JP2003152806A - Switch connection control system for communication path - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a switch connection control system for a communication path that attains flexible cooperation between an internal network and an external network while preventing direct intrusion of an access from the external network into the internal network by using a physical means. SOLUTION: The switch connection control system for a communication path adopts a switch connection controller that is interposed in the communication path and exclusively selects connection to one communication path or connection to the other communication path to provide a security system for preventing illegal intrusion to terminals and systems distributed on purposes by employing a sea-saw type switching technology. Since the sea-saw type switching technology physically disconnects the external network from the internal network with a control signal of an access request on purpose in this way, the system can surely protect data from illegal acts.

Description

Detailed Description of the Invention

[0001]

TECHNICAL FIELD The present invention relates to a technique effectively applied to security in a network.

[0002]

2. Description of the Related Art The spread of the Internet is said to fundamentally change the business form. In recent years, not only data centers and provider businesses, but even end users are constantly connected to the Internet, and crimes due to unauthorized access are becoming popular. Nowadays, the introduction of security is under pressure from governmental organizations to individuals.

Firewall technology is known to prevent access to an internal network (intranet) from an external network (such as the Internet).
In such conventional security, all terminals and systems are physically or logically connected by a single line, and a firewall makes a logical judgment of appropriateness.

[0004]

In the conventional network security technology, all terminals and systems are physically or logically connected by a single line.
It has a problem that unauthorized intrusion is possible.

For this purpose, it is safest to separate the external network from the internal network. In other words, no matter what kind of situation (destructive attack, etc.), there is no single line connection, so it is possible to prevent unauthorized intrusion.

However, if the access from the external network to the internal network or the access from the internal network to the external network is completely cut off, flexible operation between the networks becomes impossible.

In other words, physically separating the external network from the internal network may impair real-time property and bidirectionality.

The present invention is technically capable of flexibly linking an internal network with an external network while preventing direct access to the internal network by physical means in response to access from the external network. It is an issue.

[0009]

According to the present invention, there is provided a switch connection control device for a communication path, which is interposed in a communication path and exclusively selects a connection with one communication path and a connection with the other communication path. Is. That is, a security system for preventing unauthorized intrusion is provided to terminals and systems distributed according to purposes by using seesaw-type switching technology.

Since the external network and the internal network are physically separated by the control signal of the access request according to the purpose by the seesaw type switching technology,
Data can be reliably protected from fraudulent activity.

[0011]

DETAILED DESCRIPTION OF THE INVENTION

Embodiment 1 An embodiment of the present invention will be described below with reference to the drawings. FIG. 1 is a functional block diagram showing the concept of the present invention. As shown in Fig. 1, terminals and systems for each purpose are classified and distributed into the following three.

In the figure, reference numeral 1 is an internal network that holds important data and systems, and is composed of a general-purpose network in which computer systems are connected by communication lines. Here, the internal network is a system having a terminal or a network which is not connected to an external line including wired or wireless as described above.

Reference numeral 2 in the figure denotes an external network. Here, the external network is referred to as an external network such as an Internet network, a public network, a network connected to an external line including wired or wireless such as a dedicated line, a system having the network, a terminal, or a network component such as a modular jack.

Reference numeral 3 denotes a control terminal (seesaw type switching security system) for controlling the internal network and the external network, which is the most important element of the present invention.

The control terminal 3 further includes a switch server 3
1, switch control unit 32, buffer 33, buffer 34
And seesaw switching box (SSWB) 35
It consists of and. Each of these functional units will be described in detail later.

In this system, the control terminal 3 has a function of receiving a request from an external network and transmitting it to the internal network, as shown in FIG. It also has a function of receiving data from the internal network and transmitting it to the external network. In the figure, the seesaw switching box (SSWB) 35 is in a state in which the buffer 34 is connected to the buffer 33 in order to transmit the request signal from the external network 2 to the internal network 1.

The control terminal 3, as shown in FIG.
It has a function of receiving a request from the internal network and transmitting it to the external network. It also has a function of receiving data from an external network and transmitting it to the internal network. In the figure, a seesaw switching box (SSWB) 5 is in a state of connecting the internal network 1 and the switch server 31 in order to transmit a request signal from the internal network 1 to the external network 2.

