JP2005142876A - Electronic equipment, information processing system, information processing terminal and method, management server and managing method, program, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To easily, speedily, and safely communicate. <P>SOLUTION: A VCR 3 reads out an ID recorded on a recording medium 21A when the recording medium 21A is inserted, and informs a management server 1 of the ID and its address. The management server 1 when already acquiring the ID of a recording medium 21B read by a television image receiver 5 judges whether the ID reported by the VCR 3 is identical to the ID reported from the television image receiver 5, and connects the VCR 3 and television image receiver 5 to each other when judging that they are identical. After the connection, data are sent and received and those data are enciphered by using the same key recorded on the recording media 21A and 21B. This invention is applicable to a device which is connected to a network. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to an electronic device, an information processing system, an information processing terminal and method, a management server and management method, a program, and a recording medium, and in particular, connects to a network and exchanges data without bothering a user. The present invention relates to an electronic device, an information processing system, an information processing terminal and method, a management server and a management method, a program, and a recording medium that are suitable for application.

  In recent years, with the development of communication technology, not only devices such as personal computers but also various devices such as PDAs (Personal Digital Assistants) and television receivers are connected to each other via a network, and an environment in which data can be exchanged. It is getting ready. For example, it has become possible to transmit an image reproduced by a personal computer via a home network and display it on a television receiver.

  However, even if each device is connected to the network itself, it is possible to perform communication with a specific device each time, for example, the address of the communication partner device, even if it can be performed with simple settings. Etc. must be set for the user. For example, when video played back by a personal computer is transmitted via a home network and displayed on a television receiver, the personal computer is operated to set various information such as the television receiver address. I had to.

Further, when the number of devices connected to the network increases, there is a problem that it becomes difficult to know which devices are connected by cables used for connection. As a method for solving these problems, there is a technique disclosed in Patent Document 1.
JP 2003-143147 A

  With the technique described in Patent Document 1, there is a possibility that safe data cannot be exchanged. For example, when data is being exchanged, there is a possibility that the data is stolen and used due to unauthorized access.

  For example, if a malicious third party obtains information for making a connection by some method, for example, an identifier, and executes a connection with a predetermined device using the obtained identifier, No effective measures were taken to prevent the connection. For example, when the connection method disclosed in Patent Document 1 is used, connection processing is performed using an identifier. However, it is possible in some cases to detect the identifier properly and to issue a connection request. No effective measures have been taken to prevent such unauthorized connections.

  The present invention has been made in view of such a situation, so that connection with other devices can be easily performed, and data can be exchanged after the connection is completed while maintaining safety. The purpose is to do.

  The electronic device of the present invention is stored in the electronic device that associates the information processing terminals connected via the network with the storage unit that stores the identification information and the key, and the storage unit when the information processing terminal is attached to the predetermined information processing terminal. First providing means for providing the identification information to the information processing terminal, and second provision for providing the key stored in the storage means when the information processing terminal executes authentication processing with another information processing terminal Means.

  The information processing system of the present invention is an information processing system including an information processing terminal and a management server, and the information processing terminal is stored in the electronic device when the electronic device that associates the information processing terminals to be connected is mounted. A first reading unit that reads the first identification information, the first identification information read by the reading unit, and the first position information that represents the position of itself on the network. When the first transmission means for transmitting to the management server to be managed and the first data for authentication from the management server are received, the second data is sent from the first data using the key stored in the electronic device. When the second transmission means for generating data and transmitting it to the management server and the third data and the fourth data related to other information processing terminals are received from the management server, the third data And determining whether or not the generation unit that generates the fifth data using the key stored in the electronic device, the fifth data generated by the generation unit, and the fourth data match, If they match, the third transmission unit that transmits permission data for permitting connection with another information processing terminal to the management server, and the permission data is transmitted by the third transmission unit, so that other information When the second location information of the processing terminal is notified from the management server, the management server includes a connection unit that connects to another information processing terminal based on the second location information, and the management server includes the first transmission unit. A first receiving unit that receives the first identification information and the first position information transmitted by the first receiving unit; and the first receiving unit receives the first identification information and the first position information by the first receiving unit. That generates and transmits the data to the information processing terminal The transmission means, the second reception means for receiving the second data transmitted by the second transmission means, the first identification information, the first position information, the first data, and the second data Of the identification information managed by the management means, the identification information managed by the management means, the first identification information transmitted by the information processing terminal, and the second identification transmitted by another information processing terminal When the information is the same, the first data and the second data associated with the information processing terminal are transmitted to the other information processing terminal, and the third data associated with the other information processing terminal When the fifth transmission means for transmitting the fourth data to the information processing terminal and the permission data transmitted by the fourth transmission means are received, and the permission data is also received from another information processing terminal The first of the information processing terminal It is characterized by comprising notifying means for notifying the information processing terminal of the position information and notifying the information processing terminal of the second position information of the other information processing terminal.

  The information processing terminal according to the present invention includes a reading unit that reads identification information stored in an electronic device and first identification information read by the reading unit when an electronic device that associates the information processing terminals to be connected is mounted. First transmitting means for transmitting the first position information representing the position of itself on the network to a management server that manages connection with other information processing terminals, and first authentication for authentication from the management server. When data is received, second data is generated from the first data using a key stored in the electronic device and transmitted to the management server; and other information from the management server When receiving the third data and the fourth data related to the processing terminal, generating means for generating fifth data from the third data using a key stored in the electronic device; Whether the fifth data generated by the second data and the fourth data match is determined. If it is determined that they match, permission data for permitting the management server to connect to another information processing terminal is obtained. When the second position information of the other information processing terminal is notified from the management server by transmitting the permission data by the third transmitting means for transmitting and the third transmitting means, the second position information And connecting means for connecting to another information processing terminal.

  An encryption unit that encrypts data to be transmitted to another information processing terminal using a key stored in the electronic device when the connection unit is connected to the information processing terminal; and another information processing terminal When receiving data from the electronic device, it may further comprise decryption means for decrypting the data with a key stored in the electronic device.

  An information processing method according to the present invention is an information processing method for an information processing apparatus including at least a reading unit that reads information from a mounted electronic device and a communication unit that exchanges data with another information processing device. When an electronic device that associates information processing terminals is mounted, a reading step for reading identification information stored in the electronic device, the first identification information read by the reading step, and the position of itself on the network A first transmission step of transmitting the first position information that is represented to a management server that manages connection with another information processing terminal; and when the first data for authentication is received from the management server, A second transmission step of generating second data from the data using a key stored in the electronic device and transmitting the second data to the management server; Generating step of generating fifth data from the third data using the key stored in the electronic device when receiving the third data and the fourth data related to the information processing terminal Whether or not the fifth data generated in the process is matched with the fourth data, and if it is determined to match, permission to permit the management server to connect to another information processing terminal When the permission information is transmitted in the third transmission step of transmitting data and the processing of the third transmission step, the second location information of another information processing terminal is notified from the management server. And a connection step of connecting to another information processing terminal based on the position information of 2.

  A first program of the present invention is a computer program for controlling an information processing apparatus including at least reading means for reading information from a mounted electronic device and communication means for exchanging data with other information processing apparatuses. When an electronic device that associates information processing terminals to be connected is mounted, a reading step for reading the identification information stored in the electronic device, the first identification information read by the reading step, and itself on the network A first transmission step of transmitting first position information representing the position of the first information to a management server that manages connection with another information processing terminal; and when receiving first data for authentication from the management server, From the first data, second data is generated using a key stored in the electronic device and transmitted to the management server. And the third data and the fourth data related to the other information processing terminal are received from the management server, the fifth data is obtained from the third data by using the key stored in the electronic device. It is determined whether or not the generation step to be generated, the fifth data generated by the processing of the generation step, and the fourth data match. A third transmission step for transmitting permission data for permitting connection with the terminal, and the permission data is transmitted in the processing of the third transmission step, whereby the second location information of the other information processing terminal is managed by the management server. And a connection step of connecting to another information processing terminal based on the second position information.

  The program of the first recording medium of the present invention is a computer program for controlling an information processing apparatus including at least reading means for reading information from an attached electronic device and communication means for exchanging data with other information processing apparatuses. When an electronic device that associates information processing terminals to be connected is mounted, a reading step of reading identification information stored in the electronic device, first identification information read by the reading step, A first transmission step of transmitting first position information representing the position of the user to a management server that manages connection with other information processing terminals, and receiving first data for authentication from the management server In this case, the second data is generated from the first data using the key stored in the electronic device, and transmitted to the management server. And when the third data and the fourth data related to the other information processing terminal are received from the management server, the fifth data is obtained from the third data by using the key stored in the electronic device. The generation step for generating the data, the fifth data generated by the processing of the generation step, and the fourth data are determined to match. A third transmission step for transmitting permission data for permitting connection with the processing terminal, and the second position information of other information processing terminals are managed by transmitting the permission data in the processing of the third transmission step. A connection step of connecting to another information processing terminal based on the second position information when notified from the server.

  The management server of the present invention includes a first identification information for identifying the information processing terminal transmitted from the first information processing terminal and a first information representing the position of the first information processing terminal on the network. When the first identification information and the first position information are received by the first receiving means for receiving the position information and the first receiving means, the first data is generated and is sent to the first information processing terminal. A first transmitting means for transmitting; a second receiving means for receiving the second data transmitted from the first information processing terminal by transmitting the first data by the first transmitting means; Management means for associating and managing the first identification information, the first position information, the first data, and the second data, and the first information processing terminal among the identification information managed by the management means The first identification information and the second information transmitted by When the second identification information transmitted by the processing terminal is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, Second transmission means for transmitting the third data and the fourth data associated with the second information processing terminal to the first information processing terminal, and the second data transmitted by the first information processing terminal; When the permission data indicating that the connection with the information processing terminal is permitted is received, and the permission data indicating that the connection with the first information processing terminal is permitted from the second information processing terminal. In this case, the information processing apparatus includes a notification unit that notifies the second information processing terminal of the first position information and notifies the first information processing terminal of the second position information.

  The management method of the present invention is a management method of a management server that manages data provided from another information processing apparatus, and is a first method for identifying the information processing terminal transmitted from the first information processing terminal. A first reception step of receiving the first identification information, the first position information indicating the position of the first information processing terminal on the network, and the first identification information and the first in the processing of the first reception step When the position information is received, the first data is generated and transmitted to the first information processing terminal, and the first data is transmitted by the processing of the first transmission step. As a result, the second reception step for receiving the second data transmitted from the first information processing terminal is associated with the first identification information, the first position information, the first data, and the second data. Management steps and management steps Among the identification information managed in the processing of the group, the first identification information transmitted by the first information processing terminal is the same as the second identification information transmitted by the second information processing terminal. The first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the third data associated with the second information processing terminal Permission indicating that the connection between the second transmission step of transmitting the data and the fourth data to the first information processing terminal and the second information processing terminal transmitted by the first information processing terminal is permitted. When data is received, and when permission data indicating permission of connection with the first information processing terminal is received from the second information processing terminal, the first position information is transmitted to the second information processing terminal. To notify the second position information to the first information processing Characterized in that it comprises a notification step of notifying the end.

