JP2005341549A5 - - Google Patents

Download PDF

Info

Publication number
JP2005341549A5
JP2005341549A5 JP2005126324A JP2005126324A JP2005341549A5 JP 2005341549 A5 JP2005341549 A5 JP 2005341549A5 JP 2005126324 A JP2005126324 A JP 2005126324A JP 2005126324 A JP2005126324 A JP 2005126324A JP 2005341549 A5 JP2005341549 A5 JP 2005341549A5
Authority
JP
Japan
Prior art keywords
ics
user
server
access control
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2005126324A
Other languages
Japanese (ja)
Other versions
JP2005341549A (en
JP3948568B2 (en
Filing date
Publication date
Application filed filed Critical
Priority to JP2005126324A priority Critical patent/JP3948568B2/en
Priority claimed from JP2005126324A external-priority patent/JP3948568B2/en
Publication of JP2005341549A publication Critical patent/JP2005341549A/en
Publication of JP2005341549A5 publication Critical patent/JP2005341549A5/ja
Application granted granted Critical
Publication of JP3948568B2 publication Critical patent/JP3948568B2/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Claims (5)

IP転送網は複数のアクセス制御装置、変換表サーバ、ユーザサービスサーバ、当局サーバ、認証サーバ、登録サーバ、接続サーバ、ドメイン名サーバを含み、前記アクセス制御装置及び前記複数のサーバは内部通信回線により接続されており、前記アクセス制御装置は複数レコードから成る変換表を含み、複数の端末はユーザ通信回線、ユーザ通信回線終端の論理端子を経て前記アクセス制御装置のいずれかに接続されており、The IP transfer network includes a plurality of access control devices, a conversion table server, a user service server, an authority server, an authentication server, a registration server, a connection server, and a domain name server. The access control device and the plurality of servers are connected by an internal communication line. The access control device includes a conversion table comprising a plurality of records, and the plurality of terminals are connected to one of the access control devices via a user communication line and a logical terminal of a user communication line termination,
ユーザ1は前記ユーザサービスサーバにローミング端末の利用を申込み、前記ユーザサービスサーバは前記当局サーバと連携して、ユーザ1のICSドメイン名1とユーザ1のICSユーザアドレス1、暗号関連データ1、暗号機能、ローミング端末共通ICSユーザアドレス、前記登録サーバのICSユーザアドレス、前記接続サーバのICSユーザアドレスを前記ユーザ1に供与し、前記ICSユーザアドレス1については前記ユーザ1が定めて前記ユーザサービスサーバに提示することが可能であり、アクセス制御装置1の論理端子1に接続するユーザ通信回線にユーザ1のホーム端末1を接続するよう指定し、前記論理端子1に付与するICSネットワークアドレス1を定め、User 1 applies to the user service server for the use of a roaming terminal, and the user service server cooperates with the authority server to link user 1's ICS domain name 1, user 1's ICS user address 1, encryption-related data 1, encryption Functions, roaming terminal common ICS user address, ICS user address of the registration server, ICS user address of the connection server are provided to the user 1, and the ICS user address 1 is determined by the user 1 and sent to the user service server. A user communication line connected to the logical terminal 1 of the access control device 1 is specified to be connected to the home terminal 1 of the user 1, and an ICS network address 1 to be assigned to the logical terminal 1 is determined.
前記ユーザサービスサーバ及び前記当局サーバは前記ICSドメイン名1を前記認証サーバに登録し、The user service server and the authority server register the ICS domain name 1 in the authentication server,
前記ICSドメイン名1、前記ICSユーザアドレス1及び前記ICSネットワークアドレス1の3組を前記ドメイン名サーバに通知し、前記ドメイン名サーバはこれら3組を内部に保持し、Notifying the domain name server of three sets of the ICS domain name 1, the ICS user address 1, and the ICS network address 1, the domain name server holds these three sets internally,
前記ICSユーザアドレス1及び前記登録サーバのICSユーザアドレスを含むレコード1を前記アクセス制御装置1内の変換表に設定するよう前記変換表サーバに指示し、前記変換表サーバは前記レコード1を設定し、前記ユーザ1は、前記ホーム端末1内に少なくとも前記ICSユーザアドレス1と前記ICSドメイン名1、暗号関連データ1、前記暗号機能、前記ローミング端末共通ICSユーザアドレス、前記登録サーバのICSユーザアドレスを設定し、The conversion table server is instructed to set the record 1 including the ICS user address 1 and the ICS user address of the registration server in the conversion table in the access control apparatus 1, and the conversion table server sets the record 1. The user 1 includes at least the ICS user address 1 and the ICS domain name 1, encryption related data 1, the encryption function, the roaming terminal common ICS user address, and the ICS user address of the registration server in the home terminal 1. Set,