As shown in FIG. 4, the control terminal 3 is also capable of bidirectionally transmitting and receiving request signals and data signals in both the internal network 1 and the external network 2.

When using in such a bidirectional mode, a buffer 37 is provided between the switch server 31 and the seesaw switching box (SSWB) 35.
Further, a buffer 36 may be provided between the internal network 1 and the seesaw switching box (SSWB) 35 so that the inside of the control terminal 3 has a symmetrical configuration with respect to the internal network 1 and the external network 2. .
In this case, the buffer 36 holds the request from the internal network until the external switch (SW2) is closed. Further, it has a filtering function of judging whether there is any illegal data in the request from the internal network and discarding the request when the illegal data is detected.

The buffer 37 has a function of holding data from the external network 2 in the switch server 31 and holding properly processed data until the internal switch (SW2) is closed.

The other operations of the control terminal 3 are the same as those described with reference to FIGS.

Although the structure in which the control terminal 3 has a bilaterally symmetrical structure is shown only in FIG. 4, such a structure is applicable to any mode of use of the control terminal 3.

Next, the configuration, function, and operation of each unit in the object distribution type unit (unit distributed according to purpose) of this embodiment will be described with reference to FIG.

The switch server 31 is composed of a computer system, and is composed of a central processing unit (CPU), a memory, an external storage device, an interface (I / O), etc. centering on a bus. The program is installed in the external storage device, and the central processing unit (CP
U) outputs the control instruction signal of the seesaw switching box (SSWB) 35 to the switch control unit 32 by loading the program into the memory and sequentially executing the program.

That is, the switch server 31 requests necessary data to the internal network in response to a request from the external network, and makes the data received from the internal network consistent with the request from the external network. Perform processing. Further, a control signal for exclusively switching the gates (SW1 and SW2) on the external network side and the internal network side based on signals such as requests and data is sent to the switch control unit 32.

The switch control unit 32 includes a central processing unit (C
It is composed of a plurality of interfaces (I / O) centered on a PU) and a memory. That is, the seesaw switching box (SSWB) 35 is controlled based on the control instruction signal from the switch server 31.

Here, the switch control unit 32 is not in contact with the data signal path on the network at all, and monitors the switch server 31, the buffer 34, the buffer 33, and the seesaw switching box (SSWB), respectively. Has the role of managing the state of.

Then, a control signal for changing each mode is sent to the buffers 34 and 33 based on the information from the switch server 31 and the like. (See Figures 13-14)

Further, the mode status signals of the buffers 34 and 33 are sent to the switch server 31. Further, it receives a switch switching control signal from the switch server 31 to the seesaw switching box (SSWB) 35, judges the appropriateness of the mode states of the buffers 34 and 33, and sends a switch switching control signal to the seesaw switching box (SSWB). It has the function of sending.

The buffers 33 and 34 have almost the same configuration, but the buffer 34 is directly connected to the external network, and the buffer 33 is located between the seesaw switching box (SSWB) 35 and the switch server 31. The difference is that it is interposed.

The buffer 34 holds the request from the external network until the external switch (SW2) is closed. Further, it has a filtering function of judging whether there is any illegal data in the request from the external network and discarding the request when the illegal data is detected.

The buffer 33 has a function of receiving data from the internal network by the switch server 31 and holding properly processed data until the external switch (SW2) is closed.

Seesaw switching box (SSW
B) 35 is composed of a flip-flop element (FF) and switches (SW1, SW2), and switches depending on the value of the instruction signal T from the switch control unit 32 input to the flip-flop element (FF). Either the switch 1 or the switch 2 is controlled to be in a short-circuited state.

That is, the seesaw switching box (SSWB) 35 receives the control signal from the switch control section 32, and the operation of the flip-flop (FF) causes the switches (SW1 and SW2) on the external network 2 side and the internal network 1 side. It has a function to switch exclusively. Regarding this point, a truth table is shown in FIG. 6 to explain the operation algorithm of the seesaw switching box (SSWB).

As described above, in the present embodiment, each of the above-mentioned units has a clear role and is independent / distributed, so that important data can be protected from a cracking action and unauthorized intrusion. In particular, since the switch control unit 32 is not in contact with the data signal path on the network at all, even if the switch server 31 and the buffers 33 and 34 are cracked, they are detected and the seesaw switching box (SSWB) is controlled. be able to.

