JP2002288054A - Remote operation system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a remote operation system capable of absorbing a difference of needs to an operation of an instrument of a general user and an external support agent providing the optimum remote operation environment for both and preventing an illegal access to a privacy information in the network instrument. SOLUTION: A gateway device 5 is provided with a remote operation host part and a support host part and provides a separate interface to the general user and the support agent respectively. The gateway device 5 has a constitution in which a program intruded from the outside can be executed. A remote access server device 3 hides a URL of the respective host parts on the gateway device 5.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a technology for remotely controlling equipment via a network.

[0002]

2. Description of the Related Art With the rapid spread of mobile phones and an increase in the Internet connection rate in ordinary households, there is an increasing demand for connecting all home appliances to the Internet and remotely controlling these appliances. JP 2000-22
According to Japanese Patent No. 4167, a remote terminal is connected to various facilities used in a factory production line, a water treatment plant, a chemical plant, and the like via the Internet and an Internet link unit. The program creates control instructions for the equipment, the data conversion program for the Internet executes data processing, sends control instructions to the Internet link unit via the Internet, and the Internet link unit uses the protocol for the equipment network. A technique is disclosed in which a control command corresponding to a communication unit is transmitted to a facility, so that a remote terminal checks the operating status and internal state of the facility.

According to this technology, anyone who operates a remote terminal via one Internet link unit, which is an access point to a network for equipment such as a factory,
All resources of the facility can be accessed with a similar interface. On the other hand, in order to build, maintain, and operate a network of appliances in ordinary households, advanced technical knowledge is required. For general users without specialized knowledge, construction, maintenance, operation, etc. Is difficult.

[0004] For this reason, it is indispensable to create an environment in which a support organization having specialized knowledge can appropriately give advice regarding the construction, maintenance, and operation of a network. In the present circumstances,
Support for electrical appliance troubles is mainly dealt with by telephone exchange, dispatch of technicians, and bringing equipment to dealers and the like. However, it is not always easy for a general user to report a failure state of a device or the like by telephone, and dispatch of a support company is often wasted due to insufficient communication. In addition, in the case of support for a network, the cause of a failure may extend to a plurality of devices, and in this case, it is difficult to provide support to a company by bringing the device. The above is true even for companies that are actively promoting the use of IT in companies.For companies that do not have technicians with sufficient knowledge about networks, an environment where external support organizations can receive appropriate support at low cost It is necessary to make.

[0005]

For this reason, when the above-described remote control system via the Internet is applied to a home network to which AV devices such as a television and a video are connected, each device must be connected to an external device. If control signals for support companies are made available for support purposes, detailed settings information for support companies will be available to ordinary users, even when performing simple operations such as checking the contents of video tapes from outside. There is a problem that the system may be extremely difficult to use because it is difficult to know where to operate and how to operate the system.

Further, when providing a remote control system with an interface for general users, it is difficult for a support company to obtain appropriate information necessary for support, and in addition to the contents of a tape loaded into a device from the support company. There is a risk that privacy information may be stolen, and there is a problem that general users cannot introduce this system with confidence.

Similarly, when this remote operation system is applied to a local network of a general company, a means for remotely accessing both setting information required by a support company and in-house confidential information required by a general user is provided. Is very dangerous from a security point of view. In addition, providing a remote operation environment to general users and external support providers exposes a local network environment to an external network, and thus increases the risk of being attacked by an intruder.

[0008] In order to solve the above-mentioned problems, the present invention absorbs the difference in needs for device operation between a general user and an external support company, provides an optimal remote operation environment for both, and To provide a remote operation system capable of preventing unauthorized access to privacy information in a network device, a gateway device and a server device constituting the remote operation system, a method used in the gateway device and the server device, and a computer program. With the goal.

[0009]

In order to achieve the above object, according to the present invention, a user operation terminal device and a support agent terminal device are connected to a gateway device via a remote access server device on the Internet. And the controlled device is
The user operation terminal device and the support agent terminal device are connected to the gateway device, and are a remote operation system that remotely controls the control target device via the remote access server device and the gateway device.

The gateway device has a remote control host unit and a support host unit, and stores a GUI and a device control program corresponding to the purpose in each host unit. Has access to GUI and programs. The access means is an HTTP server. Also, the gateway device
A central processing unit provided with a means for limiting an address range of a main memory from which instructions are to be fetched; the central processing unit reads data or a program fetched from outside the network outside the access range;

Here, the remote access server device comprises:
Link rewriting means for rewriting the hyperlink information in the HTML data transmitted from the gateway device to conceal the URL of the gateway device from the user operation terminal device and the terminal device for the support company is provided. Further, the remote access server device is installed in a provider.

[0012]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A remote control system 10 according to one embodiment of the present invention will be described. 1. 1. Configuration of Remote Operation System 10 As shown in FIG. 1, the remote operation system 10 includes a user operation terminal device 1, a support agent terminal device 2, a remote access server device 3, a gateway device 5, a DVD player 6a, and a D-VHS player. 6b, ..., digital TV
6c. The user operation terminal device 1, the support agent terminal device 2, the remote access server device 3, and the gateway device 5 are connected via the Internet 8.

The gateway device 5, DVD player 6a, D-VHS player 6b,.
The V6c is connected by a LAN connection device 9, and the gateway device 5, the DVD player 6a, the D-VHS player 6b,..., The digital TV 6c and the LAN connection device 9 constitute a local network 7. In the remote operation system 10, the user operation terminal device 1
Remote access that accesses the gateway device 5 via the remote access server device 3 and operates the DVD player 6a, the D-VHS player 6b,... Take the form.

As a communication protocol, HTTP (Hyp), which is widely used on the Internet, from the user operation terminal device 1 to the remote access server device 3 and from the remote access server device 3 to the gateway device 5.
er Text Transfer Protocol
1) is used. The same applies to the terminal device 2 for the support company to the remote access server device 3. Further, from the gateway device 5 to each control target device, a communication protocol or a LAN device (Ether
The communication is performed using the Internet, HAVi, etc.).

1.1 Configuration of Gateway Device 5 The gateway device 5 has an HTTP server unit 510, a remote operation host unit 520, a support host unit 530, a CGI execution unit 5, as shown in a functional block diagram of FIG.
40, device API units 581, 582,..., 583. The HTTP server unit 510 is connected to the remote access server device 3 via the Internet 8, and the device API units 581, 582,.
, A DVD player 6a, a D-VHS player 6b,.
V6c.

The remote control host unit 520 provides necessary remote control means to general users. Further, the support host unit 530 provides a necessary remote operation means to the support company. Also, the gateway device 5
Specifically, as shown in FIG.
51, a communication port unit 552, a bus 553, a communication port unit 554, 555,...
58. The communication port unit 552 is connected to the remote access server device 3 via the Internet 8, and the communication port units 554, 555,.
6 are connected to a DVD player 6a, a D-VHS player 6b,..., And a digital TV 6c via a LAN connection device 9, respectively.

The main storage unit 557 stores a computer program. According to the computer program stored in the main storage unit 557, the microprocessor 5
By the operation of 51, each component shown in FIG. 2 achieves its function. (1) Program Storage Units 522, 532 The program storage unit 522 is provided in the main storage unit 557, and as shown in FIG. 2, an index page program 523, a device GUI page program 524, 525,
..., 526, device control CGI programs 527, 5
.., 529 are stored.

