JP2004304755A - Group determination apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent a user from unauthorizedly registering an apparatus belonging to the one other than an AD as an apparatus belonging to the AD without requiring the user's operation of registration. <P>SOLUTION: A server 20 acquires a target time required for communications between a target apparatus and its own apparatus and compares the target time with a reference time. When the target time is shorter than or equal to the reference time, the server 20 determines the target apparatus as an apparatus belonging to the AD. Thus, an apparatus 60 with a long communication route to the server 20 is determined as an apparatus belonging to the one other than the AD. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

The present invention relates to a group determination device that determines whether a device connected to a network is a device in a predetermined group.

  2. Description of the Related Art In recent years, a home network that connects home devices via a network and shares various contents has been realized. As one of the realization forms of the home network, a form in which one router is provided in the home, and each device such as a television or a video and a server for storing contents are connected in a star configuration centering on the router can be considered. Here, it is assumed that the router is connected only to the network outside the home in the home. The server has a function of acquiring various contents from a network outside the home via the router, temporarily storing the contents, and distributing the contents to the devices in response to a request from each device. Thus, each device can share various contents.

  On the other hand, unlimited sharing of contents is not allowed from the viewpoint of copyright protection. Therefore, contents that are permitted to be used only by devices in the home must be restricted from being distributed to devices outside the home. (Hereinafter, in this specification, a limited group in which content sharing is permitted is referred to as “AD: Authorized Domain”.) Therefore, when there is a request for content distribution from each device, the server It is necessary to determine whether or not is a device in the AD.

As a determination method, there is a method in which a user manually registers the ID of each device in the AD in the server in advance. One example is “TCP Wrapper”. In this method, a user manually registers a computer that can access a server service in a file “hosts.allow” (see Non-Patent Document 1).
Sakae Kumehara, "Linux Firewall Administrator's Guide", Softbank, section 4.2.2.

However, the method in which the user manually registers the device in the AD in the server has a problem for the following reason.
First, since the registration work is imposed on the user, the burden on the user is large. Since the user is not always familiar with the operation of the device, it is desirable to reduce such work before using the device as much as possible.

Second, there is a possibility that the user may collude with an acquaintance or the like, illegally register an acquaintance's device outside the AD, and distribute the content. In this case, unlimited sharing of content cannot be prevented.
Therefore, an object of the present invention is to provide a technique that does not require a user to perform a registration operation and that prevents a user from illegally registering a device outside the AD as a device inside the AD.

  In order to achieve the above object, a group determination device according to the present invention includes: a target time obtaining unit configured to obtain a target time relating to communication between a target device connected to a network and the own device; If the difference between the reference time related to communication with the device and the target time acquired by the target time acquisition unit is within a predetermined range, it is determined that the target device is a device in the group, and the difference is the difference. And determining means for determining that the target device is a device outside the group if the target device is not within the predetermined range.

According to the configuration, the group determination device determines whether the target device is a device in the group based on a difference between the target time for communication with the target device and the reference time for communication with the device in the predetermined group. judge. Here, the predetermined group indicates, for example, AD.
This means that the group determination device obtains and determines whether or not the target device is a device in the group without relying on the user.
Therefore, the group determination device can prevent a user from registering a device outside the group as a device within the group without imposing a burden on the user to register the device within the group by himself / herself.

In addition, the group determination device further includes a determination request receiving unit that receives a determination request from the target device, and the target time obtaining unit is configured to receive the determination request when the determination request is received by the determination request receiving unit. The time may be obtained.
According to the above configuration, the group determination device acquires the target time for each determination request from the target device. For example, if the device that the group determination device once determined to be a device in the group is registered, and if the specification does not perform the determination work from the next time, if the incorrect device is registered by mistake, Access to unauthorized devices cannot be prevented.

Therefore, the group determination device improves security by acquiring the target time every time.
Further, the target time acquisition unit transmits and receives data in a predetermined format to the target device and receives the data in the predetermined format returned from the target device, There may be provided a measuring means for measuring a transmission time from when data is transmitted to when the data is received and as the target time.
According to the above configuration, the group determination device measures the transmission time of the data of the predetermined format and sets the transmission time as the target time.

As described above, since the group determination device itself measures the target time, it does not impose a burden on the user to register the device in the group by himself, and the user illegally identifies a device outside the group as a device in the group. Registration can be prevented.
Further, the transmitting / receiving means transmits echo request data based on an ICMP (Internet Control Message Protocol) as data in a predetermined format to be transmitted to the target device, and as data in a predetermined format returned from the target device, Echo response data corresponding to the echo request data may be received.
According to the above configuration, the group determination device can acquire the target time using the echo request data and the echo response data based on the ICMP, that is, using the ping. Note that ping is an existing program.

Therefore, the group determination device does not need a new program for transmitting and receiving data of a predetermined format by diverting an existing program. Therefore, the burden on the developer of the group determination device can be reduced.
In addition, the group determination device is time-synchronized with the target device, and the target time obtaining unit determines a transmission time for transmitting the data of the predetermined format by the time determination unit and the time determination unit. Time notifying means for notifying the target device of the transmitted transmission time, receiving means for receiving data of a predetermined format transmitted by the target device at the transmission time, and receiving the data of the predetermined format by the receiving means. There may be provided a calculating means for calculating a transmission time of the data of the predetermined format from a time and the transmission time and setting the transmission time as the target time.
According to the above configuration, the group determination device measures the transmission time of the data of the predetermined format and sets the transmission time as the target time.

As described above, since the group determination device itself measures the target time, it does not impose a burden on the user to register the device in the group by himself, and the user illegally identifies a device outside the group as a device in the group. Registration can be prevented.
In addition, the target device measures the target time, and transmits target time information indicating the target time, and the target time obtaining unit may receive the target time information from the target device. Good.
According to the above configuration, the target device measures the target time, and the group determination device acquires target time information indicating the target time from the target device.

Therefore, the group determination device can reduce the processing in the group determination device by distributing a part of the group determination process to the target devices.
In addition, the group determination device further includes a pre-holding unit that holds a predetermined number of target times, and the target time obtaining unit includes a target time held by the target time holding unit. The minimum value of the acquired target times may be adopted.
According to the above configuration, the group determination device employs the minimum value obtained a plurality of times. Thus, the group determination device can obtain an accurate target time. This is for the following reason.

For example, when the target time is measured on a communication path in which the target device is a relay point, the target device that has received the data in the predetermined format occupies the communication path with other data when returning the data in the predetermined format. If the data has been received, it waits for the return of the data in the predetermined format, and returns after the other data is lost.
In this case, the group determination device has a disadvantage that the time obtained by adding the standby time to the actual transmission time is measured as the target time. However, since the size of the data in the predetermined format is small, even if the communication path is occupied by other large-capacity data, it is considered that at least one of a plurality of times is transmitted between large-capacity data. At this time, the group determination device can measure the actual transmission time more accurately.

Further, the determination means may hold a predetermined reference time.
According to the above configuration, the group determination device determines whether the target device is a device in a predetermined group based on a predetermined reference time at the time of manufacturing, shipping, or the like.
Therefore, when the group determination device obtains the reference time, it only has to read out the reference time from the ROM or the like holding the reference time, and the structure can be simplified.

Further, the determination unit receives a reference time holding unit that holds a reference time determined for each connection medium connected to the network by the target device, and receives medium information indicating the connection medium from the target device. Receiving means, and selecting means for selecting the reference time held in the reference time holding means based on the medium information received by the receiving means.
According to the configuration, the group determination device can select the reference time for each connection medium to which the target device is connected to the network. Here, as the connection medium, for example, there are 100Base (standardized by IEEE802.3), wireless IEEE802.11a, IEEE802.11b, and Home-Plug for power line communication.

As described above, since the group determination device can select the reference time according to the actual situation, it is more accurate whether the target device is a device in the group as compared with the case where the reference time is one fixed value. Can be determined.
Further, the determination unit holds a reference time determined for each combination of a first connection medium connected to the network by the group determination device and a second connection medium connected to the network by the target device. Reference time holding means, a medium detecting means for detecting the first connected medium, a receiving means for receiving medium information indicating the second connected medium from the target device, and a medium detected by the medium detecting means. The apparatus may further include a selection unit that selects a reference time held in the reference time holding unit based on a combination of the first connection medium and the second connection medium received by the reception unit.
According to the above configuration, the group determination device can select the reference time for each combination of the first connection medium connected to the network by itself and the second connection medium connected to the target device by the network. it can.

As described above, since the group determination device can select the reference time according to the actual situation, the target device can accurately select the device within the group as compared with the case where the reference time is selected for each connection medium of the target device. Can be determined.
Further, the group determination device further includes a change receiving unit that receives a changed reference time from outside, and the reference time holding unit is configured to hold the changed reference time received by the receiving unit. It may be held instead of the reference time.
According to the above configuration, the group determination device can change the reference time.

  The predetermined reference time may not be an appropriate value due to a difference between a network environment assumed at the time of manufacturing or the like and an actual network environment. In such a case, there is a problem in that even a legitimate device is not determined to be a device in the group, or conversely, a device in which a device outside the group is determined to be a device in the group. Therefore, the group determination device changes the preset reference time when it is not appropriate.

Further, the determining means transmits and receives data in a predetermined format to a router connected nearest to the own device, and receives the data in the predetermined format returned from the router, and the transmitting and receiving means And measuring means for measuring, as the reference time, a transmission time from transmission of data in a predetermined format to reception of the data in the predetermined format.
According to the above configuration, the group determination device obtains not only the target time but also the reference time by actual measurement.

Thereby, the group determination device can obtain the reference time according to the communication traffic at the time of the group determination process, and can determine whether the target device is a device in the group more accurately than when the reference time is fixed. Can be determined.
Further, the reference time is defined as the time when the data in the predetermined format returns to and returns from the router connected to the nearest group determination device.

  Accordingly, for example, if the transmission time required from when the target device transmits data in a predetermined format to when the group determination device receives the data is set as the target time, and the target time is approximately equal to the reference time, If the specification is such that the target device is a device in the group, the device whose router is the nearest router is determined to be a device in the group.

Further, the group determination device is connected to a reference device which has already been determined to be a device in the group via one router, and the determination unit performs a predetermined format with respect to the reference device. Transmission / reception means for transmitting the data of the predetermined format and returning the data of the predetermined format returned from the reference device, and a transmission time from transmission of the data of the predetermined format in the transmission / reception means to reception thereof, as the reference time. And a measuring means for measuring.
According to the above configuration, the group determination device obtains not only the target time but also the reference time by actual measurement.

Thereby, the group determination device can obtain the reference time according to the communication traffic at the time of the group determination process, and can determine whether the target device is a device in the group more accurately than when the reference time is fixed. Can be determined.
Further, the group determination device sets a time for returning to and reciprocating a reference device whose data of a predetermined format is already determined to be a device in the group as a reference time.

Thus, for example, the group determination device determines that the time in which the data in the predetermined format returns and returns to the target device is the target time, and determines that the target device is a device in the group if the target time is substantially equal to the reference time. If the specification is such that the router is the nearest router, it is determined that the device is a device in the group.
Further, the transmitting / receiving means transmits echo request data based on an ICMP (Internet Control Message Protocol) as data in a predetermined format to be transmitted to the reference device, and as data in a predetermined format returned from the reference device, Echo response data corresponding to the echo request data may be received.
According to the above configuration, the group determination device can acquire the reference time using the echo request data and the echo response data based on the ICMP, that is, using the ping. Note that ping is an existing program.

Therefore, the group determination device does not need a new program for transmitting and receiving data of a predetermined format by diverting an existing program. Therefore, the burden on the developer of the group determination device can be reduced.
In addition, the group determination device further includes a pre-holding unit that holds a reference time for a predetermined number of times, and the determination unit includes a reference time held by the pre-holding unit, The minimum value of the set reference times may be adopted.
According to the above configuration, the group determination device can acquire a more accurate reference time. This is for the following reason.

