JP2006041641A - Radio communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To have a security function in a radio section, to provide a QoS based on data of all layers, to be extremely short in the disconnecting time of communication at a radio terminal unit moving time, and to make it unnecessary to store encryption keys of all the radio terminal units for being connected to the communication network system by a radio base station apparatus. <P>SOLUTION: The radio terminal units 101a, 101b, and 101c each has a terminal side encryption unit 104 for enciphering a radio signal to be transmitted. The radio transmitter/receiver has an encryption key storage unit 105 for storing the receiving encryption key for decoding the received radio signal, and a network side decoding unit 106 for decoding the radio signal based on the receiving encryption key. The communication network system 102 has a radio transmitter/receiver of a radio area which can transmit and receive, a radio transmitter/receiver of an adjacent other radio area, and an encryption key distributing unit 110 for distributing the receiving encryption key. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a wireless communication system of a moving wireless terminal device, and more particularly to a wireless communication system suitable for use in a wide area wireless LAN system, a wireless VoIP network system, and the like.

  In recent years, with the spread of wireless LAN technology, VoIP technology capable of image communication and voice communication, the demand for wide-area wireless LAN systems and wireless VoIP network systems that can be applied to wireless communication systems for mobile wireless terminal devices has increased. Yes.

  In this type of communication network system, unlike a wired LAN system in which communication between terminal devices is not possible unless there is a physical connection through a cable, any wireless terminal device can be used as long as it is a wireless area capable of radio wave communication. Connection is possible.

  Therefore, in such a communication network system, the security function in the wireless section is enhanced to prevent damage such as unauthorized intrusion, attack, communication interception, and impersonation to this communication network system, and to ensure the confidentiality of transmitted / received data It is essential to do.

  Also, in this type of communication network system, a wide variety of QoS (Quality of Service) such as bandwidth guarantee according to user contracts, priority control for each service such as voice, WEB and mail, etc. There is a strong demand for providing a service with a short communication disconnection time when moving.

  Also, IPsec (Internet Protocol Security) or WEP (Wired Equivalent Privacy) is generally used as an encryption method for maintaining security in the wireless section.

  The IPsec is an encryption method described in a document group organized in RFC2411 that performs encryption of packets by exchanging encryption keys that are actually used between wireless terminal devices. This IPsec includes a method for extracting and encrypting only the payload portion of the IP packet, and a method for encapsulating the entire encrypted IP packet into an IP packet (IP tunneling).

  In the IPsec, since any of the above-described methods ensures security at the IP layer, the data above the transport layer is encrypted. Therefore, in this IPsec, a packet transmitted after being encrypted by one wireless terminal device is transmitted using an encryption key (encryption key) exchanged in advance by the other wireless terminal device received via the communication network system. Decrypted.

  On the other hand, the WEP is an encryption method described in IEEE802.11 which is an encryption system used for the wireless LAN standards IEEE802.11a and IEEE802.11b. In this WEP, since the packet secures at the MAC layer, the data above the network layer is encrypted, and the encryption key for decrypting this data is the wireless terminal device and the wireless transmitting / receiving device (wireless base station device). ) Both in advance. That is, in this WEP, the packet transmitted by the wireless terminal device after being encrypted is decrypted by the wireless base station device, and conversely, the packet transmitted after being encrypted by the wireless base station device is decrypted by the wireless terminal device.

  In addition, in the wireless communication system based on IEEE802.1x, in addition to the above two systems, an authentication server is provided in the communication network system in order to ensure security in the wireless section and facilitate the transfer of the wireless terminal device. . In this wireless communication system, when the wireless terminal device requests permission to access the wireless base station device, the wireless base station device requests an ID from the wireless terminal device, and forwards the ID to the authentication server. ing. That is, in this wireless communication system, the authentication server that authenticates the ID sends an encryption key to the wireless base station device together with an acceptance message, the wireless base station device notifies the wireless terminal device of the encryption key, and The wireless terminal device is configured to be able to access the communication network system using a key.

  In this type of wireless communication system, the authentication procedure when the wireless terminal device requests permission for access to the wireless base station device increases overhead traffic other than the original communication. There is a need for simplification.

For this reason, in the conventional wireless LAN system, the MAC address of the wireless base station device (AP) to perform wireless communication is searched for in the AP information management table held by the wireless terminal device, and the MAC When the address does not exist in the AP management table, a public key authentication request is made to the radio base station device, and when the MAC address exists in the AP management table, the radio base station device A public key re-authentication request is made to the user (see, for example, Patent Document 1).
JP 2003-005641 A

  However, as described above, when IPsec is used for the construction of a wide area wireless LAN system or a wireless VoIP network system, since data at the transport layer and higher is encrypted, priority is given by the TCP / UDP port number. It is very difficult to provide QoS based on data at the transport layer or higher such as control.

  In addition, in the wireless communication system using IPsec, when the wireless base station device communicating with the wireless terminal device is changed as the wireless terminal device moves, the wireless terminal device and the wireless base station that is the moving destination It is necessary to exchange the encryption key used by the wireless terminal device again with the device. For this reason, in the wireless communication system using this IPsec, while the encryption key used in the wireless section is exchanged again due to the movement of the wireless terminal device, the wireless terminal device and the wireless base station device There is a problem that communication is interrupted.

  On the other hand, in the wireless communication system using the WEP, both the wireless terminal device and the wireless base station device store the encryption key in advance and do not require the encryption key exchange. Communication disconnection time associated with movement is extremely short. However, in this wireless communication system using WEP, it is necessary for the wireless base station device to store encryption keys of all wireless terminal devices connected to the communication network system. As the number increases, the cost of the radio base station apparatus increases.

  Further, in the wireless communication system using IEEE802.1x, the authentication server sends an encryption key to the wireless base station device, so that the wireless base station device transmits all wireless devices connected to the communication network system. There is no need to store the encryption key of the terminal device. However, in the wireless communication system using IEEE802.1x, when the wireless base station device that communicates with the wireless terminal device is changed as the wireless terminal device moves, It is necessary to repeat the authentication procedure. For this reason, this wireless communication system has a problem that communication between the wireless terminal device and the wireless base station device is interrupted while the wireless terminal device is re-authenticated.

  The present invention has been made in view of the above points, has a security function in a wireless section, can provide QoS based on data of all layers, and communication disconnection time when the wireless terminal device moves is extremely long. It is an object of the present invention to provide a wireless communication system that is short and can reduce costs that do not require the wireless base station device to store the encryption keys of all wireless terminal devices connected to the communication network system.

  In order to solve the above-mentioned problem, the wireless communication system according to claim 1 is a communication network system including a plurality of wireless transmission / reception devices capable of communicating with each other to form a wireless area accessible by a wireless terminal device that transmits and receives wireless signals. The wireless terminal device includes a terminal-side encryption unit that encrypts a wireless signal transmitted to the wireless transmission / reception device, and each of the plurality of wireless transmission / reception devices includes: An encryption key storage device for storing a reception encryption key for decrypting the received wireless signal, and a network side decryption device for decrypting the wireless signal based on the reception encryption key, and the communication The network system includes: the wireless transmission / reception device having the wireless terminal device in a wireless area where transmission / reception signals can be transmitted / received; and A configuration that includes a wireless transceiver other wireless areas adjacent to the line area, the encryption key distribution system for distributing the received encryption key.

  In this configuration, the reception encryption key for decrypting the wireless signal received from the wireless terminal device is stored in the encryption key storage device, and the network side decryption device performs the wireless communication based on the reception encryption key. A wireless transmission / reception device having the wireless terminal device in a wireless area in which a wireless signal can be transmitted / received by the encryption key distribution device and a wireless in another wireless area adjacent to the wireless area of the wireless transmission / reception device by the encryption key distribution device The reception encryption key can be distributed to a transmission / reception device. Therefore, according to this configuration, it has a security function in a wireless section, can provide QoS based on data of all layers, has a very short communication disconnection time when the wireless terminal device moves, and is a wireless base station It is possible to provide a wireless communication system that can reduce the cost that the device does not need to store the encryption keys of all the wireless terminal devices connected to the communication network system.

  The wireless communication system according to claim 2 is the wireless terminal according to claim 1, wherein the encryption key storage device is located in another wireless area adjacent to its own wireless area distributed by the encryption key distribution device. Storing another reception encryption key for decrypting a radio signal received from the device and a self reception encryption key for decrypting a radio signal received from the radio terminal device in the own radio area. The network side decryption device of the wireless transmission / reception device adopts a configuration for decrypting a radio signal received from the wireless terminal device in its own radio area based on its own reception encryption key.

  In this configuration, the encryption key storage device receives a reception encryption key for decrypting a wireless signal received from a wireless terminal device in its own wireless area, and the wireless terminal device in a wireless area adjacent to itself. And a reception encryption key for decrypting the wireless signal. Therefore, according to this configuration, the network side decryption apparatus can decrypt the radio signal received from the radio terminal apparatus using the reception encryption key for the radio terminal apparatus in its own radio area. it can.

  According to a third aspect of the present invention, in the wireless communication system according to the second aspect, the encryption key storage device decrypts a terminal ID individually assigned to the wireless terminal device and the wireless signal received from the wireless terminal device. And a reception encryption key to be stored in association with each other.

  In this configuration, the encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a reception encryption key for decrypting a wireless signal received from the wireless terminal device. can do. Therefore, according to this configuration, it is possible to reliably decrypt a radio signal received from a radio terminal apparatus having this terminal ID, using a reception encryption key stored in association with the terminal ID.

  According to a fourth aspect of the present invention, there is provided the wireless communication system according to any one of the first to third aspects, wherein the encryption key storage device is information for encrypting a wireless signal transmitted to the wireless terminal device. A transmission encryption key is stored, and the encryption key distribution device includes: a wireless transmission / reception device having the wireless terminal device in a wireless area capable of transmitting / receiving transmission wireless signals; and another wireless area adjacent to the wireless area of the wireless transmission / reception device Distributing the transmission encryption key to the wireless transmission / reception device, wherein the wireless transmission / reception device includes a network side encryption device that encrypts and transmits a wireless signal to the wireless terminal device based on the transmission encryption key; The terminal device employs a configuration including a terminal-side decoding unit that decodes a radio signal received from the wireless transmission / reception device.

  In this configuration, the encryption key storage device stores a transmission encryption key that is information for encrypting a wireless signal to be transmitted to the wireless terminal device. The encryption key distribution device distributes a transmission encryption key to a wireless transmission / reception device having the wireless terminal device in a wireless area capable of transmitting / receiving a wireless signal and a wireless transmission / reception device in a wireless area adjacent to the wireless transmission / reception device. To do. The wireless transmission / reception apparatus includes a network side encryption apparatus that encrypts a wireless signal and transmits the wireless signal to the wireless terminal apparatus based on the transmission encryption key. Further, the wireless terminal device includes a terminal side decoding unit that decodes a wireless signal received from the wireless transmission / reception device. Therefore, according to this configuration, before the wireless terminal device moves to an adjacent wireless area, the wireless transmission / reception device in this wireless area encrypts a wireless signal received by the wireless terminal device. Can be received in advance.

  The wireless communication system according to claim 5 is the wireless terminal according to claim 4, wherein the encryption key storage device is in another wireless area adjacent to its own wireless area distributed by the encryption key distribution device. Storing another transmission encryption key for decrypting a radio signal to be transmitted to a device and a self-transmission encryption key for decrypting a radio signal to be transmitted to the wireless terminal device in its own radio area. The network side encryption device adopts a configuration for encrypting a radio signal to be transmitted to the wireless terminal device based on a transmission encryption key for the wireless terminal device in its own wireless area.

  In this configuration, the encryption key storage device encrypts a wireless signal transmitted to the wireless terminal device in its own wireless area, and the wireless terminal in the wireless area adjacent to its own wireless area. A transmission encryption key for encrypting a radio signal transmitted to the apparatus can be stored. Further, the network side encryption device can encrypt a radio signal transmitted to the wireless terminal device using a transmission encryption key for the wireless terminal device in its own wireless area.

  According to a sixth aspect of the present invention, there is provided the wireless communication system according to the fifth aspect, wherein the encryption key storage device encrypts a terminal ID individually assigned to the wireless terminal device and a wireless signal transmitted to the wireless terminal device. And a transmission encryption key to be stored in association with each other.

  In this configuration, the encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a transmission encryption key for encrypting a wireless signal to be transmitted to the wireless terminal device. . Therefore, according to this configuration, it is possible to reliably encrypt a radio signal to be transmitted to a radio terminal apparatus having this terminal ID, using a transmission encryption key stored in association with the terminal ID.

  According to a seventh aspect of the present invention, there is provided the wireless communication system according to any one of the first to sixth aspects, wherein the reception encryption key and the transmission encryption key are transmission / reception encryption keys of the same information.

  In this configuration, since the reception encryption key and the transmission encryption key are the same information transmission / reception encryption key, the wireless terminal device and the wireless transmission / reception device use the transmission / reception encryption key without distinguishing between transmission and reception. Can be used for transmission and reception. Further, the encryption key distribution device assigns the transmission / reception encryption key to a wireless transmission / reception device having the wireless terminal device in a wireless area capable of transmitting / receiving a wireless signal and to a wireless transmission / reception device in a wireless area adjacent to the wireless transmission / reception device. Distribute. Therefore, according to this configuration, before the wireless terminal device moves to an adjacent wireless area, the wireless transmission / reception device in the wireless area transmits / receives the wireless signal transmitted / received to / from the wireless terminal device. The transmission / reception encryption key can be received in advance. The encryption key storage device transmits / receives a transmission / reception encryption key for encrypting and decrypting a radio signal transmitted / received to / from a wireless terminal device in its own wireless area, and transmits / receives to / from a wireless terminal device in a wireless area adjacent to itself. A transmission / reception encryption key for encrypting and decrypting a wireless signal to be transmitted is stored in the wireless transmission / reception apparatus using the transmission / reception encryption key for the wireless terminal apparatus in its own wireless area. The wireless signal transmitted and received can be encrypted and decrypted.

  According to an eighth aspect of the present invention, there is provided the wireless communication system according to the seventh aspect, wherein the encryption key storage device transmits a terminal ID individually assigned to the wireless terminal device and a transmission radio signal transmitted and received by the wireless terminal device. A transmission / reception encryption key for encryption and decryption is stored in association with each other.

  In this configuration, the encryption key storage device includes a terminal ID individually assigned to the wireless terminal device, and a transmission / reception encryption key for encrypting and decrypting a wireless signal transmitted and received by the wireless terminal device. Store it in association. Therefore, according to this configuration, it is possible to reliably encrypt and decrypt a radio signal transmitted / received to / from a radio terminal apparatus having the terminal ID, using a transmission / reception encryption key stored in association with the terminal ID.

  A radio base station apparatus according to claim 9 has the radio transmission / reception apparatus according to any one of claims 1 to 8, and decrypts an encrypted radio signal received from a radio terminal apparatus, and A configuration is adopted in which an encrypted wireless signal is transmitted to the wireless terminal device.

  According to this configuration, since the radio base station apparatus has the radio transmission / reception apparatus according to any one of claims 1 to 8, the encrypted radio signal received from the radio terminal apparatus is transmitted. It is possible to transmit the decrypted and encrypted wireless signal to the wireless terminal device.

  An encryption key management server apparatus according to claim 10 includes the encryption key distribution apparatus according to any one of claims 1 to 6, wherein the encryption key distribution apparatus accesses the communication network system. A configuration is adopted in which the encryption key for the device is managed and the encryption key is distributed to the wireless transmission / reception device.

  In this configuration, since the encryption key management server apparatus has the encryption key distribution apparatus according to any one of claims 1 to 6, the encryption key management server apparatus is provided for a wireless terminal apparatus that accesses the communication network system. The encryption key is managed, and the encryption key can be distributed to the wireless transmission / reception device by the encryption key distribution device.

  An encryption terminator according to claim 11 is an encryption terminator of a wireless transmission / reception device in a wireless communication system according to any one of claims 1 to 8, wherein the encryption key storage device and the encryption key storage device An encryption unit of the network side encryption device for encrypting a wireless signal using a transmission encryption key stored in the network, and the wireless reception using a reception encryption key stored in the encryption key storage device A decryption unit of the network side decryption device for decrypting a radio signal received by the unit, a radio transmission unit for transmitting the radio signal encrypted by the encryption unit, and from the radio terminal device A wireless receiving unit that receives the wireless signal, and the encryption unit encrypts the wireless signal transmitted by each wireless transmitting unit of the plurality of wireless devices. When it becomes A block diagram showing a configuration for decoding the wireless signal radio reception section of each of the plurality of wireless devices are received by the decoder.