The index page program 523 includes:
As an example, as shown in FIG.
er Text Markup Language) is a computer program described using a language,
A plurality of hyperlink descriptions 523a, 523b,...
And an index page program for user remote operation for selecting a device to be operated by a terminal user. Hyperlink description 523a, 523
b,... are DVD player 6a, DV, respectively.
The hyperlink operation to the user operation screen for operating the HS players 6b,..., The digital TV 6c is shown.

The index page, which provides information on the entire local network, has an interface as simple as possible for general users so that the general users can easily understand. On the other hand, for a support provider, detailed information such as connection relations between devices is indispensable at the time of local network diagnosis by the support provider, so that the interface is complicated. The same applies to the following device GUI pages.

Device GUI page programs 524, 52
, 526 are computer programs similarly described using the HTML language.
It is a page for remote control including a plurality of hyperlink descriptions. Each shows a user operation screen for operating the DVD player 6a, the D-VHS player 6b,..., The digital TV 6c. The hyperlink description included in each device GUI page program indicates a hyperlink to a device control CGI program indicating various operations in each device, for example, operations such as power ON, power OFF, recording start, recording end, and the like. .

Device control CGI programs 527 and 52
Numerals 8,..., 529 are computer programs that describe the control procedure of each device as shown in FIG. It is prepared for each device to be controlled. The program storage unit 532 is provided in the main storage unit 557 similarly to the program storage unit 522, and stores the index page program 533 and the device GUI page program 53.
4, 535,..., And device control CGI programs 537, 538,. These programs are for support.

(2) Data Management Units 521 and 531 The data management unit 521 receives a program acquisition request from the HTTP server unit 510. The request received is
The identifier of each program stored in the program storage unit 522 is included. Upon receiving the request, the data management unit 521 reads the program identified by the program identifier included in the request from the program storage unit 522, and reads the read program from the HTTP server unit 5.
Output to 10

The data management unit 531 is the same as the data management unit 521. (3) HTTP server unit 510 The HTTP server unit 510 sends an index page request,
A device GUI page request and a device control PG activation request are received. Here, the index page request and the device GU
The I-page request includes the identifier of the host unit and the identifier of the requested page program. The device control PG activation request includes the identifier of the host unit and the identifier of the device control CGI program.

When the HTTP server unit 510 receives an index page request or a device GUI page request, it extracts a host identifier and a page identifier from the request, and identifies the host unit identified by the extracted host identifier, that is, the host unit.
Remote control host unit 520 or support host unit 53
0, the extracted identifier of the page is output.

Next, the HTTP server unit 510 receives an index page or a device GUI page from either the remote operation host unit 520 or the support host unit 530, and outputs the received page to the remote access server device 3. . Further, when the HTTP server unit 510 receives the device control PG activation request, it extracts the identifier of the host unit and the identifier of the device control CGI program from the device control PG activation request, and identifies the host unit identified by the extracted host identifier, The extracted CG is stored in either the remote control host unit 520 or the support host unit 530.
Outputs the I program identifier.

Next, the HTTP server unit 510 receives the device control CGI program from either the remote operation host unit 520 or the support host unit 530, and executes the received device control CGI program on the CGI execution unit 54.
To output to 0. (4) CGI execution unit 540 The CGI execution unit 540 receives the device control CGI program from the HTTP server unit 510, interprets the received device control CGI program, and according to the result of the interpretation, the device API units 581, 582,. Control 583.

For example, in the device control CGI program, D
If an instruction to turn on the power of the VD player 6a and start reproduction is described, the CGI execution unit 540 interprets the meaning of the instruction described in the program, and instructs the device API unit 581 according to the interpretation result. And outputs a command to turn on the power of the DVD player 6a to be controlled and start reproduction.

(5) Device API units 581, 582,...
583 The device API unit 581 receives the command from the CGI execution unit 540, and outputs the received command to the DVD player 6a. Regarding the device API units 582, ..., 583,
Similarly, it receives an instruction from the CGI execution unit 540 and outputs the received instruction to the D-VHS players 6b,..., Digital TV 6c.

(6) Main Storage Unit 557 The main storage unit 557 is specifically composed of a RAM,
A computer program for controlling the gateway device 5 is stored at addresses A1 to A2 in the address space. More specifically, the above-described index page program, the above-described device GUI page program, the above-described device control GCI program, an HTTP server program that controls the HTTP server unit 510, and a device that controls each device API unit API programs and the like.

(7) Main Storage Unit 558 The main storage unit 558 is specifically composed of a RAM,
The addresses A3 to A4 are arranged in the address space, and store data, such as HTTP requests and device control signals, taken in from the network via the communication ports 552, 554, 555,... 556.

As described above, the main storage unit 557 for storing the program for controlling the gateway device 5 and the main storage unit 558 for storing the data fetched from the network.
And are clearly separated. (8) Microprocessor 551 As shown in FIG. 4, the microprocessor 551 includes an increment circuit 561, a program counter 562, a counter check circuit 563, an instruction processing unit 564, a register 566,
The arithmetic logic circuit 567 includes a program counter 562, a counter check circuit 563, an instruction processing unit 564, a register 566, and an arithmetic logic circuit 567.
Connected via a PU internal bus 565, and
The PU internal bus 565 is connected to the bus 553.

The program counter 562 stores an address in the main memory 557 at which an instruction to be executed next is stored, and outputs the address to the counter check circuit 563. The increment circuit 561 updates an address stored in the program counter 562 according to a computer program.

The counter check circuit 563 stores the address output from the program counter 562 in the main storage unit 5.
It is determined whether or not the address 57 points from the address A1 to the address A2. If the address 57 points from the address A1 to the address A2, the address is output to the CPU internal bus 565. , The main storage unit 557 indicated by the received address.
Is read via the bus 553, and the read command is decoded and executed.

The counter check circuit 563 stores the address output from the program counter 562 in the main storage unit 5.
When it is determined that the address 57 does not point within the address A1 to A2 where the address 57 is located, an error signal is output to the instruction processing unit 564. When the instruction processing unit 564 receives the error signal, the processing is stopped. I do. 1.2 Remote Access Server 3 The remote access server 3 restricts access to the gateway 5.

As shown in FIG. 6, the remote access server device 3 has user authentication information tables 310a, 310b,.
・ Login CGI execution unit 311, HTTP server unit 3
12, program storage units 313a, 313b,...
, An access CGI execution unit 315, a link rewriting unit 316, and link comparison tables 317a, 317b,...

This apparatus is, specifically, a computer system including a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, a LAN connection unit, and the like. In the RAM or the hard disk unit,
A computer program is stored. The device achieves its functions by the microprocessor operating according to the computer program.

Note that the remote access server device 3 is available on the Internet at www. provider. c
om. (1) Hard Disk Unit As shown in FIG. 7, the hard disk unit has a storage area 318, and the storage area 318 is divided into a plurality of directories. Each directory is / @ localnet1, / @ localnet
2, and so on. Each directory is
Each corresponds to each local network.