For example, when the reference time is measured in a communication path in which the reference device is a relay point, the reference device that has received the data in the predetermined format occupies the communication path with other data when returning the data in the predetermined format. If the data has been received, it waits for the return of the data in the predetermined format, and returns after the other data is lost.
In this case, the group determination device has a disadvantage that the time obtained by adding the standby time to the actual transmission time is measured as the reference time. However, since the size of the data in the predetermined format is small, even if the communication path is occupied by other large-capacity data, it is considered that at least one of a plurality of times is transmitted between large-capacity data. At this time, the group determination device can measure the actual transmission time more accurately.

Further, the determining unit determines that the target device is a device in the group if the target time is equal to or less than the reference time, and determines the target device if the target time is not equal to or less than the reference time. It may be determined that the device is outside the group.
According to the above configuration, the group determination device can determine that the target device is a device in the predetermined group if the target time is equal to or less than the reference time. In other words, the sign of the difference obtained by subtracting the reference time from the target time is determined, and if the difference is in the negative range, the target device is determined to be a device in the predetermined group.

As described above, it is sufficient to determine whether the difference is within the predetermined range by only the positive / negative determination, so that the configuration of the group determination device is simplified.
In addition, the group determination device is connected to the target device via one or more routers, and the determination unit determines that the difference is longer than a time when the data of the predetermined format passes through one router. If it is shorter, it is determined that the target device is a device in the group, and if the difference is not shorter than the time when the data of the predetermined format passes through one router, the target device is a device outside the group. It may be determined that there is.
According to the configuration, the group determination device determines that the target device is a device in the predetermined group if the difference between the target time and the reference time is shorter than the time when the data of the predetermined format passes through one router. I do.

  Therefore, for example, in the case of specifications in which both the target time and the reference time are obtained by actual measurement, the number of routers included in the target path where the target time is measured, and the number of routers included in the reference path where the reference time is measured Are the same, the group determination device can determine that the target device is within the predetermined group. Conversely, if at least one router included in the target route is different from the reference route, the group determination device does not determine that the target device is a device in the predetermined group.

The group determination device according to the present invention is a group determination device having common secret information with a target device connected to a network, wherein the conversion unit performs a predetermined conversion on the secret information to generate first conversion information, A second data generated by transmitting data of a predetermined format to the target device, returning a return from the target device, and performing the same conversion as the predetermined conversion on the secret information in the target device. Transmitting / receiving means for receiving the data of the predetermined format including the conversion information; measuring means for measuring a target time from transmission of the data of the predetermined format to reception at the transmitting / receiving means; The difference between the reference time required for transmitting data of a predetermined format between the reference time and the target time measured by the measuring means is obtained. Within the range, and when the first conversion information generated by the conversion unit matches the second conversion information obtained by the transmission / reception unit, the target device is determined to be a device in the group. And a determination unit that determines that the target device is a device outside the group in other cases.
According to the above configuration, the group determination device determines whether the target device is a device in a predetermined group based on both the time verification and the authentication data verification. Here, the time verification refers to acquiring a target time required for transmitting data of a predetermined format and verifying whether a difference between the target time and the reference time is within a predetermined range. The authentication data verification refers to verifying whether the first conversion information generated by the device itself matches the second conversion information generated by the target device.

Therefore, by performing not only time verification but also authentication data verification, the group determination device can prevent spoofing attacks by an unauthorized device and improve security.
A group determination device according to the present invention is a group determination device having common secret information with a target device connected to a network, performing a predetermined conversion on the secret information to generate first conversion information, A conversion unit that performs another conversion different from the predetermined conversion on the information to generate second conversion information, and transmits data in a predetermined format including the first conversion information to the target device, Transmitting and receiving means for receiving the data in the predetermined format including third conversion information generated by performing the same conversion as the other conversion on the secret information in the target device; Means for measuring a target time from transmission of data of a predetermined format to reception of the data in a predetermined format, and a location between a device in a predetermined group and its own device. The difference between the reference time required for the transmission of the data in the format and the target time measured by the measurement means is within a predetermined range, and the second conversion information generated by the conversion means and the transmission / reception means The obtained third conversion information matches, and further, the fourth conversion information generated by performing the same conversion as the predetermined conversion from the target device on the secret information matches the first conversion information. A notification unit that determines that the target device is a device in the group, and that otherwise determines the target device to be a device outside the group. .
According to the above configuration, the group determination device determines whether the target device is a device in a predetermined group based on time verification and mutual authentication data verification. Here, the mutual authentication data verification refers to verifying whether or not both the verification result of the group determination device and the verification result of the target device indicate validity.

Therefore, the group determination device can improve security as compared with the case where authentication data verification is performed based only on the collation result of the group determination device.
In order to achieve the above object, a target device according to the present invention is determined whether or not it is a device of a predetermined group from a group determination device connected to a network, and a target device having common secret information with the group determination device. Receiving means for receiving data in a predetermined format from the group determination device, and performing predetermined conversion on the secret information before receiving data in a predetermined format by the receiving means to generate first conversion information A conversion unit; and a return unit that, when data of a predetermined format is received by the reception unit, returns the data of the predetermined format including the first conversion information to the group determination device.
According to the above configuration, the target device receives the data in the predetermined format from the group determination device, and returns the first conversion information including the data in the predetermined format. Here, since the first conversion information is generated before receiving the data of the predetermined format, the time required from the reception of the data of the predetermined format to the return is shortened. That is, in the case of a specification in which the group determination device transmits data in a predetermined format to the target device and determines whether the target device is a device in the predetermined group based on a target time until a response is returned from the target device, The time required to generate one conversion information is not included in the target time.

Therefore, even when the time required to generate the first conversion information is longer than the target time, the group determination device can appropriately determine whether the target device is a device in the predetermined group.
The target device according to the present invention is a target device that is determined whether or not it is a device of a predetermined group by a group determination device connected to a network, and has a common secret information with the group determination device. Receiving means for receiving data of a predetermined format including first conversion information generated by performing predetermined conversion on the secret information, and the secret information before receiving the data of the predetermined format by the receiving means. A conversion unit that performs another conversion different from the predetermined conversion to generate second conversion information; and if the reception unit receives data of a predetermined format, the data of the predetermined format includes the second conversion information. From the data in a predetermined format by the reply means for replying to the group determination device, and the receiving means. Matching means for comparing the first conversion information with third conversion information generated by performing the same conversion as the predetermined conversion on the secret information; And notification means for notifying the user.
According to the above configuration, the target device notifies the group determination device of a comparison result between the first conversion information from the group determination device and the third conversion information generated by itself. Thereby, the group determination device can perform the group determination process in consideration of the collation result in the target device.

Therefore, the group determination device can improve security as compared with the case where authentication data verification is performed based only on the collation result of the group determination device.
In order to achieve the above object, a group determination system according to the present invention is a group determination system including a target device and a group determination device connected to a network, each having a common secret information in advance, A device that receives data of a predetermined format from the group determination device, and performs a predetermined conversion on the secret information before receiving the data of the predetermined format by the receiving unit to generate first conversion information. 1 conversion means, and a reply means for receiving data of a predetermined format by the receiving means and returning the data of the predetermined format including the first conversion information to the group determination device. Transmitting data of a predetermined format to the target device, and transmitting the first format data from the target device. Transmitting / receiving means for receiving data of a predetermined format including information; measuring means for measuring a target time from transmission of the data of the predetermined format to reception at the transmitting / receiving means; A second conversion unit that performs the conversion of the second conversion information to generate second conversion information; a reference time required for transmitting data of a predetermined format between devices in a predetermined group and the own device; and a target measured by the measurement unit. If the difference from the time is within a predetermined range, and the second conversion information generated by the second conversion unit matches the first conversion information obtained by the transmission / reception unit, the target device is A determination unit configured to determine that the target device is a device within the group, and otherwise determine the target device to be a device outside the group.
According to the above configuration, the group determination device determines whether the target device is a device in a predetermined group based on both the time verification and the authentication data verification. Here, the time verification refers to acquiring a target time required for transmitting data of a predetermined format and verifying whether a difference between the target time and the reference time is within a predetermined range. The authentication data verification refers to verifying whether the first conversion information generated by the device itself matches the second conversion information generated by the target device.

Therefore, by performing not only time verification but also authentication data verification, the group determination device can prevent spoofing attacks by an unauthorized device and improve security.
The target device receives the data in the predetermined format from the group determination device, and returns the first conversion information including the data in the predetermined format. Here, since the first conversion information is generated before receiving the data of the predetermined format, the time required for generating the first conversion information is not included in the target time.

Therefore, even when the time required to generate the first conversion information is longer than the target time, the group determination device can appropriately determine whether the target device is a device in the predetermined group.
A group determination system according to the present invention is a group determination system including a target device and a group determination device connected to a network, each having a common secret information in advance, wherein the target device is a group determination device. Receiving means for receiving data of a predetermined format including first conversion information, and first conversion for performing predetermined conversion on the secret information before receiving data of the predetermined format by the receiving means to generate second conversion information Means, if receiving data of a predetermined format by the receiving means, return means for returning to the group determination device including the second conversion information in the data of the predetermined format, and the predetermined conversion to the secret information Third conversion information generated by performing another different conversion and the third conversion information obtained by the receiving unit. (1) a collating unit for collating with the conversion information; and a notifying unit for notifying the collation result by the collating unit to the group determination device, wherein the group determination device performs the same conversion as the other conversion on the secret information And second conversion means for generating the first conversion information by performing the same conversion as the predetermined conversion on the secret information to generate fourth conversion information. Transmitting and receiving means for transmitting data in a predetermined format including the second conversion information from the target device, and a target time from transmission of the data in the predetermined format to reception in the transmitting and receiving means A reference time required for transmission of data in a predetermined format between a device in a predetermined group and its own device, and a measurement time measured by the measurement unit. The difference from the target time is within a predetermined range, and the fourth conversion information generated by the second conversion unit matches the second conversion information obtained by the transmission / reception unit, and further, the target device If the collation result indicates that the first conversion information and the third conversion information match, the target device is determined to be a device in the group; otherwise, the target device is outside the group. Determining means for determining that the device is the device.
According to the above configuration, the group determination device determines whether the target device is a device in a predetermined group based on time verification and mutual authentication data verification. Here, the mutual authentication data verification refers to verifying whether or not both the verification result of the group determination device and the verification result of the target device indicate validity.

Therefore, the group determination device can improve security as compared with the case where authentication data verification is performed based only on the collation result of the group determination device.
In order to achieve the above object, a group determination method according to the present invention includes a target time obtaining step of obtaining a target time relating to communication between a target device connected to a network and its own device; If the difference between the reference time related to the communication with the device and the target time acquired in the target time acquisition step is within a predetermined range, it is determined that the target device is a device in the group, and the difference is the difference. If not within the predetermined range, determining that the target device is a device outside the group.
With the above configuration, the group determination method can obtain the same effect as the group determination device.

In order to achieve the above object, a group determination program according to the present invention is a group determination program to be executed by a computer, and a target time for acquiring a target time relating to communication between a target device connected to a network and the own device. If the difference between the acquisition step and the reference time related to the communication between the device in the predetermined group and the own device and the target time acquired in the target time acquisition step is within a predetermined range, the target device is included in the group. And determining that the target device is a device outside the group if the difference is not within the predetermined range.
With the above configuration, the computer can obtain the same effect as the group determination device by executing the group determination program.

In order to achieve the above object, a recording medium that records a group determination program according to the present invention includes: a target time obtaining step of obtaining a target time related to communication between a target device connected to a network and its own device; If the difference between the reference time related to the communication between the device and the own device and the target time obtained in the target time obtaining step is within a predetermined range, it is determined that the target device is a device in the group. And determining that the target device is a device outside the group if the difference is not within the predetermined range.
With the above configuration, the computer can obtain the same effect as the group determination device by reading and executing the group determination program from the recording medium.