  A second program of the present invention is a computer program for controlling a management server that manages data provided from another information processing apparatus, and the information processing terminal transmitted from the first information processing terminal The first reception step for receiving the first identification information for identification, the first position information representing the position of the first information processing terminal on the network, and the first reception step When the identification information and the first position information are received, the first data is generated and transmitted to the first information processing terminal, and the first data is processed by the processing of the first transmission step. Is transmitted, the second reception step of receiving the second data transmitted from the first information processing terminal, the first identification information, the first position information, the first data, and the first data Associate two data Out of the identification information managed in the management step and the management step processing, the first identification information transmitted by the first information processing terminal and the second information processing terminal When the second identification information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal and sent to the second information processing terminal. Connection between the second transmission step of transmitting the associated third data and fourth data to the first information processing terminal, and the second information processing terminal transmitted by the first information processing terminal The first location information is received when permission data indicating permission to connect to the first information processing terminal is received from the second information processing terminal. To the second information processing terminal To include a notification step of notifying the second position information to the first information processing terminal characterized.

  The program of the second recording medium of the present invention is a computer program for controlling an information processing apparatus that manages data provided from another information processing apparatus, and is transmitted from the first information processing terminal. A first reception step for receiving first identification information for identifying an information processing terminal, first position information representing the position of the first information processing terminal on the network, and processing of the first reception step When the first identification information and the first position information are received, the first transmission step of generating the first data and transmitting it to the first information processing terminal and the processing of the first transmission step When the first data is transmitted, the second reception step of receiving the second data transmitted from the first information processing terminal, the first identification information, the first position information, the first data Data and second data Of the identification step managed in association with the management step managed in association with the management step, the first identification information transmitted by the first information processing terminal and the second information processing terminal When the second identification information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the second information processing is performed. A second transmission step of transmitting third data and fourth data associated with the terminal to the first information processing terminal; a second information processing terminal transmitted by the first information processing terminal; When the permission data indicating that the connection of the first information processing terminal is permitted, and also when the permission data indicating that the connection with the first information processing terminal is permitted from the second information processing terminal, 2nd information processing of position information Notify the end, characterized in that it comprises a notification step of notifying the second position information to the first information processing terminal.

  In the electronic device of the present invention, when the information processing terminal is attached to the information processing terminal, connection information for connecting to another information processing terminal is provided. Provided.

  In the information processing system of the present invention, the information processing terminals are connected by the connection information recorded in the electronic device and are in a state in which data can be exchanged. The information processing terminal is performed using a key recorded in an electronic device attached to each terminal.

  In the information processing terminal of the present invention, the connection information recorded in the electronic device is read, and connection to another information processing terminal is performed. When the connection is made, an authentication process is performed. The supplied predetermined data is encrypted with the key recorded in the electronic device, and it is determined whether or not the encrypted data matches the data encrypted on the other information processing terminal side. Thus, the authentication process is performed.

  In the management server of the present invention, information processing terminals are connected to each other. When connecting information processing terminals, predetermined data is transmitted to the information processing terminal, a response is received, and the transmitted data and the received response are transmitted to the information processing terminal of the connection partner. . When data for permitting connection with the other party is received from each other's information processing terminal, the address information of the connection partner is transmitted to the connected information processing terminal.

  According to the present invention, it is possible to easily connect to another apparatus without bothering the user.

  According to the present invention, as a process related to connection with another apparatus, there is no (or few) processes involving the user, so that the user can easily access the other apparatus. In addition, even when data is exchanged after connection, even if the data is stolen, it is possible to exchange data that cannot be used. Therefore, safety can be improved.

  BEST MODE FOR CARRYING OUT THE INVENTION The best mode of the present invention will be described below. The correspondence relationship between the disclosed invention and the embodiments is exemplified as follows. Although there is an embodiment which is described in the specification but is not described here as corresponding to the invention, it means that the embodiment corresponds to the invention. It doesn't mean not. Conversely, even if an embodiment is described herein as corresponding to an invention, that means that the embodiment does not correspond to an invention other than the invention. Absent.

  Further, this description does not mean all the inventions described in the specification. In other words, this description is for the invention described in the specification and not claimed in this application, i.e., for the invention that will be applied for in the future or that will appear as a result of amendment and added. It does not deny existence.

  According to the present invention, an electronic device is provided. The electronic apparatus according to the present invention includes a storage unit (for example, the recording medium 21 shown in FIG. 3) that stores identification information and a key, and an identification information that is stored by the storage unit when attached to a predetermined information processing terminal. When the information processing terminal executes authentication processing with another information processing terminal, first providing means for providing the information processing terminal to the information processing terminal (for example, step S12 in FIG. 7 where the ID shown in FIG. Second providing means for providing the key stored in the storage means (for example, step S15 in FIG. 7 in which the key in FIG. 3 is provided).

  According to the present invention, an information processing system is provided. The information processing system according to the present invention is an information processing system including an information processing terminal and a management server, and the information processing terminal (for example, a client such as the VCR 3 in FIG. 1) is an electronic device that associates information processing terminals to be connected ( For example, when the recording medium 21A in FIG. 1 is loaded, a reading unit that reads the first identification information stored in the electronic device (for example, the reader 61 in FIG. 5 that executes the process of step S12 in FIG. 7). And the first identification information (for example, the ID of FIG. 3) read by the reading means, and the first position information (for example, an address) representing the position of itself on the network, and other information processing terminals The first transmission means (for example, the communication unit 64 in FIG. 5 that executes the process of step S13 in FIG. 7) that transmits to the management server that manages the connection of When first data (for example, challenge character string) is received, second data (for example, response character string) is generated from the first data using a key stored in the electronic device. The second transmission means for transmitting to the management server (for example, the communication unit 64 in FIG. 5 that executes the process of step S16 in FIG. 7), the third data on the other information processing terminal from the management server, and the fourth When data is received, generating means for generating fifth data using the key stored in the electronic device from the third data (for example, the encryption of FIG. 5 for executing the processing of step S17 of FIG. 7) 65), the fifth data generated by the generating means and the fourth data are determined to match. If they match, the management server is connected to another information processing terminal. Send permission data to allow The third transmission unit (for example, the communication unit 64 in FIG. 5 that executes the process of step S19 in FIG. 7) and the third transmission unit transmit permission data, so that When the location information of 2 is notified from the management server, based on the second location information, connection means for connecting to another information processing terminal (for example, the communication in FIG. 5 for executing the processing in step S21 in FIG. 7) And a management server (for example, the management server 1 in FIG. 1), the first receiving means for receiving the first identification information and the first position information transmitted by the first transmitting means. When the first identification information and the first position information are received by the first receiving unit (for example, the communication unit 79 of FIG. 6 that executes the process of step S41 of FIG. 8), the first data Is generated and transmitted to the information processing terminal Transmission means (for example, the communication unit 79 in FIG. 6 that executes the processing in step S42 in FIG. 8) and second reception means (for example, FIG. 8) that receives the second data transmitted by the second transmission means. 6 for executing the processing of step S44 of FIG. 6 and management means (for example, FIG. 6) that associates and manages the first identification information, the first position information, the first data, and the second data. 6 for executing the processing of steps S43 and S45 of FIG. 8, the first identification information transmitted by the information processing terminal among the identification information managed by the management means, When the second identification information transmitted by the information processing terminal is the same, the first data and the second data associated with the information processing terminal are transmitted to the other information processing terminal, and the other information Associated with a processing terminal 3 and the fourth data are transmitted by the fifth transmission means (for example, the communication unit 79 in FIG. 6 that executes the process of step S48 in FIG. 8) and the fourth transmission means. When the received permission data is received, and when permission data is also received from another information processing terminal, the first position information of the information processing terminal is notified to the other information processing terminal, and the other information processing terminal Notification means for notifying the information processing terminal of the second position information (for example, the communication unit 79 in FIG. 6 that executes the process of step S52 in FIG. 8).

  The information processing terminal of the present invention (for example, a client such as the VCR 3 in FIG. 1) is stored in the electronic device when the electronic device (for example, the recording medium 21A in FIG. 1) that associates the information processing terminals to be connected is mounted. Reading means for reading the identification information (for example, the reader 61 of FIG. 5 that executes the processing of step S12 of FIG. 7), the first identification information read by the reading means, and the position of itself on the network. First transmission means for transmitting the first position information that is represented to a management server that manages connections with other information processing terminals (for example, the communication unit 64 in FIG. 5 that executes the processing in step S13 in FIG. 7); When the first data for authentication is received from the management server, the second data is generated from the first data using the key stored in the electronic device and sent to the management server. The second transmission means (for example, the communication unit 64 in FIG. 5 that executes the process of step S16 in FIG. 7) and the third data and the fourth data related to other information processing terminals are received from the management server. A generating means for generating fifth data from the third data using the key stored in the electronic device (for example, the encryption unit 65 in FIG. 5 for executing the processing in step S17 in FIG. 7); And determining whether the fifth data generated by the generating unit and the fourth data match, and if it is determined that they match, the management server is permitted to connect to another information processing terminal. The third transmission means for transmitting the permission data (for example, the communication unit 64 in FIG. 5 that executes the process of step S19 in FIG. 7) and the third transmission means transmit the permission data, thereby providing other information. Second location information of processing terminal Is notified from the management server, based on the second position information, connection means for connecting to another information processing terminal (for example, the communication control unit 62 in FIG. 5 that executes the process of step S21 in FIG. 7). With.

  According to the present invention, an information processing method is provided. The information processing method of the present invention executes a reading step of reading identification information stored in an electronic device (for example, the process of step S12 in FIG. 7) when an electronic device that associates information processing terminals to be connected is mounted. The management server that manages the connection with other information processing terminals, the reader 61) of FIG. 5, the first identification information read by the reading step, and the first position information representing the position of itself on the network When the first transmission step (for example, the communication unit 64 in FIG. 5 that executes the process of step S13 in FIG. 7) and the first data for authentication are received from the management server, the first data is transmitted. From the second transmission step (for example, the processing of step S16 in FIG. 7 is performed) by generating second data using a key stored in the electronic device and transmitting the second data to the management server. When the third data and the fourth data related to the other information processing terminal are received from the communication server 64) of FIG. 5 and the management server, the key stored in the electronic device is used from the third data. Generation step (for example, the encryption unit 65 of FIG. 5 that executes the process of step S17 of FIG. 7), the fifth data generated by the process of the generation step, A third transmission step for transmitting permission data for permitting connection with another information processing terminal to the management server (for example, as shown in FIG. 7) is determined. The communication unit 64 in FIG. 5 that executes the process of step S19 and the permission data are transmitted in the process of the third transmission step, so that the management server notifies the second position information of the other information processing terminal. The first Based on the position information, and a connection step of connecting to the another information processing terminal (e.g., the communication control unit 62 of FIG. 5 which executes a process at step S21 in FIG. 7).