前記ユーザ1は前記ユーザ1自身が用いるパスワード1を決め、送信元アドレスを前記ユーザ1のICSユーザアドレス1、宛先アドレスを前記登録サーバのICSユーザアドレスとし、少なくとも前記ICSドメイン名1、暗号情報1を含むICSユーザフレームを生成して前記ホーム端末1から送信し、前記暗号情報1は前記暗号関連データ1及び前記パスワード1を用いて生成しており、The user 1 decides the password 1 used by the user 1, the source address is the ICS user address 1 of the user 1, the destination address is the ICS user address of the registration server, and at least the ICS domain name 1, encryption information 1 An ICS user frame including the following information is transmitted from the home terminal 1, and the encryption information 1 is generated using the encryption related data 1 and the password 1;
前記アクセス制御装置1において前記レコード1が用いられて前記ICSユーザフレームを含むICSネットワークフレームXが形成され、前記ICSネットワークフレームXが前記登録サーバに到達し、前記登録サーバは前記認証サーバに向けて前記ICSネットワークフレームXの情報を含むICSネットワークフレームYを形成して送信し、In the access control apparatus 1, the record 1 is used to form an ICS network frame X including the ICS user frame, the ICS network frame X reaches the registration server, and the registration server is directed to the authentication server. Forming and transmitting an ICS network frame Y including information of the ICS network frame X;
前記認証サーバは受信した前記ICSネットワークフレームYから前記パスワード1を復元し、前記ICSドメイン名1と前記パスワード1の組をその内部に保持し、以上の手順によってにローミング準備を行うことを特徴とする統合情報通信システム。The authentication server restores the password 1 from the received ICS network frame Y, holds the set of the ICS domain name 1 and the password 1 therein, and performs roaming preparation by the above procedure. Integrated information communication system. IP転送網は複数のアクセス制御装置、変換表サーバ、認証サーバ、ドメイン名サーバを含み、前記アクセス制御装置及び前記複数のサーバは内部通信回線により接続されており、The IP transfer network includes a plurality of access control devices, a conversion table server, an authentication server, and a domain name server, and the access control device and the plurality of servers are connected by an internal communication line,
前記アクセス制御装置は複数レコードから成る変換表を含み、The access control device includes a conversion table composed of a plurality of records,
複数の端末はユーザ通信回線、ユーザ通信回線終端の論理端子を経て前記アクセス制御装置のいずれかに接続されており、A plurality of terminals are connected to one of the access control devices via a user communication line, a logical terminal of a user communication line termination,
端末Aと端末Bは、端末A−通信回線A−アクセス制御装置A−前記IP転送網内部−アクセス制御装置B−通信回線B−端末Bを経由してICSユーザフレームを送受する通信が可能であり、Terminal A and terminal B can communicate by transmitting and receiving an ICS user frame via terminal A-communication line A-access control apparatus A-inside the IP transfer network-access control apparatus B-communication line B-terminal B. Yes,
少なくともアクセス制御装置2は内部の変換表内に前記ローミング端末共通ICSユーザアドレス及び前記接続サーバのICSユーザアドレスを含むレコードRを設定済みであり、At least the access control device 2 has set a record R including the ICS user address of the roaming terminal common ICS and the ICS user address of the connection server in an internal conversion table,
前記ユーザ1は少なくともユーザ1のICSユーザアドレス1、ユーザ1のICSドメイン名1、暗号関連データ1、暗号機能、ローミング端末共通ICSユーザアドレス、接続サーバのICSユーザアドレスを含む端末2をアクセス制御装置2に接続し、The user 1 has at least a terminal 2 including an ICS user address 1 of the user 1, an ICS domain name 1 of the user 1, an encryption related data 1, an encryption function, an ICS user address common to roaming terminals, and an ICS user address of a connection server. 2 to