  In this configuration, the network side encryption device encrypts a signal transmitted by the wireless transmission / reception device by an encryption unit, and transmits the encrypted signal as a wireless signal by the wireless transmission unit. Further, the network side decoding apparatus receives a radio signal by the radio reception unit, and decodes the received signal by the decoding unit. Therefore, according to this configuration, the wireless transmission / reception apparatus includes an encryption terminator including the encryption unit and the decryption unit, and a wireless device including the wireless transmission unit and the wireless reception unit. Separable. The cryptographic terminator can be connected to the plurality of wireless devices, encrypts a signal transmitted by each of the plurality of wireless devices, and decrypts a signal received by each of the plurality of wireless devices. Can do.

  The wireless communication system according to claim 12 is a wireless communication system in a communication network system including a plurality of wireless transmission / reception devices capable of communicating with each other forming a wireless area accessible by a wireless terminal device that transmits and receives wireless signals, The wireless terminal device includes a terminal-side encryption unit that encrypts a wireless signal transmitted to the wireless transmission / reception device, and the wireless transmission / reception device receives a wireless signal received from the wireless terminal device for decrypting the wireless signal. An encryption key storage device that stores an encryption key; and a network side decryption device that decrypts the wireless signal based on the received encryption key, wherein the communication network system is accessing the communication network system. The plurality of wireless transmission / reception devices receive the reception encryption key for decrypting a wireless signal received from the wireless terminal device A configuration that includes an encryption key distribution device which distributes all.

  In this configuration, each of the plurality of wireless transmission / reception devices in the communication network system can transmit / receive a wireless signal to / from the wireless terminal device and can communicate with each other via the communication network system. Moreover, the terminal side encryption part of the said radio | wireless terminal apparatus encrypts the radio signal transmitted to the said radio | wireless transmitter / receiver. The encryption key distribution device distributes a reception encryption key for decrypting a radio signal received from a wireless terminal device accessing the communication network system to all of the wireless transmission / reception devices. Therefore, according to this configuration, before the wireless terminal device moves to an adjacent wireless area, the wireless transmitting / receiving device in the destination wireless area decodes the wireless signal transmitted by the wireless terminal device. A reception encryption key can be received in advance.

  According to a thirteenth aspect of the present invention, in the radio communication system according to the twelfth aspect, the encryption key storage device can store a plurality of received encryption keys distributed by the encryption key distribution device, and the network side decryption device Adopts a configuration in which a received radio signal is decrypted based on a reception encryption key for the radio terminal device in its own radio area.

  According to this configuration, since the encryption key storage device can store a plurality of reception encryption keys distributed by the encryption key distribution device, the wireless transmission / reception device can store a plurality of reception encryption keys stored in its own wireless area. A radio signal received from a radio terminal device can be decrypted using a reception encryption key for the radio terminal device.

  According to a fourteenth aspect of the present invention, in the invention according to the thirteenth aspect, the encryption key storage device decrypts a terminal ID individually assigned to the wireless terminal device and a wireless signal received from the wireless terminal device. And a reception encryption key to be stored in association with each other.

  In this configuration, the encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a reception encryption key for decrypting a wireless signal received from the wireless terminal device. it can. Therefore, according to this configuration, it is possible to reliably decrypt the radio signal received from the radio terminal apparatus having the terminal ID using the reception encryption key stored in association with the terminal ID.

  The wireless communication system according to claim 15 is the invention according to any one of claims 12 to 14, wherein the encryption key storage device is information for encrypting a wireless signal transmitted to the wireless terminal device. A transmission encryption key is stored, and the encryption key distribution device transmits the transmission encryption key for encrypting a wireless signal to be transmitted to the wireless terminal device that is accessing the communication network system to the plurality of wireless transmission / reception devices. The wireless transmission / reception device has a network side encryption device that encrypts and transmits the wireless signal to the wireless terminal device based on the transmission encryption key, and the wireless terminal device transmits and receives the wireless transmission / reception device. A configuration including a terminal side decoding unit that decodes a radio signal received from the apparatus is adopted.

  In this configuration, the encryption key storage device stores a transmission encryption key that is information for encrypting a wireless signal to be transmitted to the wireless terminal device. The encryption key distribution device distributes a transmission encryption key for encrypting a wireless signal transmitted to the wireless terminal device accessing the communication network system to all of the wireless transmission / reception devices. The wireless transmission / reception apparatus encrypts and transmits a wireless signal to the wireless terminal apparatus based on the transmission encryption key by the network side encryption apparatus. Further, the wireless terminal device decodes the wireless signal received from the wireless transmitting / receiving device by the terminal side decoding unit. Therefore, according to this configuration, before the wireless terminal device moves to an adjacent wireless area, the wireless transmission / reception device in the destination wireless area transmits the wireless signal received by the wireless terminal device for encryption. A transmission encryption key can be received in advance.

  According to a sixteenth aspect of the present invention, in the wireless communication system according to the fifteenth aspect, the encryption key storage device can store a plurality of the transmission encryption keys distributed by the encryption key distribution device, and the network side encryption The apparatus adopts a configuration in which a wireless signal is encrypted based on a transmission encryption key for the wireless terminal apparatus in its own wireless area.

  According to this configuration, the encryption key storage device transmits a transmission encryption key for encrypting a wireless signal to be transmitted to a wireless terminal device in its own wireless area, and the wireless terminal device in a wireless area adjacent to itself. Since a transmission encryption key for encrypting a wireless signal to be transmitted can be stored, the wireless transmission / reception device uses a transmission encryption key for a wireless terminal device in its own wireless area to store the wireless encryption device. The radio signal to be transmitted can be encrypted.

  The wireless communication system according to claim 17 is the wireless communication system according to claim 16, wherein the encryption key storage device encrypts a terminal ID individually assigned to the wireless terminal device and a wireless signal transmitted to the wireless terminal device. And a transmission encryption key to be stored in association with each other.

  According to this configuration, the encryption key storage device associates a terminal ID individually assigned to the wireless terminal device with a transmission encryption key for encrypting a wireless signal transmitted to the wireless terminal device. Since the data is stored, the wireless signal transmitted to the wireless terminal device having the terminal ID can be reliably encrypted using the transmission encryption key stored in association with the terminal ID.

  The radio communication system according to claim 18 is the invention according to any one of claims 12 to 17, wherein the reception encryption key and the transmission encryption key are transmission / reception encryption keys of the same information.

  In this configuration, since the reception encryption key and the transmission encryption key are the same information transmission / reception encryption key, the wireless terminal device and the wireless transmission / reception device use the transmission / reception encryption key without distinction between transmission and reception. The transmitted radio signal can be encrypted. The encryption key distribution device distributes a transmission / reception encryption key for encrypting and decrypting a wireless signal transmitted / received to / from a wireless terminal device accessing the communication network system to all wireless transmission / reception devices. Therefore, according to this configuration, before the wireless terminal device moves to an adjacent wireless area, the wireless transmission / reception device in the destination wireless area encrypts and decrypts the wireless signal transmitted and received with the wireless terminal device. The transmission / reception encryption key for can be received in advance. In addition, the encryption key storage device transmits / receives an encryption key for transmitting / receiving a radio signal transmitted / received to / from a wireless terminal device in its own wireless area, and transmits / receives to / from a wireless terminal device in a wireless area adjacent to itself. And a transmission / reception encryption key for encrypting and decrypting a wireless signal to be transmitted, so that the wireless transmission / reception device uses the transmission / reception encryption key for the wireless terminal device in its own wireless area. It is possible to encrypt and decrypt a radio signal transmitted to and received from the terminal device.

  The wireless communication system according to claim 19 is the wireless communication system according to claim 18, wherein the encryption key storage device transmits a terminal ID individually assigned to the wireless terminal device and a transmission wireless signal transmitted and received by the wireless terminal device. A transmission / reception encryption key for encryption and decryption is stored in association with each other.

  In this configuration, the encryption key storage device includes a terminal ID individually assigned to the wireless terminal device, and a transmission / reception encryption key for encrypting and decrypting a wireless signal transmitted and received by the wireless terminal device. Store it in association. Therefore, according to this configuration, it is possible to reliably encrypt and decrypt a radio signal transmitted / received to / from a radio terminal apparatus having the terminal ID, using the transmission / reception encryption key stored in association with the terminal ID.

  A radio base station apparatus according to claim 20 includes the radio transmission / reception apparatus according to any one of claims 12 to 19, and decrypts an encrypted radio signal received from the radio terminal apparatus, A configuration is adopted in which an encrypted wireless signal is transmitted to the wireless terminal device.

  According to this configuration, since the radio base station apparatus has the radio transmission / reception apparatus according to any one of claims 12 to 19, an encrypted radio signal received from the radio terminal apparatus is received. It is possible to transmit the decrypted and encrypted wireless signal to the wireless terminal device.

  An encryption key management server device according to claim 21 comprises the encryption key distribution device according to any one of claims 12 to 17, wherein an encryption key for the wireless terminal device accessing the communication network system is obtained. While managing, the structure which distributes the said encryption key to the said radio | wireless transmitter / receiver is taken.

  According to this configuration, since the encryption key management server apparatus includes the encryption key distribution apparatus according to any one of claims 12 to 17, the encryption key management server apparatus is a wireless terminal apparatus that accesses the communication network system. The encryption key can be distributed to the wireless transmission / reception device by the encryption key distribution device.

  An encryption terminator according to claim 22 is an encryption terminator of a wireless transmission / reception device in a wireless communication system according to any one of claims 12 to 19, wherein the encryption key storage device and the encryption key storage device An encryption unit of the network side encryption device for encrypting a wireless signal using a transmission encryption key stored in the network, and the wireless reception using a reception encryption key stored in the encryption key storage device A decryption unit of the network side decryption device for decrypting a radio signal received by the unit, a radio transmission unit for transmitting the radio signal encrypted by the encryption unit, and from the radio terminal device A wireless reception unit that receives a wireless signal of the wireless device, and is capable of being connected to a plurality of wireless devices, and the wireless signal transmitted by each wireless transmission unit of the plurality of wireless devices is encrypted by the encryption unit With A configuration for decoding each radio signal radio receiving unit receives the said plurality of wireless devices in the decoder.

  In this configuration, the network side encryption device encrypts a signal transmitted by the wireless transmission / reception device by an encryption unit, and transmits the encrypted signal as a wireless signal by the wireless transmission unit. Further, the network side decoding apparatus receives a radio signal by the radio reception unit, and decodes the received signal by the decoding unit. Therefore, according to this configuration, the wireless transmission / reception apparatus is separated into an encryption terminator including the encryption unit and the decryption unit, and a wireless device including the wireless transmission unit and the wireless reception unit. It becomes possible. The cryptographic terminator can be connected to the plurality of wireless devices, encrypts a signal transmitted by each of the plurality of wireless devices, and decrypts a signal received by each of the plurality of wireless devices. Can do.

  The wireless communication system according to claim 23 is a wireless communication system in a communication network system including a plurality of wireless transmission / reception devices that can communicate with each other and that forms a wireless area accessible by a wireless terminal device that transmits and receives wireless signals, The wireless terminal device includes a terminal-side encryption unit that encrypts a wireless signal transmitted to the wireless transmission / reception device, and the wireless transmission / reception device receives a wireless signal received from the wireless terminal device for decrypting the wireless signal. An encryption key storage device that stores an encryption key; and a network side decryption device that decrypts the wireless signal based on the received encryption key. The communication network system includes: a wireless terminal device that receives a wireless signal; An encryption key distribution device that distributes the received encryption key to wireless transmission / reception devices in the wireless area after entering the wireless area capable of transmission / reception A configuration that includes.

  In this configuration, each of the plurality of wireless transmission / reception devices of the communication network system transmits / receives a wireless signal to / from the wireless terminal device and can communicate with each other via the communication network system. The terminal side encryption unit encrypts a radio signal to be transmitted to the wireless transmission / reception device. The encryption key storage device of each wireless transmission / reception device stores a reception encryption key that is information for decrypting an encrypted wireless signal received from the wireless terminal device. Further, the network side decryption device decrypts the encrypted wireless signal received from the wireless terminal device based on the reception encryption key. The encryption key distribution device of the communication network system distributes the received encryption key to a wireless transmission / reception device having a wireless terminal device in a wireless area where wireless signals can be transmitted / received. Therefore, according to this configuration, when the wireless terminal device moves to an adjacent wireless area, it is not necessary to perform authentication of the terminal again by the authentication server, and the wireless transmitting / receiving device transmits the wireless signal transmitted by the wireless terminal device. It is possible to promptly receive a reception encryption key for signal decryption.

  A wireless communication system according to a twenty-fourth aspect is the invention according to the twenty-third aspect, wherein the encryption key storage device is capable of storing a plurality of received encryption keys distributed by the encryption key distribution device, and the wireless terminal device A configuration is adopted in which a terminal ID assigned individually and a reception encryption key for decrypting the wireless signal received from the wireless terminal device are stored in association with each other.

  In this configuration, the encryption key storage device can store a plurality of reception encryption keys distributed by the encryption key distribution device, and further receives a terminal ID assigned to the wireless terminal device and the wireless terminal device. The reception encryption key for decrypting the radio signal can be stored in association with each other. Therefore, according to this configuration, it is possible to reliably decrypt the radio signal received from the radio terminal apparatus having the terminal ID, using the reception encryption key stored in association with the terminal ID.

  A radio communication system according to claim 25 is the transmission cipher according to claim 23 or claim 24, wherein the encryption key storage device is information for encrypting the radio signal to be transmitted to the radio terminal device. A key is stored, and the encryption key distribution device distributes the transmission encryption key to the wireless transmission / reception device in a wireless area where the wireless terminal device capable of transmitting / receiving a wireless signal is located, and the wireless transmission / reception device transmits the transmission encryption key The wireless terminal device includes a network side encryption device that encrypts and transmits a wireless signal to the wireless terminal device, and the wireless terminal device includes a terminal side decryption unit that decrypts the wireless signal received from the wireless transmission / reception device. Take the configuration.

  In this configuration, the encryption key storage device stores a transmission encryption key which is information for encrypting a wireless signal transmitted to the wireless terminal device, and the encryption key distribution device is a wireless device capable of transmitting and receiving a wireless signal. The transmission encryption key is distributed to a wireless transmission / reception device having the wireless terminal device in the area. The network-side encryption device of the wireless transmission / reception device encrypts and transmits a wireless signal to the wireless terminal device based on the transmission encryption key, and the terminal-side decryption unit of the wireless terminal device transmits the wireless transmission / reception device. The radio signal received from the device is decoded. Therefore, according to this configuration, when the wireless terminal device moves to an adjacent wireless area, it is not necessary to perform authentication of the wireless terminal device again by an authentication server. The transmission encryption key for encrypting the received radio signal can be promptly received.

  According to a twenty-sixth aspect of the present invention, in the radio communication system according to the twenty-fifth aspect, the encryption key storage device can store a plurality of transmission encryption keys distributed by the encryption key distribution device, and the wireless terminal device A configuration is adopted in which an individually assigned terminal ID and a transmission encryption key for encrypting the wireless signal transmitted to the wireless terminal device are stored in association with each other.

  In this configuration, the encryption key storage device can store a plurality of transmission encryption keys distributed by the encryption key distribution device, and further transmits a terminal ID assigned to the wireless terminal device and the wireless terminal device. The transmission encryption key for encrypting the radio signal to be encrypted is stored in association with each other. Therefore, according to this configuration, it is possible to reliably encrypt a radio signal to be transmitted to a radio terminal apparatus having this terminal ID, using a transmission encryption key stored in association with the terminal ID.

  A radio communication system according to a twenty-seventh aspect is the invention according to any one of the twenty-third to twenty-sixth aspects, wherein the reception encryption key and the transmission encryption key are information transmission / reception encryption keys.