By using this control method and making the switch server 31 and the buffers 33, 34 into a duplex structure, a reinforced security system for automatically switching a cracked unit to a spare unit can be constructed.

The following patterns are conceivable as the timing at which the switch server 31 outputs the operation mode switching instruction (timing chart of FIG. 15) in the actual operation.

(1) Switching to a time zone when there are few requests to the switch server. Based on the access status to the switch server 31, a time zone with few requests is checked, and if the switch server cannot accept an external request during that time zone, the user is notified and communication with the internal network is performed during that time.

(2) Switching periodically. If there is no time period when the request is interrupted, the connection is switched from the outside to the inside at every specified time. By increasing the number of times of switching, it is possible to reduce the time required for each communication with the inside and reduce the delay of the request from the user's external network.

(3) Switching is made for each user request. For example, in the case of an application that wants to see the information of a specific individual among the personal information accumulated in the internal network, the connection is switched every time the inquiry for the personal information is made. Information can be protected by sending only the minimum necessary information to the external network side.

The controls (1) to (3) as described above are
This is performed based on the program installed in the storage device of the switch server 1.

Next, the operation of this system will be described with reference to FIGS. In this system (SWSEC)
Since only one of the switch (SW2) on the external network 2 side and the switch (SW1) on the internal network 1 side is physically closed (the structure does not cause a short circuit), a switch control command or information for controlling switching of the SWSEC system is provided. Even if the incoming and outgoing server (here, the switch server 31) is cracked, the internal network and the external network are not electrically connected.

Further, each unit (switch server 3) that is not in contact with the data signal path on the network at all.
1, a buffer 34, a buffer 33) and a control and monitoring mechanism (here, the switch control unit 32) are provided, and switch control is performed so that external control due to cracking is not accepted.

Here, the SWSEC system does not switch the timing for controlling the switch 35 autonomously, but the switch server 31 issues a control command to perform switching even when there is no request from the external network 2. be able to. If there is a request while disconnecting from the external network 2 by switching, the request is accumulated in the buffer 34, and the SW
When the connection of the SEC system is switched to the external network 2 side, the request is transmitted from the buffer 34 to the switch server 31.

Switch server 31 and external network 2
If the transmission of the data continues uninterruptedly, a time for connecting to the internal network 1 is periodically provided, and the data to be protected is transmitted to the internal network 1. Switch server 31 during transmission
The data to be transmitted from is stored in the buffer 33.
Further, when the transmission amount is large, an information server (not shown) that stores information other than the information to be protected is provided on the external network side, so that a request for information that does not need to be protected can be always accepted.

Next, the operation will be described. External network 2
When there is a request from the side to the internal network 1, the request signal is stored in the buffer 34.

Here, the central processing unit (CPU) in the buffer 34 judges whether the request is illegal or legitimate using the filter program installed in the external storage device. Discard the request.

Next, the seesaw switching box (S
In the packet buffer mode indicating that the switch (SW2) of (SWB) is disconnected (open) (the state where the internal network 1 and the switch server 31 are performing data communication), the request is accumulated in the buffer 34. , Seesaw switching box (SSWB) switch (S
It waits until the packet through mode, which indicates a state in which W2) is connected (a state in which the internal network 1 and the switch server 31 have completed data communication).

Internal network 1 and switch server 31
When the data communication ends, the switch server 31 causes the switch control unit 32 to display the seesaw switching box (SSW).
B) A control signal for switching the connection of the switch 35 from the switch (SW1) to the switch (SW2) is transmitted. The switch control unit 32 that receives this control signal
It is monitored whether the states of the buffer 34 and the buffer 33 are the packet buffer mode or the packet through mode, and if they are the packet buffer mode, the control signals for switching to the packet through mode are sent to the buffers 34 and 33, respectively. Send to.

When the control signals indicating the notification of the change to the packet buffer mode are received from the buffers 34 and 33, respectively, the seesaw switching box (SSWB).
A control signal for switching the connection of the switch from SW1 to SW2 is sent to. If it is in the packet through mode, connect the switch to the seesaw switching box (SSWB) 35 from SW1 to SW2.
A control signal for switching to is sent.