The directory indicated by / @ localnet1 includes a user authentication information table 310a, a program storage unit 313a, a user access status table 314a,
A link comparison table 317a is stored. Also, / ￣l
The directory indicated by ocalnet2 contains
User authentication information table 310b, program storage unit 313
b, user access status table 314b, link comparison table 31
7b is stored. The same applies hereinafter.

(A) User Authentication Information Table 310a The user authentication information table 310a stores a plurality of sets each including a user ID and a password, as shown as an example in FIG. 8A. The user ID is an identifier for identifying a user. The password is an authenticator for authenticating the user.

(B) User access status table 314a The user access status table 314a stores a plurality of sets each including a user ID, a connection destination GW host name, and a status, as shown as an example in FIG. 8B. I have. User ID is
An identifier for identifying a user. The connection destination GW host name is a name for identifying a gateway device to be connected and a host unit in the gateway device. The status indicates whether or not the user has logged in to the host unit inside the gateway device.

(C) Link Control Table 317a As shown as an example in FIG. 9, the link control table 317a includes an original URL (Uniform Resource L).
ocator) and the URL after rewriting are stored in plural numbers. The original URL is a URL defined in a page program stored in each host unit in the gateway device 5.

The rewritten URL is obtained by rewriting the corresponding original URL to conceal the gateway device 5. (2) HTTP Server 312 (Acquisition of Login Page) The HTTP server 312
A login page request is received from the user operation terminal device 1 or the support agent terminal device 2. The login page request includes a directory name corresponding to the local network and an identifier of the login page program. Upon receiving the login page request, the HTTP server unit 312
Extracts a directory name and a login page program identifier from a login page request, reads a login page program identified by the extracted identifier from a program storage unit in a directory indicated by the extracted directory name, and reads the login page program. The read login page program is transmitted to the user operation terminal device 1 or the support agent terminal device 2 that is the transmission source of the request.

The HTTP server unit 312 receives a login request from the user operation terminal device 1 or the terminal device 2 for a support company. The login request includes a directory name corresponding to the local network and a login CGI.
, A user ID, and a password. Next, the received login request is sent to the login CGI execution unit 311.
Output to

Next, the HTTP server unit 312 receives the user authentication result from the login CGI execution unit 311.
The user authentication result is either a success indicating that the user is valid or a failure indicating that the user is invalid. If the user authentication result is unsuccessful,
The P server unit 312 outputs a message to that effect to the user operation terminal device 1 or the support agent terminal device 2 that has transmitted the login request.

(Acquisition of Index Page) When the user authentication result is successful, the HTTP server unit 312
Outputs a login request to the access CGI execution unit 315. In addition, the HTTP server unit 312 has access CG
The index page program after the hyperlink has been rewritten is received from the I execution unit 315, and the received index page program is transmitted to the user operation terminal device 1 or the support agent terminal device 2 that has transmitted the login request.

(Acquisition of Device GUI Page) The HTTP server unit 312 receives a device GUI page request from the user operation terminal device 1 or the support agent terminal device 2.
The device GUI page request includes a directory name corresponding to the local network and a device GUI page identifier. Next, the received device GUI page request is output to the access CGI execution unit 315.

Next, the HTTP server unit 312 receives the device GUI page program after the hyperlink has been rewritten from the access CGI execution unit 315, and sends the login request to the user operation terminal device 1 or the support agent terminal. The received device GUI page program is transmitted to the device 2. (Acquisition of Device Control PG Activation Request) HTTP Server 31
2 receives a device control PG activation request from the user operation terminal device 1 or the support agent terminal device 2. The device control PG activation request includes a directory name corresponding to the local network, an identifier of the device control CGI program,
And control information for the device. Next, it outputs the received device control PG activation request to access CGI execution section 315.

(3) Login CGI execution unit 311 The login CGI execution unit 311
2 receives a login request. When a login request is received, a directory name, a user ID, and a password are extracted from the received login request, one user authentication information table corresponding to the extracted directory name is selected, and the same set as the extracted user ID and password is selected. Judge whether the user is present in the selected user authentication information table, and if present, generate a user authentication result indicating that the user is valid. Generate a user authentication result indicating that there is. Next, the generated user authentication result is output to the HTTP server unit 312.

(4) Access CGI Execution Unit 315 (Acquisition of Index Page) Access CGI Execution Unit 3
15 receives a login request from the HTTP server unit 312. Upon receiving the login request, the access CGI execution unit 315 extracts a directory name and a user ID from the received login request, and selects one user access status table corresponding to the extracted directory name. Next, a connection destination GW host name corresponding to the extracted user ID is extracted from the selected user access status table, an index page request for requesting acquisition of an index page is generated, and the extracted connection destination GW host name and An index page request is transmitted to the device indicated by the extracted connection destination GW host name. Here, the device is, for example, the gateway device 5.

The access CGI execution unit 315 receives the index page program from the device indicated by the connection destination GW host name, here, the gateway device 5, and outputs the received index page program to the link rewriting unit 316. . Next, the access CGI executing unit 315 outputs the rewritten index page program to the HTTP server unit 312.

(Acquisition of Device GUI Page) Access CG
The I execution unit 315 sends the device G from the HTTP server unit 312
Receive a UI page request. Upon receiving the device GUI page request, the access CGI execution unit 315 determines the directory name and the user ID from the received device GUI page request.
Are extracted, and one user access status table corresponding to the extracted directory name is selected. Next, a connection destination GW host name corresponding to the extracted user ID is extracted from the selected user access status table, and the extracted connection destination GW host name and the device GUI page request are extracted from the extracted connection destination G.
W Send to the device indicated by the host name. Here, the device is, for example, the gateway device 5.

The access CGI execution unit 315 receives the device GUI page program from the device indicated by the connection destination GW host name, here, the gateway device 5, and sends the received device GUI page program to the link rewriting unit 316. Output. Next, the access CGI execution unit 31
5 outputs the device GUI page program whose URL has been rewritten to the HTTP server unit 312.

(Acquisition of Request) Access CGI Execution Unit 31
5 receives a device GUI page request and a device control PG activation request from the HTTP server unit 312. Upon receiving the device GUI page request and the device control PG activation request, the access CGI execution unit 315 outputs these requests to the link rewriting unit 316.

Also, the access CGI execution unit 315 sends the device GU whose URL has been rewritten from the link rewriting unit 316.
It receives the I-page request and the device control PG activation request, and transmits the received device GUI page request and device control PG activation request to the gateway device 5. (5) Link Rewriting Unit 316 The link rewriting unit 316 receives the page program from the access CGI execution unit 315. Here, the page program is an index page program and a device GUI.
Includes page program. The URL described in the received page program is extracted, the original URL having the same content as the extracted URL is specified from the link reference table, and the rewritten URL associated with the specified original URL is extracted from the link reference table. Then, the extracted rewritten URL is replaced with the URL in the page program, and the page program with the replaced URL is output to the access CGI execution unit 315.