(Embodiment 1)
<Overview>
In the first embodiment, the server transmits the echo request data to the target device to be subjected to the AD determination process, and sets the time required for receiving the echo response data corresponding to the echo request data from the target device as the target time. And performs time verification to verify whether the target time is equal to or shorter than a predetermined reference time. If the target time is equal to or less than the reference time, the server determines that the target device is in the home.

This is because when the target device is outside the home, the server and the target device are generally connected via an Internet service provider (ISP) in addition to the router in the home, so that the target time is a fixed time. We use what is needed above.
Further, the server performs authentication data verification for verifying whether or not the target device is a legitimate device by adding authentication data to the echo request data and the echo response data. As a result, it is possible to protect against spoofing attacks by unauthorized devices.

Finally, the server performs AD verification for verifying whether or not the target device is a device in the AD by integrating the results of the time verification and the authentication data verification.
Note that the echo request data and the echo response data are obtained by a program ping (Packet Internet Grouper) for diagnosing whether or not a device connected to the network is operating, using an ICMP (Internet Control Message Protocol). Is the data to be transmitted and received. ICMP is a communication protocol defined by RFC792 of the IETF standard.
<Structure>
FIG. 1 is a diagram showing a network configuration according to the first embodiment.

The home network 1 includes a router 10, a server 20, and a device 30, and has a network configuration in which the server 20 and the device 30 are connected in a star shape around the router 10. In addition, other devices than the device 30 may be actually connected to the router 10, but are omitted for simplicity.
The router 10 is solely connected to a network outside the home network, and is connected to the ISP 40. The ISP 40 can be considered as a router group including a plurality of routers. The server 20 and the device 60 are connected via the router 10, the ISP 40, and the router 50.

The server 20 stores various contents, receives a content distribution request from another device via the router 10, and distributes the desired content only when it is determined that the device is a device in the AD. Has functions. In the first embodiment, the devices in the AD are assumed to be valid devices in the home.
Therefore, as the determination method, the transmission time required for the server 20 to transmit the echo request data to the target device to be subjected to the AD determination process and to receive the echo response data corresponding to the echo request data from the target device is determined. If the transmission time is measured and is equal to or less than a predetermined reference time, time verification for determining that the target device is a home device, and authentication data added to echo request data or the like to verify that the target device is valid. The method adopts both authentication data verification for determining whether or not the device is the device.

  The server 20 is, specifically, a computer system including a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, and the like. A computer program is stored in the ROM or the hard disk unit. The above functions are achieved by the microprocessor operating according to the computer program.

The devices 30 and 60 are home electric appliances having a function of acquiring various contents by connecting to a network.
As shown in FIG. 1, when the device 30 is a target device of the AD determination process, the echo request data and the echo response data are transmitted through the path 1. Assuming that the routing process by the router 10 is 100 microseconds at one time and the ping process by the device 30 is 200 microseconds at one time, the transmission time in the route 1 is about 400 microseconds.

On the other hand, when the device 60 is a target device for the AD determination processing, the echo request data and the echo response data are transmitted through the path 2. The ISP 40 is composed of a plurality of routers and performs a filtering process and the like, so that the transmission time on the path 2 is about several milliseconds.
Therefore, if the server 20 presets a reference time of, for example, 1 millisecond, the server 20 can determine that the device 30 is a household device because the transmission time of the route 1 is equal to or shorter than the reference time. Since the transmission time of the route 2 is longer than the reference time, it can be determined that the device 60 is not a device at home.

Servers and devices that realize the above functions will be described in detail below.
FIG. 2 is a diagram illustrating a configuration of the server according to the first embodiment.
The server includes a secret information storage unit 201, an authentication data T1 generation unit 202, an authentication data T2 generation unit 203, an echo request transmission unit 204, an echo response reception unit 205, a time measurement unit 206, a reference time storage unit 207, and a time verification unit 208. , A change receiving unit 209, an authentication data T2 'extracting unit 210, an authentication data verifying unit 211, a verification result receiving unit 212, and an AD verifying unit 213.

The secret information storage unit 201 stores secret information Ks common to the target device. Here, as the secret information Ks, for example, a challenge-response type authentication is performed between the server and the target device, and a session key obtained as a result is used. This can be achieved as follows.
(1) The server and the target device respectively hold a key pair (public key and private key) of public key encryption and a certificate.
(2) The server generates a random number An and transmits it to the target device as challenge data, the target device generates a signature for the random number An using its own private key, and uses the signature and the certificate as response data as response data. Reply to
(3) The server confirms the validity of the public key of the target device with the certificate, and then verifies the response data using the public key. The target device also verifies the server in the same manner.
(4) Further, similarly, the session key is shared between the server and the target device by using, for example, a Diffie-Hellman (Diffie-Hellman: DH) key sharing method. However, the method of sharing the session key is not limited to this. Further, the challenge-response type authentication, the public key encryption, the signature method, and the DH key sharing method are described in detail in, for example, Tatsuaki Okamoto and Hirosuke Yamamoto, “Modern Encryption” (Sangyo Tosho, 1997). The authentication is described on page 151, the public key encryption is described on page 107, the signature is described on page 171 and the DH key sharing method is described on page 200.

The authentication data T1 generation unit 202 generates the authentication data T1 using the secret information Ks. As the authentication data T1, for example, data obtained by encrypting the random number An used for sharing the session key with the secret information Ks is used.
The authentication data T2 generation unit 203 generates authentication data T2 different from the authentication data T1 using the secret information Ks. As the authentication data T2, for example, a result obtained by adding 1 to the random number An and encrypted with the secret information Ks is used.

The echo request transmission unit 204 adds the authentication data T1 to the echo request data and transmits the data to the target device.
The echo response receiving unit 205 receives echo response data from the target device.
The time measuring unit 206 measures a target time which is a time from when the echo request transmitting unit 204 transmits the echo request data to when the echo response receiving unit 205 receives the echo response data.

The reference time holding unit 207 holds a reference time preset at the time of manufacturing or shipping the server.
The time verification unit 208 compares the target time measured by the time measurement unit 206 with the reference time stored in the reference time storage unit 207, and verifies whether the target time is equal to or shorter than the reference time. Specifically, a positive / negative determination of a difference obtained by subtracting the reference time from the target time is performed.If the difference is a negative value, the target device is determined to be a device in the home.If the difference is a positive value, the target device is determined. It is assumed that the device is outside the home.

Thus, the server can verify the target device from the viewpoint of whether it is a device at home.
The change receiving unit 209 receives an instruction from a specific external computer or recording medium, and changes the reference time stored in the reference time storage unit 207. Note that, in order to prevent fraud, it is preferable that the change receiving unit 209 checks the signature or the like indicating the validity of the change instruction before making the change.

The authentication data T2 'extracting unit 210 extracts the authentication data T2' added to the echo response data received by the echo response receiving unit 205. Here, the authentication data T2 'is data generated in the target device by the same method as the authentication data T2.
The authentication data T2 and the authentication data T2 'are generated independently in the server and the target device, respectively, but they match if the target device is a legitimate device having the common secret information Ks with the server.

The authentication data verification unit 211 collates the authentication data T2 generated by the authentication data T2 generation unit 203 with the authentication data T2 ′ extracted by the authentication data T2 ′ extraction unit 210, and verifies whether they match. . Thereby, the server can verify the target device from the viewpoint of whether it is a legitimate device.
In the target device, it is verified whether the server is a legitimate server by the authentication data T1 transmitted by the server in addition to the echo request data and the authentication data T1 ′ generated independently by the target device.

The verification result receiving unit 212 receives a verification result verified in the target device.
The AD verification unit 213 receives the respective verification results from the time verification unit 208, the authentication data verification unit 211, and the verification result reception unit 212, and determines whether the target device is a device in the AD.
Specifically, the time verification unit 208 determines that the target device is a household device, the authentication data verification unit 211 determines that the target device is a legitimate device, and further, the verification result reception unit 212 Receives a verification result indicating that the server is a legitimate server, the AD verification unit 213 authenticates the target device as a device in the AD.

FIG. 3 is a diagram illustrating a configuration of the target device according to the first embodiment.
The target devices include a secret information storage unit 301, an authentication data T1 'generation unit 302, an authentication data T2' generation unit 303, an echo request reception unit 304, an echo response transmission unit 305, an authentication data T1 extraction unit 306, and an authentication data verification unit 307. And a verification result transmission unit 308.
The secret information storage unit 301 stores secret information Ks common to the server. The method of sharing the secret information Ks is as described above.

The authentication data T1 'generation unit 302 generates the authentication data T1' using the secret information Ks. Here, the authentication data T1 'is generated by the same method as the authentication data T1 in the server.
The authentication data T2 'generation unit 303 generates the authentication data T2' using the secret information Ks. Here, the authentication data T2 'is generated by the same method as the authentication data T2 in the server.

The echo request receiving unit 304 receives echo request data from the server.
The echo response transmitting unit 305 performs a ping process. That is, the echo request data corresponding to the echo request data received by the echo request receiving unit 304 is transmitted to the server. The authentication data T2 'generated by the authentication data T2' generation unit 303 is added to the echo response data.

The authentication data T1 extracting unit 306 extracts the authentication data T1 added to the echo response data received by the echo request receiving unit 304.
The authentication data verification unit 307 collates the authentication data T1 ′ generated by the authentication data T1 ′ generation unit 302 with the authentication data T1 extracted by the authentication data T1 extraction unit 306, and verifies whether they match. . Thus, the target device can verify the server from the viewpoint of whether it is a legitimate server.

The verification result transmission unit 308 transmits the verification result of the authentication data verification unit 307 to the server.
<Operation>
In order for the server having the above configuration to distribute content to a target device, (A) a content distribution request (AD determination request) from the target device is received, and (B) whether the target device is a legitimate device in the home. (AD determination process), and (C) distribute the content if the determination result is affirmative. Hereinafter, the procedure of the AD determination process (B) will be described in detail.

FIG. 4 is a diagram illustrating operations of the server and the target device according to the first embodiment.
Step S11: It is assumed that the server and the target device share the secret information Ks. The method of sharing the secret information Ks is as described above.
Step S12: The server generates the authentication data T1 and the authentication data T2 using the secret information Ks.

Step S13: The target device generates the authentication data T1 'and the authentication data T2' using the secret information Ks. Since the authentication data T1 'is generated in the same manner as the authentication data T1, they should match. Similarly, since the authentication data T2 'has the same generation method as the authentication data T2, they should match.
Step S13 may be performed in parallel with step S12.

Step S14: The server adds the authentication data T1 to the echo request data and transmits it.
Step S15: The target device receives the echo request data from the server.
Step S16: The target device adds the authentication data T2 'to the echo response data corresponding to the echo request data and transmits the same.
Step S17: The server receives the echo response data from the target device.

Step S18: The server measures the target time, which is the time from transmitting the echo request data in step S14 to receiving the echo response data in step S17.
Step S19: The server compares the target time measured in step S18 with a preset reference time, and verifies whether the target time is equal to or shorter than the reference time. If the target time is equal to or less than the reference time, the server determines that the target device is a device in a home.

Step S20: The server collates the authentication data T2 generated in step S12 with the authentication data T2 'added to the echo response data received in step S17, and verifies whether they match. If these match, the server determines that the target device is a legitimate device.
Step S21: The target device compares the authentication data T1 'generated in step S13 with the authentication data T1 added to the echo request data received in step S15, and verifies whether they match. If these match, the target device determines that the server is a legitimate server.