  According to the present invention, a first program is provided. The first program of the present invention performs a reading step of reading identification information stored in an electronic device (for example, executing the processing of step S12 in FIG. 7) when an electronic device that associates information processing terminals to be connected is mounted. 5 for managing the connection with other information processing terminals, the first identification information read in the reading step, and the first position information representing the position of itself on the network. When the first transmission step to be transmitted to the server (for example, the communication unit 64 in FIG. 5 that executes the processing of step S13 in FIG. 7) and the first data for authentication from the management server are received, the first A second transmission step of generating second data from the data using a key stored in the electronic device and transmitting the second data to the management server (for example, the process of step S16 in FIG. 7) When the third data and the fourth data related to the other information processing terminal are received from the communication unit 64) of FIG. 5 to be executed and the management server, the key stored in the electronic device is obtained from the third data. A generation step (for example, the encryption unit 65 in FIG. 5 that executes the process of step S17 in FIG. 7), the fifth data generated in the generation step, A third transmission step of transmitting permission data for permitting connection with another information processing terminal to the management server (for example, FIG. 7). The communication unit 64 in FIG. 5 that executes the process of step S19 and the permission data is transmitted in the process of the third transmission step, so that the second position information of the other information processing terminal is notified from the management server. When it has been Based on the second position information, and a connection step of connecting to the another information processing terminal (e.g., the communication control unit 62 of FIG. 5 which executes a process at step S21 in FIG. 7).

  This first program can be recorded on a first recording medium.

  According to the present invention, a management server is provided. The management server of the present invention (for example, the management server 1 in FIG. 1) transmits the first identification information for identifying the information processing terminal transmitted from the first information processing terminal, and the first information on the network. The first receiving means for receiving the first position information representing the position of the information processing terminal (for example, the communication unit 79 in FIG. 6 for executing the process of step S41 in FIG. 8) and the first receiving means When 1 identification information and 1st position information are received, the 1st transmission means which generates the 1st data and transmits to the 1st information processing terminal (for example, processing of Step S42 of Drawing 8 is performed) 6 and the second receiving means for receiving the second data transmitted from the first information processing terminal by transmitting the first data by the first transmitting means (FIG. 6). For example, the process of step S44 in FIG. 8 is executed. 6 is associated with the first identification information, the first position information, the first data, and the second data (for example, processing in steps S43 and S45 in FIG. 8). 6, and the first identification information transmitted by the first information processing terminal among the identification information managed by the management means, and the second information processing terminal When the transmitted second identification information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the second data Second transmission means for transmitting the third data and the fourth data associated with the information processing terminal to the first information processing terminal (for example, the communication in FIG. 6 for executing the processing in step S48 in FIG. 8). Part 79) and the first information processing terminal Permission indicating that permission to connect to the second information processing terminal is received, and permission from the second information processing terminal to permit connection to the first information processing terminal When the data is received, the first position information is notified to the second information processing terminal, and the second position information is notified to the first information processing terminal (for example, the process of step S52 in FIG. 8 is performed). 6 to be executed.

  According to the present invention, a management method is provided. The management method of the present invention includes a first identification information for identifying the information processing terminal transmitted from the first information processing terminal, and a first information representing the position of the first information processing terminal on the network. When the first identification information and the first position information are received in the first receiving step (for example, step S41 in FIG. 8) for receiving the position information and the processing of the first receiving step, A first transmission step (for example, step S42 in FIG. 8) for generating data and transmitting it to the first information processing terminal, and the first data being transmitted in the processing of the first transmission step, A second reception step of receiving second data transmitted from one information processing terminal (for example, step S44 in FIG. 8), first identification information, first position information, first data, and Associate and manage second data Management steps (for example, steps S43 and S45 in FIG. 8), and the first identification information transmitted by the first information processing terminal among the identification information managed in the process of the management step, When the second identification information transmitted by the two information processing terminals is the same, the first data and the second data associated with the first information processing terminal are sent to the second information processing terminal. A second transmission step of transmitting the third data and the fourth data associated with the second information processing terminal to the first information processing terminal (for example, step S48 in FIG. 8); When permission data indicating permission to connect to the second information processing terminal transmitted from the first information processing terminal is received, and from the second information processing terminal to the first information processing terminal Indicates that the connection is allowed When the acceptable data is received, a notification step of notifying the first information processing terminal of the first position information and notifying the first information processing terminal of the second position information (for example, step S52 of FIG. 8 (for example, , And step S52) of FIG.

  According to the present invention, a second program is provided. The second program of the present invention is the first identification information for identifying the information processing terminal transmitted from the first information processing terminal and the first information representing the position of the first information processing terminal on the network. When the first identification information and the first position information are received in the first reception step (for example, step S41 in FIG. 8) for receiving the first position information and the processing of the first reception step, 1st data is generated and transmitted to the first information processing terminal (for example, step S42 in FIG. 8), and the first data is transmitted in the process of the first transmission step. A second reception step (for example, step S44 in FIG. 8) for receiving the second data transmitted from the first information processing terminal, the first identification information, the first position information, and the first data , And associate the second data Management steps (for example, steps S43 and S45 in FIG. 8) and the first identification information transmitted by the first information processing terminal among the identification information managed in the processing of the management step When the second identification information transmitted by the second information processing terminal is the same, the first data and the second data associated with the first information processing terminal are converted into the second information processing. A second transmission step of transmitting the third data and the fourth data transmitted to the terminal and associated with the second information processing terminal to the first information processing terminal (for example, step S48 in FIG. 8). And permission data indicating permission to connect to the second information processing terminal transmitted from the first information processing terminal, and the first information processing terminal also from the second information processing terminal Allow connection with When the permission data indicating is received, a notification step of notifying the first information processing terminal of the first position information and notifying the first information processing terminal of the second position information (for example, step S52 in FIG. 8). (For example, step S52 in FIG. 8).

  This second program can be recorded on a second recording medium.

  Embodiments of the present invention will be described below with reference to the drawings.

  FIG. 1 is a diagram showing a concept of a communication system to which the present invention is applied. The management server 1 manages the connection of devices connected to the network 2. For example, when the recording medium 21 </ b> A and the recording medium 21 </ b> B are inserted into the VCR (Video Cassette Recorder) 3 and the television receiver 5, respectively. As indicated by the alternate long and short dash line, the VCR 3 and the television receiver 5 are connected. The network 2 is configured by, for example, a wireless LAN (Local Area Network) such as Ethernet (R), IEEE (Institute of Electrical and Electronics Engineers) 802.11a, 802.11b, or the like.

  Thereby, for example, the video reproduced by the VCR 3 is transmitted to the television receiver 5 via the network 2 and displayed on the television receiver 5.

  In addition, when the recording medium 22A is inserted into the game machine 6 and the recording medium 22B is inserted into the projector 7, the management server 1 establishes a connection between these devices as indicated by a one-dot chain line, The reproduced image of the machine 6 is displayed on the projector 7.

  In this example, the recording medium 21A and the recording medium 21B, and the recording medium 22A and the recording medium 22B are in pairs. In the following description, the recording medium 21A and the recording medium 21B, and the recording medium 22A and the recording medium 22B are described as the recording medium 21 as a representative when it is not necessary to individually distinguish them.

  The user can identify each pair by confirming a predetermined portion of each recording medium 21 (for example, a side surface visible to the user when inserted in a predetermined device).

  The data (information) recorded on the recording medium 21 configured as a pair will be described below on the assumption that it is recorded on the recording medium 21 by the management server 1. May be provided on the network 2.

  A personal computer 4 is also connected to the network 2, and the user can connect the recording medium 21A and the recording medium 21B, and the recording medium 22A and the recording medium 22B by simply replacing the recording medium 21A and the recording medium 22B without setting an address or the like. The device can be changed (hereinafter, when it is not necessary to individually distinguish the VCR 3 to the projector 7 connected to the network 2, they are appropriately called clients).

  FIG. 2 is a diagram illustrating an example of the appearance of the recording medium 21. As shown in FIG. 2, the recording medium 21 </ b> A is basically provided with an identification unit 31 that can be visually recognized by a user in a part of the main body. The same mark (figure, character, diagonal line) is drawn on the identification unit 31A of the recording medium 21A and the identification unit 31B of the recording medium 21B, and the recording medium 21A and the recording medium 21B are paired by the user. That is, it can be confirmed at a glance that the device in which the recording medium 21A and the recording medium 21B are inserted is connected via the network 2.

  Similarly, the same mark is drawn on the identification unit 32A of the recording medium 22A and the identification unit 32B of the recording medium 22B, and the user makes a pair of the recording medium 22A and the recording medium 22B. It is configured to be able to confirm at a glance that a device into which the recording medium 22A and the recording medium 22B are inserted is connected via the network 2.

  As described above, the recording media 21 and 22 configured in pairs are configured so that the user can confirm at a glance that the recording media 21 and 22 are in pairs.

  The identification units 31 and 32 are provided as an example. For example, the colors of the recording media 21 and 22 themselves may be the same color between the paired recording media. It may be possible to recognize that the recording medium is a pair.

  The recording medium 21 itself is configured to provide stored identification information to the client when it is inserted into an insertion portion provided at a predetermined position of the client (VCR 3 to projector 7). As the identification information, an ID is recorded as shown in FIG. The recording medium 21 also records a key for encrypting data used in the authentication process. Details of the authentication process and data used for the authentication process will be described later.

  The same ID is recorded on the recording medium 21A and the recording medium 21B, and the same ID (however, an ID different from the recording medium 21) is recorded on the recording medium 22A and the recording medium 22B. Thus, the IDs recorded on the paired recording media are the same, and the other pairs of recording media are different IDs.

  When the ID is read by the client and notified, the management server 1 confirms the ID, thereby finally connecting the recording medium 21A and the client into which the recording medium 21B is inserted. be able to.

  4A is a perspective view illustrating an example of the appearance of the VCR 3, and FIG. 4B is a perspective view illustrating an example of the appearance of the television receiver 5. As illustrated in FIG.

  As shown in FIG. 4A, a recording medium insertion portion 42 is provided on the lower right side of the front surface 3A where the cassette insertion portion 41 is provided. For example, the recording medium 21A can be attached and detached. In the vicinity of the recording medium insertion portion 42, a reader for reading the ID from the inserted recording medium 21A is provided.

  Further, as shown in FIG. 4B, a recording medium insertion unit 52 is provided at the lower right of the surface 5A of the television receiver 5 provided with the display unit 51, like the VCR 3, for example, The recording medium 21B can be attached and detached. A reader that reads an ID from the inserted recording medium 21 </ b> B is also provided in the vicinity of the recording medium insertion unit 52.

  Note that the recording medium insertion unit 52 and the like may be provided in each device as a dedicated part for inserting the recording medium 21, or may be shared with other parts. For example, in recent years, the television receiver 5 has a part that can be directly inserted into a recording medium on which data of an image taken by a digital camera (not shown) is recorded, and the data is read from the recording medium. Some of them have a function of projecting an image based on data, but a part into which such a recording medium is inserted may be used as the recording medium insertion unit 52.

  When the user changes the connection destination of the client, the user removes the recording medium inserted in the recording medium insertion section provided at a predetermined position and inserts it in the recording medium insertion section of the client to be newly connected.

  FIG. 5 is a diagram illustrating a configuration example of a client, and such a configuration is provided in each client illustrated in FIG.

