remote connection device 304 a control message containing a reference to at least one application port to be opened in the remote connection device 304, as well as the aforementioned login password. Preferably, the application port to be opened is a TCP port (TCP, Transmission Control p Control) . In one embodiment, the control message further contains one or more change passwords, the operations associated with which were explained in the foregoing.
In this example, the remote connection device 304 is connected merely to the Internet 300 (connec- tion 318) . The remote connection device 304 comprises a communication interface 312 configured to receive from the relay device 302 a control message containing a reference to at least one application port to be opened, as well as a login password. The processing means 314 are configured to open the aforementioned at least one application port for a predetermined period of time. The processing means 314 are configured to close the aforementioned application port in case the aforementioned predetermined period of time elapses and no message has been received into the application port.
The communication interface 312 is further configured to receive from the second terminal device a connection set-up to the aforementioned at least one application port within the predetermined period of time. The second terminal device refers e.g. to the computer used by the maintenance man and connected to the Internet. The processing means 314 are configured to ask the second terminal device for the login pass- word and to accept the connection set-up in case the login password received from the second terminal device corresponds to the login password received from the relay device 302 in the control message. In one embodiment, the processing means 314 are further con- figured to close the aforementioned port in case the login password given by the second terminal device was erroneous .
The control message sent by the relay device 302 can contain at least one change password. The login password gives one the right to check the existing information, but only upon the reception of the change password one is given the right to validate the changes made. Due to this reason, the communication interface 312 is configured to receive remote-control commands from the second terminal device via the remote-control connection that has been set up; the processing means 314 are configured to ask the second terminal device for a change password for validating the remote-control commands given and to completely execute the remote-control commands only after a change password corresponding to the change password received earlier by the remote connection device 304 from the relay device 302 has been received from the second terminal device. As was stated earlier, a given user may have solely a login right to a given remote connection device and not at all a right of change. Another user may have both a login right and a right of making changes to the same remote connection device. In using more than one change password, it is possible to determine more than one level to the rights of making changes . Fig. 3b represents one embodiment showing a more detailed structure of the terminal device 320 and the remote connection device 322. In the embodiment shown in Fig. 3b, the connection 330 between the terminal device 320 and the remote connection device 322 is a local connection.
The terminal device 320 comprises processing means 324 configured to set up a local connection to the remote connection device 322. The physical interface between the devices can be wired or wireless . The processing means 324 are further configured to ask the remote connection device 322 for connection parameters in response to the request made. If the terminal device 320 is the portable computer of the maintenance man, then it has a program installed thereon that sets up e.g. a PPP connection (PPP, Point to Point) to the remote connection device. The portable computer thinks that the remote connection device is a network server which it asks for connection parameters for the IP traffic. The processing means 324 are configured to accept the connection set-up between the terminal device 320 and the remote connection device 322 and to set up a browser connection to the remote connection device 322 by selecting a predetermined network address.
While the remote connection device 322 is shown to the terminal device 320 as a server, the re- mote connection device 322 does not, however, know how to route IP packets. Due this, the terminal device 320 cannot connect to the local network to which the remote connection device 322 is possibly connected.
The remote connection device 322 comprises a communication interface 322 configured to receive a connection request and a connection parameter request for the IP traffic from the terminal device 320. The communication interface 332 is further configured to send connection parameters to the terminal device 320 in response to the request received. The processing means 336 are configured to accept the connection setup between the remote connection device 322 and the terminal device 320; and the communication interface 332 is configured to receive from the terminal device 320 a request for setting up a browser connection to a predetermined network address .
The processing means 306, 314, 324, 336 comprise e.g. a processor and a memory connected to it. The memory can refer to an individual memory or memory area or memories or memory areas, which can contain a RAM memory (Random Access Memory) , a ROM memory (Readonly Memory), etc. In addition, the memory can contain other applications or software components, which are not described in greater detail herein. The memory can also contain a computer program (or at least its part) , which, having been run on the processor, executes at least a part of the method steps presented in the invention. The processor may, in addition, contain a memory which can contain a computer program (or its part) , which, having been run on the processor, can execute at least a part of the method steps presented in the invention.
Fig. 4 represents one embodiment showing a solution in accordance with the invention. In this example, the maintenance man 400 has got a telephone and a data processor, e.g. a computer, a PDA device or a mobile phone equipped with an Internet access in his disposal .