前記端末2からICSドメイン名3である端末3へ通信接続するため、送信元アドレスを前記ICSユーザアドレス1、宛先アドレスを前記接続サーバのICSユーザアドレスとし、少なくとも前記ICSドメイン名1及び前記ICSドメイン名3、及び前記暗号関連データ1及び前記パスワード1を用いて生成した暗号パラメータを含むICSユーザフレーム3を生成して前記端末2から前記アクセス制御装置2に送信し、In order to establish communication connection from the terminal 2 to the terminal 3 having the ICS domain name 3, the source address is the ICS user address 1, the destination address is the ICS user address of the connection server, and at least the ICS domain name 1 and the ICS domain An ICS user frame 3 including an encryption parameter generated using the name 3, and the encryption-related data 1 and the password 1, and transmitted from the terminal 2 to the access control device 2,
前記アクセス制御装置2において前記レコードRが用いられてICSネットワークフレーム3Xが形成され、前記ICSネットワークフレーム3Xは前記接続サーバに到達し、前記接続サーバは前記ICSネットワークフレーム3Xを受信し、前記認証サーバに問合わせて、前記ICSユーザフレーム3Xに含まれるユーザ1の前記ドメイン名1とユーザ1の前記パスワード1との組が前記認証サーバに登録されていることを確認し、前記確認すると前記接続サーバは前記ドメイン名サーバに前記ドメイン名1及びドメイン名3に対応するICSユーザアドレス及びICSネットワークアドレスを問合わせて取得し、前記接続サーバは、前記ドメイン名1及び前記ドメイン名3に対応するアドレスを含むレコード2を前記アクセス制御装置2の変換表に設定するよう前記変換表サーバに指示し、前記接続サーバは前記取得したドメイン名3に対応する少なくとも前記端末3のICSユーザアドレス3を前記端末2に返信し、The record R is used in the access control device 2 to form an ICS network frame 3X, the ICS network frame 3X reaches the connection server, the connection server receives the ICS network frame 3X, and the authentication server And confirms that the set of the domain name 1 of the user 1 and the password 1 of the user 1 included in the ICS user frame 3X is registered in the authentication server. Obtains an ICS user address and an ICS network address corresponding to the domain name 1 and the domain name 3 from the domain name server, and the connection server obtains addresses corresponding to the domain name 1 and the domain name 3. The access control device 2 including the record 2 including Instructs the conversion table server to set the conversion table, the connection server sends back an ICS user address 3 of at least the terminal 3 corresponding to the domain name 3 that the acquired to the terminal 2,
前記端末2は、送信元アドレスを前記ユーザ1の前記ICSユーザアドレス1、宛先アドレスを前記ICSユーザアドレス3とするICSユーザフレーム3を生成して送信すると、前記アクセス制御装置2において前記ICSユーザフレーム3がICSネットワークフレーム3となって前記IP転送網内部を転送され着信側のアクセス制御装置4に到達して前記ICSユーザフレーム3が復元されて前記端末3に到達するようになっていることを特徴とする統合情報通信システム。When the terminal 2 generates and transmits the ICS user frame 3 having the source address as the ICS user address 1 of the user 1 and the destination address as the ICS user address 3, the access control device 2 uses the ICS user frame. 3 becomes an ICS network frame 3 and is transferred through the IP transfer network, reaches the access control device 4 on the incoming side, and the ICS user frame 3 is restored to reach the terminal 3. A featured integrated information communication system. IP転送網は複数のアクセス制御装置及び複数のサーバを含み、前記アクセス制御装置及び前記サーバは内部通信回線により接続されており、前記複数のサーバはドメイン名サーバ、変換表サーバを含み、ICSフレームを送受する通信が可能であり、前記アクセス制御装置は複数レコードから成る変換表を含み、複数の端末はユーザ通信回線ユーザ通信回線終端の論理端子を経て前記アクセス制御装置のいずれかに接続されており、The IP transfer network includes a plurality of access control devices and a plurality of servers, the access control devices and the servers are connected by an internal communication line, the plurality of servers include a domain name server and a conversion table server, and an ICS frame The access control device includes a conversion table composed of a plurality of records, and the plurality of terminals are connected to one of the access control devices via a logic terminal of a user communication line user communication line termination. And