Step S22: The target device transmits the verification result in step S21 to the server.
Step S23: The server receives the verification result transmitted from the target device in step S22.
Step S24: The server determines whether or not the target device is a device in the AD based on the time verification in step S19, the authentication data verification in step S20, and the verification result received in step S23.

Specifically, in step S19, it is determined that the target device is a device in the home, in step S20, it is determined that the target device is a legitimate device. When receiving the verification result indicating that there is a server, the server authenticates the target device as a device in the AD.
As described above, the server can determine whether the target device is a device in the AD based on the results of the time verification, the authentication data verification, and the authentication data verification on the target device.

This means that the server determines whether or not the target device is a device in AD regardless of the user's hand. Therefore, the user does not need to manually register the device in the AD in the server, and the burden on the user is reduced. Further, it is possible to prevent a user from illegally registering a device outside the AD.
In addition, the server can simultaneously perform the time verification and the authentication data verification by adding the authentication data to the echo request data and the echo response data. This makes it possible to reduce the load on the network as compared with the case where time verification and authentication data verification are performed separately.

Although the target device generates the authentication data before receiving the echo request data (see FIG. 4, step S13 and step S15), the generation of the authentication data is so fast that it can be ignored compared to the target time. For example, a protocol that generates authentication data after receiving the echo request data and transmits the echo response data may be used.
Also, when verifying the authentication data, if it is negligibly fast compared to the target time (see step S21 in FIG. 4), the verification is performed between the reception of the echo request data and the transmission of the echo response data. Alternatively, a protocol for adding the verification result to the echo response data may be used.

Further, although the validity check of the authentication data is performed by both the server and the target device, only one of them may be performed.
(Embodiment 2)
<Overview>
In the second embodiment, the server selects a reference time to be compared with the target time according to the connection medium connected to the server and the target device. As the connection medium, for example, there are 100Base (standardized by IEEE802.3), wireless IEEE802.11a, IEEE802.11b, and Home-Plug for power line communication.

The transmission time from the transmission of the echo request data to the reception of the echo response data differs depending on whether the connection medium connecting the server and the target device is wired or wireless, and also depends on the standard with which the connection medium conforms. Therefore, in the second embodiment, the server selects the reference time according to the connection medium, and thereby determines whether or not the target device is a device at home.
<Structure>
FIG. 5 is a diagram illustrating a configuration of a server according to the second embodiment.

  The server includes a secret information storage unit 201, an authentication data T1 generation unit 202, an authentication data T2 generation unit 203, an echo request transmission unit 204, an echo response reception unit 205, a time measurement unit 206, a reference time storage unit 221, and a time verification unit 208. , A change receiving unit 209, an authentication data T2 ′ extracting unit 210, an authentication data verifying unit 211, a verification result receiving unit 212, an AD verifying unit 213, a medium detecting unit 222, a medium information receiving unit 223, and a reference time selecting unit 224.

This is a configuration in which a reference time holding unit 221, a medium detection unit 222, a medium information reception unit 223, and a reference time selection unit 224 are added to the server according to the first embodiment. Therefore, only the parts added to the first embodiment will be described, and the description of the same parts will be omitted.
The reference time holding unit 221 holds a reference time for each combination of the first connection medium connected to the server and the second connection medium connected to the target device.

The medium detection unit 222 detects a first connection medium connected to the server. As this detection method, for example, it is conceivable to physically detect that a cable is connected to a connector provided in the server and supporting IEEE802.3.
The medium information receiving unit 223 receives medium information from the target device. Here, the medium information is information indicating a second connection medium connected to the target device.

The reference time selection unit 224 is held in the reference time holding unit 221 according to a combination of the first connection medium detected by the medium detection unit 222 and the second connection medium obtained from the medium information reception unit 223. One of the plurality of reference times is selected.
The time verification unit 208 verifies whether the target time is equal to or shorter than the reference time, using the reference time selected by the reference time selection unit 224.

FIG. 6 is a diagram illustrating an example of the reference time held by the reference time holding unit 221.
Here, three types, 100Base, IEEE802.11a, and IEEE802.11b, are set as the standards for the first connection medium. Similarly, the above three types are set as the standards for the second connection medium. Then, three types of set times Ref1, Ref2, and Ref3 are registered according to the combination of the first connection medium and the second connection medium.

Ref1 is a reference time when both the first connection medium and the second connection medium are based on 100Base, and is, for example, 1 millisecond (or a slightly shorter time).
Ref2 is a reference time when both the first connection medium and the second connection medium are based on IEEE802.11a, and is, for example, 2 milliseconds.
Ref3 is a reference time when both the first connection medium and the second connection medium are based on IEEE802.11b, and is, for example, 3 milliseconds.

If the first connection medium and the second connection medium have different standards, the rule is to select the longer set time.
For example, when the server is connected to the network according to the wireless LAN standard of 5 GHz (IEEE802.11a) and the target device is connected to the network according to the wired LAN standard (100Base), a path for measuring the target time is used. This is because there is a wired / wireless media converter, and both the server and the target device take as long a target time as in the case of IEEE802.11a.

However, this selection rule is an example, and the reference time may be selected according to the assumed connection form.
Further, Ref1, Ref2, and Ref3 may be changed by an instruction from the change receiving unit 209.
FIG. 7 is a diagram illustrating a configuration of a device according to the second embodiment.

The devices include a secret information storage unit 301, an authentication data T1 'generation unit 302, an authentication data T2' generation unit 303, an echo request reception unit 304, an echo response transmission unit 305, an authentication data T1 extraction unit 306, an authentication data verification unit 307, A verification result transmission unit 308, a medium detection unit 311 and a medium information transmission unit 312 are provided.
This is a configuration in which a medium detection unit 311 and a medium information transmission unit 312 are added to the device according to the first embodiment. Therefore, only the parts added to the first embodiment will be described, and the description of the same parts will be omitted.

The medium detection unit 311 detects a second connection medium connected to the target device. As this detection method, for example, it is conceivable to physically detect that a cable is connected to a connector that supports IEEE 802.3 provided in the target device.
The medium information transmission unit 312 transmits the medium information indicating the second connection medium detected by the medium detection unit 311 to the server.
<Operation>
A procedure in which the server having the above configuration performs the AD determination process will be described in detail.

FIG. 8 is a diagram illustrating operations of the server and the target device according to the second embodiment.
Step S31: The server detects the first connection medium connected to itself.
Step S32: The target device detects the second connection medium connected to itself.
Step S33: The target device transmits medium information indicating the second connection medium detected in step S32 to the server.

Step S34: The server receives the media information from the target device.
Step S35: The server selects one of the plurality of reference times according to the combination of the first connection medium detected in step S31 and the second connection medium obtained from the medium information.
Subsequent steps are the same as the operations from step S11 in the first embodiment, and thus description thereof will be omitted.

As described above, the server can select the reference time according to the server itself and the connection medium to which the target device is connected. This makes it possible to more accurately determine whether or not the target device is a device at home.
In the second embodiment, the reference time is selected based on the connection media of both the server and the target device. However, the reference time may be selected based on only one of the connection media. This can be applied, for example, when the media converter is not allowed to intervene in the communication path.

  In the second embodiment, the reference time is selected based on the connection medium between the server and the target device. However, the present invention is not limited to this. The reference time may be selected based on copy control information and importance information added to various contents. A reference time may be selected. Here, the copy control information is 2-bit information such as 00: copy free, 01: no more copy, 10: copy one generation, and 11: copy never.

If the home network is based on wireless communication, the communication between the server and the target device can be performed in an instruction mode via an access point (here, a router) and without using an access point. There is an ad hoc mode for direct communication. Since communication in the ad hoc mode is possible only when the server and the target device are within the range of mutual radio waves, the server considers the target device to be a home device if it can communicate in the ad hoc mode. Can be. Therefore, when the medium detection unit of both the server and the target device detects that the connection medium is wireless and in the ad hoc mode, the server selects an infinite reference time (that is, the target time). Regardless of this, the time verification unit 208 determines that the target device is a device at home.) Alternatively, in the above case, the time verification process itself may be skipped.
(Embodiment 3)
<Overview>
In the third embodiment, the server and the target device simultaneously transmit measurement data to the server, and the server returns by returning the target time required for transmission from the target device to the server and the nearest router from the server. With the reference time required. If the difference between the transmission times is within a predetermined range, the server determines that the target device is a household device.

  As described above, the server obtains the reference time by actually transmitting the measurement data on a predetermined reference route (here, server-nearest router-server). Thereby, the server can obtain the reference time according to the communication traffic at the time of the AD determination processing, and can determine whether the target device is a device at home more accurately than when the reference time is fixed. Can be determined.

Note that the authentication data verification is the same as in the first embodiment, and a description thereof will be omitted, and only time verification will be described.
<Structure>
FIG. 9 is a diagram illustrating a network configuration according to the third embodiment.
The third embodiment is different from the first embodiment in that the router 10 and the router 50 are directly connected without using an ISP.

Here, a determination method in which the server 20 determines that the target device is a device at home will be described.
(1) The server 20 and the target device synchronize the time in advance and share the scheduled transmission time of the measurement data.
(2) When the time reaches the scheduled transmission time of the measurement data, the server 20 transmits the first measurement data to itself, and the target device transmits the second measurement data to the server 20. As a result, the first measurement data is transmitted to the server 20 by returning to the router 10. The second measurement data is transmitted to the server 20 via the router 10.
(3) The server 20 receives the first measurement data and the second measurement data, calculates the transmission time from the received time and the scheduled transmission time, and compares them. Here, the transmission time of the first measurement data is set as a reference time, and the transmission time of the second measurement data is set as a target time.
(4) If the difference between the reference time and the target time is within a predetermined range (for example, within 10%), the server 20 determines that the target device is a household device.

For transmission time,
tsr: Transmission time between the server 20 and the router 10 tr: Transmission time between the router 10 and the device 30 tr: Time required for routing processing by the router 10 and the router 50 trr: Transmission time between the router 10 and the router 50 trb: Router 50 Path 1 (server 20-router 10-server 20), path 2 (device 30-router 10-server 20), and path 3 (device 60-router 50-router 10-server 20) ), The transmission time required to transmit the measurement data is
Transmission time of path 1: Tl = 2tsr + tr
Transmission time of route 2: Td = tra + tr + tsr
Transmission time of route 3: Td = trb + 2tr + trr + tsr
Where, assuming that tsr = tra = trb = trr,
Transmission time of path 1: Tl = 2tsr + tr
Transmission time of path 2: Td = 2tsr + tr
Transmission time of route 3: Td = 3tsr + 2tr
It becomes. The transmission times of the path 1 and the path 2 are the same, and the transmission time of the path 3 is different from them.

Here, it is assumed that the network is compliant with 100Base (communication speed of 100 Mbps), and the size of the measurement data is assumed to be about 100 bytes because the size of the user data is not so large.
According to the above assumption, the transmission time (tsr, tra, trb, trr) between adjacent devices among the server 20, router 10, device 30, and device 60 is 8 microseconds.

The time required for the routing process by the router 10 or the router 50 is about 100 microseconds when the routing is performed by software.
Then
Transmission time of route 1: 116 microseconds
Transmission time of path 2: 116 microseconds Transmission time of path 3: 224 microseconds.

Accordingly, if the target device is the device 30, the server 20 obtains the target time of 116 microseconds with respect to the reference time of 116 microseconds. If the target device is the device 60, a target time of 224 microseconds is obtained with respect to the reference time of 116 microseconds.
Therefore, the server 20 compares the reference time with the target time, and if these are within a predetermined range (for example, within 10%), the server 20 may determine that the target device is a household device. it can. Note that the predetermined range may be determined to such an extent that it is possible to determine whether there is one router or two or more routers in the communication path connecting the server and the target device.