  In this configuration, since the reception encryption key and the transmission encryption key are the same information transmission / reception encryption key, the wireless terminal device and the wireless transmission / reception device do not distinguish between the transmission and reception encryption keys. It can be transmitted and received using a key. The encryption key distribution device distributes a transmission / reception encryption key to a wireless transmission / reception device having a wireless terminal device in a wireless area where wireless signals can be transmitted and received. Therefore, according to this configuration, before the wireless terminal device moves to the adjacent wireless area, the wireless transmission / reception device of this wireless area is authenticated by the authentication server when the wireless terminal device moves to the adjacent wireless area. There is no need to perform terminal authentication again, and the wireless transmission / reception apparatus can promptly receive a transmission / reception encryption key for decrypting a wireless signal transmitted by the wireless terminal apparatus. The encryption key storage device encrypts / decrypts a radio signal transmitted / received to / from a wireless terminal device in its own wireless area and encrypts / decrypts a wireless signal transmitted / received. A transmission / reception encryption key is stored. Accordingly, the wireless transmission / reception apparatus can encrypt and decrypt a wireless signal transmitted / received to / from the wireless terminal apparatus using a transmission / reception encryption key for the wireless terminal apparatus in its own wireless area.

  A wireless communication system according to a twenty-eighth aspect is the wireless communication system according to the twenty-seventh aspect, wherein the encryption key storage device is capable of storing a plurality of transmission / reception encryption keys distributed by the encryption key distribution device; The terminal ID assigned individually and the transmission / reception encryption key for encrypting and decrypting the wireless signal transmitted and received by the wireless terminal device are stored in association with each other.

  In this configuration, the encryption key storage device can store a plurality of transmission / reception encryption keys distributed by the encryption key distribution device, a terminal ID individually assigned to the wireless terminal device, and a wireless transmission and reception by the wireless terminal device A transmission / reception encryption key for encrypting and decrypting the signal is stored in association with each other. Therefore, according to this configuration, using the transmission / reception encryption key stored in association with the terminal ID, it is possible to reliably encrypt and decrypt a radio signal transmitted to and received from a wireless terminal apparatus having this terminal ID.

  A radio base station apparatus according to claim 29 has the radio transmission / reception apparatus according to any of claims 23 to 28, decrypts an encrypted radio signal received from the radio terminal apparatus, and A configuration is adopted in which an encrypted wireless signal is transmitted to the wireless terminal device.

  According to this configuration, since the radio base station apparatus has the radio transmission / reception apparatus according to any one of claims 23 to 28, the encrypted radio signal received from the radio terminal apparatus is decrypted. The encrypted wireless signal can be transmitted to the wireless terminal device.

  A cryptographic management server device according to a thirty-third aspect comprises the cryptographic key distribution device according to any one of the twenty-third to twenty-eighth embodiments, wherein the cryptographic key for the wireless terminal device accessing the communication network system is obtained. While managing, the structure which distributes the said encryption key to the said radio | wireless transmitter / receiver is taken.

  According to this configuration, the encryption key management server device manages the encryption key for the wireless terminal device that accesses the communication network system, and distributes the encryption key to the wireless transmission / reception device by the encryption key distribution device. be able to.

  A cipher terminator according to claim 31 is a cipher terminator of a radio transmission / reception device in a radio communication system according to any one of claims 23 to 28, wherein the cipher key storage device and the cipher key storage device. An encryption unit of the network side encryption device for encrypting a wireless signal using a transmission encryption key stored in the network, and the wireless reception using a reception encryption key stored in the encryption key storage device A decryption unit of the network side decryption device for decrypting a radio signal received by the unit, a radio transmission unit for transmitting the radio signal encrypted by the encryption unit, and from the radio terminal device A wireless reception unit that receives a wireless signal of the wireless device, and is capable of being connected to a plurality of wireless devices, and the wireless signal transmitted by each wireless transmission unit of the plurality of wireless devices is encrypted by the encryption unit With A configuration for decoding each radio signal radio receiving unit receives the said plurality of wireless devices in the decoder.

  In this configuration, the network-side encryption device of the wireless transmission / reception device encrypts a wireless signal by the encryption unit, and transmits the encrypted signal as a wireless signal by the wireless transmission unit. Further, the network side decoding apparatus receives a radio signal by the radio reception unit, and decodes the received radio signal by the decoding unit. Therefore, according to this configuration, the wireless transmission / reception apparatus is separated into an encryption terminator including the encryption unit and the decryption unit, and a wireless device including the wireless transmission unit and the wireless reception unit. And the cryptographic terminator can be connected to the plurality of wireless devices, encrypts a wireless signal transmitted by each of the plurality of wireless devices, and receives a wireless signal received by each of the plurality of wireless devices. Can be decrypted.

  A radio terminal apparatus according to claim 32 is a radio terminal apparatus used in the radio communication system according to any one of claims 1 to 8, claim 12 to claim 18, and claim 23 to claim 28, A wireless area determining means for determining that the wireless area has moved from outside the wireless area to the wireless area based on a wireless signal; and an encryption key after determining that the wireless area determining means has moved from outside the wireless area to the wireless area. And a wireless area switching means for switching a wireless area for performing wireless communication based on the wireless signal.

  When this wireless terminal device enters the destination wireless area for the first time, it is only necessary to exchange the encryption key with the wireless transmitting / receiving device in the destination wireless area only once. Therefore, according to this configuration, as in the case of using IEEE 802.1x, every time a wireless area is switched due to movement, between this wireless terminal device and the wireless transmitting / receiving device of the moving wireless area, Since it is not necessary to perform the operations of authentication and key exchange, the disconnection time of transmission / reception when the wireless area for communication is switched is extremely short, and safe wireless communication can be performed.

  As described above, according to the present invention, the reception encryption key for decrypting the radio signal received from the wireless terminal device is stored in the encryption key storage device, and based on the received encryption key by the network side decryption device. The wireless signal is decrypted by the encryption key distribution device and the wireless terminal device has the wireless terminal device in a wireless area where the transmitted / received wireless signal can be transmitted and received, and another wireless device adjacent to the wireless area of the wireless transmission / reception device. Since the reception encryption key can be distributed to the wireless transmission / reception devices in the area, the disconnection time of transmission from the wireless terminal device can be extremely shortened, and each wireless transmission / reception device connects to the communication network system. It is possible to provide a wireless communication system that can reduce costs without storing the encryption keys of all the wireless terminal devices.

  The essence of the present invention is that a reception encryption key for decrypting a radio signal received from a wireless terminal device is stored in an encryption key storage device, and the wireless signal is decrypted by a network side decryption device based on the received encryption key. And a wireless transmission / reception device having the wireless terminal device in a wireless area capable of transmitting / receiving a transmission / reception signal, and a wireless transmission / reception device in another wireless area adjacent to the wireless area of the wireless transmission / reception device. , And distributing the received encryption key.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

(Embodiment 1)
FIG. 1 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 1 of the present invention.

  In FIG. 1, a communication network system 102 includes a plurality of wireless transmission / reception devices 103a, 103b, and 103c that can communicate with each other (hereinafter, collectively referred to as “wireless transmission / reception device 103”). The wireless transmission / reception device 103 transmits and receives wireless signals to and from the wireless terminal devices 101a and 101b (hereinafter collectively referred to as “wireless terminal device 101”) in each wireless area, The terminal device 101 is configured to access the communication network system 102.

  The wireless transmission / reception device 103 may be communicable with the wired node device 112 of the communication network system 102. FIG. 1 shows an example in which the wireless transmission / reception device 103a communicates with the wired node device 112.

  The wireless transmission / reception device 103 includes an encryption key storage device 105, a network side decryption device 106, and a network side encryption device 109. On the other hand, the wireless terminal device 101 includes a terminal side encryption unit 104 and a terminal side decryption unit 111.

  The encryption key storage device 105 has a configuration in which a reception encryption key RR and a transmission encryption key SS and a terminal ID individually assigned to the wireless terminal device 101 are stored in association with each other.

  In the table Ta shown in FIG. 2A, the encryption key storage device 105 of the wireless transmission / reception device 103a stores the reception encryption key RRa, the transmission encryption key SSa, the terminal IDa, the reception encryption key RRb, the transmission encryption key SSb, and the terminal IDb. It shows how they are stored in association.

  Also, the table Tb shown in FIG. 2B shows a state in which the encryption key storage device 105 of the wireless transmission / reception device 103b stores the reception encryption key RRa, the transmission encryption key SSa, and the terminal IDa in association with each other. .

  Also, the table Tc shown in FIG. 2C shows that the encryption key storage device 105 of the wireless transmission / reception device 103c has the reception encryption key RRa, the transmission encryption key SSa and the terminal IDa, the reception encryption key RRb, the transmission encryption key SSb, and the terminal IDb. Is stored in association with each other.

  Note that the terminal ID used here may be any terminal ID such as a MAC address or an IP address that can be identified. For example, the terminal ID may be a manufacturing number of the wireless terminal device 101 or a user ID of a user who uses the communication network system 102 by the wireless terminal device 101.

  The wireless signal AS transmitted by the wireless terminal device 101a is encrypted by the terminal side encryption unit 104 of the wireless transmission / reception device 103a in order to maintain security in the wireless section. The encrypted wireless signal AS is decrypted by the network side decryption device 106 using the reception encryption key RRa shown in the table Ta of FIG. 2A stored in the encryption key storage device 105 of the wireless transmission / reception device 103a. It becomes. As a result, the communication network system 102 can provide QoS based on the data of all the layers of the decoded signal S.

  Further, as shown in the table Ta of FIG. 2A, the encryption key storage device 105 of the wireless transmission / reception device 103a is a transmission encryption key SSa that is information for encrypting the wireless signal AR received by the wireless terminal device 101a. Is remembered. Further, the radio signal AR transmitted from the wireless transmission / reception device 103a and received by the wireless terminal device 101a is encrypted by the network side encryption device 109 based on the transmission encryption key SSa. The terminal side decoding unit 111 of the wireless terminal device 101a is configured to decode the wireless signal AR. Thereby, the security in the radio section in this radio communication system is maintained.

  Further, the wireless signal R transmitted from the wired node device 112 of the communication network system 102 and received by the wireless transmission / reception device 103a is not encrypted. Therefore, the communication network system 102 can provide QoS based on data of all layers of the radio signal R.

  In the wireless communication system shown in FIG. 1, since the wireless terminal device 101a is in the wireless area Ea of the wireless transmitting / receiving device 103a, the wireless transmitting / receiving device 103a notifies the wireless area Ea that the wireless terminal device 101a is present. A terminal presence notification signal Na is sent to the encryption key distribution device 110. In response to the terminal presence notification signal Na, the encryption key distribution apparatus 110 sends the reception encryption key RRa and the transmission encryption key SSa for the wireless terminal apparatus 101a to the wireless transmission / reception apparatus 103a and another wireless adjacent to the wireless area Ea. This is distributed to the wireless transmission / reception device 103b and the wireless transmission / reception device 103c in the area.

  The reception encryption key RRa and the transmission encryption key SSa distributed to the wireless transmission / reception device 103b are stored in the table Tb of the wireless transmission / reception device 103b as shown in FIG. Thereby, even when the wireless terminal device 101a moves to the wireless area Eb adjacent to the wireless area Ea, the wireless transmitting / receiving device 103b uses the received encryption key RRa received in advance to quickly transmit the wireless signal transmitted by the wireless terminal device 101a. AS decoding can begin.

  Therefore, according to this wireless communication system, when the wireless terminal device 101a moves to the wireless area Eb adjacent to the wireless area Ea, the time during which transmission from the wireless terminal device 101a is disconnected is extremely short. Similarly, since the encryption of the radio signal AR received by the wireless terminal device 101a can be quickly started using the previously received transmission encryption key SSa, the time during which the reception of the wireless terminal device 101a is cut off is also extremely short.

  In the wireless communication system shown in FIG. 1, since the wireless terminal device 101b is also present in the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nb to the encryption key distribution device 110 (not shown). As a result, the encryption key distribution apparatus 110 transmits the reception encryption key RRb and the transmission encryption key SSb for the wireless terminal apparatus 101b to the wireless area Ec adjacent to the wireless transmission / reception apparatus 103c in response to the terminal presence notification signal Nb. Distribution is performed to the wireless transmitter / receiver 103a in the area (not shown).

  That is, the encryption key storage device 105 of the wireless transmission / reception device 103a has a reception encryption key RRa and a transmission encryption key SSa for communicating with the wireless terminal device 101a in the wireless area Ea as shown in the table Ta of FIG. And the reception encryption key RRb and the transmission encryption key SSb received from the encryption key distribution device 110 can be stored. As a result, the wireless transmission / reception device 103a reliably decrypts the wireless signal AS from the wireless terminal device 101a using the reception encryption key RRa for communication with the wireless terminal device 101a in its own wireless area Ea. The wireless signal AR received by the wireless terminal device 101a is securely encrypted using the transmission encryption key SSa for communicating with the wireless terminal device 101a in the wireless area Ea.

  As described above, the encryption key storage device 105 of the wireless transmission / reception device 103a encrypts and decrypts the wireless signal received from the wireless terminal device 101b in the other wireless area Ec adjacent to its own wireless area Ea. Any configuration that can store the reception encryption key RRb and the transmission encryption key SSb and the reception encryption key RRa and the transmission encryption key SSa for the wireless terminal device 101a in the own wireless area Ea is acceptable. There is no need to store reception encryption keys and transmission encryption keys for all wireless terminal devices having access rights.

  In the example shown in FIG. 1, the wireless terminal device 101a is in the wireless area Ea, and the wireless terminal device 101b is in the adjacent wireless area Ec. Accordingly, the encryption key storage device 105 of the wireless transmission / reception device 103a and the wireless transmission / reception device 103c includes the wireless terminal device 101a and the wireless terminal as shown in the table Ta in FIG. 2A and the upper table Tc in FIG. A reception encryption key RRa and reception encryption key RRb for decrypting a transmission / reception signal transmitted / received to / from the device 101b, and a transmission encryption key SSa and a transmission encryption key SSb for encryption are assigned to each wireless terminal device. Stored in association with terminal IDa and terminal IDb.

  On the other hand, since the encryption key storage device 105 of the wireless transmission / reception device 103b has no wireless terminal device in the wireless area Eb and has the wireless terminal device 101a in the adjacent wireless area Ea, as shown in the table Tb in FIG. A reception encryption key RRa for decrypting a transmission radio signal transmitted / received to / from the wireless terminal device 101a and a transmission encryption key SSa for encryption are stored in association with the terminal IDa assigned to the wireless terminal device 101a. Yes.

  In FIG. 1, when the wireless terminal device 101a moves from the wireless area Ea to the wireless area Eb, the wireless transmitting / receiving device 103a does not send the terminal presence notification signal Na to the encryption key distribution device 110. Accordingly, the encryption key distribution device 110 does not distribute the reception encryption key RRa and the transmission encryption key SSa to the wireless transmission / reception device 103c. As a result, the wireless transmission / reception device 103c erases the reception encryption key RRa, the transmission encryption key SSa, and the terminal IDa stored in the encryption key storage device 105 as shown in the lower part of the table Tc in FIG. .

  On the other hand, although not shown, the wireless transmission / reception device 103b sends the terminal presence notification signal Na to the encryption key distribution device 110 when the wireless terminal device 101a is newly added to its own wireless area 3b. At this time, the encryption key distribution device 110 transmits the reception encryption key RRa and the transmission to the wireless transmission / reception device 103a adjacent to the wireless area Eb as shown in FIG. 1 and the wireless transmission / reception device 103b of its own wireless area Eb. Since the encryption key SSa is sent, the information in the table Ta and the table Tb does not change.

  When the wireless terminal device 101 disappears from its own wireless area and other adjacent wireless areas, the wireless transmission / reception device 103 obtains the terminal ID, the reception encryption key RR, and the transmission encryption key SS of the wireless terminal device 101. It is not necessary to have a configuration for erasing immediately from the encryption key storage device 105, and a configuration for erasing after a predetermined time may be used.

  In addition, the wireless transmission / reception device 103 stores the terminal ID, the reception encryption key RR, and the transmission encryption key SS of the wireless terminal device in its own wireless area and the adjacent wireless area in a storage area in the encryption key storage unit 105. The terminal ID, reception encryption key RR, and transmission encryption key SS of the wireless terminal device 101 newly added to its own wireless area or adjacent wireless area may be stored.