送信側の端末1が送信したICSユーザフレーム1がユーザ通信回線1、論理端子1を経て発信側のアクセス制御装置1に入力すると、前記論理端子1を識別するための論理端子識別情報1及び前記ICSユーザフレーム1内の少なくとも受信ユーザアドレスが前記アクセス制御装置1内の変換表のレコード1として登録され、前記レコード1が着信側論理端子識別情報を含んでいると、前記ICSユーザフレーム1及び前記着信側論理端子識別情報を含むICSネットワークフレーム1が形成され、前記発信側アクセス制御装置1から送出された前記ICSネットワークフレーム1は転送されて着信側のアクセス制御装置2に到達し、前記ICSネットワークフレーム1内の前記着信側論理端子識別情報を基に着信側論理端子2が決定され、前記ICSネットワークフレーム1から前記ICSユーザフレーム1が復元され、復元された前記ICSユーザフレーム1は前記着信側論理端子2及びユーザ通信回線2を経て受信側の端末2に到達可能であり、When the ICS user frame 1 transmitted by the terminal 1 on the transmission side is input to the access control device 1 on the transmission side via the user communication line 1 and the logical terminal 1, the logical terminal identification information 1 for identifying the logical terminal 1 and the When at least the receiving user address in the ICS user frame 1 is registered as the record 1 of the conversion table in the access control device 1, and the record 1 includes the receiving side logical terminal identification information, the ICS user frame 1 and the ICS user frame 1 An ICS network frame 1 including receiving-side logical terminal identification information is formed, and the ICS network frame 1 sent from the calling-side access control device 1 is transferred to reach the receiving-side access control device 2, and the ICS network The incoming call side logical terminal 2 is determined based on the incoming call side logical terminal identification information in the frame 1. Wherein the ICS network frame 1 is ICS user frame 1 is restored, the ICS user frame 1 which is restored is reachable to the terminal 2 on the reception side through the incoming-side logic terminal 2 and user communication line 2,
端末3がサーバ3に向けてICSユーザフレーム3を送信するとアクセス制御装置3内のレコード3内の前記サーバ3のアドレスが参照され、ICSネットワークフレーム3が形成されて前記サーバ3に到達し、前記サーバ3がICSネットワークフレーム4を形成して送信すると、前記アクセス制御装置3においてICSユーザフレーム4が復元されて前記端末3に到達可能であり、When the terminal 3 transmits the ICS user frame 3 to the server 3, the address of the server 3 in the record 3 in the access control device 3 is referred to, and an ICS network frame 3 is formed to reach the server 3, When the server 3 forms and transmits the ICS network frame 4, the ICS user frame 4 is restored in the access control device 3 to reach the terminal 3,
前記変換表サーバは、前記変換表のレコードを含むICSフレームを用いて前記アクセス制御装置と通信を行うことにより、前記アクセス制御装置内の変換表のレコードの更新が可能であることを特徴とするIP通信の方法。The conversion table server is capable of updating a conversion table record in the access control device by communicating with the access control device using an ICS frame including the conversion table record. IP communication method. 前記IP転送網は更に1以上のユーザサービスサーバ、1以上の当局サーバを含み、前記ユーザサービスサーバは少なくとも複数ユーザの利用申込み情報を保持し、前記当局サーバは少なくともユーザが用いるドメイン名やアドレスを保持し、前記IP転送網の運用者は少なくとも前記ユーザサービスサーバ、前記変換表サーバを用いて前記IP転送網の運用を行うようになっている請求項3に記載のIP通信の方法。The IP transfer network further includes one or more user service servers and one or more authority servers, the user service server holds at least a plurality of users' application application information, and the authority server stores at least a domain name and an address used by the users. The IP communication method according to claim 3, wherein an operator of the IP transfer network operates the IP transfer network using at least the user service server and the conversion table server. 前記アクセス制御装置3は、前記変換表内の前記レコード3内に前記端末3のICSユーザアドレスが含まれていないことを確認すると前記ICSユーザフレーム3を廃棄し、前記ICSネットワークフレーム3を前記サーバ3に送信せず、前記変換表内のレコードに未登録の端末から前記サーバ3への通信を不可能にする請求項3又は4に記載のIP通信の方法。When the access control device 3 confirms that the ICS user address of the terminal 3 is not included in the record 3 in the conversion table, the access control device 3 discards the ICS user frame 3 and uses the ICS network frame 3 as the server. 5. The method of IP communication according to claim 3 or 4, wherein communication from the terminal not registered in the record in the conversion table to the server 3 is impossible without transmitting to 3.
JP2005126324A 1996-12-06 2005-04-25 Integrated information communication system and IP communication method Expired - Fee Related JP3948568B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2005126324A JP3948568B2 (en) 1996-12-06 2005-04-25 Integrated information communication system and IP communication method