The request is for the switch (SW2) and the buffer 3 of the seesaw switching box (SSWB).
It is input to the switch server 31 (switching control and information transmitting / receiving server) via

In the switch server 31, the central processing unit (CPU) judges the adequacy and purpose of the request input as described above by using the filter program, and if it is improper, the request is discarded.

When the request is proper, a control signal for switching the connection of the switch of the seesaw switching box (SSWB) 35 from SW2 to SW1 is sent to the switch control section 32.

The switch control section 3 which has received this control signal
2 sends control signals to the buffers 34 and 33 for setting the states of the buffers 34 and 33 to the packet buffer mode, respectively. Then, control signals indicating the notification of the change to the packet buffer mode are sent to the buffers 34,
When received from 33, a control signal for switching the switch connection from SW2 to SW1 is sent to the seesaw switching box (SSWB) 35.

Next, the control signal sent from the switch control unit 32 is transferred to the seesaw switching box (SSW).
B) When 35 receives, the connection of the switch is switched from SW2 to SW1 by the operation of the flip-flop (FF) (see FIG. 8). The switch server 31 sends a request suitable for the purpose to the internal network 1 side.

Next, the internal network 1, as shown in FIG. 9, sends data in response to the request sent from the switch server 31. The data is based on the short-circuited switch (SSW) of the seesaw switching box (SSWB).
It is sent to the switch server 31 via W1).

The switch server 31 forms the data in an appropriate format suitable for the purpose. This molding is performed by the central processing unit (CPU) based on the program installed in the external storage device.

Next, the switch server 31 connects the switches of the seesaw switching box (SSWB) by S.
A control signal for switching from W1 to SW2 is sent to the switch control unit 32, and at the same time, the data shaped above is sent to the buffer 33 in the packet buffer mode.

Upon receiving the control signal from the switch server 31, the switch control unit 32 sends a control signal for switching the switch connection from SW1 to SW2 to the seesaw switching box (SSWB) 35. Then, a control signal for setting the state of the buffer 33 to the packet through mode is sent to the buffer 33, and a control signal indicating the notification of the change to the packet through mode is sent to the buffer 33.
Receive from

Next, as shown in FIG. 10, data is transferred from the buffer 33 to the seesaw switching box (SSW).
B) It is input to the buffer 34 in the packet buffer mode via the switch (SW2) 35.

The buffer 33 sends out a notification signal (buffer empty signal) to the switch control unit 32 when the data transmission is completed. Upon receiving the buffer empty signal, the switch control unit 32 sends a control signal for setting the packet through mode to the buffer 34 in the packet buffer mode.

The buffer 34 that has received this control signal
Sets its own state to the packet through mode, and returns a control signal indicating the notification of the change to the packet through mode to the switch control unit 32.

In this way, the data is transmitted to the external network 2.

Next, an application example of this embodiment will be described with reference to FIG. In the figure, for example, it is assumed that a personal server in the Internet shopping and an authentication act of a user attribute are requested from a web server 1102 placed at a provider to a data server (internal network 1) installed in the company. .

The external network 2 is the Internet 2
1 and the Internet 21 is connected to the web server 1102 of the provider via the router 1101.
It is connected to the. The web server 1102 is connected to the Internet 22 via the router 1103, and the user terminal 1104 is connected to the Internet 22.

In the case of the figure, the operation of outputting the authentication result as data from the internal network 1 based on the authentication request from the external network 2 is performed. This operation is realized by the explanation of FIGS. 7 to 10 described above. .

In FIG. 12, the terminal device 21 installed in an individual's home corresponds to the internal network, and transmits a music data download request to the web server 1203 of the provider, which is the external network. The configuration is for receiving music data from the web server 1203.

In the figure, the router 1202 is connected to the Internet 1201 via a router and the modular jack 21, and the Internet 1201 is connected to the router 1202.
Is connected to the web server 1203 of the provider via. The web server 1203 stores music data for music distribution.

In such a music distribution service, the personal terminal device 11 requests the web server 1203 to transmit music data. The request is the web server 1
When received at 203 and authenticated by a method not shown, music data is received at the control terminal 3 from the web server 1203 via the Internet 1201 via the router and the modular jack 21. The procedure from the transmission of the request to the reception of the data at this time can be realized in the same manner as in the description of FIGS. 7 to 10 above. However, in the above description of FIGS. 7 to 10, “request”
Should be read as “data” and “data” as “request”.