FIG. 10 shows an example of the index page whose URL has been rewritten. In this figure, the rewritten index page 523c of the URL includes hyperlink descriptions 523d, 523e,. The hyperlink descriptions 523d, 523e,... Are obtained by rewriting the hyperlink descriptions 523a, 523b,. For example, “access.localnet1.com/interface-video.html” in the hyperlink description 523a
"In the hyperlink description 523d," www.pro
vider.com/access.cgi?html=video ".

As described above, the hyperlink description 523a
Is a description “access.localnet” indicating the gateway device 5.
1.com ", but the hyperlink description 523d
Does not include The link rewriting unit 316 determines that the access C
A device GUI page request and a device control PG activation request are received from the GI execution unit 315. Then, as above,
The URL in each request is rewritten, and the rewritten device GU
Access CG for I-page request and device control PG activation request
Output to the I execution unit 315.

(6) Conclusion As described above, the link rewriting unit 316 conceals the URL of each host unit of the gateway device 5 from the user operation terminal device 1 and the terminal device 2 for the support company. Unauthorized access to is prevented. Further, by providing such a remote access server device 3 in the provider 4 who is a network management expert, the remote access server device 3 can quickly respond to attack patterns of the latest virus programs and the like and provide more powerful user authentication means. Such things can be done more quickly than ordinary users.

The gateway device provided in the local network generally includes an HTTP server and a device control C.
It has the ability to run many programs such as GI. Therefore, if the gateway device can easily operate a program downloaded from a network like a normal PC (personal computer), a user who has logged in to one host unit invades the program, executes a file search, and executes a file search. It is also possible to illegally access files in the host unit. In particular, since a support company is likely to have the technical ability to execute such unauthorized access, if there is such an unauthorized access, the user of the local network cannot request support with confidence. In order to prevent such unauthorized access, the gateway device 5
It has a hardware configuration as shown in FIG. 3 and FIG. 4, so that a program that has entered from the outside cannot be executed.

That is, in the gateway device 5, the counter check circuit 563 is provided in the microprocessor 551, and the range of addresses that can be specified by the program counter 562 is limited to the addresses on the main storage unit 557.
As a result, the program stored in the main storage unit 558 becomes unexecutable, so that the gateway device 5 cannot execute a program that is illegally imported from the outside.

1.3 User Operation Terminal 1 The user operation terminal 1 comprises a display unit 111, an input unit 112, and a communication unit 113, as shown in FIG. This device comprises, in particular, a microprocessor, R
This is a computer system including an OM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and a LAN connection unit. The R
A computer program is stored in the AM or the hard disk unit. The device achieves its functions by the microprocessor operating according to the computer program.

Also, this device is an Internet E
It is equipped with a WWW browser such as xproler. (1) Input Unit 112 The input unit 112 is specifically composed of a keyboard, a mouse, and the like, and receives a user operation.

The input unit 112 inputs the UR of the login page.
L, a user ID and a password are accepted. An example of the URL of the login page is “http: //www.p.
rovider. com / @ localnet1 / lo
gin. html ". Further, the operation of the hyperlink button in the page displayed on the display unit 111 is received.

The input unit 112 inputs the URL of the login page.
Upon receiving the request, a login page request including the URL is generated, and the generated login page request is transmitted to the communication unit 113.
To the remote access server device 3 via Upon receiving the user ID and the password, the input unit 112 receives the directory name corresponding to the local network, the identifier of the login CGI, and the received user ID.
And a login request including the password and a password, and transmits the generated login request to the remote access server device 3 via the communication unit 113.

Upon receiving the operation of the hyperlink button, the input unit 112 outputs a request added in association with each button to the remote access server device 3 via the communication unit 113. Here, the request is a device GU
It includes an I page request and a device control PG activation request. (2) Display Unit 111 The display unit 111 specifically includes a display unit and the like, receives a page program from the remote access server device 3 via the communication unit 113, and is described in the received page program. According to the order,
Form a screen and display the formed screen. The page program is an index page program, a device GU.
Includes I page program.

FIGS. 12 and 13 show examples of screens to be displayed.
(A) and FIG. 14 (a). The screen shown in FIG. 12 is a login page, which is formed from a login page program stored in the program storage unit 313a of the remote access server device 3. FIG.
The screen shown in (a) is an index page, which is formed from the index page program 523 stored in the program storage unit 522 of the gateway device 5. The screen illustrated in FIG. 14A is a device GUI page, which is formed from the device GUI page program 524 stored in the program storage unit 522 of the gateway device 5.

(3) Communication Unit 113 The communication unit 113 is connected to the remote access server device 3 via the Internet 8, receives information from the remote access server device 3, and outputs the received information to the display unit 111. I do. Further, it receives information from the input unit 112 and outputs the received information to the remote access server device 3.

1.4 Terminal 2 for Support Company The terminal 2 for support company has the same configuration as the user operation terminal 1. A detailed description is omitted.
FIG. 13B and FIG. 14B show an example of a screen displayed on the support agent terminal device 2. FIG.
The screen shown in (b) is an index page, and FIG.
The screen shown in FIG. 4B is a device GUI page. Both are support pages.

As shown in these figures, for example, in the display of the reproduction of the video tape on the screen for the support trader, only the luminance information and the like are displayed and the recorded contents of the video tape relating to privacy are not displayed. Thus, the privacy of general users is protected. 1.5 Digital TV 6c The digital TV 6c is, as shown in FIG.
1, a control unit 602 and a control target unit 603. The control unit 602 receives, via an antenna 604, a broadcast wave transmitted via a broadcast satellite and carrying video, audio, and program information. The control target unit 603 selects a signal of a specified channel from the received broadcast wave, and demodulates the signal to generate a transport stream (TS).
A transport decoder 632 for separating program information, an audio stream, and a video stream from the TS;
An audio decoder 633 that decodes the separated audio stream to generate an audio signal and outputs the generated audio signal to a speaker 634; a speaker 634; and a video that decodes the separated video stream to generate a video signal. It includes a decoder 635, a monitor 636 for displaying the generated video signal, and a power supply unit 637 for supplying current to each unit.

The control unit 602 is provided via the communication unit 601
The control unit 603 receives a control signal from the gateway device 5 and controls each unit configuring the control target unit 603 according to the received control signal. 2. Operation of Remote Operation System 10 The operation of the remote operation system 10 will be described. In addition,
In the following, a case of remote operation for general users will be described as an example, but the same applies to a remote support operation by a support company.

(A) Operation for Obtaining Index Page The operation for obtaining the index page of the remote operation system 10 will be described with reference to the flowchart shown in FIG. In this flowchart, the description in a frame surrounded by a broken line indicates a specific example of information transmitted and received in each step of the flowchart, for example, an HTTP packet. The same applies to FIG.

The input unit 112 of the user operation terminal device 1
The URL of the login page "http://www.pr.
provider. com / @ localnet1 / log
in. html ”from the user,
Generate a login page request including the RL (step S1)
01), the input unit 112 transmits the generated login page request to the remote access server device 3 via the communication unit 113 (step S102). The HTTP server unit 312 of the remote access server device 3 receives the login page request, reads out the login page program from the program storage unit (step S103), and reads out the login page request to the user operation terminal device 1 that is the transmission source of the login page request. The login page program is transmitted (step S104).