The maintenance man 400 gives (step 406) a normal phone call to the relay device/the reception center 402. The reception center 400 may let the call to be set up ring, but the substantial fact is that the reception center 402 actively releases the call (step 410). In other words, the reception center 402 disconnects the call set-up. Prior to disconnecting the call set-up, the reception center, however, iden- tifies the caller based on the number (A subscriber) , which number is transmitted to the reception center 402 in connection with the call set-up. In response to the active disconnection of the ringing call, the reception center opens a predetermined application port at a predetermined IP address (step 412) . Preferably, the application port is a browser port 443, by means of which it is possible to set up an encrypted browser connection. In a preferred embodiment, the application port is kept open for a predetermined period of time keeping it waiting for the set-up of the browser connection, e.g. for 10 seconds.
The maintenance man 400 knows beforehand a WWW or an IP address associated with the reception center 402. Within the aforementioned period of time, the maintenance man 400 sets up a browser connection to the open application port (step 414) , and the reception center 402 opens a WWW page for the mainte- nance man 400 in response to the set-up of the browser connection. The maintenance man 400 identifies himself in front of the reception center 402 e.g. by means of a password or his own telephone number (step 416) . In case for the identification, an identifier other than the telephone number is used, the identifier to be used is beforehand given and the reception center 402 has associated the identifier to be used and the telephone number of the maintenance man to one another. In other words, as the maintenance man 400 identifies himself by means of the identifier, the reception center 402 checks that the identifier is associated with the telephone number which caused the opening of the application port. If the password or telephone number transmitted by the maintenance man was the wrong one, the reception center 402 closes the application port opened by it.
The maintenance man 400 uses the browser connection to transmit to the reception center 402 a ref- erence to the remote connection device 404 to which the maintenance man 400 wishes to set up a remote connection. The reference is e.g. a device identifier (the device name or number) or any other similar identifier individualizing the remote connection device. The reception center 402 uses the browser connection to transmit to the maintenance man 400 a login password to the remote connection device 404. The information to be transmitted to the maintenance man 400 can contain, in addition, the address of the remote con- nection device and/or one or more change passwords. The passwords can be single-use so that they change every time. The reception center 402 can send the same login password also to the remote connection device 404 via a data transfer network such as the Internet (step 418) . In one embodiment of the invention, a port to be opened, such as preferably a TCP port (port 80 or 443), can be defined for the remote connection de- vice. The information to be transmitted to the remote connection device 404 can also contain one or more change passwords and, optionally, for how long the remote connection device 404 will keep the aforemen- tioned port open after the message has been received. The application port to be opened can also be predetermined. In other words, in that case, the reception center 402 does not send any information concerning an application port to be opened to the remote connection device 404 but, in that case, the remote connection device 404 opens a predetermined application port. Once all the necessary information has been transmitted from the reception center 404 to the maintenance man 400 and the remote connection device 404, the re- ception center 402 closes the application port opened by it (420) .
The message switching between the reception center 402 and the remote connection device 404 is preferably implemented by using the solution presented in patent application FI20051148. The method presented in patent application FI20051148 is characterized by the fact that the terminal device has been assigned an IP address. Moreover, at least one predetermined application port is opened from the terminal device to- wards the communication network. Anyone can send messages to this port. The messages need not necessarily be filtered at all by a specific firewall. The terminal device receives a first message into the application port. The received first message contains a sender identifier which is an identifier separate from the IP address of the sender of the message. The receiving terminal device extracts a sender identifier from the message and compares the extracted sender identifier to identifiers beforehand saved to the ter- minal device. If the extracted sender identifier corresponds to an identifier beforehand saved to the terminal device, then based on the extracted sender iden- tifier, in response to the first message, an acknowledgement message containing the sender identifier of the terminal device's own is sent.
Further, the solution presented in FI20051148 can be used in encrypting the message switching between devices . A message or a part of it can be encrypted using an encryption key which is generated e.g. by utilizing the value of the moment of transmission of the time counter of the device. The devices can be synchronized so as to have the same time base by means of a specific procedure. In a corresponding manner, an encrypted message can be decrypted by utilizing e.g. the value of the moment of transmission of the time counter of the device. The remote connection device 404 opens an application port (step 422) and keeps the port open e.g. for a predetermined period of time (e.g. 30 seconds) or for a period of time determined by the reception center 402. The maintenance man 400 uses e.g. his com- puter to set up (step 424) a browser connection e.g. to the address http: //193.3.66.9/ or a secured connection e.g. to the address http: //193.3.66.9 , to which the remote connection device 404 responds by asking the device making the connection for a login password. Once the connection set-up has been successfully completed, the procedure is continued in a normal manner i.e. the remote connection device can be remote- controlled via the connection that has been set up. In one embodiment, if the maintenance man 400 has made changes to the settings or functions of the remote connection device 404 during the remote-control connection, then the remote connection device 404 asks the maintenance man for a change password during the remote-control connection. Once the remote-control session terminates, the remote connection device 404 closes the application port (step 428) . Similarly, if no login takes place within the timeout or if the password is the wrong one, the port can be closed.
The invention is not limited merely to embodiments of its examples referred to above, but many variations are possible within the scope of the inventive idea defined by the claims .