In addition to the above application example, the LA
It is possible to intervene this system in N, within the provider, data center business, personal PC terminal, etc. That is, the present invention is not limited to the above-described embodiments and application examples thereof, and can be interposed in any part on the network, and it is possible to maintain internal security for each network.

[0071]

Second Embodiment Next, a second embodiment of the present invention will be described. The system configuration of the second embodiment is as shown in FIG. In the figure, the same reference numerals as those in the system (see FIG. 1) described in the first embodiment are the same functional units, and thus the description thereof is omitted. Note that, for convenience of description, the arrangement of the internal network and the external network in FIG. 16 is opposite to the left and right of the configuration of the first embodiment (FIGS. 1 to 10).

In the second embodiment, the switch server 1
The difference from the first embodiment is that 601 is separated from the switch unit 1609 and is independent as a server. In this way, by making the switch server 1601 independent, the server can be configured by a general-purpose computer system, the number of parts of the switch unit 1609 can be reduced, cost can be reduced, and maintenance can be facilitated. You can also

The switch server 1601 has a function of detecting unauthorized intrusion from the external network 2 and transmitting a switching control signal.

The switch server 1601 is constructed by a general-purpose information processing device having a central processing unit (CPU), a memory, a storage device, etc., and a buffer (161) is provided on the communication path side of both the internal network 1 and the external network 2.
1, 1612) are provided.

A diagnostic program is stored in the storage device provided in the information processing apparatus, which is the diagnostic unit 1.
It constitutes 602. Also, in the storage device,
An operating program for the switch control unit 32 is stored, and this is the operating unit 160.
Make up three.

The diagnostic programs are IP filter (packet filtering software), IDS (Intrution Ditect).
Ion System: Intrusion detection system), authentication software, etc., and diagnoses access from the external network 2 to the internal network 1. Also, Vacci
A virus vaccine program such as an ne application is also included, and a virus pattern is detected from the data from the external network 2.

On the other hand, the operating program has a function of sending a switching control signal to the switch control unit 32 based on the diagnosis result by the above-mentioned IDS or Vaccine application, and at the same time, the operating state of the diagnostic program. Is monitored, and when an abnormality is detected, a reset signal for forcibly ending the execution process is output to the diagnostic unit (diagnostic program) to the OS to initialize the diagnostic program.

Internal switch buffer (ISEB: In S
The ide entrance buffer) is interposed between the internal network 1 and the seesaw switching box (SSWB) 35 and functions as a repeater.

That is, it has a function of receiving packet data (datagram) from the internal network 1 side and forwarding the data to the switch server 1601 via the seesaw switching box (SSWB) 35.

At this time, it has a function of temporarily storing packets until the switch of the seesaw switching box (SSWB) 53 is closed (while the internal communication path is open).

On the other hand, the external switch buffer (OSEB:
The Out Side Entrance Buffer) is interposed between the external network 2 and the seesaw switching box (SSWB) 35 and functions as a repeater.

That is, it has a function of receiving packet data (datagram) from the external network 2 side and forwarding the data to the switch server 1601 through the seesaw switching box (SSWB) 35.

At this time, it has a function of temporarily storing packets until the switch between the switch server 1601 and the external switch buffer (OSEB) is closed.

In the external switch buffer (OSEB),
A simple packet filter function (third layer of the OSI reference model of TCP / IP protocol: a packet filter realized at the lower layer level up to the network layer), and a function to prevent intrusion of fragmented packets of 64 bytes or less have.

An internal switch buffer (ISEB)
Between the switch control unit 32 and the switch control unit 3
2 and external switch buffers (OSEB), direct paths (direct communication paths) 1604 and 1605 are provided, and whether data from the internal network 1 side sends a response result to a request from the outside, or Determine whether to send a request from the internal side, if the former,
Data is directly forwarded to an external switch buffer (OSEB) without passing through the seesaw switching box (SSWB) 35. In the latter case, the switch server 16 is passed through the seesaw switching box (SSWB).
It has a function of forwarding to 01. That is, the internal network 1 is designed to prevent unintended transmission of packet data. Such unintended packet data is an illegal packet created by an internal data automatic transmission virus program called a "trojan horse" or the like: fragmented packets of 64 bytes or less or consecutive packets to the same IP address ( D
oS attack).