  FIG. 3 shows an operation example when the wireless terminal device 101c is newly added to the wireless area Ec of the wireless transmission / reception device 103c. In this example, since the wireless terminal device 101a has moved from the wireless area Ea to the wireless area Eb, the terminal IDa and the table Tb shown in FIG. 4A and the table Tb shown in FIG. The reception encryption key RRa and the transmission encryption key SSa are stored in association with each other. In addition, the encryption key storage device 105 of the wireless transmission / reception device 103c, as shown in the upper part of the table Tc shown in FIG. 4C, receives the terminal IDa and the received encryption of the wireless terminal device 101a previously included in the adjacent wireless area Ea. The key RRa and the transmission encryption key SSa are stored without being erased.

  Here, as shown in FIG. 3, when the wireless terminal device 101 c is newly added to the wireless area Ec, the wireless transmission / reception device 103 c sends a terminal presence notification signal Nc to the encryption key distribution device 110. In response to the terminal presence notification signal Nc, the encryption key distribution apparatus 110 sends the reception encryption key RRc and the transmission encryption key SSc to the wireless transmission / reception apparatus 103c and the wireless transmission / reception apparatus 103a in the wireless area Ea adjacent to the wireless area Ec. At this time, since there is no wireless terminal device 101a in the wireless area Ea adjacent to the wireless area Ec, as shown in the lower part of the table Tc in FIG. 4C, the wireless transmitting / receiving device 103c has the terminal IDa and the reception encryption key RRa. The terminal IDc of the wireless terminal device 101c, the reception encryption key RRc, and the transmission encryption key SSc are newly stored in the storage area of the encryption key storage device 105 that has stored the transmission encryption key SSa. Here, as shown in the lower part of the table Ta in FIG. 4A, the wireless transmission / reception device 103a stores the terminal IDc, the reception encryption key RRc, and the transmission encryption key of the wireless terminal device 101c in the storage area of the encryption key storage device 105. The SSc is associated and stored.

  As described above, the encryption key storage device 105 of the wireless transmission / reception device 103 has a wireless terminal device that is already outside this wireless area when a new wireless terminal device 101 is added to its own wireless area and a wireless area adjacent thereto. The encryption area for the new wireless terminal device 101 is stored in the storage area in which the encryption key for 101 is stored, and the storage capacity of the encryption key storage device 105 is used efficiently. Be able to.

  The encryption key storage device 105 of the wireless transmission / reception device 103c, as shown in the lower part of the table Tc in FIG. 4C, receives and encrypts the reception encryption keys RRc, RRb and transmission for encrypting and decrypting the wireless signal to be transmitted and received. The encryption keys SSc and SSb and the terminal IDc and IDb are stored in association with each other. Thus, in this wireless communication system, even when there are a plurality of wireless terminal devices 101a and 101b in its own wireless area, the wireless terminal device 101 that communicates with each of the pre-stored terminal IDs is determined and this transmission is performed. It is possible to reliably encrypt and decrypt a radio signal to be transmitted using the encryption key SS and the reception encryption key RR.

(Embodiment 2)
FIG. 5 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 2 of the present invention. In FIG. 5, components common to the wireless communication system according to Embodiment 1 described above are described with the same reference numerals.

  As shown in FIG. 5, the wireless communication system according to the second embodiment is configured such that the reception encryption key RR and the transmission encryption key SS used in the wireless communication system according to the first embodiment are equal to the transmission / reception encryption key SR. It is a thing.

  In this radio communication system, as in the configuration of the radio communication system according to the first embodiment shown in FIGS. 1 and 3, the radio signal AR and the radio signal AS in this radio section are encrypted and security is maintained. Since the wireless signal R and the wireless signal S in the communication network system 102 are not encrypted, it is possible to provide QoS based on data of all layers.

  Further, in this wireless communication system, since the above-described reception encryption key and transmission encryption key are the same transmission / reception encryption key SR, the wireless terminal device 101 and the wireless transmission / reception device 103 receive the transmission encryption key and the reception encryption key. There is no need to distinguish the encryption key for use, and the cost merit is further increased as compared with the configuration in which the reception encryption key and the transmission encryption key are different.

  The encryption key storage device 105 of the wireless transmission / reception device 103 in this wireless communication system includes a transmission / reception encryption key SR for encrypting and decrypting a transmitted / received transmission / reception signal, and a terminal ID individually assigned to the wireless terminal device 101. Are stored in association with each other. The table Ta shown in FIG. 6A, the table Tb shown in FIG. 6B, and the table Tc shown in FIG. 6C are stored in the encryption key storage device 105 of each of the wireless transmission / reception devices 103a, 103b, and 103c. A state in which the transmission / reception encryption key SR and the terminal ID are stored in association with each other is shown.

  Here, since the wireless terminal device 101a is in this wireless area Ea, the wireless transmitting / receiving device 103a sends a terminal presence notification signal Na to the encryption key distribution device 110. In response to the terminal presence notification signal Na, the encryption key distribution apparatus 110 sends the transmission / reception encryption key SRa for the wireless terminal apparatus 101a to the wireless transmission / reception apparatus 103a, the wireless area Eb adjacent to the wireless area Ea, and the wireless area Ec. This is distributed to the wireless transmission / reception device 103b and the wireless transmission / reception device 103c.

  Although not shown, the wireless transmission / reception device 103c sends the terminal presence notification signal Nb to the encryption key distribution device 110 because the wireless terminal device 101b is in this wireless area Ec. In response to the terminal presence notification signal Nb, the encryption key distribution apparatus 110 sends the transmission / reception encryption key SRa for the wireless terminal apparatus 101b to the wireless transmission / reception apparatus 103c and the wireless transmission / reception apparatus 103a of the wireless area Ea adjacent to the wireless area Ec. To distribute.

  Thus, since the wireless terminal device 101a is present in the wireless area Ea of this wireless communication system and the wireless terminal device 101b is present in the adjacent wireless area Ec, the encryption key storage device of the wireless transmitting / receiving device 103a and the wireless transmitting / receiving device 103c. The encryption key storage device 105 encrypts and transmits radio signals to be transmitted / received to / from the wireless terminal device 101a and the wireless terminal device 101b as shown in the upper part of the tables Ta and Tc in FIGS. 6 (a) and 6 (c). The transmission / reception encryption keys SRa and SRb for decryption are stored in association with the terminal IDa and IDb assigned to the respective wireless terminal devices 101a and 101b.

  On the other hand, since there is no wireless terminal device in the wireless area Eb of this wireless communication system and the wireless terminal device 101a is in another adjacent wireless area Ea, the encryption key storage device 105 of the wireless transmitting / receiving device 103b is shown in FIG. ), A transmission / reception encryption key SRa for encrypting and decrypting a transmission / reception signal transmitted / received to / from the wireless terminal device 101a is stored in association with the terminal IDa assigned to the wireless terminal device 101a. .

  As described above, the encryption key storage device 105 of the wireless transmission / reception device 103a includes the transmission / reception encryption key SRa for encrypting and decrypting the transmission / reception signal transmitted / received to / from the wireless terminal device 101a and the transmission / reception for the wireless terminal device 101b. The encryption key SRb is stored in association with the terminal IDa and IDb of the wireless terminal device 101a and the wireless terminal device 101b as shown in the table Ta. As a result, the wireless transmission / reception device 103a reliably uses the transmission / reception encryption key SRa associated with the terminal IDa of the wireless terminal device 101a in its own wireless area Ea without using the transmission / reception encryption key SRb. It can be encrypted and decrypted.

  The encryption key storage device 105 of the wireless transmission / reception device 103b stores the transmission / reception encryption key SRa received from the encryption key distribution device 110 in association with the terminal IDa of the wireless terminal device 101a. As a result, the wireless transmission / reception device 103b can quickly start encryption and decryption of a transmission / reception signal transmitted / received to / from the wireless terminal device 101a using the transmission / reception encryption key SRa received in advance from the encryption key distribution device 110. Even when the device 101a moves from the wireless area Ea to the wireless area Eb, the wireless transmission / reception device 103a, the wireless transmission / reception device 103b, and the wireless terminal device 101a are disconnected for a very short time.

  As the wireless terminal device 101a moves from the wireless area Ea to the wireless area Eb, the transmitting / receiving device 103a does not send the terminal presence notification signal Na to the encryption key distribution device 110. Thereby, the encryption key distribution device 110 does not distribute the transmission / reception encryption key SRa to the wireless transmission / reception device 103c. As a result, the wireless transmission / reception device 103c deletes the transmission / reception encryption key SRa and the terminal IDa stored in the encryption key storage device 105 as shown in the lower part of the table Tc in FIG.

  On the other hand, although not shown, the wireless transmission / reception device 103b sends a terminal presence notification signal Na to the encryption key distribution device 110 when the wireless terminal device 101a is newly added to its own wireless area 103b. Thereby, the encryption key distribution device 110 sends the transmission / reception encryption key SRa to the wireless transmission / reception device 103a and the wireless transmission / reception device 103b in the wireless area Ea adjacent to the wireless area Eb. Does not occur.

  When the wireless terminal device 101a disappears from its own wireless area Ea and the adjacent wireless area Eb, the wireless transmitting / receiving device 103a uses the encryption key storage device to transmit the terminal ID of the wireless terminal device 101a and the transmission / reception encryption key SRa. It is not necessary to have a configuration for erasing immediately from 105, and a configuration for erasing after a certain period of time may be used.

  In addition, the wireless communication system according to the second embodiment has a storage area in the encryption key storage device 105 that stores the terminal ID and the transmission / reception encryption key SR of the wireless terminal device 101 that is not in its own wireless area and the adjacent wireless area. In addition, the terminal ID and the transmission / reception encryption key SR of the wireless terminal device 101 newly added to the own wireless area or the adjacent wireless area may be stored.

  FIG. 7 shows an operation example when the wireless terminal device 101c is newly added to the wireless area Ec. As shown in FIG. 7, the wireless terminal device 101a has moved from the wireless area Ea to the wireless area Eb. As a result, the terminal IDa and the transmission / reception encryption key SRa are associated with the encryption key storage device 105 of the wireless transmission / reception devices 103a and 103b as shown in the upper part of the tables Ta and Tb in FIGS. Is remembered. Further, the encryption key storage device 105 of the wireless transmission / reception device 103c, as shown in the upper part of the table Tc in FIG. 8C, has the terminal IDa and the transmission / reception encryption key SRa of the wireless terminal device 101a that was previously in the adjacent wireless area Ea. Are stored without erasing.

  Here, as illustrated in FIG. 7, when a wireless terminal device 101 c is newly added to the wireless area Ec, the wireless transmission / reception device 103 c sends a terminal presence notification signal Nc to the encryption key distribution device 110. In response to the terminal presence notification signal Nc, the encryption key distribution apparatus 110 transmits the transmission / reception encryption key SRc to the wireless transmission / reception apparatus 103c and the wireless transmission / reception apparatus 103a in the wireless area Ea adjacent to the wireless area Ec.

  As a result, since the wireless transmission / reception device 103c does not have the wireless terminal device 101a in the wireless area Ea adjacent to the wireless area Ec, as shown in the lower part of the table Tc in FIG. 8C, the terminal IDa and the transmission / reception encryption key SRa. Are newly stored in the storage area of the encryption key storage device 105 in which the terminal IDc and the transmission / reception encryption key SRc of the wireless terminal device 101c are stored. Further, as shown in the lower part of the table Ta in FIG. 8A, the wireless transmission / reception device 103a stores the terminal IDc of the wireless terminal device 101c and the transmission / reception encryption key SRc in the storage area of the encryption key storage device 105 in association with each other. To do.

  With the configuration described above, even when there are a plurality of wireless terminal devices 101 in its own wireless area, the wireless transmission / reception device 103 determines the wireless terminal device 101 based on each terminal ID stored in the encryption key storage device 105, and the terminal ID The transmission / reception radio signal can be reliably encrypted and decrypted using the transmission / reception encryption key SR stored in association with.

  Next, a specific configuration of the radio transmission / reception apparatus in the radio communication system according to Embodiment 1 and Embodiment 2 of the present invention will be described. FIG. 9 is a specific configuration example of a wireless transmission / reception apparatus in this wireless communication system.

  The radio transmission / reception apparatus 103 in this radio communication system can be provided inside a single radio base station apparatus 910, like the radio transmission / reception apparatus 103d shown in FIG.

  The network side encryption device 109 of the wireless transmission / reception device 103 is encrypted by an encryption unit 1091 for encrypting a signal transmitted by the wireless transmission / reception device 103 and the encryption unit 1091 as shown in FIG. And a wireless transmission unit 1092 that transmits the received signal as a wireless signal. The network side decoding device 106 of the wireless transmission / reception device 103 includes a wireless reception unit 1062 that receives a wireless signal and a decoding unit 1061 that decodes a signal received by the wireless reception unit 1062. .

  Further, as shown in FIG. 10, the wireless transmission / reception device 103 in this wireless communication system includes an encryption terminator including an encryption unit 1091 of the network side encryption device 109 and a decryption unit 1061 of the network side decryption device 106. 1031 and a wireless device 1032 including a wireless transmission unit 1092 and a wireless reception unit 1062.

  Therefore, the wireless transmission / reception apparatus 103 in this wireless communication system includes a wireless device 1032 having a physical transmission / reception function of a wireless signal and an encryption termination having an encryption / decryption function like the wireless transmission / reception apparatus 103e shown in FIG. A configuration in which the device 1031 is combined may be employed.

  Here, as shown in FIG. 10, the encryption terminator 1031 can be connected to a plurality of wireless devices 1032, encrypts a signal transmitted by each of the plurality of wireless devices 1032, and each of the plurality of wireless devices 1032 The received signal can be decoded. Therefore, the wireless transmission / reception device 103 in this wireless communication system performs physical termination of the wireless signal by the wireless device 1032 and signals the cryptographic terminator 1031 and the plurality of wireless devices 1032 like the wireless transmission / reception device 103f shown in FIG. It is also possible to adopt a configuration in which the network is connected to an encryption communication network system 920 that can communicate in an encrypted state.

(Embodiment 3)
FIG. 11 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 3 of the present invention. In FIG. 11, components common to the wireless communication system according to Embodiment 1 and Embodiment 2 described above are described with the same reference numerals.

  In FIG. 11, the communication network system 102 includes a plurality of wireless transmission / reception devices 103 that can communicate with each other. These wireless transmission / reception devices 103 transmit and receive wireless signals to and from the wireless terminal device 101 in each wireless area. The wireless terminal device 101 is configured to access the communication network system 102. The wireless transmission / reception device 103 may be communicable with the wired node device 112 of the communication network system 102. FIG. 1 shows an example in which the wireless transmission / reception device 103a communicates with the wired node device 112.

  The encryption key storage device 105 has a configuration in which a reception encryption key RR and a transmission encryption key SS and a terminal ID individually assigned to the wireless terminal device 101 are stored in association with each other. The table shown in FIG. Each encryption key storage device 105 of each wireless transmission / reception device 103 stores reception encryption key RRa and transmission encryption key SSa and terminal IDa, reception encryption key RRb and transmission encryption key SSb, and terminal IDb in association with each other. It shows a state.

  Note that the terminal ID used here may be any terminal ID such as a MAC address or an IP address that can be identified. For example, the terminal ID may be a manufacturing number of the wireless terminal device 101 or a user ID of a user who uses the communication network system 102 by the wireless terminal device 101.

  The wireless signal AS transmitted by the wireless terminal device 101a is encrypted by the terminal side encryption unit 104 of the wireless terminal device 101a in order to maintain security in the wireless section. The encrypted wireless signal AS is decrypted by the network side decryption device 106 using the reception encryption key RRa shown in the table of FIG. 12 stored in the encryption key storage device 105 of the wireless transmission / reception device 103a. As a result, the communication network system 102 can provide QoS based on the data of all the layers of the decoded signal S.

  The encryption key storage device 105 of the wireless transmission / reception device 103a stores a transmission encryption key SSa that is information for encrypting the wireless signal AR transmitted to the wireless terminal device 101, as shown in the table of FIG. The radio signal AR transmitted from the network side encryption device 109 of the wireless transmission / reception device 103a is encrypted based on the transmission encryption key SSa, and the terminal side decryption unit 111 provided in the wireless terminal device 101 includes: The radio signal AR is configured to be decoded. Thereby, the security in the radio section in this radio communication system is maintained.