The display unit 111 receives the login page program from the remote access server device 3, forms the screen of the login page, displays the formed screen, and the input unit 112 receives the user ID and password from the user ( (Step S105), a login request including the accepted user ID and password is generated, and the generated login request is output to the remote access server device 3 via the communication unit 113 (step S106).

Next, the HTTP server unit 312 receives the login request from the user operation terminal device 1, and the login CGI execution unit 311 receives the login request from the HTTP server unit 312, and the user uses the user authentication information table to specify the login request. The user authentication result is generated by judging whether it is valid or not, and the user authentication result is output to the HTTP server unit 312. If the user authentication result is successful, the HTTP server unit 312 accesses the login request. The data is output to the CGI execution unit 315 (step S107).

Next, the access CGI execution unit 315
A login request is received from the TTP server unit 312, and a directory name and a user ID are obtained from the received login request.
Is extracted, a connection destination GW host name corresponding to the extracted user ID is extracted from the user access status table, an index page request for requesting acquisition of an index page is generated (step S108), and the extracted connection destination GW host is extracted. The connection destination G that is extracted from the name and the index page request
The device indicated by the W host name, that is, the gateway device 5
(Step S109).

The HTTP server unit 510 receives the index page request, extracts a host identifier and a page identifier from the request, and identifies the host unit identified by the extracted host identifier, that is, the remote control host unit 52.
0, outputs the extracted index page identifier, and the data management unit 521 stores the index page program identified by the identifier in the program storage unit 5.
22 (step S110), the HTTP server unit 510 transmits the read index page program to the remote access server device 3 (step S110).
111).

Access CGI executing section 315 receives the index page program from gateway device 5 and link rewriting section 316 executes access CGI executing section 31.
5, the access CGI execution unit 315 outputs the rewritten URL of the index page program to the HTTP server unit 312 using the link comparison table, replacing the original URL with the rewritten URL (step S112). ), The HTTP server unit 312 transmits the index page program to the user operation terminal device 1 (step S12).
3).

The display unit 111 receives the index page program from the remote access server device 3, forms an index page screen according to the received index page program, and displays the formed index page screen (step S124). (B) Operation of Obtaining Device GUI Page The operation of obtaining the device GUI page of the remote operation system 10 will be described with reference to the flowchart shown in FIG.

The input unit 112 accepts a user's operation of a hyperlink button in the displayed index page screen and generates a device GUI page request added in association with the button. Then, the generated device GUI page request is transmitted to the remote access server device 3 via the communication unit 113 (step S152).

The HTTP server unit 312 receives the device GUI page request from the user operation terminal device 1 and outputs it to the access CGI execution unit 315. The access CGI execution unit 315 determines the connection destination corresponding to the user ID from the user access status table. GW host name is extracted (step S15
3), the access CGI execution unit 315 transmits the extracted connection destination GW host name and device GUI page request to the device indicated by the extracted connection destination GW host name, that is, the gateway device 5 (step S154).

Next, the HTTP server unit 510 receives a device GUI page program corresponding to the device GUI page request from the remote control host unit 520 (step S155), and transmits the received device GUI page program to the remote access server device. 3 (Step S1)
56). Next, the access CGI execution unit 315 receives the device GUI page program from the gateway device 5, and the link rewriting unit 316 rewrites the URL described in the device GUI page program,
The I execution unit 315 is a device GUI in which the URL has been replaced.
The page program is output to the HTTP server unit 312 (step S157), and the HTTP server unit 312 transmits the device GUI page program to the user operation terminal device 1.
(Step S158).

The display unit 111 receives the device GUI page program from the remote access server device 3, and according to the received device GUI page program, displays the device GUI page.
A page screen is formed, and the screen of the formed device GUI page is displayed (step S159). (C) Operation of Activating Device Control PG The operation of activating the device control PG of the remote operation system 10 will be described with reference to the flowchart shown in FIG.

The input unit 112 is used to display the displayed device GU.
From the screen of the I page, the user accepts the operation of the hyperlink button in the page, generates a device control PG activation request added in association with the button (step S171), and generates the generated device control PG. An activation request is transmitted to the remote access server device 3 via the communication unit 113 (step S172).

The HTTP server unit 312 receives the device control PG activation request from the user operation terminal device 1, and the access CGI execution unit 315 receives the device control PG activation request from the HTTP server unit 312, and the link rewriting unit 31
6 receives the device control PG activation request from the access CGI execution unit 315 and rewrites the URL in the request. The access CGI execution unit 315
Upon receiving the device control PG activation request in which L has been rewritten (step S173), the access CGI execution unit 315
Transmits the received device control PG activation request to the gateway device 5 (step S174).

When the device control PG activation request is received, the HT
The TP server unit 510 extracts the identifier of the host unit and the identifier of the device control CGI program from the device control PG activation request, acquires the device control CGI program identified by the extracted identifier from the remote operation host unit 520, The CGI execution unit 540 interprets the acquired device control CGI program, and according to the interpretation result, the device AP CGI.
The part I is controlled (step S175).

Next, the device API section outputs a control signal to the D-VHS player 6b, which is the target device (Step S).
176), the D-VHS player 6b receives the control signal and operates according to the received control signal (step S177). 3. Conclusion In a remote device control system for ordinary households and companies without specialized technicians, it is necessary to absorb the differences in the device operation needs of ordinary users and external support providers, and provide an optimal remote operation environment for both. is there. In addition, for privacy information in network equipment,
A mechanism is needed to protect access from support providers.

In the remote device control system, prevention of unauthorized access is also an important issue. At present, security-related technologies have become very powerful, supported by the advancement of encryption technology. By applying them, it is possible to secure a fairly high level of security and prevent unauthorized access. However, security functions implemented in software may not be able to sufficiently prevent attacks by hackers with advanced technology or new types of viruses, and human errors such as accidentally leaking passwords may occur. It is absolutely powerless. for that reason,
Not only software security functions but also security functions implemented in hardware are required.

In the remote operation system according to the above-described embodiment, since two host units, ie, a remote operation host unit and a support host unit, are provided in the gateway device, a general user and a support provider for the control target device are provided. Access means can be clearly separated. For example, when accessing the support host, technical information such as setting information of the control target device can be accessed in detail, but privacy information such as the contents of video tape is hidden, protecting the privacy of general users. And provide an environment for receiving appropriate external support.

As described above, it is also necessary to clearly separate the access means between the general user and the support service provider. Also, a general user who does not have specialized knowledge may inadvertently change setting information and bring down a device or a network. This can be prevented, and is also useful from the viewpoint of protection of the local network 7. In addition, it is useful to separate the remote control host unit and the support host unit from the viewpoint of ease of use, and an optimum operation environment can be provided for each of them.

Further, since the hardware configuration of the gateway device 5 is such that a program read from the outside cannot be executed by any means, it is impossible to access one host unit to the other host unit by software means. It is. Further, since the remote access server device 3 includes the link rewriting unit 316, the URLs of the remote operation host unit and the support host unit on the gateway device 5 can be obtained from the user operation terminal device 1 and the support agent terminal device 2. The security is improved by concealing and preventing direct access to the gateway device 5.