The external switch buffer (OS) constituting the present system (SWSEC) in FIG. 16 described above is
FIG. 19 shows the circuit configurations of the EB), the internal switch buffer (ISEB), and the seesaw switching box (SSWB) 35 in more detail. In the figure, the external switch buffer (OSEB) is a NIC (Ne
twork Interface Circuit),
Transmit buffer, receive buffer and PHY (PHYsica
l Layer Protocol) is connected to this. This PH
Y is a physical device for TCP / IP which is a communication protocol, and is directly connected to an external network. The NIC is also connected to a computer system bus in a buffer, which computer system has a central processing unit (CPU) and memory (SDRAM and FLASH). In addition, the DIP switch (D
IPSW) is connected.

On the other hand, internal switch buffer (ISEB)
Also has a similar configuration. The switch control unit 32 includes a central processing unit (CPU) and a memory (SDRAM and F
LASH) and a switch controller (SWCNT). Specifically, this switch controller (SWCNT) is a seesaw switching box (S
SWB) is configured to selectively select two gates, and each gate has a buffer (BUFF).
Are directly connected. These buffers (BUFF) are external buffers (OSEB) and internal buffers (ISEB), respectively.
It is connected to the EB) bus, and data can be transferred. This circuit system (SWSE
In C), an external commercial AC power supply is converted into a DC voltage of about 3.3V by a power supply unit (POW) and used as an operating power supply for the circuit.

Next, the diagnostic section 1602 (diagnostic program)
The function of will be described with reference to FIG. First, the central processing unit (CPU) of the switch server is the external network 2
Access data (packet) from the switch server 1
When stored in the buffer 1612 of 601, the following access analysis is performed by the diagnostic program (IP filter program, IDS, authentication program, vaccine program) [Analysis / diagnosis type by handling layer (OSI reference model of TCP / IP)] ] (I) L3 level ... IP filter (analysis / diagnosis in IP layer) (ii) L4 level ... Authentication software (connection analysis / diagnosis in TCP layer) (iii) L7 level ... IDS, Vaccine program

Depending on the IDS function, intrusion detection can be performed at the low layer level, and the vaccine program can also detect viruses at the low layer level (IP layer).

Here, the IDS (Intrution Ditection)
System) intrusion detection method, the pattern of known malicious attacks is stored and the misuse detection method that checks access data against this pattern and the pattern of normal behavior information are stored. Anomaly detection methods and the like that are compared with patterns are known.

The operating unit 1603 (operating program) monitors the execution of the above-mentioned diagnostic program and evaluates the analysis result of access from the external network 2 (1701).

This evaluation is for the case where the intrusion is permitted (OK).
The case is divided into the case where the intrusion is not permitted (NG) and the case where the diagnosis is impossible.

That is, when it is determined to be NG due to the discovery of a virus or the like, the access is discarded (1702),
That is, the packet is discarded.

On the other hand, in the case of OK, the switch control signal is output to the switch control unit 32 (1703), the mode state of the buffer 1612 is checked (1704),
An instruction is given to switch the seesaw switching box (SSWB) 35 (1705).

If the diagnosis cannot be made, that is, if the diagnosis cannot be made within the set time, the diagnostic program is forcibly reset and the packet is discarded. At this time, since the switch control signal is not output to the switch control unit 32, the switch server 1601 and the internal network are not connected.

When such a diagnosis is impossible, there may be external factors and internal factors. The "external factor" refers to the case where the diagnostic function is stopped from the outside by a spliced virus called a "trojan horse" or "worm", and the "internal factor" means that various conditions are accidentally caused. This is a case where the diagnostic function hangs up due to overlapping.

As described above, in this embodiment, when the diagnosis is impossible, the diagnostic program is forcibly reset to discard the packet, and at the same time, intrusion of unknown virus data can be surely prevented.

That is, in the conventional system, since an unknown security hole is discovered, the steps of creating a correction module → providing the correction module → distributing the correction module → installing the correction module are dealt with. It was a long period. But,
According to this embodiment, since the system physically blocks the communication path, it is possible to more surely prevent the intrusion of illegal data.