  Further, in this wireless communication system, since the signal R of the communication network system 102 is not encrypted as described above, QoS based on the data of all layers of the signal R can be provided.

  In this wireless communication system, since the wireless terminal device 101a is in the wireless area Ea of the wireless transmitting / receiving device 103a, the wireless transmitting / receiving device 103a has a terminal for notifying that the wireless terminal device 101a is in the wireless area Ea. The notification signal Na is sent to the encryption key distribution device 110 shown in FIG. In response to the terminal presence notification signal Na, the encryption key distribution apparatus 110 sends the reception encryption key RRa and the transmission encryption key SSa for the wireless terminal apparatus 101a to all the wireless transmission / reception apparatuses 103a, 103b, 103c, 103d, and 103e. Distribute.

  Therefore, in this wireless communication system, the wireless transmission / reception device 103b can store the reception encryption key RRa and the transmission encryption key SSa as shown in the table of FIG. 12, and the wireless terminal device 101a is stored in the wireless area Ea. Even when moving to the adjacent wireless area Eb, the wireless transmission / reception device 103b can quickly start decoding the wireless signal AS transmitted by the wireless terminal device 101a using the received encryption key RRa received in advance. The time for disconnecting the transmission from the terminal device 101a can be extremely short. Similarly, in this wireless communication system, since the wireless signal AR received by the wireless terminal device 101a can be promptly started using the previously received transmission encryption key SSa, the time during which the reception of the wireless terminal device 101a is cut off Is extremely short.

  Although not shown, since the wireless terminal device 101b is present in the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nb to the encryption key distribution device 110. As a result, the encryption key distribution apparatus 110 converts the reception encryption key RRb and the transmission encryption key SSb for the wireless terminal apparatus 101b to all the wireless transmission / reception apparatuses 103a, 103b, 103c, 103d in response to the terminal presence notification signal Nb. , 103e.

  The encryption key storage device 105 of the wireless transmission / reception device 103a includes a reception encryption key RRb and a transmission encryption key SSb for encrypting and decrypting the wireless signal received from the encryption key distribution device 110, as shown in the table of FIG. The reception encryption key RRa and the transmission encryption key SSa for the wireless terminal device 101a in its own wireless area Ea can be stored. In addition, the wireless transmission / reception device 103a reliably decrypts the wireless signal AS received using the reception encryption key RRa for the wireless terminal device 101a in the wireless area Ea of the wireless transmission / reception device 103a. The radio signal AR to be transmitted is securely encrypted using the transmission encryption key SSa for the terminal device 101a.

  Thus, the encryption key storage device 105 may be configured to be able to store the reception encryption key and the transmission encryption key for the wireless terminal device that is accessing the communication network system 102, and the access right to the communication network system 102 can be stored. It is not necessary to store a reception encryption key and a transmission encryption key for a wireless terminal device that has an access but does not access.

  On the other hand, although not shown, the wireless transmission / reception device 103b sends the terminal presence notification signal Na to the encryption key distribution device 110 by newly adding the wireless terminal device 101a to its own wireless area Eb, and the encryption key distribution device 110 sends the reception encryption key RRa and the transmission encryption key SSa to all the wireless transmission / reception devices 103, so the information in the table shown in FIG. 12 does not change.

  Here, as shown in FIG. 13, when the wireless terminal device 101c is newly added to the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nc to the encryption key distribution device 110. The encryption key distribution apparatus 110 sends the reception encryption key RRc and the transmission encryption key SSc to all the wireless transmission / reception apparatuses 103a, 103b, 103c, 103d, and 103e in response to the terminal presence notification signal Nc. Then, each wireless transmission / reception device 103a, 103b, 103c, 103d, 103e has the terminal IDc of the wireless terminal device 101c and the received encryption key RRc in the storage area of the encryption key storage device 105 as shown in the lower part of the table of FIG. And the transmission encryption key SSc are stored in association with each other.

(Embodiment 4)
FIG. 15 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 4 of the present invention. In FIG. 15, components common to the above-described wireless communication system according to Embodiment 3 are described with the same reference numerals.

  As shown in FIG. 15, the wireless communication system according to the fourth embodiment is configured such that the reception encryption key RR and the transmission encryption key SS used in the wireless communication system according to the third embodiment are equal to the transmission / reception encryption key SR. It is a thing.

  In this radio communication system, as in the configuration of the radio communication system according to the third embodiment shown in FIG. 11 and FIG. 13, radio signals AR and AS in the radio section are encrypted and security is maintained. In this wireless communication system, since the signals R and S in the communication network system 102 are not encrypted, it is possible to provide QoS based on data of all layers.

  Also, since the reception encryption key RR and the transmission encryption key SS are the same information transmission / reception encryption key SR, the wireless terminal device 101 and the wireless transmission / reception device 103 use the transmission / reception encryption key SR without distinction between transmission and reception. Provided is a radio communication system that can encrypt and decrypt a radio signal transmitted and received, and can further reduce the cost as compared with a radio communication system that includes different information for reception encryption key RR and transmission encryption key SS can do.

  The encryption key storage device 105 stores a transmission / reception encryption key SR for encrypting and decrypting a wireless signal to be transmitted and received and a terminal ID individually assigned to the wireless terminal device 101 in association with each other. The table shown in FIG. 16 shows a state in which the transmission / reception encryption key SR and the terminal ID are associated and stored in the encryption key storage device 105 of the wireless transmission / reception device 103.

  Since the wireless terminal device 101a is in the wireless area Ea of the wireless transmission / reception device 103a, the wireless transmission / reception device 103a sends a terminal presence notification signal Na to the encryption key distribution device 110, and the encryption key distribution device 110 transmits the terminal presence notification signal Na. Accordingly, the transmission / reception encryption key SRa for the wireless terminal device 101 a is distributed to all the wireless transmission / reception devices 103.

  Although not shown, since there is a wireless terminal device 101b in the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nb to the encryption key distribution device 110, and the encryption key distribution device 110 In response to the presence notification signal Nb, the transmission / reception encryption key SRb for the wireless terminal device 101b is distributed to all the wireless transmission / reception devices 103.

  Then, as shown in the table of FIG. 16, the encryption key storage device 105 of each wireless transmission / reception device 103 is a transmission / reception encryption key for encrypting and decrypting wireless signals transmitted / received to / from the wireless terminal device 101a and the wireless terminal device 101b. SRa and SRb are stored in association with terminal IDa and IDb assigned to each wireless terminal device.

  As a result, the wireless transmission / reception device 103a securely encrypts the wireless signal using the transmission / reception encryption key SRa associated with the terminal IDa of the wireless terminal device 101a in its own wireless area Ea without using the transmission / reception encryption key SRb. And decryption.

  Further, since the wireless transmission / reception device 103b can quickly start encryption and decryption of the wireless signal transmitted / received to / from the wireless terminal device 101a using the transmission / reception encryption key SRa received in advance from the encryption key distribution device 110, the wireless terminal device When 101a moves from the wireless area Ea to the wireless area Eb, the wireless transmission / reception device 103a and the time during which transmission / reception is disconnected between the wireless transmission / reception device 103b and the wireless terminal device 101a are extremely short.

  On the other hand, although not shown, the wireless transmission / reception device 103b sends a terminal presence notification signal Na to the encryption key distribution device 110 when the wireless terminal device 101a is newly added to its own wireless area Eb. Since the encryption key distribution device 110 sends the transmission / reception encryption key SRa to all the wireless transmission / reception devices 103 and the wireless transmission / reception devices 103b, the information in the table shown in FIG. 16 does not change.

  FIG. 17 shows an operation example when the wireless terminal device 101c is newly added to the wireless area Ec. As shown in FIG. 17, when a wireless terminal device 101c is newly added to the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nc to the encryption key distribution device 110. Also, the encryption key distribution apparatus 110 sends the transmission / reception encryption key SRc to all the wireless transmission / reception apparatuses 103a, 103b, 103c, 103d, and 103e in response to the terminal presence notification signal Nc. Then, as shown in the lower part of the table of FIG. 18, each of the wireless transmission / reception devices 103a, 103b, 103c, 103d, and 103e stores the terminal IDc of the wireless terminal device 101c and the transmission / reception encryption key SRc in each encryption key storage device 105. Newly remember.

  Thereby, even when there are a plurality of wireless terminal devices in its own wireless area, the wireless transmission / reception device 103 determines the wireless terminal device 101 based on each terminal ID stored in the encryption key storage device 105 and associates it with the terminal ID. The wireless signal can be reliably encrypted and decrypted using the stored transmission / reception encryption key SR.

  In addition, each radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 3 and Embodiment 4 is the same as each radio | wireless communication apparatus of the radio | wireless communications system which concerns on Embodiment 1 and Embodiment 2 which were shown in FIG. Can be configured.

(Embodiment 5)
FIG. 19 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 5 of the present invention. In FIG. 19, the same components as those in the radio communication system according to the first embodiment and the second embodiment described above are denoted by the same reference numerals and described.

  In FIG. 19, the communication network system 102 includes a plurality of wireless transmission / reception devices 103 that can communicate with each other, and these wireless transmission / reception devices 103 transmit and receive wireless signals to and from the wireless terminal devices 101 in each wireless area. The wireless terminal device 101 is configured to access the communication network system 102. The wireless transmission / reception device 103 may be communicable with the wired node device 112, and FIG. 19 shows an example in which the wireless transmission / reception device 103a communicates with the wired node device 112.

  The encryption key storage device 105 is configured to store the reception encryption key RR and the transmission encryption key SS and the terminal ID individually assigned to the wireless terminal device 101 in association with each other. The tables Ta, Tb, and Tc shown in FIGS. 20A, 20 </ b> B, and 20 </ b> C are stored in the encryption key storage device 105 of each of the wireless transmission / reception devices 103 a, 103 b, and 103 c. A state in which the encryption key SS and the terminal ID are stored in association with each other is shown.

  The terminal ID only needs to be able to identify each wireless terminal device 101 such as a MAC address or IP, and the user who uses the communication network system 102 by the serial number of the wireless terminal device 101 or the wireless terminal device 101. The user ID or the like may be used.

  In FIG. 19, the radio signal AS transmitted by the wireless terminal device 101a is encrypted by the terminal side encryption unit 104 of the wireless terminal device 101a in order to maintain security in the wireless section. The encrypted wireless signal AS is decrypted by the network side decryption device 106 using the received encryption key RRa shown in the table Ta of FIG. 20A stored in the encryption key storage device 105 of the wireless transmission / reception device 103a. To do. As a result, the communication network system 102 can provide QoS based on the data of all layers of the decoded signal S.

  20A, the encryption key storage device 105 of the wireless transmission / reception device 103a transmits a transmission encryption key SSa that is information for encrypting the wireless signal AR to be transmitted to the wireless terminal device 101a. Is remembered. The radio signal AR transmitted from the network side encryption device 109 of the radio transmission / reception device 103a is encrypted based on the transmission encryption key SSa, and the terminal side decryption unit 111 of the radio terminal device 101a transmits the radio signal. Decode the AR. Thereby, security in the wireless section in this wireless communication system is maintained. Further, as described above, since the signal R of the communication network system 102 is not encrypted, it is possible to provide QoS based on data of all layers of the signal R.

  In the example shown in FIG. 19, since there is the wireless terminal device 101a in the wireless area Ea of the wireless transmission / reception device 103a, the wireless transmission / reception device 103a transmits a terminal presence notification signal to notify that the wireless terminal device 101a is in the wireless area Ea. Na is sent to the encryption key distribution device 110. The encryption key distribution device 110 distributes the reception encryption key RRa and the transmission encryption key SSa for the wireless terminal device 101a to the wireless transmission / reception device 103a according to the terminal presence notification signal Na.

  Then, the encryption key storage device 105 of the wireless transmission / reception device 103a encrypts the wireless signal transmitted / received to / from each wireless terminal device 101 received from the encryption key distribution device 110, as shown in the upper part of the table Ta in FIG. And a reception encryption key RRa and a transmission encryption key SSa for decryption.

  Here, when the wireless terminal device 101a moves to the wireless area Eb adjacent to the wireless area Ea, the wireless transmission / reception device 103b sends a terminal presence notification signal Na to the encryption key distribution device 110. In response to the terminal presence notification signal Na, the encryption key distribution device 110 wirelessly receives the reception encryption key RRa and the transmission encryption key SSa for the wireless terminal device 101a without re-authenticating the wireless terminal device 101a by the authentication server. This is distributed to the transmission / reception device 103b.

  The encryption key storage device 105 of the wireless transmission / reception device 103a encrypts and decrypts the wireless signal transmitted / received to / from the wireless terminal device 101a received from the encryption key distribution device 110, as shown in the lower part of the table Ta in FIG. The reception encryption key RRa and the transmission encryption key SSa for erasing are deleted. On the other hand, the encryption key storage device 105 of the wireless transmission / reception device 103b newly stores the reception encryption key RRa and the transmission encryption key SSa as shown in the lower part of the table Tb in FIG.

  As a result, the wireless transmission / reception device 103b can quickly start encryption and decryption of the wireless signal AS transmitted / received to / from the wireless terminal device 101a. Therefore, in this wireless communication system, the time required for disconnecting communication between the communication network system 102 and the wireless terminal device 101a can be extremely short.

  Although not shown, since the wireless terminal device 101b is present in the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nb to the encryption key distribution device 110. In response to this terminal presence notification signal Nb, the encryption key distribution apparatus 110 sends the reception encryption key RRb and the transmission encryption key SSb for the wireless terminal apparatus 101b to the wireless transmission / reception apparatus 103c and the wireless area Ea adjacent to the wireless area Ec. Distributed to the wireless transmission / reception apparatus 103a.

  Each wireless transmission / reception device immediately erases the terminal ID, reception encryption key RR, and transmission encryption key SS of the wireless terminal device from the encryption key storage device 105 when the wireless terminal device disappears from its own wireless area. It is not necessary to have a configuration for performing this, and a configuration for erasing after a certain period of time may be used. Further, after storing the terminal ID, the reception encryption key RR, and the transmission encryption key SS in all the storage areas of the encryption key storage device 105, the terminal ID and the reception encryption key of the wireless terminal device newly added to the own wireless area The RR and the transmission encryption key SS may be overwritten.

  As shown in FIG. 21, when the wireless terminal device 101a moves from the wireless area Ea to the wireless area Eb, as shown in the upper part of the table Ta and the table Tb in FIGS. Stores the terminal IDa, the reception encryption key RRa, and the transmission encryption key SSa in association with each other.

  Next, an operation example when the wireless terminal device 101c is newly added to the wireless area Ec will be described with reference to FIG. In FIG. 21, the encryption key storage device 105 of the wireless transmission / reception device 103c, as shown in the upper part of the table Tc of FIG. 22C, the terminal IDb, the reception encryption key RRb, and the transmission of the wireless terminal device 101b in the wireless area Ec. The encryption key SSb is stored.

  Here, when the wireless terminal device 101 c is newly added to the wireless area Ec, the wireless transmission / reception device 103 c sends a terminal presence notification signal Nc to the encryption key distribution device 110. The encryption key distribution apparatus 110 sends the reception encryption key RRc and the transmission encryption key SSc to the wireless transmission / reception apparatus 103c in response to the terminal presence notification signal Nc. Since there is no wireless terminal device 101a in the wireless area Ea adjacent to the wireless area Ec, as shown in the lower part of the table Tc in FIG. 22C, the wireless transmitting / receiving device 103c stores the wireless terminal device in the encryption key storage device 105. The terminal IDc of the apparatus 101c, the reception encryption key RRc, and the transmission encryption key SSc are stored in association with each other.

(Embodiment 6)
FIG. 23 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 6 of the present invention. In FIG. 23, components common to the above-described radio communication system according to Embodiment 5 are described with the same reference numerals.

  As shown in FIG. 23, the radio communication system according to the sixth embodiment is configured such that the reception encryption key RR and the transmission encryption key SS used in the radio communication system according to the fifth embodiment are equal to the transmission / reception encryption key SR. It is a thing.