In fact, since the router 10 and the router 50 generally pass through an ISP, the difference between the transmission time of the route 2 and the transmission time of the route 3 is considered to be even larger.
The configuration and operation of a server that realizes the above functions will be described in detail.
FIG. 10 is a diagram illustrating a configuration of a server according to the third embodiment.
The server includes a start information determination unit 241, a start information transmission unit 242, a first measurement data generation unit 243, a first measurement data transmission unit 244, a first measurement data reception unit 245, a reference time calculation unit 246, a second It includes a measurement data receiving unit 247, a target time calculating unit 248, and a time verifying unit 249.

  When receiving a content distribution request from the device, the start information determining unit 241 determines the start time of the AD determination process and the ID of the AD determination process. The time of the server and the time of the target device are synchronized in advance by a time synchronization service using radio waves or a network. As a time synchronization service using a network, NTP (Network Time Protocol) is currently most used. Version 3, which is the current version, is standardized in RFC1305.

The start information transmitting unit 242 transmits the start time and the ID determined by the start information determining unit 241 to the target device.
The first measurement data generation unit 243 generates first measurement data. The data structure of the measurement data will be described later.
When the start time comes, the first measurement data transmission unit 244 transmits the first measurement data to the router nearest to the server.

The first measurement data receiving unit 245 receives the first measurement data transmitted from the first measurement data transmission unit 244 and returned after returning to the router.
The reference time calculation unit 246 calculates a reference time that is a difference between the time when the first measurement data is received by the first measurement data receiving unit 245 and the start time.
The second measurement data receiving unit 247 receives the second measurement data transmitted by the target device at the start time.

The target time calculation unit 248 calculates a target time, which is a difference between the time when the second measurement data is received by the second measurement data reception unit 247 and the start time.
The time verification unit 249 compares the target time calculated by the target time calculation unit 248 with the reference time calculated by the reference time calculation unit 246, and the difference is within a predetermined range (for example, within 10%). If, the target device is determined to be a device at home.

FIG. 11 is a diagram showing a data structure (format) of measurement data.
The measurement data uses a 20-byte IP header D1 and an 8-byte UDP header D2 as header information, followed by a data portion D3. The IP header D1 includes a source IP address D4 (4 bytes) and a destination IP address D5 (4 bytes).
For example, in the case of the above-described first measurement data, the IP address of the server is set in both the source address D4 and the destination address D5. In the case of the second measurement data, the IP address of the device is set as the source address D4, and the IP address of the server is set as the destination address D5.

  The UDP header D2 includes a source port number D6 (2 bytes) and a destination port number D7 (2 bytes). The data part D3 stores the ID of the AD determination process (for example, 8 bytes) and authentication data used for authentication data verification. When receiving the measurement data, the server 20 determines that the measurement data is the measurement data by UDP, and determines by ID which device transmitted when. Here, the ID is 8 bytes as an example, but the ID is not limited to this as long as the information for the server to determine is included without excess or deficiency.

FIG. 12 is a diagram illustrating a configuration of a router according to the third embodiment.
The router includes a first measurement data reception unit 401, a routing processing unit 402, a first measurement data transmission unit 403, a second measurement data reception unit 404, and a second measurement data transmission unit 405.
The first measurement data receiving unit 401 receives the first measurement data transmitted from the server.

The routing processing unit 402 specifies a transfer destination from the destination IP addresses of the first measurement data and the second measurement data transmitted from the server and the target device.
The first measurement data transmission unit 403 transmits the first measurement data to the server that is the transfer destination specified by the routing processing unit 402.
The second measurement data receiving unit 404 receives the second measurement data transmitted from the target device.

The second measurement data transmission unit 405 transmits the second measurement data to the server that is the transfer destination specified by the routing processing unit 402.
FIG. 13 is a diagram illustrating a configuration of a target device according to the third embodiment.
The target device includes a start information receiving unit 321, a second measurement data generation unit 322, and a second measurement data transmission unit 323.

The start information receiving unit 321 receives the start time of the AD determination process transmitted from the server and the ID of the AD determination process.
The second measurement data generator 322 generates second measurement data. The data structure of the measurement data is as described above.
When the start time comes, the second measurement data transmission unit 323 transmits the second measurement data to the server.
<Operation>
The procedure in which the server having the above configuration authenticates the target device will be described in detail.

FIG. 14 is a diagram illustrating operations of a server, a router, and a target device according to Embodiment 3.
Step S41: The server determines the start time of the AD determination process and the ID of the AD determination process.
Step S42: The server transmits start information including the start time and the ID to the target device.

Step S43: The target device receives the start information.
Step S44: The server generates first measurement data. Note that an ID is set in the first measurement data.
Step S45: The server transmits the first measurement data to the router when the start time determined in step S41 comes.

Step S46: The router receives the first measurement data, performs a routing process, specifies a destination server, and transmits the first measurement data to the server.
Step S47: The server receives the first measurement data from the router.
Step S48: The server calculates a reference time which is a difference between the time at which the first measurement data is received at step S47 and the start time.

Step S49: The target device generates the second measurement data. Note that an ID is set in the second measurement data.
Step S50: The target device transmits the second measurement data to the server at the start time obtained in step S43.
Step S51: The router receives the second measurement data, performs a routing process, specifies the destination server, and transmits the second measurement data to the server.

Step S52: The server receives the second measurement data from the router.
Step S53: The server calculates a target time, which is the difference between the time at which the second measurement data was received at step S52 and the start time.
Step S54: The server compares the target time calculated in step S52 with the reference time calculated in step S48, and if the difference is within a predetermined range (for example, within 10%), the target device Is determined to be a household device.

As described above, the server can obtain the reference time according to the communication traffic at the time of the AD determination processing. This is effective, for example, in a network where communication traffic fluctuates greatly.
If the communication traffic is very congested during the AD determination process, if the reference time is fixed as in Embodiment 1, even if the target device is a device at home, the target time is less than the reference time. Therefore, it may not be determined that the device is at home. According to the third embodiment, since the reference time is also actually measured at the time of the AD determination processing, if the communication traffic is congested, the reference time becomes longer accordingly, and such a problem can be avoided.
(Embodiment 4)
<Overview>
In the fourth embodiment, similarly to the third embodiment, a reference time is obtained by actually transmitting measurement data on a predetermined reference route. However, ping echo request data and ping response data are used as measurement data.

Since ping is an existing program, it is not necessary to develop a new program related to transmission and reception of measurement data by diverting it.
Note that the description of the authentication data verification is omitted as in the third embodiment.
<Structure>
FIG. 15 is a diagram illustrating a network configuration according to the fourth embodiment.

The network configuration itself is the same as in the third embodiment.
Here, a determination method in which the server 20 determines whether or not the target device is a device at home will be described.
(1) The server 20 and the target device synchronize the time in advance and share the scheduled transmission time of the measurement data.
(2) When the time becomes the transmission time of the measurement data, the server 20 transmits the first echo request data to the router 10, and the first echo response returned in the router 10 corresponding to the first echo request data. Receive data. The server 20 measures a reference time required from transmission of the first echo request data to reception of the first echo response data.
(3) On the other hand, when the time reaches the transmission time of the measurement data, the target device transmits the second echo request data to the router 10, and the router 10 returns the second echo request data corresponding to the second echo request data. Receive echo response data. The target device measures a target time required from transmission of the second echo request data to reception of the second echo response data. Then, the server 20 notifies the server 20 of the target time.
(4) If the difference between the reference time and the target time is within a predetermined range (for example, within 10%), the server 20 determines that the target device is a household device.

For transmission time,
tsr: Transmission time between the server 20 and the router 10 tr: Transmission time between the router 10 and the device 30 tr: Time required for the router 10 and the router 50 for the routing process tpr: Time required for the router 10 for the ping process trr: The router 10 Transmission time trb between routers 50: transmission time between router 50 and device 60, route 1 (server 20-router 10-server 20), route 2 (device 30-router 10-device 30), and route 3 (device 60-router 50-router 10-router 50-device 60), the transmission time required for transmitting the measurement data is
Transmission time of path 1: Tl = 2tsr + 2tr + tpr
Transmission time of route 2: Td = 2tra + 2tr + tpr
Transmission time of route 3: Td = 2trb + 4tr + 2trr + tpr
Where, assuming that tsr = tra = trb = trr,
Transmission time of path 1: Tl = 2tsr + 2tr + tpr
Transmission time of path 2: Td = 2tsr + 2tr + tpr
Transmission time of route 3: Td = 4tsr + 4tr + tpr
It becomes. The transmission time of the path 1 and the transmission time of the path 2 are the same, and the transmission time of the path 3 is different from the transmission time. Here, it is assumed that the network conforms to 100Base (communication speed 100 Mbps), and the size of the measurement data is Is assumed not to be too large, so it is assumed to be about 100 bytes.

According to the above assumption, the transmission time (tsr, tra, trb, trr) between adjacent devices among the server 20, router 10, device 30, and device 60 is 8 microseconds.
The time required for the routing process by the router 10 or the router 50 is about 100 microseconds when the routing is performed by software.
The time required for the router 10 to perform the ping process is approximately 200 microseconds.

Then
Transmission time of route 1: 416 microseconds,
Transmission time of route 2: 416 microseconds,
The transmission time of the path 3 is 632 microseconds.

Accordingly, if the target device is the device 30, the server 20 obtains the target time of 416 microseconds with respect to the reference time of 416 microseconds. If the target device is the device 60, a target time of 632 microseconds is obtained with respect to the reference time of 416 microseconds.
Therefore, the server 20 compares the reference time with the target time, and if these are within a predetermined range (for example, within 10%), the server 20 may determine that the target device is a household device. it can. Note that the predetermined range may be determined to such an extent that it is possible to determine whether there is one router or two or more routers in the communication path.

In fact, since the router 10 and the router 50 generally pass through an ISP, the difference between the transmission time of the route 2 and the transmission time of the route 3 is considered to be even larger.
The configuration and operation of a server that realizes the above functions will be described in detail.
FIG. 16 is a diagram illustrating a configuration of a server according to the fourth embodiment.
The server includes a start information determination unit 241, a start information transmission unit 242, a router information transmission unit 261, a first echo request transmission unit 262, a first echo response reception unit 263, a reference time measurement unit 264, a target time reception unit 265, and a time A verification unit 266 is provided.

The start information determining unit 241 and the start information transmitting unit 242 are the same as those in the third embodiment, and thus the description is omitted.
The router information transmitting unit 261 transmits the router information to the target device. Here, the router information is the IP address of the router closest to the server. Thus, the target device can know to which router the echo request data should be transmitted.

When the start time comes, the first echo request transmission unit 262 transmits the first echo request data to the router nearest to the server.
The first echo response receiving section 263 receives the first echo response data from the router.
The reference time measuring unit 264 measures a reference time from when the first echo request transmitting unit 262 transmits the first echo request data to when the first echo response receiving unit 263 receives the first echo response data.

The target time receiving unit 265 receives target time information indicating the target time measured by the target device.
The time verification unit 266 compares the target time obtained by the target time reception unit 265 with the reference time measured by the reference time measurement unit 264, and the difference is within a predetermined range (for example, within 10%). If, the target device is determined to be a device at home.

FIG. 17 is a diagram illustrating a configuration of a router according to the fourth embodiment.
The router includes a first echo request receiving unit 406, a routing processing unit 402, a first echo response transmitting unit 407, a second echo request receiving unit 408, and a second echo response transmitting unit 409.
The routing processing unit 402 is the same as in the third embodiment, and a description thereof will be omitted.
The first echo request receiving unit 406 receives the first echo request data transmitted from the server.

The first echo response transmitting unit 407 transmits the first echo response data corresponding to the first echo request data to the server that is the transfer destination specified by the routing processing unit 402.
The second echo request receiving unit 408 receives the second echo request data transmitted from the target device.
The second echo response transmitting unit 409 transmits the second echo response data corresponding to the second echo request data to the target device that is the transfer destination specified by the routing processing unit 402.