Claims

1. A method for setting up a remote-control connection to a remote connection device, charac t er i z ed in that the method further comprises the steps of:
- receiving by a relay device from a first terminal device an electronic message containing a reference to a device to which there is wish to set up a remote-control connection;
- sending from the relay device to the first terminal device an answer-back message containing a login password to the remote connection device; and - sending by the relay device to the remote connection device a control message containing a reference to at least one application port to be opened in the remote connection device as well as the aforemen- tioned login password.
2. The method as defined in claim 1, charac t er i z ed in that the method further comprises the steps of:
- determining the identification information of the sender of the message based on the electronic message; and
- preventing the sending of the answer-back message if the identification information of the sender of the message has not been beforehand saved to the relay device.
3. The method as defined in claim 1 or 2 , character i z ed in that the identification information of the sender of the electronic message is the sender identifier of a short message of a mobile communication network.
4. The method as defined in any one of claims 1 to 3, charac t er i z ed in that the aforemen- tioned electronic message contains information on at least one application port to be opened.
5. The method as defined in any one of claims 1 to 4, c ha r a c t e r i z e d in that the aforemen- tioned answer-back message contains a reference to at least one application port to be opened and/or the address of the remote connection device.
6. The method as defined in any one of claims 1 to 5, c h a r a c t e r i z e d in that the aforemen- tioned answer-back message and/or control message contains at least one change password.
7. The method as defined in any one of previous claims 1 to 6 , c h a r a c t e r i z e d in that the aforementioned application port to be opened is a predetermined TCP port.
8. The method as defined in any one of claims 1 to 7 , c ha r a c t e r i z e d in that the method further comprises the steps of:
- determining from the aforementioned elec- tronic message the identification information of the sender of the message; and creating the content of the answer-back message to the first terminal device in response to the identification of the sender of the aforementioned electronic message.
9. A computer program for setting up a remote-control connection to a remote connection device, c ha r a c t e r i z e d in that the computer program is configured to execute the method presented in claims 1 to 8.
10. A method for setting up a remote-control connection to a remote connection device, c ha r a c t e r i z e d in that the method further comprises the steps of: - receiving from a relay device a control message containing a reference to at least one application port to be opened as well as a login password; - opening the aforementioned at least one application port for a predetermined period of time;
- receiving from a second terminal device a connection set-up to the aforementioned at least one application port within the aforementioned predetermined period of time;
- requesting from the second terminal device a login password; and
- accepting the connection set-up in case the login password received from the second terminal device corresponds to the login password received from the relay device in the control message.
11. The method as defined in claim 10, cha r a c t e r i z ed in that the method further comprises the step of:
- closing the aforementioned application port in case the aforementioned predetermined period of time elapses .
12. The method as defined in claim 10, cha r a c t e r i z ed in that the method further comprises the step of:
- closing the aforementioned application port in case the login password given by the second terminal device is erroneous .
13. The method as defined in any one of claims 10 to 12, char a c t er i z e d in that the aforementioned control message contains at least one change password.
14. The method as defined in claim 13 , c h a r a c t e r i z e d in that the method further comprises the steps of:
- receiving remote-control commands from the second terminal device via the remote-control connection that has been set up; - asking the second terminal device for a change password for validating the remote-control commands given; and - executing the remote-control commands completely only after a change password corresponding to the change password received earlier by the remote connection device from the relay device has been re- ceived from the second terminal device.
15. A computer program for setting up a remote-control connection to a remote connection device, chara c t er i z ed in that the computer program is configured to execute the method presented in claims 10 to 14.