  In this radio communication system, as in the configuration of the radio communication system according to the fifth embodiment shown in FIGS. 19 and 21, the radio signals AR and AS in the radio section are encrypted and the security is maintained. In this wireless communication system, since the signals R and S in the communication network system 102 are not encrypted, it is possible to provide QoS based on data of all layers.

  Since the reception encryption key RR and the transmission encryption key SS are the same information transmission / reception encryption key SR, the wireless terminal device 101 and the wireless transmission / reception device 103 use the transmission encryption key and the reception encryption key. There is no need for distinction, and it is possible to provide a wireless communication system that can further reduce the cost as compared with a wireless communication system that includes different information for the reception encryption key RR and the transmission encryption key SS.

  In FIG. 23, the encryption key storage device 105 of the wireless transmission / reception device 103 associates a transmission / reception encryption key SR for encrypting and decrypting a wireless signal to be transmitted / received with a terminal ID individually assigned to the wireless terminal device 101. And remember. The tables Ta, Tb, and Tc in FIGS. 24A, 24B, and 24C include the transmission / reception encryption key SR and the terminal ID in the encryption key storage device 105 of each of the wireless transmission / reception devices 103a, 103b, and 103c. It shows how they are stored in association with each other.

  In the example shown in FIG. 23, since the wireless terminal device 101a is in the wireless area Ea of the wireless transmission / reception device 103a, the wireless transmission / reception device 103a sends a terminal presence notification signal Na to the encryption key distribution device 110, and the encryption key distribution device 110 In response to the terminal presence notification signal Na, the transmission / reception encryption key SRa for the wireless terminal device 101a is distributed to the wireless transmitting / receiving device 103a.

  Although not shown, since there is a wireless terminal device 101b in the wireless area Ec, the wireless transmission / reception device 103c sends a terminal presence notification signal Nb to the encryption key distribution device 110, and the encryption key distribution device 110 In response to the presence notification signal Nb, the transmission / reception encryption key SRb for the wireless terminal device 101b is distributed to the wireless transmitting / receiving device 103c.

  As a result, the encryption key storage device 105 of the wireless transmission / reception device 103a performs transmission / reception encryption for encrypting and decrypting the wireless signal transmitted / received to / from the wireless terminal device 101a, as shown in the upper part of the table Ta in FIG. The key SRa is stored in association with the terminal IDa assigned to the wireless terminal device 101a. In addition, as shown in the table Tc of FIG. 24C, the encryption key storage device 105 of the wireless transmission / reception device 103c has a transmission / reception encryption key SRb for encrypting and decrypting a wireless signal transmitted / received to / from the wireless terminal device 101b. It is stored in association with the terminal IDb given to the wireless terminal device 101b.

  Therefore, according to this wireless communication system, the wireless transmission / reception device 103a can encrypt and decrypt wireless signals transmitted / received to / from the wireless terminal device 101a, and the wireless transmission / reception device 103c can wirelessly transmit / receive to / from the wireless terminal device 101b. The signal can be encrypted and decrypted. On the other hand, since there is no wireless terminal device in the wireless area Eb, the encryption key storage device 105 of the wireless transmission / reception device 103b stores the transmission / reception encryption key SR and the terminal ID as shown in the upper part of the table Tb in FIG. Not done.

  When the wireless terminal device 101a moves to the wireless area Eb adjacent to the wireless area Ea, the wireless transmission / reception device 103b sends the terminal presence notification signal Na to the encryption key distribution device 110, and the encryption key distribution device 110 In response to the terminal presence notification signal Na, the transmission / reception encryption key SRa for the wireless terminal device 101a is distributed to the wireless transmitting / receiving device 103a without re-authenticating the wireless terminal device 101a by the authentication server.

  Further, the encryption key storage device 105 of the wireless transmission / reception device 103a encrypts and transmits the wireless signal transmitted / received to / from the wireless terminal device 101a received from the encryption key distribution device 110, as shown in the lower part of the table Ta in FIG. The transmission / reception encryption key SRa for decryption is deleted. Also, the encryption key storage device 105 of the wireless transmission / reception device 103b newly stores the transmission / reception encryption key SRa as shown in the lower part of the table Tb in FIG.

  As a result, the wireless transmission / reception device 103b can quickly start encryption and decryption of the wireless signal AS to be transmitted / received to / from the wireless terminal device 101a. Therefore, in this wireless communication system, the time for disconnecting communication between the communication network system 102 and the wireless terminal device 101a is extremely short.

  The wireless transmission / reception device in this wireless communication system is configured to immediately delete the terminal ID and the transmission / reception encryption key of the wireless terminal device from the encryption key storage device 105 when the wireless terminal device disappears from its own wireless area. It may be configured to be erased after a certain period of time, and after storing the terminal ID and the transmission / reception encryption key in all the storage areas of the encryption key storage device 105, it may be stored in its own wireless area. A configuration may be used in which the terminal ID and the transmission / reception encryption key of the newly added wireless terminal device are overwritten.

  As shown in FIG. 25, the encryption key storage device 105 moves to the upper stage of the tables Ta and Tb in FIGS. 26A and 26B when the wireless terminal device 101a moves from the wireless area Ea to the wireless area Eb. As shown, the terminal IDa and the transmission / reception encryption key SRa are stored in association with each other.

  Next, an operation example when the wireless terminal device 101c is newly added to the wireless area Ec will be described using FIG. 25, the encryption key storage device 105 of the wireless transmission / reception device 103c obtains the terminal IDb and the transmission / reception encryption key SRb of the wireless terminal device 101b in the wireless area Ec as shown in the upper part of the table Tc in FIG. I remember it.

  Here, when the wireless terminal device 101 c is newly added to the wireless area Ec, the wireless transmission / reception device 103 c sends a terminal presence notification signal Nc to the encryption key distribution device 110. The encryption key distribution apparatus 110 sends the reception encryption key RRc and the transmission encryption key SSc to the wireless transmission / reception apparatus 103c in response to the terminal presence notification signal Nc. Since there is no wireless terminal device 101a in the wireless area Ea adjacent to the wireless area Ec, the wireless transmission / reception device 103c includes a wireless terminal device in its encryption key storage device 105 as shown in the lower part of the table Tc in FIG. The terminal IDc of 101c and the transmission / reception encryption key SRc are stored in association with each other.

  In addition, each radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 5 and Embodiment 6 is the same as each radio | wireless communication apparatus of the radio | wireless communications system which concerns on Embodiment 1 and Embodiment 2 which were shown in FIG. Can be configured.

  Next, the operation of the wireless terminal device in the wireless communication system according to each of the embodiments described above will be described. FIG. 27 is a flowchart showing an example of the operation of the wireless terminal device in this wireless communication system.

  In FIG. 27, when the operation of the wireless terminal device 101 starts, it is determined whether or not the wireless terminal device 101 has entered the wireless area of the communication network system 102 (step ST2701).

  Here, when it is determined that the wireless terminal device 101 has entered the wireless area of the communication network system 102, an encryption key for transmitting / receiving to / from the wireless transmitting / receiving device 103 in the wireless area in which the wireless terminal device 101 is included is Exchange is performed between radio terminal apparatus 101 and radio transmission / reception apparatus 103 (step ST2702).

  When the exchange of the encryption key is completed, wireless communication using the encryption key with the wired node device 112 connected to the communication network system 102 becomes possible through the wireless area accessed by the wireless terminal device 101 ( Step ST2703).

  Next, it is determined whether or not the wireless area accessed by the wireless terminal device 101 has been switched (step ST2704). If it is determined in step ST2704 that there is no wireless area switching, the wireless communication state in step ST2703 is continued. In Step ST2704, when it is determined that the wireless terminal device 101 is out of the wireless area, the operation returns to Step ST2701. Also, when the wireless terminal device 101 moves and enters another wireless area adjacent to the wireless area that has been communicating so far and the wireless area switching is performed, the wireless communication state is continued by returning to step ST2703. .

  As described above, when the wireless terminal device of this wireless communication system enters the communicable wireless area for the first time, it exchanges the encryption key with the communication network system 102 only once and uses IEEE 802.1x. As described above, it is not necessary to perform authentication and key exchange operation every time the wireless area is switched, and the wireless terminal apparatus is disconnected from the other wireless area when the transmission / reception disconnection time is extremely short, and the wireless Communication can be performed.

  As described above, according to the wireless communication system according to the first embodiment, a plurality of wireless transmission / reception devices 103a, 103b, and 103c that are provided in communication network system 102 and that can communicate with each other are wireless in each wireless area. It is possible to access the communication network system 102 from the wireless terminal devices 101a and 101b by transmitting and receiving wireless signals to and from the terminal devices 101a and 101b. Further, since the radio signals transmitted from the respective radio terminal devices 101a and 101b are encrypted by the terminal side encryption unit 104, the security in the uplink direction in the radio section is maintained. Further, in the communication network system 102, the network side decryption device 106 decrypts the encrypted wireless signal using the reception encryption key RRa stored in the encryption key storage device 105 of the wireless transmission / reception device 103a. It is possible to provide QoS based on data of all layers of the decoded signal.

  Further, in this wireless communication system, the encryption key distribution device 110 includes a wireless transmission / reception device 103a in which the wireless terminal device 101a is located in a wireless area Ea in which wireless signals can be transmitted and received, and a wireless area Eb adjacent to the wireless transmission / reception device 103a, Since the reception encryption key RRa is distributed to the Ec wireless transmission / reception devices 103b and 103c, even when the wireless terminal device 101a moves to the adjacent wireless areas Eb and Ec, The wireless transmission / reception devices 103b and 103c can quickly start decoding the wireless signal transmitted by the wireless terminal device 101a using the received encryption key RRa received in advance, and the disconnection time of transmission from the wireless terminal device 101a is extremely short.

  Further, according to the wireless communication system according to the first embodiment, the encryption key storage device 105 includes the reception encryption key RRa for the wireless terminal device 101a in its own wireless area Ea and the wireless area Eb adjacent to itself. , Ec is configured to be able to store the reception encryption key RRb for decrypting the radio signal received from the radio terminal apparatus 101b, the radio transmission / reception apparatus 103a has the radio terminal in its own radio area Ea. The radio signal received using the reception encryption key RRa for the device 101a can be reliably decrypted.

  Further, the encryption key storage device 105 includes a reception encryption key RRb for decrypting a radio signal received from the radio terminal device 101b in the radio area Eb adjacent to the cipher key storage device 105 and a radio terminal device 101a in the own radio area Ea. It is only necessary to store the reception encryption key RRa for the wireless communication apparatus, and it is not necessary to store the reception encryption keys of all the wireless terminal devices having the access right to the network 102. A communication system can be provided.

  Further, according to the wireless communication system according to the first embodiment, the encryption key storage device 105 includes the received encryption key RRa for decrypting the wireless signal received from the wireless terminal device 101a and the wireless terminal device 101a. Since individually assigned terminal IDa can be stored in association with each other, even when there are a plurality of wireless terminal devices in its own wireless area Ea, the wireless terminal device is identified by each stored terminal ID and associated with the terminal ID. The received radio signal can be reliably decrypted using the received encryption key.

  Further, according to the wireless communication system according to the first embodiment, the transmission encryption key SSa, which is information for encrypting the wireless signal transmitted to the wireless terminal device 101a, is stored in the encryption key storage device 105. Further, a wireless signal transmitted from the network side encryption device 109 of the wireless transmission / reception device 103a to the wireless terminal device 101a is encrypted based on the transmission encryption key SSa, and the terminal side decryption unit 111 of the wireless terminal device 101a performs encryption. The radio signal received from the radio transmission / reception device 103a is decoded. Therefore, in this wireless communication system, the downlink security in the wireless section is maintained, and the signal of the communication network system 102 is not encrypted, so that QoS can be provided based on the data of all layers of the signal. Is possible.

  The encryption key distribution device 110 includes a wireless transmission / reception device 103a having a wireless terminal device 101a in a wireless area Ea capable of transmitting and receiving wireless signals, and wireless transmission / reception devices 103b in wireless areas Eb and Ec adjacent to the wireless transmission / reception device 103a. The transmission encryption key SSa is distributed to 103c. Therefore, even when the wireless terminal device 101a moves to the adjacent wireless areas Eb and Ec, the wireless transmitting and receiving devices 103b and 103c in the wireless areas Eb and Ec can quickly use the previously received transmission encryption key SSa. Since the encryption of the wireless signal received by 101a can be started, the reception disconnection time of the wireless terminal device 101a is extremely short.

  Also, according to the wireless communication system according to the first embodiment, the transmission encryption key for the wireless terminal device in its own wireless area and the transmission encryption key for the wireless terminal device in the adjacent wireless area are obtained. Since the encryption key storage device 105 stores the information, the wireless transmission / reception device 103a reliably uses the transmission encryption key SSa for the wireless terminal device 101a in its own wireless area Ea to reliably transmit a wireless signal to be transmitted to the wireless terminal device 101a. Can be encrypted. Furthermore, the encryption key storage device 105 only needs to store a transmission encryption key for a wireless terminal device in an adjacent wireless area and a transmission encryption key for a wireless terminal device in its own wireless area, Since it is not necessary to store the transmission encryption keys of all the wireless terminal devices having access rights to the network 102, it is possible to provide a wireless communication system that can reduce costs.

  Further, according to the wireless communication system according to the first embodiment, the encryption key storage device 105 includes a transmission encryption key for encrypting a wireless signal to be transmitted, and a terminal ID individually assigned to the wireless terminal device. Are stored in association with each other, so that even when there are a plurality of wireless terminal devices in its own wireless area, the wireless terminal device is identified by each stored terminal ID and the transmission encryption key associated with the terminal ID is used. The wireless signal to be transmitted can be securely encrypted.

  Further, according to the wireless communication system according to the second embodiment, since the reception encryption key and the transmission encryption key are transmission / reception encryption keys of the same information, the wireless terminal device and the wireless transmission / reception device use the transmission / reception encryption key for transmission. Since there is no need to distinguish between receiving and receiving, the cost merit is further increased.

  The encryption key distribution device 110 includes a wireless transmission / reception device 103a having a wireless terminal device 101a in a wireless area Ea capable of transmitting and receiving wireless signals, and wireless transmission / reception devices 103b in wireless areas Eb and Ec adjacent to the wireless transmission / reception device 103a. Since the transmission / reception encryption key SRa is further distributed to 103c, before the wireless terminal device 101a moves to the adjacent wireless areas Eb, Ec, the wireless transmission / reception devices 103b, 103c in the wireless areas Eb, Ec A transmission / reception encryption key SRa for encrypting and decrypting a radio signal transmitted / received by 101a can be received in advance.

  Further, the wireless transmission / reception device 103a in the wireless area Ea can quickly start encryption and decryption of a wireless signal transmitted / received to / from the wireless terminal device 101a using the received encryption key RRa received in advance. The transmission / reception interruption time with the wireless terminal device 101a is extremely short. Furthermore, the encryption key storage device 105 transmits / receives encryption keys for encrypting and decrypting wireless signals transmitted / received to / from wireless terminals in its own wireless area, and wireless signals transmitted / received to / from wireless terminals in adjacent wireless areas. Since the transmission / reception encryption key for encryption and decryption is stored, the wireless transmission / reception device securely encrypts and transmits the wireless signal transmitted / received using the transmission / reception encryption key for the wireless terminal device in its own wireless area. Can be decrypted.

  Further, the encryption key storage device 105 includes a transmission / reception encryption key for a wireless terminal device in an adjacent wireless area distributed by the encryption key distribution device 110, and a transmission / reception encryption key for a wireless terminal device in its own wireless area. Can be stored, and it is not necessary to store the transmission / reception encryption keys of all the wireless terminal devices having the access right to the wireless network system 102. Therefore, it is possible to provide a wireless communication system capable of reducing costs.

  Further, according to the wireless communication system according to the second embodiment, the encryption key storage device 105 is individually assigned to the wireless terminal device and the transmission / reception encryption key for encrypting and decrypting the wireless signal to be transmitted and received. Since the terminal ID is stored in association with each other, even when there are a plurality of wireless terminal apparatuses in its own wireless area, the transmission / reception encryption stored in association with the terminal ID is determined based on each stored terminal ID. The wireless signal can be securely encrypted and decrypted using the key.

  Further, according to the radio base station apparatus in the radio communication system according to the first embodiment and the second embodiment, since the radio base station apparatus has the above-described radio transmission / reception apparatus, the radio signal transmitted / received to / from the radio terminal apparatus is securely encrypted and Can be decrypted.