FIG. 18 is a diagram illustrating a configuration of a target device according to the fourth embodiment.
The target device includes a start information receiving unit 321, a router information receiving unit 324, a second echo request transmitting unit 325, a second echo response receiving unit 326, a target time measuring unit 327, and a target time transmitting unit 328.
The start information receiving unit 321 is the same as in the third embodiment, and a description thereof will be omitted.

The router information receiving unit 324 receives router information from the server.
When the start time comes, the second echo request transmission unit 325 transmits the second echo request data to the router obtained from the router information.
The second echo reply receiving section 326 receives the second echo reply data from the router.
The target time measuring unit 327 measures a target time from when the second echo request transmitting unit 325 transmits the second echo request data to when the second echo response receiving unit 326 receives the second echo response data.

The target time transmitting unit 328 transmits target time information indicating the target time measured by the target time measuring unit 327 to the server.
<Operation>
A procedure in which the server having the above configuration performs the AD determination process will be described in detail.
FIG. 19 is a diagram illustrating operations of a server, a router, and a target device according to Embodiment 4.

Step S61: The server determines the start time of the AD determination process.
Step S62: The server transmits start information indicating the start time and router information indicating the IP address of the router to the target device.
Step S63: The target device receives the start information and the router information.
Step S64: The server sends the first echo request data to the router when the start time determined in step S61 comes.

Step S65: The router receives the first echo request data.
Step S66: The router performs a routing process to specify a destination server, and transmits first echo response data corresponding to the first echo request data to the server.
Step S67: The server receives the first echo response data from the router.
Step S68: The server measures a reference time from transmitting the first echo request data in step S64 to receiving the first echo response data in step S67.

Step S69: When the start time obtained in step S63 has come, the target device transmits the second echo request data to the router specified by the router information.
Step S70: The router receives the second echo request data.
Step S71: The router specifies a target device as a destination by performing a routing process, and transmits second echo response data corresponding to the second echo request data to the target device.

Step S72: The target device receives the second echo response data from the router.
Step S73: The target device measures a target time from transmitting the second echo request data in step S69 to receiving the second echo response data in step S71.
Step S74: The target device transmits target time information indicating the target time measured in step S73 to the server.

Step S75: The server receives the target time information.
Step S76: The server compares the target time obtained in step S75 with the reference time measured in step S68, and if the difference is within a predetermined range (for example, within 10%), the target device Is determined to be a household device.
As described above, the server can obtain the reference time according to the communication traffic at the time of the AD determination processing, as in the third embodiment. In addition, the server determines whether or not the target device is a device at home using ping which is an existing program. Therefore, there is no need to develop a new program for transmitting and receiving measurement data, and the burden on the server developer is reduced.
(Embodiment 5)
<Overview>
Embodiment 5 is an embodiment in which the server performs AD determination processing on another target device when there is a device that has already been authenticated in the home.

  Here, the reference time is a time from when the server transmits the first echo request data to the authenticated device to when the server receives the first echo response data returned from the authenticated device. The target time is the time from when the server transmits the second echo request data to the target device to when the server receives the second echo response data returned from the target device. As the authenticated device, a device that has been authenticated as a device in AD according to the third embodiment, the fourth embodiment, or the like is used.

In the third embodiment, the server and the target device have to transmit the measurement data at the same time, and it is necessary to perform time synchronization between the server and the target device. However, even if time synchronization is performed, some error is inevitable.
Therefore, in the fifth embodiment, by setting the starting point of both the first echo request data and the second echo request data to the server, the necessity of time synchronization between the server and the target device is eliminated, and the target time and the reference time are compared. Measurements are not affected by time synchronization errors.

Note that the description of the authentication data verification is omitted as in the third embodiment.
<Structure>
FIG. 20 is a diagram showing a network configuration according to the fifth embodiment.
An authenticated device 80 that has already been authenticated as an AD device is connected to the home network 1. Other network configurations are the same as those of the third embodiment.

Here, a determination method in which the server 20 determines whether or not the target device is a device at home will be described.
(1) The server 20 transmits the first echo request data to the authenticated device 80, and receives the first echo response data returned from the authenticated device 80 in response to the first echo request data. The server 20 measures a reference time required from transmission of the first echo request data to reception of the first echo response data.
(2) Further, the server 20 transmits the second echo request data to the target device, and receives the second echo response data returned corresponding to the second echo request data in the target device. The server 20 measures a target time required from transmission of the second echo request data to reception of the second echo response data.
(3) If the difference between the reference time and the target time is within a predetermined range (for example, within 10%), the server 20 determines that the target device is a household device.

For transmission time,
tsr: transmission time between the server 20 and the router 10 trp: transmission time between the router 10 and the authenticated device 80 tr: transmission time between the router 10 and the device 30 tr: time required for routing processing by the router 10 and the router 50 tpp: Time required for the authenticated device 80 to perform the ping process tpa: Time required for the device 30 to perform the ping process trr: Transmission time between the router 10 and the router 50 trb: Transmission time between the router 50 and the device 60 tpb: The device 60 performs the ping process The time required is as follows: path 1 (server 20-router 10-authenticated device 80-router 10-server 20), path 2 (server 20-router 10-device 30-router 10-server 20), and path 3 (server 20-router 10-server 30-router 10-server 20). -Router 10-router 50-device 60-router 50-router 10-server 20). The transmission time required to transmit the measurement data is
Transmission time of route 1: Tp = 2tsr + 2tr + 2trp + tpp
Transmission time of the route 2: Td = 2tsr + 2tr + 2tra + tpa
Transmission time of the route 3: Td = 2tsr + 4tr + 2trr + 2trb + tpb
Where tsr = trp = tra = trb = trr, tpp = tpa
= Tpb, then:
Transmission time of path 1: Tp = 4tsr + 2tr + tpp
Transmission time of route 2: Td = 4tsr + 2tr + tpa
Transmission time of route 3: Td = 6tsr + 4tr + tpb
It becomes. The transmission times of the path 1 and the path 2 are the same, and the transmission time of the path 3 is different from these. Although the description of the quantitative evaluation is omitted, the effectiveness is recognized as in the third and fourth embodiments.

The configuration and operation of a server that realizes the above functions will be described in detail.
FIG. 21 is a diagram illustrating a configuration of a server according to the fifth embodiment.
The server includes an authenticated device information storage unit 271, a first echo request transmission unit 272, a first echo response reception unit 273, a reference time measurement unit 264, a second echo request transmission unit 274, a second echo response reception unit 275, a target A time measuring unit 276 and a time verifying unit 277 are provided.

The reference time measuring unit 264 is the same as that of the fourth embodiment, and a description thereof will be omitted.
The authenticated device information storage unit 271 stores the IP address of the authenticated device that has already been authenticated as a household device, and stores the authenticated device information in the first echo request transmission unit 272 when the AD determination process starts. Give an IP address. When there are a plurality of authenticated devices, one of them is selected and an IP address is given to the first echo request transmitting unit 272.

The first echo request transmission unit 272 transmits the first echo request data to the authenticated device.
The first echo response receiving unit 273 receives the first echo response data from the authenticated device.
The second echo request transmission unit 274 transmits the second echo request data to the target device.
The second echo response receiving unit 275 receives the second echo response data from the target device.
The target time measuring unit 276 measures a target time from when the second echo request transmitting unit 274 transmits the second echo request data to when the second echo response receiving unit 275 receives the second echo response data.

The time verification unit 277 compares the target time obtained by the target time measurement unit 276 with the reference time measured by the reference time measurement unit 264, and the difference is within a predetermined range (for example, within 10%). If, the target device is determined to be a household device.
The configuration of the router according to the fifth embodiment is the same as that of the router according to the fourth embodiment, and a description thereof will be omitted. The configuration of the target device according to the fifth embodiment is the same as that of the target device of the first embodiment, and a description thereof will be omitted.
<Operation>
A procedure in which the server having the above configuration performs the AD determination process will be described in detail.

FIG. 22 is a diagram illustrating operations of the server, the authenticated device, and the target device according to Embodiment 5.
Step S81: The server selects an authenticated device.
Step S82: The server transmits the first echo request data to the authenticated device selected in step S81.

Step S83: The authenticated device receives the first echo request data.
Step S84: The authenticated device transmits first echo response data corresponding to the first echo request data to the server.
Step S85: The server receives the first echo response data.
Step S86: The server measures a reference time from transmitting the first echo request data in step S82 to receiving the first echo response data in step S85.

Step S87: The server transmits the second echo request data to the target device.
Step S88: The target device receives the second echo request data.
Step S89: The target device transmits the second echo response data corresponding to the second echo request data to the server.
Step S90: The server receives the second echo response data.

Step S91: The server measures a target time from transmitting the second echo request data in step S87 to receiving the second echo response data in step S90.
Step S92: The server compares the target time measured in step S91 with the reference time measured in step S86, and if the difference is within a predetermined range (for example, within 10%), the target device Is determined to be a household device.

As described above, the server can obtain the reference time according to the communication traffic at the time of the AD determination processing, as in the third embodiment. Furthermore, since the server is a starting point for both the first echo request data and the second echo request data, there is no need to synchronize the time with the target device unlike the server according to the third embodiment. Therefore, the server can measure the target time and the reference time without being affected by the time synchronization error.
(Embodiment 6)
<Overview>
In the sixth embodiment, the transit time for the measurement data (echo request data and echo response data) to pass through a cable or the like is shorter than the time required for the routing process and the ping process, so that the transit time is ignored. It is an embodiment.

Here, the reference time is the time from when the server transmits the first echo request data to the nearest router to when the server receives the first echo response data returned from the router.
The target time is the time from when the server transmits the second echo request data to the target device to when the server receives the second echo response data returned from the target device.
The server according to the fifth embodiment eliminates the need for time synchronization with the target device by measuring the reference time using the existing authenticated device. However, when a new home network is constructed, there is still no authenticated device. In such a case, the server cannot perform the AD determination processing.

Therefore, Embodiment 6 eliminates the need for time synchronization between the server and the target device, and enables the server to perform AD determination processing on the target device even when there is no authenticated device in the home. I have.
Note that the description of the authentication data verification is omitted as in the third embodiment.
<Structure>
FIG. 23 is a diagram showing a network configuration according to the sixth embodiment.

The network configuration itself is the same as in the third embodiment.
Here, a determination method in which the server 20 determines that the target device is a device at home will be described.
(1) The server 20 transmits the first echo request data to the router 10, and the router 10 receives the first echo response data returned in response to the first echo request data. The server 20 measures a reference time required from transmission of the first echo request data to reception of the first echo response data.
(2) Further, the server 20 transmits the second echo request data to the target device, and receives the second echo response data returned corresponding to the second echo request data in the target device. The server 20 measures a target time required from transmission of the second echo request data to reception of the second echo response data.
(3) If the difference between the reference time and the target time is within a predetermined range (for example, within 10%), the server 20 determines that the target device is a household device.

For transmission time,
tsr: Transmission time between the server 20 and the router 10 tr: Transmission time between the router 10 and the device 30 tr: Time required for the router 10 and the router 50 for routing processing tpr: Time required for the router 10 for ping processing tpa: Device 30 Time required for ping process trr: Transmission time between router 10 and router 50 trb: Transmission time between router 50 and device 60 tpb: Time required for device 60 for ping process, as route 1 (server 20-router 10-server 20) ), Route 2 (server 20-router 10-device 30-router 10-server 20), and route 3 (server 20-router 10-router 50-device 60-router 50-router 10-server 20). The transmission time required to transmit the data for
Transmission time of path 1: Tp = 2tsr + 2tr + tpr
Transmission time of the route 2: Td = 2tsr + 2tr + 2tra + tpa
Transmission time of the route 3: Td = 2tsr + 4tr + 2trr + 2trb + tpb
Here, it is assumed that tpp = tpa = tpb, and tsr, tra, trb, and trr, which are the transit times of the measurement data passing between the server and the router, are ignored as compared with tr and tpr. Assuming it is as small as possible,
Transmission time of path 1: Tl = 2tr + tpr
Transmission time of route 2: Td = 2tr + tpa
Transmission time of route 3: Td = 4tr + tpb
It becomes. The transmission times of the path 1 and the path 2 are the same, and the transmission time of the path 3 is different from these. Although the description of the quantitative evaluation is omitted, the effectiveness is recognized as in the third and fourth embodiments.