16. A method for setting up a control connection to a device to be controlled, chara c t er i z ed in that the method further comprises the steps of: - setting up a local connection from a first terminal device to the device to be controlled;
- requesting with the first terminal device from the device to be controlled connection parameters for the IP traffic; - receiving the connection parameters with the first terminal device from the terminal device to be controlled in response to the request made;
- accepting the connection set-up between the first terminal device and the terminal device to be controlled; and
- setting up a browser connection from the first terminal device to the device to be controlled by selecting a predetermined network address .
17. A computer program for setting up a con- trol connection to a device to be controlled, chara c t er i z ed in that the computer program is configured to execute the method presented in claim 16.
18. A method for setting up a control connec- tion to a device to be controlled, chara c t er i z ed in that the method further comprises the steps of: - receiving a connection request into a device to be controlled from a first terminal device;
- receiving a connection parameter request for the IP traffic from the first terminal device with the device to be controlled;
- sending the connection parameters from the device to be controlled to the first terminal device in response to the request received;
- accepting the connection set-up between the first terminal device and the device to be controlled; and
- receiving from the first terminal device into the device to be controlled a request for setting up a browser connection to a predetermined network ad- dress .
19. A computer program for setting up a control connection to a device to be controlled, c ha r a c t e r i z e d in that the computer program is configured to execute the method presented in claim 18.
20. A relay device for setting up a remote- control connection to a remote connection device (304), c ha r a c t e r i z e d in that the relay device (302) comprises:
- reception means (310) configured to receive from a first terminal device (110) an electronic message containing a reference to the device (304) to which there is wish to set up a remote-control connec- tion;
- transmission means (310) configured to the send to the first terminal device (110) an answer-back message containing a login password to the remote connection device (304) ; and - transmission means (310) configured to send to the remote connection device (304) a control message containing a reference to at least one applica- tion port to be opened in the remote connection device (304) as well as the aforementioned login password.
21. The relay device as defined in claim 20, cha r a c t er i z e d in that the relay device (302) further comprises:
- processing means (306) configured to determine from the electronic message the identification information of the sender of the message; and
- processing means (306) configured to pre- vent the sending of the answer-back message to the first terminal device (110) if the identification information of the sender of the electronic message has not been beforehand saved to the relay device (302) .
22. The relay device as defined in claim 20 or 21, c ha r a c t e r i z e d in that the identification information of the sender of the electronic message is the sender identifier of a short message of a mobile communication network.
23. The relay device as defined in any one of claims 20 to 22, c ha r a c t e r i z e d in that the aforementioned electronic message contains information on at least one application port to be opened and/or the address of the remote connection device (304) .
24. The relay device as defined in any one of previous claims 20 to 23, c ha r a c t e r i z e d in that the aforementioned answer-back message contains a reference to at least one application port to be opened.
25. The relay device as defined in any one of previous claims 20 to 24, c h a r a c t e r i z e d in that the aforementioned answer-back message and/or control message contains at least one change password.
26. The relay device as defined in any one of previous claims 20 to 25, c h a r a c t e r i z e d in that the port to be opened referred to in the control message is a predetermined TCP port.
27. The relay device as defined in any one of previous claims 20 to 26, cha r a c t er i z e d in that the relay device (302) comprises:
- processing means (306) configured to deter- mine from the aforementioned electronic message the identification information of the sender of the message; and
- processing means (306) configured to create the content of the answer-back message for the first terminal device (110) in response to the identification of the sender of the aforementioned electronic message.
28. A remote connection device for receiving a remote connection set-up, c ha r a c t e r i z e d in that the remote connection device (304) comprises:
- reception means (312) configured to receive from a relay device (302) a control message containing a reference to at least application port to be opened as well as a login password;