4. Modification A remote control system 10a as a modification of the remote control system 10 will be described. Remote control system 10a
Has the same configuration as the remote operation system 10.
The following description focuses on the differences from the remote operation system 10.

(1) Gateway Device 5 The supporting host unit 530 of the gateway device 5 includes a program storage unit 532a shown in FIG. Program storage unit 53
2a is an index page program 533, login page programs 541, 542,.
Device GUI page programs 534, 535, 536,
Device control CGI programs 537, 538,..., 5
39, login CGI programs 544, 545, ...
546 are stored, and a login page program 541, a device GUI page program 534, a device control CGI program 537, and a login CGI program 5
44 corresponds to the DVD player 6a, and includes a login page program 542, a device GUI page program 53
5. Device control CGI program 538, login CGI
The program 545 corresponds to the D-VHS player 6b,..., The login page program 543, the device G
It is assumed that the UI page program 536, the device control CGI program 539, and the login CGI program 546 correspond to the digital TV 6c.

(2) Terminal 2 for Support Company As shown in FIG. 19, the terminal device 2 for support company stores in advance a plurality of sets of serial numbers and passwords. The serial number is a number for individually identifying a target device (DVD player 6a, D-VHS player 6b,..., Digital TV 6c) to be controlled. The password is an authenticator for authenticating whether or not the support company that maintains each target device is valid.

The support agent terminal device 2 also receives a login page program from the gateway device 5 via the remote access server device 3, forms a login page from the received login page program, and creates the formed login page. indicate. FIG. 20 shows an example of the displayed login page. As shown in the figure, the login page has an input area for receiving input of a serial number and a password.

(3) DVD player 6a, D-VHS player 6b,..., Digital TV 6c DVD player 6a as a target device to be controlled
Stores one set of a serial number and a password in advance, as shown as an example in FIG. The serial number is a number for individually identifying the DVD player 6a to be controlled. The password is an authenticator for authenticating whether the support company that maintains the DVD player 6a is valid.

In the same manner as described above, the D-VHS player 6b previously stores one set of a serial number and a password as shown in FIG. 21B as an example.
The same applies to other target devices. (4) Operation of Remote Operation System 10a The operation of the remote operation system 10a will be described with reference to the flowcharts shown in FIGS.

The terminal device 2 for the support agent receives the input of the URL from the support agent (step S201),
A login page request is transmitted to the remote access server device 3 (Step S202). Remote access server device 3
Determines whether the login page request has been transmitted from the support agent terminal device 2 and determines whether the login page request has been transmitted from the support agent terminal device 2 (step S20).
3), the URL of the login page request is converted and transmitted to the gateway device 5 (step S211).

The gateway 5 acquires the login page program (step S212), and transmits the acquired login page program to the remote access server 3 (step S213). The remote access server device 3 converts the URL of the login page program (step S214), and further transmits the login page program to the support agent terminal device 2 (step S21).
5).

The support agent terminal device 2 forms and displays a login page from the login page program,
Accept input of identification number and password (step S
216). Next, information including the identification number and the password is transmitted to the remote access server device 3 (step S21).
7). The remote access server device 3 converts the URL of the information including the identification number and the password (step S21).
8) The information including the identification number and the password is transmitted to the gateway device 5 (step S219).

Next, the gateway device 5 acquires the corresponding login CGI program from inside (step S
220), by executing the acquired CGI program, the identification number and the password are requested to the target device (step S221). The target device receives the request, reads out and transmits the identification number and the password stored in advance therein, and the gateway device 5 acquires the identification number and the password (step S22).
2). Next, the gateway device 5 determines whether the identification number and the password received from the remote access server device 3 match the identification number and the password acquired from the target device, and determines the authentication result indicating the match or the mismatch. It is generated (step S223).

When the generated authentication result indicates a mismatch (step S224), the gateway device 5 transmits the authentication result to the remote access server device 3 (step S2).
25), the remote access server device 3 performs conversion (step S226), and further transmits the authentication result to the support agent terminal device 2 (step S227), and the support agent terminal device 2 displays the authentication result. I do.

The gateway device 5 receives the authentication result, and if the received authentication result indicates a match (step S2).
24) Then, a corresponding device GUI page program is acquired from the inside (step S231), and the acquired device GUI page program is transmitted to the remote access server device 3 (step S232). The remote access server device 3
A conversion for rewriting the hyperlink in the device GUI page program is performed (step S233), and the device GU is converted.
The I-page program is transmitted to the support agent terminal device 2 (step S234).

The support agent terminal device 2 is a device GUI.
Form a device GUI page according to the page program,
The formed device GUI page is displayed (step S23)
5). (5) Conclusion Each time the support provider accesses the device GUI page for each device, the serial number and password for identifying the device to be controlled are input using the corresponding login page. The serial number and the password are authenticated in each control target device, and when the authentication is successful, the corresponding device GUI page program is transmitted from the gateway device 5 to the support agent terminal device 2 via the remote access server device 3. The transmitted terminal device 2 for support displays the device GUI page. The support contractor is
The control target device is controlled using the UI page.

As described above, the remote control system 10a
This is effective when a plurality of support companies support one local network. With respect to the device GUI page, an access restriction can be provided for each support company, and a situation in which an unsupported device is destroyed by the support company can be avoided. 5. Other Modifications Although the present invention has been described based on the above embodiment, it is needless to say that the present invention is not limited to the above embodiment. The following cases are also included in the present invention.

(1) Device GUI page and device control CGI
Need not always be one for one control target device. Two or more may be prepared. (2) User authentication is not limited to the simple authentication method as described above, and a more advanced authentication method such as a challenge / response method or a one-time password method may be used. When these authentication methods are applied, the contents of the user authentication information table are appropriately changed, for example, by adding encryption key information in the case of the challenge / response method.

(3) The device control CGI is HTTP
Any program that can cooperate with the server may be used.
For example, it may be a Java servlet. (4) The remote access server device 3 may have the above-described configuration of the gateway device 5. Conversely, the gateway device 5 may have the above-described configuration of the remote access server device 3.

Further, the remote access server device 3 and the gateway device 5 may be an integrated device. (5) In the above embodiment, the user operation terminal device 1 and the support agent terminal device 2 are computer systems, but may be mobile phones or portable information terminals.

(6) The present invention may be the method described above. Further, these methods may be a computer program that is realized by a computer, or may be a digital signal formed by the computer program. Further, the present invention provides a computer-readable recording medium for reading the computer program or the digital signal, for example, a floppy (registered trademark)
Disk, hard disk, CD-ROM, MO, DV
D, DVD-ROM, DVD-RAM, semiconductor memory, etc. Further, the present invention may be the computer program or the digital signal recorded on these recording media.

Further, in the present invention, the computer program or the digital signal may be transmitted via an electric communication line, a wireless or wired communication line, a network represented by the Internet, or the like. The present invention may also be a computer system including a microprocessor and a memory, wherein the memory stores the computer program, and the microprocessor operates according to the computer program.

Further, by recording the program or the digital signal on the recording medium and transferring it, or by transferring the program or the digital signal via the network or the like, another independent computer system is provided. May be implemented. (7) The above embodiment and the above modifications may be combined.