The configuration and operation of a server that realizes the above functions will be described in detail.
FIG. 24 is a diagram illustrating a configuration of a server according to the sixth embodiment.
The server includes a first echo request transmission unit 281, a first echo response reception unit 282, a reference time measurement unit 264, a second echo request transmission unit 274, a second echo response reception unit 275, a target time measurement unit 276, and a time verification unit. 277.

This server has a configuration in which the authenticated device information storage unit 271 is omitted from the server according to the fifth embodiment. This is because the server according to Embodiment 6 uses the router closest to the server in a fixed manner as a reference device.
In addition, except that the destination of the first echo request data from the first echo request transmission unit 281 and the transmission source of the first echo response data received by the first echo response reception unit 282 are routers, This is the same as Embodiment 5.

The description of the configurations of the router and the target device is omitted as in the fifth embodiment.
<Operation>
A procedure in which the server having the above configuration performs the AD determination process will be described in detail.
FIG. 25 is a diagram illustrating operations of a server, a router, and a target device according to Embodiment 6.
Step S101: The server sends the first echo request data to the router.

Step S102: The router receives the first echo request data.
Step S103: The router sends first echo response data corresponding to the first echo request data to the server.
Step S104: The server receives the first echo response data.
Step S105: The server measures a reference time from transmitting the first echo request data in step S101 to receiving the first echo response data in step S104.

Step S106: The server transmits the second echo request data to the target device.
Step S107: The target device receives the second echo request data.
Step S108: The target device transmits the second echo response data corresponding to the second echo request data to the server.
Step S109: The server receives the second echo response data.

Step S110: The server measures a target time from transmitting the second echo request data in step S106 to receiving the second echo response data in step S109.
Step S111: The server compares the target time measured in step S110 with the reference time measured in step S105, and if the difference is within a predetermined range (for example, within 10%), the target device Is determined to be a household device.

As described above, the server can obtain the reference time according to the communication traffic at the time of the AD determination processing, as in the third embodiment. Further, the server is a starting point for both the first echo request data and the second echo request data as in the fifth embodiment. There is no need to synchronize. Therefore, the server can measure the target time and the reference time without being affected by the time synchronization error. Furthermore, the server can perform the AD determination process on the target device regardless of the presence or absence of the authenticated device in the home by fixedly using the router closest to the server as the reference device.
<Other modifications>
In all the embodiments, the server performs time verification and authentication data verification, and uses the result of the verification as an AD determination process. This is because a system in which the device in the AD is defined as a legitimate device in the home is described. In other words, the content of the AD determination processing differs depending on how the devices in the AD are defined. For example, in a system in which a device at home is a device in AD, authentication data verification is not necessary, and the server performs only time verification as AD determination processing.

  If the server cannot authenticate the target device in one AD determination process, the server may perform the AD determination process again. In this case, it is necessary to use authentication data T1 and T2 used for authentication data verification that are different from the previous AD determination processing. For example, one may be added to the previously used random number An, and this may be encrypted with the secret information Ks and used as the authentication data T1. The method of generating the authentication data T1 is specifically described in the first embodiment, but is not limited to this, and may be a method that can be shared only by the server and the target device, and that can further change the authentication data one after another. If so, another method may be used.

The authentication data verification by the server may be performed every time regardless of the result of the time verification.
When the AD determination process is repeated, a predetermined number of times is performed as an upper limit. It may be determined that the device is not a device in the AD.

When the server determines that the target device is not a device in the AD, the subsequent processing basically depends on the application. For example, the following processing can be considered.
(Example 1) The AD determination process of the target device is permitted any number of times thereafter.
(Example 2) The AD determination process of the target device is permitted only a predetermined number of times, and if the device is not determined to be an AD device even if the predetermined number of times is exceeded, the following Example 3 or Example 4 is followed.
(Example 3) The AD determination process of the target device is permitted only after a predetermined time has elapsed.
(Example 4) The target device is registered in the non-permission list, and the AD determination process is not permitted again.

The server may measure a predetermined number of times in order to obtain a more accurate target time or reference time. Thus, the AD determination process can be performed without being affected by communication traffic. When the measurement is performed a plurality of times, a method of using the minimum value of the measurements performed a plurality of times or a method of using the average value can be considered.
The method using the minimum value is effective in the following cases.

  For example, when transmitting the echo response data, the target device that has received the echo request data waits for transmission of the echo response data if other data is flowing through the communication path. In this case, the server measures the time obtained by adding the standby time to the actual transmission time as the target time. However, since the size of the echo response data is small, it is considered that even if other large-capacity data is flowing through the communication path, at least one of the multiple times is transmitted between large-capacity data. At this time, the server can measure the actual transmission time to which no waiting time is added as the target time.

  In addition, the method of using the average value may have a significantly different target time regardless of the same communication path. If such significantly different measured values are to be averaged, the error will be rather large. Therefore, a range may be determined in advance, and only the measured values within the range may be averaged. Alternatively, the AD determination processing may be terminated by regarding that all the measured values are not appropriate. Note that an example of the measured value of the target time that is greatly different is a result of a caching function of the resolved address of the router. This will be described below.

  For example, when the router transfers the measurement data received from the server to the target device, the router passes the measurement data from the IP layer to the data link layer, and stores the measurement data in a frame of the data link layer. Here, in order to transfer the frame to the target device, the router needs to know the MAC (Media Access Control) address of the target device.

  However, the measurement data is stored in the packet header if it is the IP address of the source and the destination (see FIG. 11), but is unknown because the MAC address of the target device is not stored. Since the frame cannot be transmitted to the target device as it is, the router checks the MAC address of the target device using ARP (Address Resolution Protocol).

  ARP is a protocol used when checking a MAC address corresponding to an IP address using the IP address. The router broadcasts an ARP packet storing the IP address of the target device. The target device receives the ARP packet, and when its own IP address is described in the ARP packet, notifies the router of its own MAC address. As a result, the router can check the MAC address of the destination device and transmit the measurement data. Further, the router records the MAC address of the target device for a certain period of time in preparation for the subsequent frame transmission.

When the measurement data is transmitted again within this fixed period, the router uses the recorded MAC address, so that the router can transmit the measurement data in a shorter time than at the time of the first transmission. .
As described above, when the measurement data is transmitted via the router having the cache function, the first target time may be significantly different from the second and subsequent target times. Therefore, in such a case, it is preferable that the first target time is not adopted as a criterion for the AD determination process. Also, when the target time is measured a plurality of times and averaged, it is preferable to exclude the first measurement value from the average.

The server may perform not only the AD determination process on the target device but also the target device may perform the mutual authentication for performing the AD determination process on the server.
When transmitting and receiving measurement data, router information, target time information, and the like between the server and the target device, the data may be encrypted or a signature may be added. This can prevent spoofing by unauthorized devices.

The protocol used for measuring the target time is not limited to ICMP, and is not limited to this as long as the data is transmitted to the destination immediately when the data is transmitted from the source to the destination. .
Although the situation in which the server distributes the content has been described in Embodiments 1 to 6, the present invention is not limited to this. For example, devices within a certain range are automatically grouped. It can be applied to such techniques as Also in this case, it is determined whether or not to register in the group by comparing the target time with the reference time.

In Embodiments 3 to 6, the reference time is measured every time. However, the present invention is not limited to this, and the reference time measured once may be stored in the ROM and reused.
In the third embodiment, by setting the time at which the server transmits the measurement data to itself and the time at which the target device transmits the measurement data to the server at the same time, communication traffic under substantially the same conditions is achieved. , The reference time and the target time are measured. However, if the influence of the fluctuation of the communication traffic can be ignored in measuring the target time, it is not always necessary to transmit at the same time.

  As an application example of the present invention, a home server or the like that stores contents permitted to be used only by authorized devices in the home can be considered. ADVANTAGE OF THE INVENTION According to this invention, the said home server does not require the registration operation | work of the user of a household device, and can prevent distribution of content to the apparatus which is not permitted to distribute content.

FIG. 2 is a diagram showing a network configuration according to the first embodiment. FIG. 3 is a diagram showing a configuration of a server according to the first embodiment. FIG. 2 is a diagram showing a configuration of a target device according to the first embodiment. FIG. 5 is a diagram illustrating operations of the server and the target device according to the first embodiment. FIG. 9 is a diagram showing a configuration of a server according to Embodiment 2. FIG. 4 is a diagram illustrating an example of a reference time held by a reference time holding unit 221. FIG. 9 is a diagram illustrating a configuration of a target device according to Embodiment 2. FIG. 9 is a diagram illustrating operations of a server and target devices according to Embodiment 2. FIG. 13 is a diagram illustrating a network configuration according to a third embodiment. FIG. 14 is a diagram showing a configuration of a server according to Embodiment 3. It is a figure showing the data structure of the data for measurement. FIG. 13 is a diagram illustrating a configuration of a router according to a third embodiment. FIG. 9 is a diagram showing a configuration of a target device according to Embodiment 3. FIG. 13 is a diagram illustrating operations of a server, a router, and a target device according to Embodiment 3. FIG. 14 is a diagram illustrating a network configuration according to a fourth embodiment. FIG. 14 is a diagram showing a configuration of a server according to Embodiment 4. FIG. 13 is a diagram illustrating a configuration of a router according to a fourth embodiment. FIG. 14 is a diagram illustrating a configuration of a target device according to Embodiment 4. FIG. 14 is a diagram illustrating operations of a server, a router, and a target device according to Embodiment 4. FIG. 14 is a diagram showing a network configuration according to a fifth embodiment. FIG. 15 is a diagram showing a configuration of a server according to Embodiment 5. FIG. 15 is a diagram illustrating operations of a server, an authenticated device, and a target device according to Embodiment 5. FIG. 14 is a diagram showing a network configuration according to a sixth embodiment. FIG. 14 is a diagram showing a configuration of a server according to Embodiment 6. FIG. 15 is a diagram illustrating operations of a server, a router, and a target device according to Embodiment 6.