  For example, when the recording medium 21 </ b> A is inserted into a recording medium insertion unit provided in the vicinity, the reader 61 reads the ID recorded on the recording medium 21 </ b> A and outputs it to the communication control unit 62. Further, the reader 61 notifies the communication control unit 62 when the inserted recording medium 21A is removed.

  The communication control unit 62 transmits, for example, the ID notified from the reader 61 to the management server 1 via the communication unit 64 and the network 2 based on an instruction from the control unit 63 that controls the overall operation of the client. To do. The communication control unit 62 transmits data supplied from the control unit 63 to other clients via the communication unit 64 and the like, and appropriately transmits data transmitted from other clients to the control unit 63. Output.

  For example, when the configuration shown in FIG. 5 is provided in the VCR 3 and the VCR 3 and the television receiver 5 are connected, the communication control unit 62 transmits the video data and audio data supplied from the control unit 63 to the television. To the John receiver 5.

  When the projector 7 has the configuration shown in FIG. 5 and the projector 7 and the game machine 6 are connected, the communication control unit 62 receives the video data and audio data of the game supplied from the communication unit 64. Is output to the control unit 63.

  The control unit 63 controls the overall operation of the client. For example, when the configuration shown in FIG. 5 is provided in the VCR 3, the control unit 63 controls the operation of the head (not shown) and the like and is recorded in the cassette loaded. The video data and audio data being read out are read out and output to the communication control unit 62.

  When the projector 7 has the configuration shown in FIG. 5, the control unit 63 outputs the video data supplied from the communication control unit 62 to a playback unit (not shown), displays the video, The supplied audio data is output to a reproduction unit (not shown), and the sound is output from the speaker.

  The communication unit 64 is connected to the network 2 and transmits the data supplied from the communication control unit 62 to other clients and the management server 1. Further, the communication unit 64 receives data transmitted from another client or the like and outputs it to the communication control unit 62.

  The encryption unit 65 performs encryption under the control of the control unit 63. Although this encryption will be described later, it is performed when authentication processing is required. Further, data encrypted by the encryption unit 65 (which will be described below, a response character string) is stored in the storage unit 66 as necessary.

  FIG. 6 is a block diagram illustrating a configuration example of the management server 1.

  A CPU (Central Processing Unit) 71 executes various processes according to a program stored in a ROM (Read Only Memory) 72 or a program loaded from a storage unit 78 to a RAM (Random Access Memory) 73. The RAM 73 also appropriately stores data necessary for the CPU 71 to execute various processes.

  The CPU 71, ROM 72, and RAM 73 are connected to each other via a bus 74. An input / output interface 75 is also connected to the bus 74.

  The input / output interface 75 includes an input unit 76 including a keyboard and a mouse, a display including a CRT (Cathode Ray Tube) and an LCD (Liquid Crystal Display), an output unit 77 including a speaker, and a hard disk. A storage unit 78 and a communication unit 79 are connected.

  The memory | storage part 78 memorize | stores the various applications used by CPU71, and provides a predetermined application to CPU71 as needed. Further, the storage unit 78 generates and stores a list for managing clients connected via the network 2 based on an instruction from the CPU 71.

  The communication unit 79 performs communication via the network 2 and, for example, when the VCR 3 notifies that the recording medium 21A has been inserted, outputs it to the storage unit 78 or the like.

  A drive 80 is connected to the input / output interface 75 as necessary, and a magnetic disk 81, an optical disk 82, a magneto-optical disk 83, a semiconductor memory 84, or the like is appropriately mounted, and a computer program read from the drive is required. Is installed in the storage unit 78 according to the above.

  Next, the operation of the communication system of FIG. 1 will be described.

  First, with reference to the flowchart of FIG. 7, the processing of a predetermined client connected to another client, for example, the VCR 3 will be described.

  In step S11, the reader 61 of the VCR 3 determines whether or not the recording medium 21 has been inserted into the recording medium insertion unit 42 (whether or not the ID has been read from the recording medium), and waits until it is determined that the recording medium has been inserted. Maintain state.

  For example, when the user inserts the recording medium 21A into the recording medium insertion unit 42, the reader 61 proceeds to step S12, and reads the ID stored in the recording medium 21A. The ID read by the reader 61 is notified to the communication control unit 62. The ID may be provided in an encrypted state by a predetermined method.

  In step S13, the communication control unit 62 notifies the management server 1 of the read ID, the address set in the VCR 3, and the name used to identify the VCR 3 (here, VCR 3). As a result of notifying the management server 1 of such data, a predetermined character string (hereinafter referred to as a challenge character string) is transmitted from the management server 1. The communication unit 64 receives the transmitted challenge character string as the process of step S14.

  The challenge character string received by the communication unit 64 is supplied to the control unit 63 under the control of the communication control unit 62. When determining that the challenge character string has been supplied, the control unit 63 instructs the reader 61 to read the key from the recording medium 21A in step S15. As a result, the key read from the recording medium 21 </ b> A by the reader 61 is supplied to the control unit 63.

  The control unit 63 supplies the supplied key to the encryption unit 65. A challenge character string is also supplied to the encryption unit 65. In step S16, the encryption unit 65 encrypts the challenge character string with the key. Here, the encrypted challenge character string is described as a response character string. The response character string generated by the encryption unit 65 is transmitted to the management server 1.

  Add a description about the generation of response strings. For example, if the received challenge character string is “<challenge>” and the key is “6b01abe02394be93b3e92ef172cad5”, this challenge character string is combined with the key, and the character string “<challenge> 6b01abe02394be93b3e92ef172cad5” is the response character. A column. Since the key is recorded on the recording medium 21, the length thereof can be made extremely long as long as it is basically within the capacity of the recording medium 21.

  However, in a response string that is simply a combination of a challenge string and a key, if the response string is stolen, it is possible to guess the key relatively easily, no matter how long the key is. Inferred keys can be misused. Therefore, after combining the challenge character string and the key, for example, MD5 (Message Digest algorithm 5) hash function is applied, and the character string “0ce092a2d830bc088008f58053db6ba0”, which represents the result as a hexadecimal character string, is set as the response character string. You may make it do.

  In this way, if the response character string is generated using a predetermined encryption method, even if the response character string is stolen, the key is inferred from the stolen response character string. It becomes possible to prevent this.

  The response character string generated in this way is associated with the challenge character string from which the response character string is based, or only one of them is stored in the storage unit 66 or the recording medium 21A inserted in the VTR 3. It may be recorded. In addition, when such information is stored, information such as the transmission time may be stored together.

  After the response character string is transmitted to the management server 1 in this way, the VTR 3 executes processing such as whether or not there is a connection partner, and if so, starts connection. In step S17, it is determined whether or not a response character string of another client (in this case, a television receiver 5 other than the VTR 3) has been notified from the management server 1.

  Detailed processing of the management server 1 will be described with reference to the flowchart of FIG. 8. The management server 1 transmits the challenge character string transmitted, the response character string as a response from the client that transmitted the challenge character string, The client ID is managed in association with each other. Then, when such information is transmitted from a new client (a client not yet managed), the management server 1 determines whether or not the same ID as the ID included in the information is already managed. To do.

  If the management server 1 determines that there is the same ID, the management server 1 transmits a challenge character string and a response character string associated with the ID to the new client.

  In this case, the VTR 3 transmits an ID, an address, and a response character string as the processing of step S13 and step S16. Therefore, in this case, the management server 1 recognizes the VTR 3 as a new client. A client having the same ID (ID recorded in the recording medium 21B in this case) as the ID transmitted by the VTR 3 (ID recorded in the recording medium 21A) is already registered on the management server 1 side. If so, a challenge character string and a response character string associated with the client are transmitted to the VTR 3.

  In step S17, it is determined whether the challenge character string and the response character string have been transmitted through such processing. If it is determined in step S17 that a challenge character string and a response character string related to another client have been transmitted, the process proceeds to step S18.

  In step S18, the VTR 3 determines whether or not the received response character string matches the challenge character string (resulting response character string) encrypted with the key it has.

  The control unit 63 of the VTR 3 receives the challenge character string and the response character string (referred to as response character string A) from the management server 1. First, the challenge character string received by the encryption unit 65 is stored in the recording medium. It is encrypted with the key read from 21A. That is, a response character string (referred to as response character string B) is generated. It is determined whether or not the generated response character string B matches the received response character string A.

  The management server 1 transmits a challenge character string and a response character string only to clients whose IDs match. When the IDs match, it means that the keys recorded on the recording medium on which the IDs are recorded are the same. Therefore, if the same challenge character string is encrypted with the same key, the same response character string is generated.

  Using such a thing, the control unit 63 determines whether or not the received response character string A matches the response character string B generated from the received challenge character string in step S18. An authentication process is performed to determine whether or not the previous client is a valid client.

  By executing such an authentication process, it is possible to prevent the inconvenience of connecting to a spoofed client (a client operated by a user with some malicious intention) and stealing data exchanged after the connection.

  Further, by applying the present invention, when connecting a plurality of clients, the user can simply insert the recording medium 21 into the client to which the recording medium 21 is to be connected, and not only can connect the clients easily, Security after connection can be improved.

  Returning to the description of the flowchart of FIG. 7, if it is determined in step S18 that the received response character string A matches the response character string B generated from the received challenge character string, in other words, the authentication process is successful. If it is determined that the process has been performed, the process proceeds to step S19. In step S <b> 19, data indicating connection permission is transmitted to the transmission management server 1.

  When the authentication process is normally performed, data indicating connection permission may be transmitted at all times, but before transmitting such data, it is determined whether or not there is a user instruction (permission), It may be transmitted only when it is permitted. In such a case, for example, when a message such as “There is a client that can be connected but do you want to connect?” Is presented to the user, and as a result, the user is instructed to connect, the step As processing in S19, data indicating connection permission is transmitted.

  When data indicating connection permission is transmitted in the process of step S19, the process proceeds to step S20. To connect with another client, the address of the client to which it is connected is required. The address is transmitted from the management server 1. In step S <b> 20, it is determined whether the management server 1 has notified the address of another client (connection destination client).

  Basically, when data indicating connection permission is transmitted as the process of step S19, as a result, the address of the client that is the connection destination is notified. The processing of the flowchart as shown in FIG. 7 is executed, and as a result, there is a possibility that connection permission is not issued. If the client at the connection destination does not give permission for connection, the address of the client will not be notified. Also, there is a possibility that the address of the client that is the connection destination is not notified due to some error.

  Therefore, in step S20, it is determined whether the address of another client (any one of the personal computer 4 to the projector 7) has been notified. In step S20, when the communication control unit 62 determines that the address of another client has been notified, the communication control unit 62 proceeds to step S21 and manages the notified address as the address of the client connected via the network 2 (for example, Storage unit 78 (FIG. 6)), and starts connection processing to the client.

  For example, if the address of the television receiver 5 is already registered on the management server 1 side before the VCR 3 is registered, the address of the television receiver 5 is notified from the management server 1. . And the communication control part 62 performs the process for connecting with the television receiver 5 based on the notified address.

  In step S22, the communication control unit 62 determines whether or not the address of the client requesting to end the connection has been notified from the management server 1, and if it is determined that the notification has been received, the communication control unit 62 proceeds to step S23. Proceed and terminate the connection with the client.