According to the present invention, the external network and the internal network are separated by the control signal of the access request according to the purpose, so that it is possible to exchange data without impairing the real-time property and the bidirectionality.

[Brief description of drawings]

FIG. 1 is a block diagram (1) showing a principle configuration of the present invention.

FIG. 2 is a block diagram (2) showing the principle configuration of the present invention.

FIG. 3 is a block diagram (3) showing the principle configuration of the present invention.

FIG. 4 is a block diagram (4) showing the principle configuration of the present invention.

FIG. 5 is a detailed functional block diagram of the first embodiment.

FIG. 6 is a configuration and truth table of the seesaw switching box (SSWB) of the first embodiment.

FIG. 7 is an operation explanatory diagram (1) of the connection control device according to the first embodiment.

FIG. 8 is an operation explanatory diagram (2) of the connection control device according to the first embodiment.

FIG. 9 is an operation explanatory diagram (3) of the connection control device according to the first embodiment.

FIG. 10 is an operation explanatory diagram (4) of the connection control device according to the first embodiment.

FIG. 11 is a system diagram (1) showing an application example of the first embodiment.

FIG. 12 is a system diagram (2) showing an application example of the first embodiment.

FIG. 13 is a flowchart showing a procedure for shifting from the external communication mode to the internal communication mode in the first embodiment.

FIG. 14 is a flowchart showing a procedure for shifting from the internal communication mode to the external communication mode in the first embodiment.

FIG. 15 is a timing chart of the connection control device according to the first embodiment.

FIG. 16 is a block diagram showing the principle configuration of the second embodiment.

FIG. 17 is a processing flowchart of the switching server according to the second embodiment.

FIG. 18 is a table showing the processing of the operating unit according to the second embodiment.

FIG. 19 is a more detailed circuit diagram of the second embodiment.

[Explanation of symbols]

1 Internal network 2 External network 21 Internet 22 Internet 3 Control terminal (control device) 31 Switch server 32 Switch control unit 33 buffer (second buffer) 34 buffer (first buffer) 35 Seesaw Switching Box (SSWB) 1101 router 1120 Web server 1103 Router 1104 User terminal 1201 Internet 1203 Web server 1601 Switch server 1602 diagnostic department 1603 Operating unit 1604 and 1605 direct path 1611, 1612 Server buffer ISEB internal switching buffer OSEB External switching buffer

Claims (5)

[Claims] 1. A switch connection control system for a communication path, comprising: a switch server interposed between a first communication path and a second communication path; and a switch section, wherein the switch section comprises: A first switch buffer which is connected to the first communication path and stores data from the first communication path; and a second switch buffer which is connected to the second communication path and stores data from the second communication path A switching unit that selectively executes either the connection between the first switch buffer and the switch server or the connection between the second switch buffer and the switch server, and a switch control unit that controls the switching unit The switch server includes a diagnostic unit for data that has passed through the switching unit, and the switch control unit based on a diagnostic result of the diagnostic unit. Channel switch connection control system consisting of an operating unit for outputting a switching control signal to. 2. The first switching buffer and the second switching buffer
Is connected to the switching buffer by a direct path via the switch control unit, and the data transmission from the first communication path (or the second communication path) is performed by the second communication path side (or the first communication path). ) Is the response result requested from the switch control unit,
The data accumulated in the first switching buffer (or the second switching buffer) is output to the second switching buffer (or the first switching buffer) via the direct path without being transmitted to the switch server. The switch connection control system for a communication path according to claim 1, wherein: 3. The switch connection control system for a communication path according to claim 1, wherein the first communication path or the second communication path is either an internal network or an external network. 4. A switch system interposed between a first communication path and a second communication path, wherein the switch system is connected to the first communication path and stores data from the first communication path. A first switch buffer, a second switch buffer connected to the second communication path and accumulating data from the second communication path, and outputting the data accumulated in the first buffer to outside the unit Mode and data from outside the unit
A switching system that includes a switching unit that selectively selects one of the modes input to the buffer and a switch control unit that controls the switching unit. 5. A diagnostic means is provided outside the unit, and the diagnostic means inputs the data accumulated in the first buffer to diagnose the data content, and based on the diagnostic result, the switch. The switch system according to claim 1, which controls a control unit.