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
JP32673696 1996-12-06
JP5481297 1997-03-10
JP18254197 1997-07-08
JP2005126324A JP3948568B2 (en) 1996-12-06 2005-04-25 Integrated information communication system and IP communication method

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
JP2001267454A Division JP3789088B2 (en) 1996-12-06 2001-09-04 Integrated information communication system

Related Child Applications (1)

Application Number Title Priority Date Filing Date
JP2007011679A Division JP4222619B2 (en) 1996-12-06 2007-01-22 IP communication method

Publications (3)

Publication Number Publication Date
JP2005341549A JP2005341549A (en) 2005-12-08
JP2005341549A5 true JP2005341549A5 (en) 2006-08-17
JP3948568B2 JP3948568B2 (en) 2007-07-25

Family

ID=35494546

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2005126324A Expired - Fee Related JP3948568B2 (en) 1996-12-06 2005-04-25 Integrated information communication system and IP communication method

Country Status (1)

Country Link
JP (1) JP3948568B2 (en)

Similar Documents

Publication Publication Date Title
US9059841B2 (en) Auto-discovery of a non-advertised public network address
JP4754964B2 (en) Radio network control apparatus and radio network control system
CN102480729B (en) Method and the access point of fake user is prevented in wireless access network
US20070165865A1 (en) Method and system for encryption and storage of information
CA2419853A1 (en) Location-independent packet routing and secure access in a short-range wireless networking environment
JP2006148648A5 (en)
CA2388938A1 (en) Terminal-to-terminal communication connection control system for ip full service
CN101088264A (en) Address conversion device and address conversion method
JP3973961B2 (en) Wireless network connection system, terminal device, remote access server, and authentication function device
WO2011041962A1 (en) Method and system for end-to-end session key negotiation which support lawful interception
JP5487116B2 (en) Method and apparatus for network roaming enterprise extension identity
JP2007006248A (en) Method and system for remote access
CN101447976B (en) Method for accessing dynamic IP session, system and device thereof
JP2012070225A (en) Network relay device and transfer control system
JP5261432B2 (en) Communication system, packet transfer method, network switching apparatus, access control apparatus, and program
JP2005341549A5 (en)
JP4003634B2 (en) Information processing device
CN110351308B (en) Virtual private network communication method and virtual private network device
CN104618214B (en) The method and system that structure LAN is transmitted into row information
JP3833932B2 (en) IP network that can use IP address as terminal identity
JP2005287067A5 (en)
CN101594276B (en) Business authorization method for IP telecommunication network system
JP2005020080A (en) Inter-subscriber terminal communication system
JP6674141B2 (en) Communication device
CN101197659B (en) Supervisor encrypting type anti-attack information communication network safety defending method and system