[0110]

In order to achieve the above object, the present invention provides:
In a remote operation system in which a plurality of operation devices and a target device are connected via a wide area network, and each operation device operates the target device via the wide area network,
A gateway device for connecting the target device and the wide area network, wherein the general operation program includes an operation instruction for a general user for operating the target device, and a support company for operating the target device. Storage means for storing a support operation program including the operation command of the above, reception means for receiving an operation instruction from a general user or a support company from each operation device via the wide area network, and operation by the general user When an instruction is received, a general operation program is read from the storage unit, and when an operation instruction by a support provider is received, a reading unit that reads a support operation program, and according to an operation instruction included in the read program, Operating means for operating the target device.

According to this configuration, the gateway device
A general operation program including an operation instruction for a general user and a support operation program including an operation instruction for a support agent are stored, and when an operation instruction from a general user or a support agent is received, a corresponding operation instruction is stored. Since the program is read and the target device is operated in accordance with the operation command included in the read program, appropriate operation contents can be provided to each of the general user and the support company.

Here, the gateway device is a computer system including a microprocessor, a first memory unit, and a second memory unit, wherein the first memory unit includes the receiving unit, the reading unit, and the operating unit. Only a computer program including a plurality of instructions for causing the computer to function is stored in advance, and the microprocessor operates according to each instruction included in the computer program stored only in the first memory unit. The gateway device causes the receiving unit, the reading unit, and the operating unit to function, and the second memory unit includes:
Information received by the receiving means, and the receiving means,
The information processing apparatus may be configured to include an area for storing work information necessary for causing the reading unit and the operation unit to function.

According to this structure, the first memory section stores only the computer program in advance, the second memory section stores the information received by the receiving means, and the microprocessor stores the information in the first memory section. The microprocessor operates according to each instruction included in the stored computer program, so that even if an unauthorized computer program is written from the outside into the second memory unit, the microprocessor executes the unauthorized computer program. Nothing.

Here, the microprocessor reads a program counter for storing an address where an instruction is stored, and reads an address stored for the program counter, and the microprocessor reads the address indicating the inside of the first memory unit. A check circuit that outputs the read address and outputs error information when the read address indicates outside the first memory unit; and receives an address or error information from the check circuit and receives the error information. In the case where the processing is stopped and the address is received, the first address indicated by the received address
An instruction processing unit that reads an instruction from an area in the memory unit and executes the read instruction may be included.

According to this configuration, when the address read from the program counter indicates outside the first memory unit, the check circuit outputs error information, and the instruction processing unit
When the error information is received, the process stops,
The microprocessor does not execute a computer program outside the first memory unit. Further, according to the present invention, a target device and a gateway device are connected to form a local network, a plurality of operation devices and the gateway device are connected via a wide area network, and each operation device is connected via a wide area network and a local network. In the remote operation system for operating the target device,
A server device that connects the plurality of operation devices and the gateway device, wherein the arrangement positions of the gateway device and the server device in the wide area network are indicated by first and second addresses, respectively, and the gateway device is An operation control program including an instruction related to an operation of the target device, and the first address,
A link control program that includes a link command indicating a link to the operation control program, transmits the link control program in response to a request from each operation device, and the server device executes the link control program. Receiving means for receiving, and the first address included in the link command in the received link control program,
Rewriting means for rewriting to access, and transmission means for transmitting the rewritten link control program to each operating device are provided.

According to this configuration, the first address included in the link command in the received link control program is rewritten to the second access, and the rewritten link control program is transmitted to each operating device. Can be concealed and unauthorized intrusion into the gateway device can be prevented. Here, each operating device receives a link control program, and operates the target device to the device located at the location indicated by the second address included in the link instruction in the received link control program. The operation instruction is transmitted, and in the server device, the reception unit further receives the operation instruction from each of the operation devices, and the transmission unit further indicates the received operation instruction by the first address. The gateway device may be configured to transmit the operation instruction to the device arranged at the arrangement position, and to receive the operation instruction.

According to this configuration, the operation instruction is received from each operation device, and the received operation instruction is transmitted to the device located at the location indicated by the first address. Information can be sent.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a configuration of a remote operation system 10 according to one embodiment of the present invention.

FIG. 2 is a functional block diagram showing a configuration of a gateway device 5.

FIG. 3 shows a specific hardware configuration of the gateway device 5.

FIG. 4 is a block diagram illustrating a detailed configuration of a microprocessor 551.

FIG. 5A shows an example of an index page program for a user. (B) An example of an index page program for a support company is shown. (C) An example of the device control CGI program is shown.

FIG. 6 is a block diagram showing a configuration of a remote access server device 3.

FIG. 7 shows a data structure in a hard disk unit provided in the remote access server device 3.

FIG. 8A shows a data structure of a user authentication information table. (B) Shows the data structure of the user access status table.

FIG. 9 shows a data structure of a link control table.

FIG. 10 shows an example of a rewritten index page of a URL.

FIG. 11 is a block diagram showing the structure of the user operation terminal device 1.

FIG. 12 shows a login page displayed on the user operation terminal device 1.

FIG. 13A shows an index page displayed on the user operation terminal device 1. (B) An index page displayed on the support agent terminal device 2 is shown.

FIG. 14A shows a device GUI page displayed on the user operation terminal device 1. (B) Device GU displayed on the terminal device 2 for the support company
Shows page I.

FIG. 15 is a block diagram showing a structure of the digital TV 6c.

FIG. 16 is a flowchart showing an operation of the remote operation system 10 for acquiring an index page.

FIG. 17 is a flowchart showing an operation of acquiring a device GUI page and an operation of activating a device control PG of the remote operation system 10.

FIG. 18 shows data stored in a program storage unit 532a.

FIG. 19 shows an example of a set of a serial number and a password stored in the terminal device 2 for a support company in advance.

FIG. 20 shows an example of a login page displayed on the support agent terminal device 2.

FIG. 21 (a) D as a target device to be controlled
An example of a set of a serial number and a password stored in the VD player 6a in advance is shown. (B) An example of a set of a serial number and a password stored in advance by a D-VHS player 6b as a target device to be controlled is shown.

FIG. 22 is a flowchart showing the operation of the remote operation system 10a. It continues to FIG.