  Further, according to the encryption key management server device in the wireless communication system according to the first embodiment and the second embodiment, the encryption key for the wireless terminal device that accesses the communication network system 102 is managed, and the encryption key The distribution device 110 can reliably distribute the encryption key to the wireless transmission / reception devices.

  Further, according to the encryption terminator in the wireless communication system according to the first embodiment and the second embodiment, it is possible to connect to a plurality of wireless devices 1032 and encrypt signals transmitted from each of the plurality of wireless devices 1032. Since the signals received by each of the plurality of radio units 1032 can be decrypted, it is not necessary to prepare the encryption terminator 1031 for each radio unit 1032.

  Further, according to the wireless communication system according to the third embodiment, a plurality of wireless transmission / reception devices provided in communication network system 102 can communicate with each other and transmit / receive wireless signals to / from wireless terminal devices in each wireless area. Then, the communication network system 102 is accessed from the wireless terminal device. Here, since the wireless signal transmitted by each wireless terminal device is encrypted by the terminal-side encryption unit 104, security in the uplink direction in the wireless section is maintained. Further, since the network side decryption device 106 decrypts the encrypted wireless signal using the reception encryption key stored in the encryption key storage device 105 of the wireless transmission / reception device, the communication network system 102 decrypts the encrypted wireless signal. QoS can be provided based on data of all layers of the received signal.

  The encryption key distribution device 110 distributes a reception encryption key for decrypting a radio signal received from a wireless terminal device accessing the communication network system 102 to all of the wireless transmission / reception devices. Even when the device moves between wireless areas, the wireless transmitting / receiving device in this wireless area can quickly start decoding the wireless signal transmitted by the wireless terminal device using the received encryption key received in advance. The disconnection time for transmission from is extremely short.

  Also, according to the wireless communication system according to the third embodiment, since the encryption key storage device 105 is configured to store a plurality of received encryption keys distributed by the encryption key distribution device 110, the wireless transmission / reception device is The received radio signal can be reliably decrypted using the reception encryption key for the wireless terminal device in its own wireless area. The encryption key storage device 105 only needs to store a reception encryption key for decrypting a wireless signal received from a wireless terminal device that is currently accessing the communication network system 102. Since it is not necessary to store the reception encryption key of the wireless terminal device that has the access right and is not yet connected to the communication network system 102, it is possible to provide a wireless communication system that can further reduce the cost.

  In addition, according to the wireless communication system according to the third embodiment, encryption key storage device 105 is individually assigned to a reception encryption key for decrypting a wireless signal received from the wireless terminal device and to this wireless terminal device. The terminal ID can be stored in association with the terminal ID, so that even if there are a plurality of wireless terminal apparatuses in its own wireless area, the wireless terminal apparatus is identified by each stored terminal ID, and the received encryption key associated with the terminal ID is stored. The received radio signal can be reliably decoded using.

  Also, according to the wireless communication system according to the third embodiment, the transmission encryption key distributed by the encryption key distribution apparatus 110 to encrypt the wireless signal transmitted to the wireless terminal apparatus that is accessing the communication network system 102. Is stored in the encryption key storage device 105. Also, a radio signal transmitted from the network side encryption device 109 of the wireless transmission / reception device to the wireless terminal device is encrypted based on this transmission encryption key, and is transmitted from the wireless transmission / reception device by the terminal side decryption unit 111 of the wireless terminal device. The received radio signal is decoded. Therefore, according to this wireless communication system, the downlink security in the wireless section is maintained, and the signal of the communication network system 102 is not encrypted. Therefore, provision of QoS based on data of all layers of the signal is provided. Is possible.

  The encryption key distribution apparatus 110 distributes a transmission encryption key to a wireless transmission / reception apparatus having a wireless terminal device in a wireless area where wireless signals can be transmitted and received, and to a wireless transmission / reception apparatus in a wireless area adjacent to the wireless transmission / reception apparatus. It is like that. Thus, even when the wireless terminal device moves to an adjacent wireless area, the wireless transmitting / receiving device in this wireless area immediately starts encrypting the wireless signal received by the wireless terminal device using the previously received transmission encryption key. As a result, the reception disconnection time of the wireless terminal device is extremely short.

  Further, according to the wireless communication system according to the third embodiment, the transmission encryption key for the wireless terminal device in its own wireless area and the transmission encryption key for the wireless terminal device in the adjacent wireless area are obtained. Since the encryption key storage device 105 stores the information, the wireless transmission / reception device can reliably encrypt the wireless signal transmitted to the wireless terminal device using the transmission encryption key for the wireless terminal device in its own wireless area. The encryption key storage device 105 only needs to store a transmission encryption key for a wireless terminal device in an adjacent wireless area and a transmission encryption key for a wireless terminal device in its own wireless area, Since it is not necessary to store the transmission encryption keys of all the wireless terminal devices having access rights to the communication network system 102, it is possible to provide a wireless communication system that can reduce costs.

  Further, according to the wireless communication system according to the third embodiment, the encryption key storage device 105 includes a transmission encryption key for encrypting a wireless signal to be transmitted, and a terminal ID individually assigned to the wireless terminal device. Are stored in association with each other, so that even when there are a plurality of wireless terminal devices in its own wireless area, the wireless terminal device is identified by each stored terminal ID and the transmission encryption key associated with the terminal ID is used. The wireless signal to be transmitted can be securely encrypted.

  Also, according to the wireless communication system according to the fourth embodiment, the reception encryption key and the transmission encryption key are transmission / reception encryption keys of the same information, and the wireless terminal device and the wireless transmission / reception device transmit / receive encryption for transmission and reception. Since there is no need to distinguish the keys, the cost merit is further increased. The encryption key distribution apparatus 110 distributes a transmission / reception encryption key for encrypting and decrypting a wireless signal transmitted / received to / from a wireless terminal apparatus accessing the communication network system 102 to all wireless transmission / reception apparatuses. Before the terminal device moves to an adjacent wireless area, the wireless transmission / reception device in this wireless area can previously receive a transmission / reception encryption key for encryption and decryption of a wireless signal transmitted / received by this wireless terminal device.

  Therefore, the wireless transmission / reception apparatus in this wireless area can quickly start encryption and decryption of the wireless signal transmitted / received to / from the wireless terminal apparatus using the received encryption key received in advance. The transmission / reception disconnection time is extremely short. The encryption key storage device 105 also transmits and receives a transmission / reception encryption key for encrypting and decrypting a radio signal transmitted / received to / from a wireless terminal device in its own wireless area, and a wireless signal transmitted / received to / from a wireless terminal device in an adjacent wireless area. Since the transmission / reception encryption key for encryption and decryption is stored, the wireless transmission / reception device securely encrypts and transmits the wireless signal transmitted / received using the transmission / reception encryption key for the wireless terminal device in its own wireless area. Can be decrypted.

  The encryption key storage device 105 also includes a transmission / reception encryption key for a wireless terminal device in an adjacent wireless area distributed by the encryption key distribution device 110, and a transmission / reception encryption key for a wireless terminal device in its own wireless area. Can be stored, and it is not necessary to store the transmission / reception encryption keys of all the wireless terminal devices having the access right to the communication network system 102. Therefore, it is possible to provide a wireless communication system capable of reducing costs.

  Also, according to the wireless communication system according to the fourth embodiment, the encryption key storage device 105 is individually assigned to the wireless terminal device and the transmission / reception encryption key for encrypting and decrypting the wireless signal to be transmitted and received. Since the terminal ID is stored in association with each other, even when there are a plurality of wireless terminal devices in its own wireless area, the wireless terminal device is determined by each stored terminal ID, and the transmission / reception encryption key stored in association with the terminal ID is determined. It is possible to reliably encrypt and decrypt a radio signal.

  Further, according to the radio base station apparatus in the radio communication system according to the third embodiment and the fourth embodiment, since the radio base station apparatus has the above-described radio transmission / reception apparatus, radio signals to be transmitted / received to / from the radio terminal apparatus are transmitted. Encrypted and decrypted reliably.

  Also, according to the encryption key management server device in the wireless communication system according to the third and fourth embodiments, the encryption key management server device is an encryption key for the wireless terminal device that accesses the communication network system 102. And the encryption key distribution device 110 can reliably distribute the encryption key to the wireless transmission / reception devices.

  Further, according to the cryptographic terminator in the wireless communication system according to the third and fourth embodiments, it is possible to connect to a plurality of wireless devices 1032 and encrypt signals transmitted from each of the plurality of wireless devices 1032. Therefore, it is not necessary to prepare a cryptographic terminator 1031 for each wireless device 1032 because a signal received by each of the plurality of wireless devices 1032 can be decrypted.

  Also, according to the wireless communication system according to the fifth embodiment, a plurality of wireless transmission / reception devices provided in communication network system 102 can communicate with each other and transmit / receive wireless signals to / from wireless terminal devices in each wireless area. Then, the communication network system 102 is accessed from the wireless terminal device. Since the radio signal transmitted by each radio terminal device is encrypted by the terminal side encryption unit 104, the uplink security in the radio section is maintained, and further, this encrypted radio signal is transmitted and received by radio. Since the network side decryption device 106 decrypts the received encryption key stored in the device encryption key storage device 105, the communication network system 102 provides QoS based on the data of all layers of the decrypted signal. Is possible.

  The encryption key distribution device 110 distributes the reception encryption key to the wireless transmission / reception device having the wireless terminal device in the wireless area where the wireless signal can be transmitted / received. Therefore, even when the wireless terminal device moves to an adjacent wireless area, the wireless transmission / reception device in this wireless area does not need to authenticate the terminal again by the authentication server, and receives the received encryption key from the encryption key distribution device 110 promptly. Since decoding of the radio signal transmitted by the wireless terminal device can be started, the disconnection time of transmission from the wireless terminal device is extremely short. Further, since the encryption key storage device 105 only needs to store the reception encryption key for the wireless terminal device in its own wireless area, it is possible to provide a wireless communication system that can further reduce costs.

  Also, according to the wireless communication system according to the fifth embodiment, the encryption key storage device 105 is individually assigned to the wireless terminal device and a reception encryption key for decrypting the wireless signal received from the wireless terminal device. The terminal ID can be stored in association with the terminal ID, so that even if there are a plurality of wireless terminal apparatuses in its own wireless area, the wireless terminal apparatus is identified by each stored terminal ID, and the received encryption key associated with the terminal ID is stored. The received radio signal can be reliably decoded using.

  Further, according to the wireless communication system according to the fifth embodiment, the encryption key storage device 105 further stores a transmission encryption key, which is information for encrypting a wireless signal transmitted to the wireless terminal device, and the wireless transmitting / receiving device The wireless signal transmitted from the network side encryption device 109 to the wireless terminal device is encrypted based on the transmission encryption key and received from the wireless transmission / reception device by the terminal side decryption unit 111 provided in the wireless terminal device. Is decrypted. Therefore, according to this wireless communication system, the downlink security in the wireless section is maintained, and the signal of the communication network system 102 is not encrypted. Therefore, provision of QoS based on data of all layers of the signal is provided. Is possible.

  The encryption key distribution device 110 further distributes the transmission encryption key to a wireless transmission / reception device having a wireless terminal device in a wireless area where wireless signals can be transmitted and received. Therefore, according to this wireless communication system, even when the wireless terminal device moves to the adjacent wireless area, the wireless transmitting / receiving device in this wireless area receives the wireless terminal device promptly using the previously received transmission encryption key. Since the wireless signal encryption can be started, the reception disconnection time of the wireless terminal device is extremely short. Further, since the encryption key storage device 105 only needs to store a transmission encryption key for a wireless terminal device in its own wireless area, it is possible to provide a wireless communication system capable of reducing costs.

  Also, according to the wireless communication system according to the fifth embodiment, the encryption key storage device 105 includes a transmission encryption key for encrypting a wireless signal to be transmitted, and a terminal ID individually assigned to the wireless terminal device. Is stored in association with each other, so that even when there are a plurality of wireless terminal devices in its own wireless area, the wireless terminal device is identified by each stored terminal ID and transmitted using the transmission encryption key associated with the terminal ID. The wireless signal to be transmitted can be securely encrypted.

  Also, according to the wireless communication system according to the sixth embodiment, the reception encryption key and the transmission encryption key are transmission / reception encryption keys of the same information, and the wireless terminal device and the wireless transmission / reception device transmit / receive encryption for transmission and reception. Since there is no need to distinguish the keys, the cost merit is further increased. Also, the encryption key distribution device 110 is configured to distribute the transmission / reception encryption key to a wireless transmission / reception device having the wireless terminal device in a wireless area where wireless signals can be transmitted / received, and even when the wireless terminal device moves to an adjacent wireless area. The wireless transmission / reception apparatus in this wireless area does not need to authenticate the terminal again by the authentication server. Therefore, according to this wireless communication system, since the transmission / reception encryption key is received from the encryption key distribution device 110 and the wireless signal transmitted and received with the wireless terminal device can be immediately encrypted and decrypted, the wireless transmitting / receiving device and the wireless terminal device The transmission / reception disconnection time between the two is extremely short. Further, since the encryption key storage device 105 stores a transmission / reception encryption key for encrypting and decrypting a wireless signal transmitted / received to / from a wireless terminal device in its own wireless area, the wireless transmitting / receiving device is in its own wireless area. The radio signal transmitted / received using the transmission / reception encryption key for the wireless terminal device can be securely encrypted and decrypted, and the encryption key storage device 105 can transmit / receive the encryption key for the wireless terminal device in its own wireless area. Therefore, a wireless communication system capable of reducing costs can be provided.

  Also, according to the wireless communication system according to the sixth embodiment, the encryption key storage device 105 is individually assigned to the wireless terminal device and the transmission / reception encryption key for encrypting and decrypting the wireless signal to be transmitted and received. Since the terminal ID is stored in association with each other, even when there are a plurality of wireless terminal devices in its own wireless area, the wireless terminal device is determined by each stored terminal ID, and the transmission / reception encryption key stored in association with the terminal ID is determined. It is possible to reliably encrypt and decrypt a radio signal.

  Further, according to the radio base station apparatus in the radio communication system according to the fifth embodiment and the sixth embodiment, since the radio base station apparatus has the radio transmission / reception apparatus described above, radio signals to be transmitted / received to / from the radio terminal apparatus are transmitted. Encrypted and decrypted reliably.

  Further, according to the encryption key management server device in the wireless communication system according to the fifth embodiment and the sixth embodiment, the encryption key management server device is an encryption key for the wireless terminal device that accesses the communication network system 102. And the encryption key distribution device 110 can reliably distribute the encryption key to the wireless transmission / reception devices.

  Further, according to the cryptographic terminator in the wireless communication system according to the fifth embodiment and the sixth embodiment, it is possible to connect to a plurality of wireless devices 1032 and encrypt signals transmitted from each of the plurality of wireless devices 1032. Therefore, it is not necessary to prepare a cryptographic terminator 1031 for each wireless device 1032 because a signal received by each of the plurality of wireless devices 1032 can be decrypted.

  Further, as shown in FIG. 27, the wireless terminal device of this wireless communication system only has to exchange the encryption key with the communication network system 102 once when entering the wireless area for the first time. Therefore, according to this wireless terminal device, as in the case of using IEEE802.1x, it is not necessary to perform the authentication and key exchange operation every time the wireless area is switched. The disconnection time of transmission and reception when moving to the area is extremely short, and safe wireless communication can be performed.

  The wireless communication system according to the present invention has a security function in a wireless section, can provide QoS based on data of all layers, has a very short communication disconnection time when the wireless terminal device moves, and each wireless transmitting / receiving device Is useful as a wide-area wireless LAN system and a wireless VoIP network system that require a wireless communication system that can reduce costs that do not require storing encryption keys of all wireless terminal devices connected to the communication network system.