- processing means (314) configured to open the aforementioned at least one application port for a predetermined period of time;
- reception means (312) configured to receive from a second terminal device (110) a connection setup to the aforementioned at least one application port within the aforementioned predetermined period of time;
- processing means (314) configured to re- quest from the second terminal device (110) a login password; and
- processing means (314) configured to accept the connection set-up in case the login password received from the second terminal device (110) corre- sponds to the login password received from the relay device (302) in a control message.
29. The remote connection device as defined in claim 28, c ha r a c t e r i z e d in that the processing means (314) are configured to close the aforementioned application port in case the aforemen- tioned predetermined period of time elapses .
30. The remote connection device as defined in claim 28, c ha r a c t e r i z e d in that the processing means (314) are configured to close the aforementioned application port in case the login password given by the second terminal device (110) is erroneous .
31. The remote connection device as defined in anyone of previous claims 28 to 30, cha r a c t e r i z e d in that the aforementioned control mes- sage contains at least one change password.
32. The remote connection device as defined in claim 31, c ha r a c t e r i z e d in that the remote connection device (304) comprises:
- reception means (312) configured to receive remote-control commands from the second terminal device (110) via the remote-control connection that has been set up;
- processing means (314) configured to request from the second terminal device (110) a change password to validate the remote-control commands given; and
- processing means (314) configured to execute the remote-control commands completely only after a change password corresponding to the change password received earlier into the remote connection device (304) from the relay device (302) has been received from the second terminal device (110) .
33. A terminal device for setting up a remote-control connection to a remote connection device (322); c h a r a c t e r i z e d in that the terminal device (320) comprises: - processing means (324) configured to set up a local connection to the remote connection device (322) ;
- processing means (324) configured to re- quest from the remote connection device
(322) connection parameters for the IP traffic;
- reception means (328) configured to receive connection parameters from the remote con- nection device (322) in response to the request made;
- processing means (324) configured to accept the connection set-up between the terminal device (320) and the remote connection de- vice (322) ; and
- processing means (324) configured to set up a browser connection to the remote connection device (322) by selecting a predetermined network address .
34. The terminal device as defined in claim
33, c ha r a c t e r i z e d in that the processing means (324) are configured to set up a local connection to the remote connection device (322) by means of a wireless communication interface.
35. The terminal device as defined in claim
33, ch a r a c t e r i z e d in that the processing means (324) are configured to set up a local connection to the remote connection device (322) via a wired communication interface.
36. A remote connection device for receiving a remote-control connection, c h a r a c t e r i z e d in that the remote connection device (322) comprises:
- reception means (332) configured to receive a connection request from a terminal device
(320) ; - reception means (332) configured to receive from the terminal device (320) a request for connection parameters for the IP traffic; - transmission means (332) configured to send connection parameters to the terminal device (320) in response to the request made;
- processing means (336) configured to accept the connection set-up between the remote connection device (322) and the terminal device (320); and
- reception means (332) configured to receive from the terminal device (320) a request for setting up a browser connection to a predetermined network address.
37. The remote connection device as defined in claim 36, c ha r a c t e r i z e d in that the processing means (336) are configured to set up a local connection to a remote connection device (322) via a wireless communication interface.
38. The remote connection device as defined in claim 36, c h a r a c t e r i z e d in that the processing means (336) are configured to set up a local connection to the remote connection device (322) via a wired communication interface.
PCT/FI2007/000015 2006-01-19 2007-01-15 Set-up of a remote-control connection to a terminal device to be controlled WO2007082989A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07704789A EP1982496A1 (en) 2006-01-19 2007-01-15 Set-up of a remote-control connection to a terminal device to be controlled