  For example, when the recording medium 21B is removed from the television receiver 5 and notified to the management server 1, the information of the television receiver 5 is deleted from the list managed by the management server 1, and as a result, Data indicating termination of connection is notified to the VCR 3. Thereby, the connection between the VCR 3 and the television receiver 5 is terminated.

  On the other hand, if the communication control unit 62 determines in step S22 that the management server 1 has not been notified of the address of the client that terminates the connection, the process skips step S23 and proceeds to step S24.

  In the process of step S24, when it is determined in step S17 that the challenge character string and the response character string of another client have not been notified from the management server 1, the address of the other client is notified in step S20. It also comes when it is judged that it has not come.

  In step S24, the reader 61 determines whether or not the recording medium 21A has been removed from the recording medium insertion unit 42. If it is determined that the recording medium 21A has not been removed, the process returns to step S17, and the subsequent processing. Is repeated.

  It is to be noted that a so-called timeout is set in which the connection is terminated after a predetermined time elapses, and as a process in step S24, a determination is made as to whether or not the recording medium 21A has been removed, and the client that has been disconnected due to the timeout It may be determined whether or not there is.

  When the timeout is set, information such as an ID read by the reader 61 is notified to the management server 1 at a predetermined cycle. In addition, when a reason other than “the recording medium 21A has been removed” occurs, such as when the network is physically disconnected by setting a timeout, the connection is terminated due to the timeout. Become.

  For example, when the user changes the input to the television receiver 5 to one that is output from the personal computer 4, the user removes the recording medium 21 </ b> A inserted in the VCR 3 and inserts it into the insertion portion of the personal computer 4. Replace.

  If the reader 61 determines in step S24 that the recording medium 21A has been removed, the reader 61 notifies the communication control unit 62 of the removal. When the communication controller 62 is notified from the reader 61 that the recording medium 21A has been removed, in step S25, the communication control unit 62 notifies the management server 1 that the recording medium 21A has been removed.

  If the communication control unit 62 is currently connected to another client in step S26, the communication control unit 62 ends the connection with the client. Thereafter, the above processing is repeatedly executed.

  Such processing is also executed in clients other than the VCR 3, and the clients into which the recording medium 21 having the same ID is inserted are connected.

  Next, processing of the management server 1 executed corresponding to the processing of FIG. 7 will be described with reference to the flowchart of FIG.

  In step S41, the CPU 71 (FIG. 6) of the management server 1 confirms the information received by the communication unit 79, and determines whether an ID or the like has been notified from any client. The notification of the ID or the like from the client means that the recording medium 21 has been inserted on the client side, and a new request has been issued for the management server 1 to register itself. Means that.

  The data received by the communication unit 79 in step S41 is the ID, address, and name transmitted from the client as the process of step S13 (FIG. 7).

  If the CPU 71 determines in step S41 that no ID or the like has been notified, it skips the processing of steps S42 to S46 described later, and proceeds to step S47.

  On the other hand, if it is determined in step S41 that an ID or the like has been notified, the process proceeds to step S42. In step S42, the CPU 71 generates a challenge character string. For example, a random number is generated and the challenge character string is generated using the random number. The challenge character string is, for example, about several bytes to several tens of bytes. The generated challenge character string is transmitted to the client side based on the notified address.

  In step S <b> 43, the CPU 71 registers the notified ID, address, name, and generated challenge character string in a list stored in the storage unit 78.

  As described above, when the challenge character string is transmitted, the client generates a response character string and transmits it to the management server 1. Therefore, if no error such as a communication error occurs after the management server 1 transmits the challenge character string, a response character string is returned. Accordingly, in step S44, it is determined whether or not a response character string has been received. In step S44, when it is determined that the response character string has been received, the response character string is also registered in the list in association with the corresponding challenge character string or the like registered previously.

  FIG. 9 is a diagram illustrating an example of a list. In the list stored and managed in the storage unit 78 of the management server 1, the ID, address, name, challenge character string, and response character string of a predetermined client are registered in association with each other as described above. Has been. For example, in the information shown in the first line in the list shown in FIG. 9, the address of the client whose ID is “0001” is “255.255.255.254”, and its name is “ VCR3 ″ is shown.

  Then, it is shown that “abcde” is generated and transmitted as a challenge character string to the client that has transmitted such an ID, address, and name. Furthermore, it is shown that a response character string “a′b′c′d′e ′” has been notified in response to such a challenge character string “abcde”.

  In this way, IDs, addresses, names, challenge character strings, and response character strings are managed in association with each other in the list. Information managed in these lists is added or deleted as appropriate. Further, the list shown in FIG. 9 is an example. For example, information such as registered time may be managed together with other information. In the following description, a client registered in the list is appropriately described as an entry.

  Returning to the description of the flowchart of FIG. 8, when the process in step S45 is completed, the process proceeds to step S46.

  The process may proceed to step S46 in some cases where YES is determined in the process of step S47. Therefore, the process of step S47 will be described before the description of the process of step S46. The process proceeds to step S47 when it is determined that there is no registration request in step S41, or when it is determined in step S44 that no response character string has been received.

  In step S47, it is determined whether there has been an inquiry from a predetermined client as to whether another client having the same ID has been entered. If it is determined in step S47 that an inquiry has been made, the process proceeds to step S46. If it is determined that no inquiry has been made, the process proceeds to step S49.

  In step S46, it is determined whether or not there is another entry having the same ID, and if it exists, whether or not a response character string has already been registered in that entry. In step S46, it is first determined whether or not the same ID exists. The ID to be processed is the ID corresponding to the entry in which the response character string is newly registered in step S45. Or, in step S47, it is the ID of the client that made an inquiry at some timing regardless of whether it has already been registered.

  When it is determined that the same ID exists in the list, it is determined whether or not a response character string is registered in an entry corresponding to the ID. It is assumed that such a determination is made immediately after the challenge character string is transmitted, and there is a situation in which there is an entry of a client for which the response character string has not yet been received. Make such decisions as well.

  In step S46, when it is determined that there is an entry having the same ID as the ID to be processed and a response character string has already been registered in the entry, in other words, If it is determined that there is a target client, the process proceeds to step S48. If no such determination is made, the process proceeds to step S49.

  In step S48, the challenge character string and response character string of the entry determined to exist in the process in step S46 are read and transmitted. The challenge character string and the response character string transmitted in this way are received by the client side as the process of step S17 (FIG. 7).

  As described above, in this embodiment, even if it is determined that there is a client to be a connection destination on the management server 1 side, the address of the connection destination client is immediately transmitted. Instead, an authentication process for determining whether or not the connection is valid is executed, and the address is transmitted after the authentication process is correctly performed.

  On the other hand, in step S49, since the client at the connection destination does not exist at that time, the client having the ID to be processed is maintained so as to maintain the state at that time, that is, waiting. Give instructions as you do.

  When the process of step S48 or step S49 is completed, the process proceeds to step S50. In step S50, it is determined whether or not there is a response from the predetermined client to approve the connection. This process is a process corresponding to what the client side executed as the process in step S19. In addition, the processing in step S19 is executed on the client side as a result of the processing in step S48 being executed on the management server 1 side.

  If it is determined in step S50 that a response for approving the connection has been received from the predetermined client, the process proceeds to step S51. In step S51, it is determined whether or not there is a reply that approves the connection from the client that has responded when the connection is approved and the client on the other side connected to the client.

  For example, in step S50, if the VCR 3 sends a reply that approves the connection with the television receiver 5, has the TV receiver 5 sent a reply that approves the connection with the VCR 3 in step S51? It is determined whether or not.

  If it is determined in step S51 that there is a response from the partner client to approve the connection, the process proceeds to step S52. In step S52, the connection destination address is transmitted to both of the connected clients.

  For example, when the VCR 3 and the television receiver 5 are connected, the address of the television receiver 5 is transmitted to the VCR 3 and the address of the VCR 3 is transmitted to the television receiver 5. The address transmitted in this manner is received and processed as steps S20 and S21 of each client, whereby the clients are connected to each other and can exchange data.

  The management server 1 advances the process to step S53 after transmitting the address as the process in step S52, or when it is determined in the processes in the respective steps of steps S50 and 51 that a reply rejecting the connection has been received. .

  In step S53, the CPU 71 determines whether or not the client has notified that the recording medium 21 has been removed. If the CPU 71 determines that the client has notified that the recording medium 21 has been removed, step 71 is performed. Proceeding to S54, the entry corresponding to the client subjected to the determination is deleted from the list. As a result of such deletion, only the clients that can be connected are always entered in the list.

  When the client that has notified that the recording medium has been removed is connected to another client, the CPU 71 terminates the connection to the connected client (recording medium). The address of the client that has notified that has been removed. As a result, the connection between the connected clients is released.

  On the other hand, if it is determined in step S53 that no client has notified that the recording medium has been removed, the process proceeds to step S55. In step S55, it is determined whether there is a request for confirmation of the connection partner from a predetermined client. Such a request is issued from the client side when, for example, some inconvenience occurs, such as a response not being returned from the connection destination. Or, it is periodically determined that the client at the connection destination is valid (for example, when the power is turned off and data cannot be exchanged). For example).

  If it is determined in step S55 that there has been a request for confirmation of the connection partner, the process proceeds to step S56. In step S56, the list is confirmed, and the confirmation result is transmitted to the requesting client. The confirmation result transmitted is data indicating whether or not the connection is valid.

  Such processing is repeatedly performed on the management server 1 side.

  By performing the processing as described above on the client side and the management server 1 side, the user can easily and quickly communicate by simply replacing the recording medium 21. Further, it is possible to easily grasp the connected client only by confirming the identification unit 31 of the inserted recording medium 21.

  In addition, authentication processing is performed before the clients are actually connected, and the address of each client flows from the management server 1 to the network 2 unless the authentication processing is normally performed. Therefore, it is possible to prevent the address of a client trying to connect illegally from being stolen. Therefore, it is possible to prevent data exchange after connection from being performed with an unauthorized client.

  Since the authentication data transmitted to the management server 1 side is encrypted with a key (a response character string), the management server 1 does not require any key information and can communicate between clients. Since only relaying is performed, key information is not leaked from the management server 1, and a device that has not acquired an accurate key (an unauthorized device) is used for authentication processing. Even if the response character string being obtained is acquired by some means, it is possible to prevent an illegal act such that the key can be acquired from that means.

  For example, when the user inserts the recording medium 21 </ b> A into the personal computer 4 and inserts the recording medium 21 </ b> B into a printer (not shown), the personal computer 4 is connected to the printer notified from the management server 1 by the processing described above. Based on the address, it confirms that the connected client is a printer, and transmits data to be printed out to the printer.

  In addition, since it is assumed that authentication processing is normally performed and communication permission is issued from each other's client before such printout is executed, the printer connected by impersonation etc. It is possible to prevent a printout from being executed.

  After a normal printout, a function may be provided in which the address notified from the management server 1 is registered in the personal computer 4 as the address of the printer used as a standard.

  In the above-described embodiment, an example in which two clients are connected has been described. However, the connection is not limited to two clients. The above clients may be connected. Even when a plurality of clients are connected, if there are a plurality of recording media in which the same ID and key are recorded, the above processing can be basically repeated. Is possible.