1 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 1 of the present invention. (A) is a block diagram of the table Ta of the radio transmission / reception apparatus of the radio communication system according to Embodiment 1 of the present invention, and (b) is the radio transmission / reception apparatus of the radio communication system according to Embodiment 1 of the present invention. The block diagram of table Tb, (c) is a block diagram of table Tc of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 1 of this invention. The block diagram which shows the other structural example of the radio | wireless communications system which concerns on Embodiment 1 of this invention. (A) is the block diagram of table Ta of the other radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 1 of this invention, (b) is other of the radio | wireless communications system which concerns on Embodiment 1 of this invention. The block diagram of table Tb of a radio | wireless transmitter / receiver, (c) is a block diagram of table Tc of the other radio | wireless transmitter / receiver apparatus of the radio | wireless communications system which concerns on Embodiment 1 of this invention. FIG. 2 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 2 of the present invention. (A) is a block diagram of table Ta of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 2 of this invention, (b) is the radio | wireless communication apparatus of the radio | wireless communications system which concerns on Embodiment 2 of this invention. The block diagram of table Tb, (c) is a block diagram of table Tc of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 2 of this invention. The block diagram which shows the other structural example of the radio | wireless communications system which concerns on Embodiment 2 of this invention. (A) is a block diagram of a table Ta of another radio transmission / reception apparatus according to the second embodiment of the present invention, and (b) is another diagram of the radio communication system according to the second embodiment of the present invention. Configuration diagram of table Tb of radio transmission / reception device, (c) is a configuration diagram of table Tc of another radio transmission / reception device of the radio communication system according to Embodiment 2 of the present invention. The block diagram which shows the specific example of the radio | wireless transmitter / receiver in the radio | wireless communications system of this invention The block diagram which shows the structure of the radio | wireless transmitter / receiver in the radio | wireless communications system of this invention. FIG. 3 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 3 of the present invention. The block diagram of the table of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 3 of this invention. The block diagram which shows the other structural example of the radio | wireless communications system which concerns on Embodiment 3 of this invention. The block diagram of the table of the other radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 3 of this invention. FIG. 9 is a block diagram showing a basic configuration of a radio communication system according to Embodiment 4 of the present invention. Configuration diagram of a table of a wireless transmission / reception apparatus of a wireless communication system according to a fourth embodiment of the present invention FIG. 9 is a block diagram showing another configuration example of the wireless communication system according to the fourth embodiment of the present invention. The block diagram of the table of the other radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 4 of this invention. FIG. 9 is a block diagram showing a basic configuration of a wireless communication system according to a fifth embodiment of the present invention. (A) is a block diagram of table Ta of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 5 of this invention, (b) is the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 5 of this invention. The block diagram of table Tb, (c) is a block diagram of table Tc of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 5 of this invention. FIG. 9 is a block diagram showing another configuration example of the wireless communication system according to the fifth embodiment of the present invention. (A) is a block diagram of the table Ta of the other radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 5 of this invention, (b) is other of the radio | wireless communications system which concerns on Embodiment 5 of this invention. Configuration diagram of table Tb of radio transmission / reception device, (c) is a configuration diagram of table Tc of another radio transmission / reception device of the radio communication system according to Embodiment 5 of the present invention. FIG. 9 is a block diagram showing a basic configuration of a wireless communication system according to a sixth embodiment of the present invention. (A) is a block diagram of table Ta of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 6 of this invention, (b) is the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 6 of this invention. The block diagram of table Tb, (c) is a block diagram of table Tc of the radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 6 of this invention. FIG. 10 is a block diagram showing another configuration example of the wireless communication system according to the sixth embodiment of the present invention. (A) is a block diagram of the table Ta of the other radio | wireless transmission / reception apparatus of the radio | wireless communications system which concerns on Embodiment 6 of this invention, (b) is other of the radio | wireless communications system which concerns on Embodiment 6 of this invention. Configuration diagram of table Tb of radio transmission / reception device, (c) is a configuration diagram of table Tc of another radio transmission / reception device of the radio communication system according to Embodiment 6 of the present invention. 7 is a flowchart showing the operation of the wireless terminal device in the wireless communication system of the present invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 101 Wireless terminal apparatus 102 Communication network system 103 Wireless transmission / reception apparatus 104 Terminal side encryption part 105 Encryption key memory | storage device 106 Network side decryption apparatus 109 Network side encryption apparatus 110 Encryption key distribution apparatus 111 Terminal side decryption part 112 Wired node apparatus 910 Radio base station apparatus 920 Cryptographic communication network system 1031 Encryption terminator 1032 Radio 1061 Decoding unit 1062 Radio reception unit 1091 Encryption unit 1092 Radio transmission unit Ea, Eb, Ec Radio area RRa, RRb, RRc reception encryption key SSa, SSb, SSc Transmission encryption key SRa, SRb, SRc Transmission / reception encryption key Ta, Tb, Tc table

Claims (32)

A wireless communication system in a communication network system comprising a plurality of wireless transmission / reception devices capable of communicating with each other forming a wireless area accessible by a wireless terminal device for transmitting / receiving wireless signals,
The wireless terminal device includes a terminal side encryption unit that encrypts a wireless signal to be transmitted to the wireless transmission / reception device,
Each of the plurality of wireless transmission / reception devices decrypts the wireless signal based on the encryption key storage device that stores a reception encryption key for decrypting the wireless signal received from the wireless terminal device, and the reception encryption key A network side decryption device
The communication network system includes: the wireless transmission / reception device having the wireless terminal device in a wireless area capable of transmitting and receiving transmission / reception signals; and the wireless transmission / reception device of another wireless area adjacent to the wireless area of the wireless transmission / reception device. A wireless communication system comprising an encryption key distribution device for distributing a received encryption key. The encryption key storage device includes another received encryption key for decrypting a radio signal received from the wireless terminal device in another wireless area adjacent to the wireless area distributed by the encryption key distribution device. Storing a reception encryption key for receiving the wireless signal received from the wireless terminal device in the wireless area,
2. The network side decryption device of the wireless transmission / reception device decrypts a radio signal received from the radio terminal device in its own radio area based on the own reception encryption key. The wireless communication system described.   The encryption key storage device stores a terminal ID individually assigned to a wireless terminal device and a reception encryption key for decrypting the wireless signal received from the wireless terminal device in association with each other. The wireless communication system according to claim 2. The encryption key storage device stores a transmission encryption key that is information for encrypting a wireless signal to be transmitted to the wireless terminal device,
The encryption key distribution device transmits the transmission cipher to a wireless transmission / reception device having the wireless terminal device in a wireless area capable of transmitting / receiving a transmission / reception signal, and to a wireless transmission / reception device in another wireless area adjacent to the wireless area of the wireless transmission / reception device. Distribute keys,
The wireless transmission / reception device has a network side encryption device that encrypts and transmits a wireless signal to the wireless terminal device based on the transmission encryption key,
4. The wireless communication system according to claim 1, wherein the wireless terminal device includes a terminal side decoding unit that decodes a wireless signal received from the wireless transmission / reception device. 5. The encryption key storage device includes another transmission encryption key for decrypting a wireless signal transmitted to the wireless terminal device in another wireless area adjacent to the wireless area distributed by the encryption key distribution device. Storing the own transmission encryption key for decrypting the radio signal to be transmitted to the radio terminal device in the own radio area,
The network-side encryption device encrypts a radio signal to be transmitted to the wireless terminal device based on a transmission encryption key for the wireless terminal device in its own wireless area. Wireless communication system.   The encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a transmission encryption key for encrypting a wireless signal transmitted to the wireless terminal device in association with each other. The wireless communication system according to claim 5.   The wireless communication system according to claim 1, wherein the reception encryption key and the transmission encryption key are transmission / reception encryption keys having the same information.   The encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a transmission / reception encryption key for encrypting and decrypting a transmission / reception signal transmitted / received by the wireless terminal device. The wireless communication system according to claim 7. The wireless transceiver according to any one of claims 1 to 8,
A radio base station apparatus that decrypts an encrypted radio signal received from a radio terminal apparatus and transmits the encrypted radio signal to the radio terminal apparatus. The cryptographic key distribution device according to any one of claims 1 to 6,
The encryption key distribution server manages the encryption key for the wireless terminal device accessing the communication network system, and distributes the encryption key to the wireless transmission / reception device. An encryption terminator for a wireless transmission / reception device in a wireless communication system according to any one of claims 1 to 8,
The encryption key storage device, an encryption unit of the network side encryption device for encrypting a wireless signal using a transmission encryption key stored in the encryption key storage device, and stored in the encryption key storage device A decryption unit of the network side decryption device for decrypting a radio signal received by the radio reception unit using a received encryption key,
It is connectable to a plurality of wireless devices having a wireless transmission unit that transmits a wireless signal encrypted by the encryption unit, and a wireless reception unit that receives the wireless signal from the wireless terminal device, and The wireless signal transmitted by each wireless transmission unit of the plurality of wireless devices is encrypted by the encryption unit, and the wireless signal received by each wireless reception unit of the plurality of wireless devices is encrypted by the decryption unit. A cryptographic terminator characterized by decrypting. A wireless communication system in a communication network system comprising a plurality of wireless transmission / reception devices capable of communicating with each other forming a wireless area accessible by a wireless terminal device for transmitting / receiving wireless signals,
The wireless terminal device includes a terminal side encryption unit that encrypts a wireless signal to be transmitted to the wireless transmission / reception device,
The wireless transmission / reception device includes an encryption key storage device that stores a reception encryption key for decrypting the wireless signal received from the wireless terminal device, and a network side that decrypts the wireless signal based on the reception encryption key A decoding device,
The communication network system includes an encryption key distribution device that distributes the reception encryption key for decrypting a wireless signal received from the wireless terminal device that is accessing the communication network system, to all of the plurality of wireless transmission / reception devices. A wireless communication system comprising: The encryption key storage device can store a plurality of reception encryption keys distributed by the encryption key distribution device,
The wireless communication system according to claim 12, wherein the network side decryption device decrypts the received wireless signal based on a reception encryption key for the wireless terminal device in its own wireless area.   The encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a reception encryption key for decrypting a wireless signal received from the wireless terminal device in association with each other. The wireless communication system according to claim 13. The encryption key storage device stores a transmission encryption key that is information for encrypting a wireless signal to be transmitted to the wireless terminal device,
The encryption key distribution device distributes the transmission encryption key for encrypting a wireless signal transmitted to the wireless terminal device accessing the communication network system to all of the plurality of wireless transmission / reception devices,
The wireless transmission / reception device has a network side encryption device that encrypts and transmits the wireless signal to the wireless terminal device based on the transmission encryption key,
15. The wireless communication system according to claim 12, wherein the wireless terminal device includes a terminal side decoding unit that decodes a wireless signal received from the wireless transmission / reception device. The encryption key storage device can store a plurality of the transmission encryption keys distributed by the encryption key distribution device,
The wireless communication system according to claim 15, wherein the network side encryption device encrypts a wireless signal based on a transmission encryption key for the wireless terminal device in its own wireless area.   The encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a transmission encryption key for encrypting a wireless signal transmitted to the wireless terminal device in association with each other. The wireless communication system according to claim 16.   The wireless communication system according to any one of claims 12 to 17, wherein the reception encryption key and the transmission encryption key are transmission / reception encryption keys of the same information.   The encryption key storage device stores a terminal ID individually assigned to the wireless terminal device and a transmission / reception encryption key for encrypting and decrypting a transmission / reception signal transmitted / received by the wireless terminal device. The wireless communication system according to claim 18. A wireless transceiver according to any one of claims 12 to 19,
A radio base station apparatus that decrypts an encrypted radio signal received from the radio terminal apparatus and transmits the encrypted radio signal to the radio terminal apparatus. An encryption key distribution device according to any one of claims 12 to 17,
An encryption key management server device that manages an encryption key for the wireless terminal device that accesses the communication network system and distributes the encryption key to the wireless transmission / reception device. An encryption terminator for a wireless transmission / reception device in a wireless communication system according to any one of claims 12 to 19,
The encryption key storage device, an encryption unit of the network side encryption device for encrypting a wireless signal using a transmission encryption key stored in the encryption key storage device, and stored in the encryption key storage device A decryption unit of the network side decryption device for decrypting a radio signal received by the radio reception unit using a received encryption key,
It is connectable to a plurality of wireless devices having a wireless transmission unit that transmits a wireless signal encrypted by the encryption unit and a wireless reception unit that receives a wireless signal from the wireless terminal device, and the plurality The wireless signal transmitted by each wireless transmission unit of the wireless device is encrypted by the encryption unit, and the wireless signal received by each wireless reception unit of the plurality of wireless devices is decrypted by the decoding unit. A cryptographic terminator characterized by that. A wireless communication system in a communication network system comprising a plurality of wireless transmission / reception devices capable of communicating with each other forming a wireless area accessible by a wireless terminal device for transmitting / receiving wireless signals,
The wireless terminal device includes a terminal side encryption unit that encrypts a wireless signal to be transmitted to the wireless transmission / reception device,
The wireless transmission / reception device includes an encryption key storage device that stores a reception encryption key for decrypting the wireless signal received from the wireless terminal device, and a network side that decrypts the wireless signal based on the reception encryption key A decoding device,
The communication network system includes an encryption key distribution device that distributes the received encryption key to the wireless transmission / reception devices in the wireless area after the wireless terminal device enters a wireless area in which wireless signals can be transmitted / received. A wireless communication system. The encryption key storage device
A plurality of received encryption keys distributed by the encryption key distribution device can be stored,
24. The terminal ID individually assigned to the wireless terminal device and a reception encryption key for decrypting the wireless signal received from the wireless terminal device are stored in association with each other. Wireless communication system. The encryption key storage device stores a transmission encryption key which is information for encrypting the wireless signal transmitted to the wireless terminal device,
The encryption key distribution device distributes the transmission encryption key to the wireless transmission / reception device in a wireless area where the wireless terminal device capable of transmitting / receiving a wireless signal is present,
The wireless transmission / reception device has a network side encryption device that encrypts and transmits a wireless signal to the wireless terminal device based on the transmission encryption key,
The wireless communication system according to claim 23 or 24, wherein the wireless terminal device includes a terminal-side decoding unit that decodes a wireless signal received from the wireless transmission / reception device. The encryption key storage device can store a plurality of transmission encryption keys distributed by the encryption key distribution device,
26. The wireless communication according to claim 25, wherein a terminal ID individually assigned to the wireless terminal device and a transmission encryption key for encrypting the wireless signal transmitted to the wireless terminal device are stored in association with each other. Communications system.   27. The wireless communication system according to claim 23, wherein the reception encryption key and the transmission encryption key are transmission / reception encryption keys having the same information. The encryption key storage device can store a plurality of transmission / reception encryption keys distributed by the encryption key distribution device,
The terminal ID individually assigned to the wireless terminal device and the transmission / reception encryption key for encrypting and decrypting the wireless signal transmitted and received by the wireless terminal device are stored in association with each other. Item 27. The wireless communication system according to Item 27.   29. The wireless transmission / reception apparatus according to claim 23, wherein the encrypted wireless signal received from the wireless terminal apparatus is decrypted, and the encrypted wireless signal is transmitted to the wireless terminal apparatus. A radio base station apparatus for transmitting. A cryptographic key distribution device according to any one of claims 23 to 28,
An encryption management server device that manages the encryption key for the wireless terminal device that accesses the communication network system and distributes the encryption key to the wireless transmission / reception device. An encryption terminator for a wireless transmission / reception device in a wireless communication system according to any one of claims 23 to 28,
The encryption key storage device, an encryption unit of the network side encryption device for encrypting a wireless signal using a transmission encryption key stored in the encryption key storage device, and stored in the encryption key storage device A decryption unit of the network side decryption device for decrypting a radio signal received by the radio reception unit using a received encryption key,
It is connectable to a plurality of wireless devices having a wireless transmission unit that transmits a wireless signal encrypted by the encryption unit and a wireless reception unit that receives a wireless signal from the wireless terminal device, and the plurality The wireless signal transmitted by each wireless transmission unit of the wireless device is encrypted by the encryption unit, and the wireless signal received by each wireless reception unit of the plurality of wireless devices is decrypted by the decoding unit. A cryptographic terminator characterized by that. A radio terminal apparatus used in the radio communication system according to any one of claims 1 to 8, 12 to 18 and 23 to 28,
Wireless area determination means for determining that the wireless signal has moved from outside the wireless area to the wireless area based on the wireless signal;
An encryption key exchange means for exchanging an encryption key after determining that the wireless area determination means has moved from outside the wireless area into the wireless area;
A wireless terminal device comprising: wireless area switching means for switching a wireless area for performing wireless communication based on the wireless signal.

Images