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20060050 2006-01-19
FI20060050A FI120614B (en) 2006-01-19 2006-01-19 Establishing a remote management connection to a managed terminal

Publications (1)

Publication Number Publication Date
WO2007082989A1 true WO2007082989A1 (en) 2007-07-26

Family

ID=35883861

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2007/000015 WO2007082989A1 (en) 2006-01-19 2007-01-15 Set-up of a remote-control connection to a terminal device to be controlled

Country Status (3)

Country Link
EP (1) EP1982496A1 (en)
FI (1) FI120614B (en)
WO (1) WO2007082989A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009071751A1 (en) * 2007-12-05 2009-06-11 Telcont Oy Method and device for establishing a connection
CN111625806A (en) * 2020-05-12 2020-09-04 中国工商银行股份有限公司 System and method for realizing remote safety keyboard

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040122955A1 (en) * 2002-11-22 2004-06-24 Hea-Sun Park Remote control system using web and icon
EP1492309A2 (en) * 2003-06-23 2004-12-29 The Boc Group, Inc. Equipment area network
WO2005072075A2 (en) * 2004-01-30 2005-08-11 Multicom Security Ab Arrangement of units to form a monitoring system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040122955A1 (en) * 2002-11-22 2004-06-24 Hea-Sun Park Remote control system using web and icon
EP1492309A2 (en) * 2003-06-23 2004-12-29 The Boc Group, Inc. Equipment area network
WO2005072075A2 (en) * 2004-01-30 2005-08-11 Multicom Security Ab Arrangement of units to form a monitoring system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"IX66 Internet Gate", INTERTEX, 24 June 2004 (2004-06-24), XP003015750, Retrieved from the Internet <URL:http://www.abptech.com/pdf/newpdf_03_19/IX66datasheet.pdf> *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009071751A1 (en) * 2007-12-05 2009-06-11 Telcont Oy Method and device for establishing a connection
CN111625806A (en) * 2020-05-12 2020-09-04 中国工商银行股份有限公司 System and method for realizing remote safety keyboard

Also Published As

Publication number Publication date
EP1982496A1 (en) 2008-10-22
FI120614B (en) 2009-12-15
FI20060050A0 (en) 2006-01-19
FI20060050A (en) 2007-07-20

Similar Documents

Publication Publication Date Title
US7640581B1 (en) Method and system for providing secure, centralized access to remote elements
US7392537B2 (en) Managing a network security application
EP1794902B1 (en) Secure control of wireless sensor network via the internet
US7496950B2 (en) Secure remote management appliance
US8490190B1 (en) Use of interactive messaging channels to verify endpoints
US8185618B2 (en) Dynamically responding to non-network events at a network device in a computer network
EP1632862A1 (en) Address conversion method, access control method, and device using these methods
CA2660843C (en) Instant messaging applications in security systems
Dubrawsky Firewall evolution-deep packet inspection
CN104426837B (en) The application layer message filtering method and device of FTP
KR20160002058A (en) Modbus Communication Pattern Learning Based Abnormal Traffic Detection Apparatus and Method
KR101992976B1 (en) A remote access system using the SSH protocol and managing SSH authentication key securely
KR102014807B1 (en) An access control system of detecting and blocking roundabout access
WO2016197782A2 (en) Service port management method and apparatus, and computer readable storage medium
Pfrang et al. Detecting and preventing replay attacks in industrial automation networks operated with profinet IO
US20080106423A1 (en) Monitoring Systems and Methods that Incorporate Instant Messaging
EP1982496A1 (en) Set-up of a remote-control connection to a terminal device to be controlled
KR20180028742A (en) 2-way communication apparatus capable of changing communication mode and method thereof
JP2006099590A (en) Access controller, access control method and access control program
McNeil Secure Internet of Things Deployment in the Cement Industry: Guidance for Plant Managers
Byres et al. Worlds in collision-ethernet and the factory floor
US20170093887A1 (en) Network command evaluation and response system
FI120226B (en) Procedure for identifying a terminal equipment
JP3810998B2 (en) Computer remote management method
Biström et al. Privacy and security challenges for autonomous agents: A study of two social humanoid service robots

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2007704789

Country of ref document: EP