  In the above description, the case where the management server 1 exists on the network 2 has been described. However, as shown in FIG. 10, even when the management server 1 does not exist, the user only needs to replace the recording medium. Clients can be connected.

  When the management server 1 does not exist as shown in FIG. 10, for example, when the recording medium 21A is inserted, the personal computer 4 reads the ID and broadcasts the read ID and address to all devices (clients). , A device in which the recording medium 21B having the same ID is inserted is detected.

  For example, when a recording medium 21B set with the same ID as that of the recording medium 21A is inserted in the television receiver 5, the television receiver 5 responds to detection from the personal computer 4, and the personal computer 4 Notify your own address.

  Communication is established between the devices whose addresses are exchanged.

  Detailed processing performed in such a client will be described. With reference to the flowchart of FIG. 11, the process of each client which comprises the communication system of FIG. 10 is demonstrated. In this example, processing of the personal computer 4 as a client will be described.

  In step S <b> 71, the reader 61 of the personal computer 4 determines whether or not the recording medium 21 </ b> A has been inserted into a recording medium insertion unit (for example, a drive) of the personal computer 4. For example, when the reader 61 determines that the recording medium 21A has been inserted, the reader 61 proceeds to step S72 and reads the ID from the recording medium 21A.

  When the ID is notified from the reader 61, the communication control unit 62 broadcasts its own address and the ID of the recording medium 21A in step S73, and the recording medium 21B having the same ID is inserted in step S74. Detected clients (clients that can be connected).

  In step S74, since there is no client in which the recording medium 21B in which the same ID is recorded is inserted, when it is determined that there is no connectable client, the process returns to step S71, and the subsequent processing is repeated. The process may be returned to step S71, but the process may return to step S73, and the ID and address may be broadcast again after a predetermined time has elapsed. Alternatively, the process of step S74 may be repeated again, and the standby state may be maintained until a connectable client is detected.

  On the other hand, if it is determined in step S74 that a client in which the recording medium 21B in which the same ID is recorded is detected, the process proceeds to step S75, and the address transmitted from the client is received.

  In step S76, the control unit 63 generates a challenge character string. The challenge character string is generated using, for example, a random number as in the case where the management server 1 described above generates a challenge character string as the process of step S42 (FIG. 8).

  In step S77, the key recorded on the recording medium 21A is read. The read key is used, and the generated challenge character string is encrypted and a response character string is generated as processing in step S78. The generated response character string is transmitted to the client that has transmitted the address by the communication unit 64 together with the generated challenge character string.

  When the management server 1 does not exist in this way, each client generates a challenge character string and a response character string and transmits them to the client to be connected. The processing after step S79 is basically the same as the processing after step S17 in the flowchart shown in FIG. However, in the process in the flowchart shown in FIG. 7, the process performed with the management server 1 as the partner is the process performed on the connection destination client in the process in the flowchart shown in FIG. 11.

  When the recording medium 21 having the same ID is inserted in a plurality of clients and these clients are detected, all the detected clients are presented to the user and the client to be connected is selected. Also good.

  In the above-described embodiment, no particular explanation is given for data exchange performed after clients are normally connected to each other, but the data exchanged is preferably encrypted. As a key used when encrypting and decrypting data, a key recorded in the recording medium 21 is used. When data to be exchanged is encrypted, for example, when data is transmitted, the data to be transmitted is first divided into a predetermined length. Then, for each piece of data divided into a predetermined length, an exclusive OR with the key read from the recording medium 21 is taken and a bit operation is performed. The result is transmitted.

  On the receiving side, the received data is divided for each key length read from the recording medium 21, an exclusive OR of the divided data and the key is taken, bit operation is performed, and the result is treated as received data. Like that.

  Of course, such a method of taking an exclusive OR and performing a bit operation is an example, and encryption and decryption of data to be transmitted and received may be performed by other methods.

  In the above-described embodiment, the authentication process is performed before the normal connection is performed. However, after the normal connection is performed, the authentication process is directly performed again between the connected clients. You may do it. By performing the authentication process directly between the clients again, it is possible to further increase the security.

  The communication system as described above can be applied to various devices. For example, when there is a server that distributes music content at a predetermined position in a house and speakers are installed in each room, the user carries the recording medium 21 and replaces it so that the server can be used even in the destination room. You can continue to listen to music distributed from.

  In this case, the recording medium 21 is always inserted into the server, and when the user leaves the room, the user removes the recording medium 21 that has been inserted into the speaker in the room and inserts it into the speaker in the destination room. Each time the recording medium 21 is replaced, the processing as described above is executed, and the output destination of the music distributed from the server is switched to the speaker in which the recording medium 21 is newly inserted.

  Further, since a user who does not have a recording medium cannot access the server, it can also be used as a right to access it. That is, the server administrator distributes the recording medium 21 set with the same ID as the recording medium 21 inserted in the server only to users who are permitted to connect to the server.

  As another specific example, as shown in FIG. 12, the audio player 101-1 and the audio player 101-2 are connected to the network 2, and the speaker 102 is connected to the network 2 in a predetermined room. It may be the case. When the audio player 101-1 is, for example, a CD (Compact Disk) player and the audio player 101-2 is, for example, an MD (Mini Disk (trademark)) player, the user plays different media. The sound source from the player can be switched simply by replacing the recording medium 21A.

  Further, as shown in FIG. 13, a case is considered where a notebook personal computer (notebook personal computer) 111-1 and a notebook personal computer 111-2 are connected to the network 2, and the projector 112 is connected to the same network 2. . For example, when a plurality of presenters are replaced and a projector 112 is used in an academic society or the like, the presenters need only exchange the recording medium 21A. That is, each time the projector 112 is used, the presenter can easily remove the cable from the notebook computer 111-1 and replace the removed cable with the notebook computer 112-1. The projector 112 can be used.

  As described above, by applying the present invention, it is possible to easily switch the connection source and the connection destination between clients.

  By the way, as described above, clients to which the recording medium 21 in which the same ID is recorded are connected are connected to each other to exchange data. Here, it is assumed that the client to which the recording medium 21 is attached is provided. Suppose that it has a function of not only reading the ID and key recorded in the recording medium 21 but also storing them for a relatively long time (permanently). Alternatively, it is assumed that the client is configured so that such a thing can be executed, and the data situation recorded in the recording medium 21 is also configured.

  When such a function exists, the client continues to maintain a connection with another client using the ID and key stored in the client even after the recording medium 21 is removed from the client. Is possible. In addition, the client can start a new connection using the ID and key stored in the client.

  However, this is not preferable from the viewpoint of security. That is, there is a possibility that those IDs and keys are stolen from a client that stores the IDs and keys.

  Further, referring again to FIG. 13, for example, it is assumed that the notebook computer 111-1 stores the ID and key read from the recording medium 21A. Thereafter, it is assumed that the data transmitted from the notebook computer 111-2 is received by the projector 112 by attaching the recording medium 21A to the notebook computer 111-2. In such a situation, it is assumed that the notebook computer 111-1 connects to the projector 112 using the ID and key stored therein and transmits data.

  There is a possibility that such a situation may occur. When such a situation occurs, the projector 112 receives data from the notebook computer 111-1 and data from the notebook computer 111-2. Therefore, on the screen 113, an inconvenient situation occurs in which an image based on the data from the notebook computer 111-1 and an image based on the data from the notebook computer 111-2 are displayed.

  Considering the above, information such as IDs and keys recorded on the recording medium 21 is not recorded on the client side, or even if recorded, the recording medium 21 is removed. It is better to provide a function that can be surely deleted at this point.

  In order to prevent the information recorded in the recording medium 21 from being recorded in other devices, for example, an existing copyright protection technique can be applied. The copyright protection technology basically restricts the number of copies even if the information recorded on a predetermined recording medium is not allowed to be copied to another device (external device) or allowed to be copied. Etc. are realized. Therefore, if the information recorded on the recording medium 21 is protected so as not to be copied, information such as a key can be prevented from being copied (stored) to the client. By doing so, it becomes possible to further improve the safety of the system.

  By the way, it is considered that the recording medium 21 in the above-described embodiment is recognized as a role of a cable terminal for connecting clients to each other. Of course, the recording medium 21 may be designed as a device that performs only such a role. With such a design, the recording capacity of the recording medium 21 may be small, and as a result, the size of the recording medium 21 itself can be small, and a structure convenient for the user to carry can be achieved.

  However, when the recording medium 21 is an existing recording medium having a predetermined capacity such as a memory stick (trademark), the recording capacity of the recording medium 21 is too large to store only an ID and a key. It's a waste to treat it as having a terminal-like role. Therefore, from the viewpoint of the user, the recording medium 21 also serves as a terminal for connecting the devices as described above, but naturally the function of recording data, which is the original function, can be used. It is considered preferable.

  Therefore, a case where the recording medium 21 is handled as a device that records data other than IDs and keys will be described below. Here, as shown in FIG. 14, a case where a PC 131 and a PC 132 are connected as clients will be described as an example. Since the process performed to connect the clients described above can be performed as described above even if other data is recorded, the description regarding that part is omitted.

  As described above, for example, the recording medium 21A and the recording medium 21B are handled as a pair in which the same ID and key are recorded. The same data is recorded on the recording media 21 handled as a pair. When the paired recording mediums 21 are attached to a predetermined client (in this case, the PC 131 and the PC 132) and connected, the data recorded on the recording medium 21 is synchronized. .

  With reference to the flowchart of FIG. 15, the processing of the client with the recording medium 21 mounted, particularly processing related to data synchronization, will be described. Here, the processing on the PC 131 side on which the recording medium 21A is mounted will be described as an example. The process of the flowchart of FIG. 15 is a process performed when the recording medium 21A is mounted on the PC 131.

  In step S101, the contents of the data recorded on the recording medium 21A are presented to the user side. For example, the content of data recorded on the recording medium 21A is displayed on a display (not shown) of the PC 131. A list of names given to the data can be considered as the contents of the displayed data.

  Note that the timing at which the process of step S101 is executed is the timing at which the recording medium 21A is inserted into the recording medium insertion unit, the timing at which the user instructs, and the state where data can be exchanged with other clients. Timing may be considered, and it may be executed at any timing.

  When the process of step S101 is completed, it is determined in step S102 whether or not it is connected to another client (data can be exchanged). That is, as a result of the processing related to connection as described above being executed, it is determined whether or not data exchange with other clients (PC 132) has been made possible.

  If it is determined in step S102 that the client is connected to another client, the process proceeds to step S103. In step S103, a process for synchronizing the data recorded on the recording medium 21A with the data recorded on the recording medium 21B is executed. The synchronization processing in step S103 will be described later with reference to the flowchart of FIG.

  When the synchronization process in step S103 is completed, the data recorded on the recording medium 21A and the recording medium 21B have the same contents. In this state and in a state in which the connection with another client (in this case, the PC 132) is maintained, for example, when recording of new data is instructed to the recording medium 21A, the new data The data is recorded not only on the recording medium 21A attached to itself, but also on the recording medium 21B attached to the PC 132 to which it is connected.