Explanation of reference numerals

1 home network 10 router 20 server 30, 60 device 40 ISP
Reference Signs List 50 Router 80 Authenticated device 201 Secret information storage unit 202 Authentication data T1 generation unit 203 Authentication data T2 generation unit 204 Echo request transmission unit 205 Echo response reception unit 206 Time measurement unit 207 Reference time holding unit 208 Time verification unit 209 Change reception unit 210 Authentication data T2 'extraction unit 211 Authentication data verification unit 212 Verification result receiving unit 213 AD verification unit 301 Secret information storage unit 302 Authentication data T1' generation unit 303 Authentication data T2 'generation unit 304 Echo request reception unit 305 Echo response transmission unit 306 Authentication data T1 extraction unit 307 Authentication data verification unit 308 Verification result transmission unit

Claims (30)

A group determination device,
Target time acquisition means for acquiring a target time related to communication between the target device connected to the network and the own device,
If the difference between the reference time related to communication between the device in the predetermined group and the own device and the target time acquired by the target time acquisition unit is within a predetermined range, the target device is a device in the group. And a determination unit that determines that the target device is a device outside the group if the difference is not within the predetermined range. The group determination device further includes:
A determination request receiving unit that receives a determination request from the target device,
The target time acquisition means,
The group determination device according to claim 1, wherein the target time is acquired when a determination request is received by the determination request receiving unit. The target time acquisition means,
Transmitting and receiving means for transmitting data of a predetermined format to the target device and receiving the data of the predetermined format returned from the target device.
3. The group determination device according to claim 2, further comprising: a measurement unit that measures a transmission time from transmission of the data in the predetermined format to reception of the data in the transmission / reception unit and sets the transmission time as the target time. 4. The transmitting / receiving means,
Echo request data based on an ICMP (Internet Control Message Protocol) is transmitted as data in a predetermined format to be transmitted to the target device, and data in a predetermined format returned from the target device corresponds to the echo request data. The group determination device according to claim 3, wherein the group determination device receives echo response data. The group determination device is time-synchronized with the target device,
The target time acquisition means,
Time determination means for determining a transmission time for transmitting the data of the predetermined format,
A time notification unit that notifies the target device of the transmission time determined by the time determination unit,
Receiving means for receiving data of a predetermined format transmitted by the target device at the transmission time,
And a calculating means for calculating a transmission time of the data of the predetermined format from the reception time when the data of the predetermined format is received by the receiving means and the transmission time, and setting the transmission time as the target time. 3. The group determination device according to 2. The target device measures the target time, and transmits target time information indicating the target time,
The target time acquisition means,
The group determination device according to claim 2, wherein the target time information is received from the target device. The group determination device further includes:
Preliminary holding means for retaining the target time for a predetermined number of times,
The target time acquisition means,
The group determination device according to claim 2, wherein a minimum value of the target time stored in the target time holding unit and the acquired target time is adopted. The determining means includes:
The group determination device according to claim 2, wherein a predetermined reference time is held. The group determination device further includes:
Equipped with change accepting means for accepting the reference time after the change from outside,
The determining means includes:
The group determination device according to claim 8, wherein the set time after the change received by the receiving unit is held instead of the reference time already held. The determining means includes:
Reference time holding means holding a reference time determined for each connection medium to which the target device is connected to the network,
Receiving means for receiving medium information indicating the connection medium from the target device,
3. The group determination device according to claim 2, further comprising: a selection unit that selects a reference time stored in the reference time storage unit based on the medium information received by the reception unit. 4. The group determination device further includes:
Equipped with change accepting means for accepting the reference time after the change from outside,
The reference time holding means,
The group determination device according to claim 10, wherein the set time after the change received by the receiving unit is held instead of the reference time already held. The determining means includes:
Reference time holding means for holding a reference time determined for each combination of a first connection medium connected to the network by the group determination device and a second connection medium connected to the network by the target device When,
Medium detection means for detecting the first connection medium;
Receiving means for receiving medium information indicating the second connection medium from the target device;
Selecting means for selecting a reference time held in the reference time holding means based on a combination of the first connection medium detected by the medium detection means and the second connection medium received by the reception means; The group determination device according to claim 2, comprising: The group determination device further includes:
Equipped with change accepting means for accepting the reference time after the change from outside,
The reference time holding means,
The group determination device according to claim 12, wherein the changed reference time received by the receiving unit is held instead of the already held reference time. The determining means includes:
Transmitting and receiving means for transmitting data of a predetermined format to a router connected in the vicinity of the own device and receiving the data of the predetermined format returned from the router;
The group determination device according to claim 2, further comprising: a measurement unit that measures, as the reference time, a transmission time from transmission of the data in a predetermined format to reception of the data in the transmission / reception unit. The transmitting / receiving means,
Echo request data based on an ICMP (Internet Control Message Protocol) is transmitted as data in a predetermined format to be transmitted to the router, and an echo response corresponding to the echo request data is returned as data in a predetermined format returned from the router. The group determination device according to claim 14, wherein the group determination device receives data. The group determination device further includes:
Preliminary holding means holding a predetermined number of reference times,
The determining means includes:
The group determination device according to claim 14, wherein a minimum value of the reference time stored in the pre-holding unit and the measured reference time is adopted. The group determination device is connected via one router to a reference device that has already been determined to be a device in the group,
The determining means includes:
Transmitting and receiving means for transmitting data of a predetermined format to the reference device and receiving the data of the predetermined format returned from the reference device.
The group determination device according to claim 2, further comprising: a measurement unit that measures, as the reference time, a transmission time from transmission of the data in a predetermined format to reception of the data in the transmission / reception unit. The transmitting / receiving means,
Echo request data based on an ICMP (Internet Control Message Protocol) is transmitted as data of a predetermined format to be transmitted to the reference device, and data of a predetermined format returned from the reference device corresponds to the echo request data. The group determination device according to claim 17, wherein the group determination device receives echo response data. The group determination device further includes:
Preliminary holding means holding a predetermined number of reference times,
The determining means includes:
The group determination device according to claim 17, wherein a minimum value of the reference time stored in the pre-holding unit and the measured reference time is adopted. The determining means includes:
If the target time is equal to or less than the reference time, it is determined that the target device is a device in the group.If the target time is not equal to or less than the reference time, the target device is a device outside the group. The group determination device according to claim 2, wherein: The group determination device is connected to the target device via one or more routers,
The determining means includes:
If the difference is shorter than the time when the data of the predetermined format passes through one router, the target device is determined to be a device in the group, and the difference is that the data of the predetermined format is one router. The group determination device according to claim 2, wherein the target device is determined to be a device out of the group if the time is not shorter than the intervening time. A group determination device having common secret information with a target device connected to a network,
Conversion means for performing a predetermined conversion on the secret information to generate first conversion information;
A second conversion generated by transmitting data in a predetermined format to the target device, returning the data back from the target device, and performing the same conversion as the predetermined conversion on the secret information in the target device. Transmitting and receiving means for receiving the data of the predetermined format including information,
Measuring means for measuring a target time from transmitting and receiving data of a predetermined format in the transmitting and receiving means,
A difference between a reference time required for transmitting data in a predetermined format between a device in a predetermined group and the own device and a target time measured by the measurement unit is within a predetermined range, and is generated by the conversion unit. If the obtained first conversion information matches the second conversion information obtained by the transmission / reception means, it is determined that the target device is a device in the group, otherwise, the target device is And a determination unit that determines that the device is outside the group. A group determination device having common secret information with a target device connected to a network,
Conversion means for performing a predetermined conversion on the secret information to generate first conversion information, and performing another conversion different from the predetermined conversion on the secret information to generate second conversion information;
Data of a predetermined format including the first conversion information is transmitted to the target device, the data is returned from the target device, and the secret information is subjected to the same conversion as the other conversion in the target device. Transmitting and receiving means for receiving the data of the predetermined format including the third conversion information generated by
Measuring means for measuring a target time from transmitting and receiving data of a predetermined format in the transmitting and receiving means,
A difference between a reference time required for transmitting data in a predetermined format between a device in a predetermined group and the own device and a target time measured by the measurement unit is within a predetermined range, and is generated by the conversion unit. And the third conversion information obtained by the transmission / reception unit matches the second conversion information, and the second conversion information is generated by performing the same conversion as the predetermined conversion on the secret information from the target device. (4) When a notification indicating that the conversion information matches the first conversion information is received, it is determined that the target device is a device in the group; otherwise, the target device is determined to be in the group. A determination unit that determines that the device is an external device. It is determined whether the device is a device of a predetermined group from a group determination device connected to the network, a target device having common secret information with the group determination device,
Receiving means for receiving data of a predetermined format from the group determination device;
Conversion means for performing a predetermined conversion on the secret information before receiving data of a predetermined format by the receiving means to generate first conversion information;
A receiving unit that, when the receiving unit receives the data in a predetermined format, returns the data in the predetermined format including the first conversion information to the group determination device. It is determined whether the device is a device of a predetermined group from a group determination device connected to the network, a target device having common secret information with the group determination device,
Receiving means for receiving data of a predetermined format including first conversion information generated by performing a predetermined conversion on the secret information in the group determination device;
A conversion unit that performs another conversion different from the predetermined conversion on the secret information before receiving data in a predetermined format by the receiving unit to generate second conversion information;
Reply means for receiving data in a predetermined format by the receiving means and returning the data in the predetermined format to the group determination device including the second conversion information;
Collating means for collating the first conversion information obtained from the data in a predetermined format by the receiving means and third conversion information generated by performing the same conversion as the predetermined conversion on the secret information;
Notification means for notifying the group determination device of the result of the comparison by the comparison means. A group determination system including a target device and a group determination device connected to a network, each having a common secret information in advance,
The target device is
Receiving means for receiving data of a predetermined format from the group determination device;
First conversion means for performing a predetermined conversion on the secret information to generate first conversion information before receiving data in a predetermined format by the receiving means;
Reply means for receiving data of a predetermined format by the receiving means and returning the data of the predetermined format to the group determination device including the first conversion information,
The group determination device,
Transmitting and receiving means for transmitting data of a predetermined format to the target device and receiving data of a predetermined format including the first conversion information from the target device;
Measuring means for measuring a target time from transmitting and receiving data of a predetermined format in the transmitting and receiving means,
Second conversion means for performing the same conversion as the predetermined conversion on the secret information to generate second conversion information;
A difference between a reference time required for transmission of data in a predetermined format between a device in a predetermined group and the own device and a target time measured by the measurement unit is within a predetermined range, and the second conversion unit When the second conversion information generated by and the first conversion information obtained by the transmission / reception means match, it is determined that the target device is a device in the group, otherwise, the Determining means for determining that the target device is a device outside the group. A group determination system including a target device and a group determination device connected to a network, each having a common secret information in advance,
The target device is
Receiving means for receiving data of a predetermined format including first conversion information from the group determination device;
First conversion means for performing a predetermined conversion on the secret information before receiving data of a predetermined format by the receiving means to generate second conversion information;
Reply means for receiving data in a predetermined format by the receiving means and returning the data in the predetermined format to the group determination device including the second conversion information;
Collation means for collating third conversion information generated by performing another conversion different from the predetermined conversion on the secret information with the first conversion information obtained by the reception means;
Notifying means for notifying the result of the comparison by the collating means to the group determination device,
The group determination device,
Second conversion means for performing the same conversion as the other conversion on the secret information to generate first conversion information, and performing the same conversion as the predetermined conversion on the secret information to generate fourth conversion information; ,
Transmitting / receiving means for transmitting data of a predetermined format including the first conversion information to the target device and receiving data of a predetermined format including the second conversion information from the target device;
Measuring means for measuring a target time from transmitting and receiving data of a predetermined format in the transmitting and receiving means,
A difference between a reference time required for transmission of data in a predetermined format between a device in a predetermined group and the own device and a target time measured by the measurement unit is within a predetermined range, and the second conversion unit And the second conversion information obtained by the transmission / reception means matches, and the collation result from the target device indicates that the first conversion information matches the third conversion information. A determination unit that determines that the target device is a device in the group, and otherwise determines that the target device is a device outside the group. . A group determination method,
A target time obtaining step of obtaining a target time related to communication between the target device connected to the network and the own device,
If the difference between the reference time related to the communication between the device in the predetermined group and the own device and the target time obtained in the target time obtaining step is within a predetermined range, the target device is a device in the group. Determining that the target device is outside the group if the difference is not within the predetermined range. A group determination program to be executed by a computer,
A target time obtaining step of obtaining a target time related to communication between the target device connected to the network and the own device,
If the difference between the reference time related to the communication between the device in the predetermined group and the own device and the target time obtained in the target time obtaining step is within a predetermined range, the target device is a device in the group. Determining that the target device is outside the group if the difference is not within the predetermined range. A recording medium recording a group determination program to be executed by a computer,
A target time obtaining step of obtaining a target time related to communication between the target device connected to the network and the own device,
If the difference between the reference time related to the communication between the device in the predetermined group and the own device and the target time obtained in the target time obtaining step is within a predetermined range, the target device is a device in the group. Determining that the difference is not within the predetermined range, and determining that the target device is a device outside the group.

Images