FIG. 23 is a flowchart showing the operation of the remote operation system 10a. Continued from FIG.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 User operation terminal device 2 Support agent terminal device 3 Remote access server device 4 Provider 5 Gateway device 6a DVD player 6b D-VHS player 6c Digital TV 7 Local network 8 Internet 9 LAN connection device 10 Remote operation system

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) H04N 17/04 H04N 17/04 Z 17/06 17/06 H04Q 9/00 301 H04Q 9/00 301E 321 321E F term (reference) 5B089 GA31 GB02 HA06 HA10 HB05 JA35 JB07 JB10 KA17 KB09 KB13 5C061 BB01 BB09 BB15 CC05 CC07 5K030 HB06 HC01 HD03 HD06 KA01 KA02 5K048 BA02 DA05 DC04 EA14 EB01 EB02 FC01 HA01 HA02

Claims (11)

[Claims] 1. A remote operation system in which a plurality of operation devices and a target device are connected via a wide area network and each operation device operates the target device via the wide area network, wherein the target device, the wide area network, A general operation program including an operation instruction for a general user for operating the target device, and a support operation program including an operation instruction for a support company for operating the target device. Storage means for storing, from each operating device, receiving means for receiving an operation instruction from a general user or a support provider via the wide area network; and When the general operation program is read from the storage means and an operation instruction from a support company is received, A gateway device comprising: reading means for reading a port operation program; and operating means for operating the target device according to an operation command included in the read program. 2. The gateway device is a computer system including a microprocessor, a first memory unit, and a second memory unit, wherein the first memory unit functions as the receiving unit, the reading unit, and the operating unit. Only the computer program including a plurality of instructions for causing the gateway to operate in accordance with each instruction included in the computer program stored only in the first memory unit. The apparatus causes the receiving unit, the reading unit, and the operating unit to function, and the second memory unit causes the information received by the receiving unit to function, and causes the receiving unit, the reading unit, and the operating unit to function. The gateway according to claim 1, further comprising an area for storing necessary work information. Way device. 3. The microprocessor, further comprising: a program counter for storing an address at which an instruction is stored; and a read-out address stored in the program counter, wherein the read-out address indicates the inside of the first memory unit. A check circuit that outputs the read address, and outputs error information when the read address indicates outside the first memory unit; and receives an address or error information from the check circuit;
An instruction processing unit that stops processing when error information is received, reads an instruction from an area in the first memory unit indicated by the received address when an address is received, and executes the read instruction. The gateway device according to claim 2, wherein: 4. A target device and a gateway device are connected to form a local network, a plurality of operation devices and the gateway device are connected via a wide area network, and each operation device is connected via a wide area network and a local network. In a remote operation system that operates the target device, a server device that connects the plurality of operation devices and the gateway device, wherein the arrangement positions of the gateway device and the server device in the wide area network are first and first, respectively. Second
The gateway device, indicated by an address, includes an operation control program including an instruction related to the operation of the target device, and a link control program including a link instruction including the first address and indicating a link to the operation control program. The server device transmits the link control program in response to a request from each operation device, and the server device includes: a receiving unit that receives the link control program; and a receiving unit that includes the link command in the received link control program. A rewriting means for rewriting the first address to be replaced with the second address, and a transmitting means for transmitting the rewritten link control program to each operating device. 5. An operating device receives a link control program, and transfers the target device to the device located at the location indicated by the second address included in the link command in the received link control program. Transmitting an operation instruction related to an operation; in the server device, the receiving unit further receives the operation instruction from each operation device; and the transmitting unit further transmits the received operation instruction to the first address. 5. The server device according to claim 4, wherein the server device transmits the operation instruction to a device arranged at the arrangement position indicated by (b), and the gateway device receives the operation instruction. 6. A target device and a gateway device are connected to form a local network, a plurality of operation devices and the gateway device are connected via a wide area network, and the plurality of operation devices and the gateway device are connected to a server. A remote operation system connected by a device, wherein each operation device operates the target device via a wide area network and a local network, and receives an operation instruction from a general user or a support provider, and receives the received operation instruction. A plurality of operating devices that transmit to the server device via a wide area network, a server device according to claim 5, a gateway device according to claim 1, and a target device that operates according to the operation of the gateway device. A remote control system characterized by being constituted. 7. A target device and a gateway device are connected to form a local network, a plurality of operation devices and the gateway device are connected via a wide area network, and the plurality of operation devices and the gateway device are connected to a server. A remote operation system connected by a device, wherein each operation device operates the target device via a wide area network and a local network, and receives an operation instruction from a general user or a support provider, and receives the received operation instruction. A plurality of operation devices for transmitting to the server device via a wide area network, and the server device according to claim 5, wherein a general operation program including an operation instruction for a general user for operating the target device. And a service including an operation instruction for a support company for operating the target device. A storage unit for storing a port operation program, a receiving unit for receiving an operation instruction from a general user or a support provider via the wide area network, and an operation instruction from a general user Reading a general operation program from the program storage means, and when receiving an operation instruction from a support provider, reading means for reading the support operation program; and operating the gateway device in accordance with the operation instruction included in the read program. A server device comprising operating means for operating the target device via the gateway device; and a target device operating via the gateway device in accordance with the operation of the server device. Remote control system. 8. A remote operation system in which a plurality of operation devices and a target device are connected via a wide area network, and each operation device operates the target device via the wide area network, wherein the target device and the wide area network are connected to each other. A connection method used in a gateway device for connecting the target device, wherein the gateway device includes a general operation program including an operation instruction for a general user for operating the target device, and a support for operating the target device. Storage means for storing a support operation program including an operation instruction for a trader, the connection method comprising: receiving an operation instruction from a general user or a support trader from each operation device via the wide area network. Step; receiving an operation instruction from a general user; Reading a program and, when receiving an operation instruction from a support provider, reading a support operation program; and an operation step of operating the target device according to an operation instruction included in the read program. Characteristic connection method. 9. A target device and a gateway device are connected to form a local network, a plurality of operation devices and the gateway device are connected via a wide area network, and each operation device is connected via a wide area network and a local network. In the remote operation system for operating the target device, a connection method used in a server device that connects the plurality of operation devices and the gateway device, wherein an arrangement position of the gateway device and the server device in the wide area network is , Each first
And a second address, wherein the gateway device includes an operation control program including an instruction related to the operation of the target device, and a link control including the first address and a link instruction indicating a link to the operation control program. The link control program is transmitted in response to a request from each operating device; the connection method includes: a receiving step of receiving the link control program; and a link in the received link control program. A connection method, comprising: a rewriting step of rewriting the first address included in a command to the second access; and a transmitting step of transmitting the rewritten link control program to each operating device. 10. A remote operation system in which a plurality of operation devices and a target device are connected via a wide area network, and each operation device operates the target device via the wide area network, wherein the target device and the wide area network are connected to each other. A connection program used in a computer system as a gateway device for connecting the target device, wherein the gateway device operates a general operation program including an operation command for a general user to operate the target device, and operates the target device. Storage means for storing a support operation program including an operation instruction for a support company for performing the operation, the connection program transmits an operation instruction from a general user or a support company from each operation device via the wide area network. Receiving step for receiving by Receiving the general operation program from the storage means when receiving the operation instruction from the supporter, and reading the support operation program when the operation instruction is received from the storage means, according to the operation instruction included in the read program. An operation step of operating the target device. 11. A target device and a gateway device are connected to form a local network, a plurality of operation devices and the gateway device are connected via a wide area network, and each operation device is connected via a wide area network and a local network. In a remote operation system that operates the target device, a connection program used in a computer system as a server device that connects the plurality of operation devices and the gateway device, wherein the gateway device and the server device in the wide area network Are located at the first and second positions, respectively.
The gateway device, indicated by an address, includes an operation control program including an instruction related to the operation of the target device, and a link control program including a link instruction including the first address and indicating a link to the operation control program. Transmitting the link control program in response to a request from each operation device, wherein the connection program includes a reception step of receiving the link control program, and a link command included in the received link command in the link control program. A connection program, comprising: a rewriting step of rewriting the first address to be used for the second access; and a transmitting step of transmitting the rewritten link control program to each operating device.