  That is, the PC 131 also executes processing for performing (reflecting) the operation performed on the recording medium 21A attached to the PC 131 also on the recording medium 21B attached to the connected PC 132. To do. For example, the PC 131 records data indicating that there is an operation from the user to the recording medium 21A attached to the PC 131, data indicating the content of the operation, and, if necessary, for example, recording on the recording medium 21A. Various types of data such as the received data are transmitted to the PC 132. As a result, the PC 132 executes processing for the recording medium 21B mounted on itself based on the received various data.

  Such a process is performed in step S104. Since this process, that is, the process of reflecting the process performed on itself to another PC 132 side is also performed, the process performed on the recording medium 21B is performed on the recording medium 21A. Is also done. Such processing of reflecting other operations on itself is performed as processing in step S105.

  When the process of step S105 is completed, the process returns to step S102, and the subsequent processes are repeated. Note that the processes in steps S104 and S105 are processes that can always be performed, and the relationship in which the process in step S105 is executed after the process in step S104 is not necessarily maintained. Therefore, each client is in a state where the contents of the mounted recording medium 21 can always be updated to the latest in relation to the recording medium 21 configured in a pair.

  In this way, while connected to another apparatus, an operation performed on the recording medium 21 by one client is performed on the recording medium 21 mounted on the other client in the same manner. . Therefore, while being connected, the data recorded on the recording medium 21 attached to each connected client is always the same.

  On the other hand, if it is determined in step S102 that no connection is made with another client, the process proceeds to step S106. When the PC 131 is not connected to another client, that is, when processing is performed independently, when any operation is performed on the mounted recording medium 21A, the operation is reflected. Processing is executed. That is, in such a case, the process normally performed on the recording medium 21A is only executed normally.

  When the process in step S106 is completed, the process returns to step S101, and the subsequent processes are executed. After the process is executed in step S106 (the time at which the process was executed is set as time t1), the process is returned to step S101. Therefore, after connection with another client (PC 132) after time t1, step S102 In step S103, it is determined that the PC 132 is connected, and the processing in step S103 and subsequent steps is performed. As a result, the processing performed while the connection is not established also results in the other recording paired after time t1. This is also reflected on the medium 21 (in this case, the recording medium 21B).

  The synchronization process in step S103 will be described with reference to the flowchart of FIG. In step S111, a list indicating the contents of data (such as a list of file names) recorded on the recording medium 21A is exchanged. The PC 131 loaded with the recording medium 21A transmits a list (hereinafter referred to as list A) recorded on the recording medium 21A to the PC 132 loaded with the recording medium 21B. The PC 131 receives a list (hereinafter referred to as “list B”) stored in the recording medium 21 </ b> B from the PC 132.

  By executing such processing, when the processing in step S111 is completed, the processing proceeds to step S112. In step S112, the PC 131 compares the list A and the list B, and lists data (names) determined to have the same name but different contents. For example, the size of data can be considered as information serving as a reference for determining that the data has the same name but different contents. Also, the update date and time may be used. Furthermore, a digest value using an MD5 digest generation algorithm may be used.

  The fact that the data size, update date / time, and digest value are different even though they have the same name means that the data recorded on either the recording medium 21A or the recording medium 21B is later than the previous synchronization time. This means that some operation has been added to. Therefore, such data is listed as the process of step S112.

  In step S113, the name of the listed data is changed. For example, the name is changed by adding a preset character string (for example, its own address or name) to the original name, negotiating with the connection partner, and setting the names so that they are not the same as each other. Can be considered. Either method may be used, but the listed name is changed as the process of step S113.

  Thus, the name is changed in order to prevent such a situation from occurring because there is a possibility that the name is overwritten if the name is the same as a result of synchronization. For example, consider a situation where the user A is using the recording medium 21A and the user B is using the recording medium 21B. Assume that synchronization is performed when user A and user B are processing the same data. When synchronization is performed without changing the name, for example, the data created by user A is overwritten with the data created by user B, and the data created by user A is lost. May occur. If such a thing occurs, it is a damage for the user A.

  Therefore, the name is changed so that such inconvenience does not occur due to synchronization, so that it is not overwritten. In step S114, the list is recreated, and the recreated list is exchanged. Recreating the list is to make the list including the changed name (replaced the original name with the changed name) as a result of the execution of the process in step S113.

  The re-creation of the list in step S114 will be described. In step S114, it is determined that the data has the same name but different contents, and only the data whose name has been changed is listed, or it is determined that the name is already different from the data whose name has been changed. There are two ways to create a list including the data (therefore, the data whose name has not been changed and the data created by either one of the users).

  When only the data whose name has been changed is included in the list, the data recorded on the recording medium 21A and the recording medium 21B can be synchronized only with data preset as shared data. However, when both the data whose name has been changed and the data whose name has not been changed are put on the list, all the data in the recording medium 21 are subject to synchronization regardless of whether the data is shared in advance. It is said.

  Which is set may be set as appropriate by the user, or may be set in advance.

  In any case, at least the renamed data is put on the list. This is because at least data having the same name can be determined to be data that does not cause a problem even if shared.

  When the re-created list (the list from PC 131 is set as list A ′ and the list from PC 132 is set as list B ′) is exchanged between PC 131 and PC 132, in step S115, list A ′ and The list B ′ is compared, and data corresponding to the name that does not match its own list is downloaded from the other connected client.

  In this way, the data recorded on the paired recording media 21 are synchronized, and the same data is recorded.

  In the above-described embodiment, the name of the data that is determined to have the same name but different contents is changed in step S113. However, both the PC 131 and the PC 132 in the above-described example There is no need to execute the process, and if only one of them executes the process of changing the name, it is possible to prevent inconvenience such as data being overwritten.

  Therefore, only one of the clients may execute the process in step S113 based on some priority. For example, when the recording medium 21A and the recording medium 21B are configured as a pair, it is conceivable that some priority is set such that the recording medium 21A is superior to the recording medium 21B. If such a setting is made, the PC 131 side on which the recording medium 21A is mounted should not execute the process of step S113.

  In addition, when such priority is set, data with the same name among the data of the recording medium 21 attached to the client set with the lower priority is appropriately deleted. You may do it.

  When the lists are exchanged, the list encrypted with the key recorded on the recording medium 21 may be exchanged. If the list to be exchanged is encrypted with the key, even if an unauthorized party obtains the encrypted list, the other party cannot decrypt it, and as a result, the list cannot be obtained. Become. Therefore, it is possible to prevent the list from leaking illegally.

  In the above-described embodiment, the screen displayed on the display (not shown) of the PC 131 or PC 132 is not described, but the user side also recognizes whether it is connected to other clients. It is considered preferable that display is possible. Therefore, for example, a screen as shown in FIG. 17 may be displayed on the display 151 of the PC 131.

  In the example illustrated in FIG. 17, a connection state display unit 162 that indicates a connection state is provided above the list display unit 161 that displays information in the list. In the example illustrated in FIG. 17, the connection status display unit 162 indicates a state in which a message “PC 132 is connected” is displayed, and the user refers to this message to connect to the PC 162. It is possible to recognize that it is in a state.

  In the embodiment described above, the data recorded on the recording medium 21 has been described as being subject to synchronization. However, the present invention is not limited to such an embodiment. For example, a predetermined area (such as an area in which a predetermined folder is stored) of a recording device built in the PC 131 and data recorded in a predetermined area of the recording device built in the PC 132 are to be synchronized. Even in such a case, the present invention can be applied.

  As described above, the data stored in the predetermined area is to be synchronized, so that data exceeding the capacity of the recording medium 21 can be handled, and usability can be improved.

  In the above-described embodiment, it has been described that the data handled by the PC 131 and the PC 132 are synchronized, but the present invention is not applied only to the synchronization performed only between two clients, and there are a plurality of data. The present invention can also be applied to data synchronization between two clients.

  By applying the present invention as described above, when data is synchronized with a specific client, data synchronization is executed even if the user does not recognize various information such as the address and name of the other party. It becomes possible. Thus, for example, in a state where data synchronization is conventionally performed between the client A and the client B, the data synchronization with the client C is newly performed with the client C or instead of the client B. If it is desired to perform the setting, the address and name of the client C have to be newly set. However, by applying the present invention, the data can be synchronized without the user having to make troublesome settings for the client C. It can be executed.

  Further, by applying the present invention, for example, after the user A hands over the recording medium 21B recording the same data as the data recorded on the recording medium 21A to the user B, the data is updated. Then, the data itself recorded in the recording medium 21A and the recording medium 21B are both updated. That is, even when there is some change in the data that has been passed to the other party, the change can be easily reflected in the other party's data.

  In the process related to synchronization, data exchanged over the network 2 can be encrypted. In addition, a key for performing the encryption is managed by each recording medium 21. Therefore, security can be improved.

  In the above-described embodiment, the data recorded on the recording medium 21 is a synchronization target. However, an ID, a key, and the like recorded on the recording medium 21 may be a synchronization target. This is because it is preferable to periodically change the ID, key, etc. in order to improve security. If the ID and key are also synchronized, for example, if the new ID and key are encrypted and exchanged with the key at that time, the security will be similar to the above-described data synchronization. Synchronization can be performed while being maintained.

  The series of processes described above can be executed by hardware, but can also be executed by software.

  When a series of processing is executed by software, a program constituting the software may execute various functions by installing a computer incorporated in dedicated hardware or various programs. For example, it is installed from a network or a recording medium into a general-purpose personal computer or the like.

  As shown in FIG. 5, the recording medium is distributed to provide a program to the user separately from the main body of the apparatus, and includes a magnetic disk 81 (including a floppy disk) on which the program is recorded, an optical disk 82 ( Package media including CD-ROM (compact disk-read only memory), DVD (digital versatile disk), magneto-optical disk 83 (including MD (registered trademark) (mini-disk)), or semiconductor memory 84 And a ROM 72 in which a program is stored and a hard disk included in the storage unit 78 provided to the user in a state of being incorporated in the apparatus main body in advance.

  In the present specification, the step of describing the program recorded in the recording medium is not limited to the processing performed in time series according to the described order, but is not necessarily performed in time series, either in parallel or individually. The process to be executed is also included.

  Further, in this specification, the system represents the entire apparatus composed of a plurality of apparatuses.

It is a figure which shows one Embodiment of the communication system to which this invention is applied. It is a perspective view which shows the example of the external appearance of a recording medium. It is a figure explaining the data recorded on a recording medium. It is a perspective view which shows the example of the external appearance of VCR and a television receiver. It is a block diagram which shows the structural example provided in each client. It is a block diagram which shows the structural example of a management server. It is a flowchart explaining a process of a client. It is a flowchart explaining the process of a management server. It is a figure for demonstrating the list memorize | stored in a memory | storage part. It is a figure which shows other embodiment of the communication system to which this invention is applied. It is a flowchart explaining a process of a client. It is a figure for demonstrating a specific example. It is a figure for demonstrating a specific example. It is a figure which shows the example of a connection. It is a flowchart for demonstrating the synchronization of data. It is a flowchart explaining the synchronous process in step S103. It is a figure which shows the example of a display on a display.

Explanation of symbols

1 management server, 2 network, 21 recording medium, 31 identification unit, 61 reader, 62 communication control unit, 64 communication unit, 71 CPU, 72 ROM, 73 RAM, 78 storage unit, 79 communication unit, 80 drive, 81 magnetic disk , 82 optical disk, 83 magneto-optical disk, 84 semiconductor memory

Claims (11)

In an electronic device that associates information processing terminals connected via a network,
Storage means for storing identification information and a key;
First providing means for providing the information processing terminal with the identification information stored in the storage means when attached to the predetermined information processing terminal;
An electronic apparatus comprising: a second providing unit that provides the key stored in the storage unit when the information processing terminal executes an authentication process with another information processing terminal. In an information processing system comprising an information processing terminal and a management server,
The information processing terminal
A reading unit that reads first identification information stored in the electronic device when an electronic device that associates information processing terminals to be connected is mounted;
The first identification information read by the reading means and the first position information indicating its own position on the network are transmitted to the management server managing connections with other information processing terminals. Means for sending
When the first data for authentication is received from the management server, second data is generated from the first data using the key stored in the electronic device, and transmitted to the management server. Two transmission means;
When third data and fourth data related to another information processing terminal are received from the management server, fifth data is generated from the third data using a key stored in the electronic device. Generating means;
It is determined whether or not the fifth data generated by the generating unit matches the fourth data. If they match, the management server is permitted to connect to the other information processing terminal. Third transmission means for transmitting permission data to be transmitted;
When the permission data is transmitted by the third transmission unit, when the second position information of the other information processing terminal is notified from the management server, based on the second position information, Connection means for connecting to the other information processing terminal,
The management server
First receiving means for receiving the first identification information and the first position information transmitted by the first transmitting means;
Fourth transmission means for generating the first data and transmitting the first data to the information processing terminal when the first identification information and the first position information are received by the first reception means;
Second receiving means for receiving the second data transmitted by the second transmitting means;
Management means for associating and managing the first identification information, the first position information, the first data, and the second data;
Of the identification information managed by the management means, the first identification information transmitted by the information processing terminal is the same as the second identification information transmitted by the other information processing terminal. The first data and the second data associated with the information processing terminal are transmitted to the other information processing terminal, and the third data associated with the other information processing terminal. And fifth transmission means for transmitting the data and the fourth data to the information processing terminal;
When the permission data transmitted by the fourth transmission means is received, and when the permission data is also received from the other information processing terminal, the first location information of the information processing terminal is changed to the other information. A notification means for notifying the information processing terminal and notifying the information processing terminal of the second position information of the other information processing terminal. Reading means for reading identification information stored in the electronic device when an electronic device that associates information processing terminals to be connected is mounted;
The first identification information read by the reading means and the first location information representing the location of the device itself on the network are transmitted to a management server that manages connection with other information processing terminals. A transmission means;
When the first data for authentication is received from the management server, second data is generated from the first data using the key stored in the electronic device, and transmitted to the management server. Two transmission means;
When third data and fourth data related to another information processing terminal are received from the management server, fifth data is generated from the third data using a key stored in the electronic device. Generating means;
It is determined whether or not the fifth data generated by the generating unit and the fourth data match, and if it is determined that they match, the management server is notified with the other information processing terminal. A third transmission means for transmitting permission data for permitting connection;
When the permission data is transmitted by the third transmission unit, when the second position information of the other information processing terminal is notified from the management server, based on the second position information, An information processing terminal comprising: connection means for connecting to the other information processing terminal. An encryption means for encrypting data to be transmitted to the other information processing terminal using the key stored in the electronic device when connected to the information processing terminal by the connection means;
4. The information processing terminal according to claim 3, further comprising: a decrypting unit configured to decrypt the data with the key stored in the electronic device when data is received from the other information processing terminal. 5. . In an information processing method of an information processing apparatus including at least a reading unit that reads information from a mounted electronic device and a communication unit that exchanges data with another information processing device,
A reading step of reading identification information stored in the electronic device when the electronic device that associates information processing terminals to be connected is mounted;
The first identification information read by the reading step and the first position information representing the position of the network itself are transmitted to a management server that manages connections with other information processing terminals. Sending step;
When the first data for authentication is received from the management server, second data is generated from the first data using the key stored in the electronic device, and transmitted to the management server. Two transmission steps;
When third data and fourth data related to another information processing terminal are received from the management server, fifth data is generated from the third data using a key stored in the electronic device. Generation step;
It is determined whether or not the fifth data generated by the processing of the generation step matches the fourth data, and if it is determined that they match, the other information processing terminal is sent to the management server A third transmission step of transmitting permission data for permitting connection with
When the permission data is transmitted in the process of the third transmission step, the second position information of the other information processing terminal is notified from the management server, based on the second position information. A connection step of connecting to the other information processing terminal. A computer program for controlling an information processing apparatus including at least a reading unit that reads information from a mounted electronic device and a communication unit that exchanges data with another information processing apparatus,
A reading step of reading identification information stored in the electronic device when the electronic device that associates information processing terminals to be connected is mounted;
The first identification information read by the reading step and the first position information representing the position of the network itself are transmitted to a management server that manages connections with other information processing terminals. Sending step;
When the first data for authentication is received from the management server, second data is generated from the first data using the key stored in the electronic device, and transmitted to the management server. Two transmission steps;
When third data and fourth data related to another information processing terminal are received from the management server, fifth data is generated from the third data using a key stored in the electronic device. Generation step;
It is determined whether or not the fifth data generated by the processing of the generation step matches the fourth data, and if it is determined that they match, the other information processing terminal is sent to the management server A third transmission step of transmitting permission data for permitting connection with
When the permission data is transmitted in the process of the third transmission step, the second position information of the other information processing terminal is notified from the management server, based on the second position information. A connection step of connecting to the other information processing terminal. A computer program for controlling an information processing apparatus including at least a reading unit that reads information from a mounted electronic device and a communication unit that exchanges data with another information processing apparatus,
A reading step of reading identification information stored in the electronic device when the electronic device that associates information processing terminals to be connected is mounted;
The first identification information read by the reading step and the first position information representing the position of the network itself are transmitted to a management server that manages connections with other information processing terminals. Sending step;
When the first data for authentication is received from the management server, second data is generated from the first data using the key stored in the electronic device, and transmitted to the management server. Two transmission steps;
When third data and fourth data related to another information processing terminal are received from the management server, fifth data is generated from the third data using a key stored in the electronic device. Generation step;
It is determined whether or not the fifth data generated by the processing of the generation step matches the fourth data, and if it is determined that they match, the other information processing terminal is sent to the management server A third transmission step of transmitting permission data for permitting connection with
When the permission data is transmitted in the process of the third transmission step, the second position information of the other information processing terminal is notified from the management server, based on the second position information. And a connection step of connecting to the other information processing terminal. A recording medium on which a computer-readable program is recorded. First identification information for identifying the information processing terminal transmitted from the first information processing terminal and first position information representing the position of the first information processing terminal on the network are received. 1 receiving means;
First transmission means for generating first data and transmitting the first data to the first information processing terminal when the first identification information and the first position information are received by the first reception means; ,
Second receiving means for receiving the second data transmitted from the first information processing terminal by transmitting the first data by the first transmitting means;
Management means for associating and managing the first identification information, the first position information, the first data, and the second data;
Of the identification information managed by the management means, the first identification information transmitted by the first information processing terminal and the second identification transmitted by the second information processing terminal. When the information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the second information processing terminal Second transmission means for transmitting the third data and the fourth data associated with the first information processing terminal to the first information processing terminal;
When receiving permission data indicating permission to connect to the second information processing terminal transmitted from the first information processing terminal, and also from the second information processing terminal, the first information When the permission data indicating that the connection with the processing terminal is permitted is received, the first position information is notified to the second information processing terminal, and the second position information is transmitted to the first information processing terminal. A management server comprising notification means for notifying. In the management method of a management server that manages data provided from another information processing apparatus,
First identification information for identifying the information processing terminal transmitted from the first information processing terminal and first position information representing the position of the first information processing terminal on the network are received. 1 receiving step;
First transmission for generating first data and transmitting to the first information processing terminal when the first identification information and the first position information are received in the processing of the first reception step. Steps,
A second receiving step of receiving the second data transmitted from the first information processing terminal by transmitting the first data in the processing of the first transmitting step;
A management step of associating and managing the first identification information, the first position information, the first data, and the second data;
Of the identification information managed in the process of the management step, the first identification information transmitted by the first information processing terminal and the second information transmitted by the second information processing terminal. When the identification information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the second information A second transmission step of transmitting third data and fourth data associated with the processing terminal to the first information processing terminal;
The first information is also received from the second information processing terminal when permission data indicating permission to connect to the second information processing terminal transmitted from the first information processing terminal is received. When the permission data indicating that the connection with the processing terminal is permitted is received, the first position information is notified to the second information processing terminal, and the second position information is transmitted to the first information processing terminal. A management method comprising: a notification step of notifying. A computer program for controlling a management server that manages data provided from another information processing apparatus,
First identification information for identifying the information processing terminal transmitted from the first information processing terminal and first position information representing the position of the first information processing terminal on the network are received. 1 receiving step;
First transmission for generating first data and transmitting to the first information processing terminal when the first identification information and the first position information are received in the processing of the first reception step. Steps,
A second receiving step of receiving the second data transmitted from the first information processing terminal by transmitting the first data in the processing of the first transmitting step;
A management step of associating and managing the first identification information, the first position information, the first data, and the second data;
Of the identification information managed in the process of the management step, the first identification information transmitted by the first information processing terminal and the second information transmitted by the second information processing terminal. When the identification information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the second information A second transmission step of transmitting third data and fourth data associated with the processing terminal to the first information processing terminal;
The first information is also received from the second information processing terminal when permission data indicating permission to connect to the second information processing terminal transmitted from the first information processing terminal is received. When the permission data indicating that the connection with the processing terminal is permitted is received, the first position information is notified to the second information processing terminal, and the second position information is transmitted to the first information processing terminal. A program characterized by including a notification step for notification. A computer program for controlling an information processing apparatus that manages data provided from another information processing apparatus,
First identification information for identifying the information processing terminal transmitted from the first information processing terminal and first position information representing the position of the first information processing terminal on the network are received. 1 receiving step;
First transmission for generating first data and transmitting to the first information processing terminal when the first identification information and the first position information are received in the processing of the first reception step. Steps,
A second receiving step of receiving the second data transmitted from the first information processing terminal by transmitting the first data in the processing of the first transmitting step;
A management step of associating and managing the first identification information, the first position information, the first data, and the second data;
Of the identification information managed in the process of the management step, the first identification information transmitted by the first information processing terminal and the second information transmitted by the second information processing terminal. When the identification information is the same, the first data and the second data associated with the first information processing terminal are transmitted to the second information processing terminal, and the second information A second transmission step of transmitting third data and fourth data associated with the processing terminal to the first information processing terminal;
The first information is also received from the second information processing terminal when permission data indicating permission to connect to the second information processing terminal transmitted from the first information processing terminal is received. When the permission data indicating that the connection with the processing terminal is permitted is received, the first position information is notified to the second information processing terminal, and the second position information is transmitted to the first information processing terminal. A recording medium on which a computer-readable program is recorded.

Images