JP2007104733A - Method for communication security, device for implementing same, and program for processing same - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technique capable of reducing the amount of a process which employs a mobile station key, and enhancing communications security between a mobile station and a base station. <P>SOLUTION: The technique comprises: steps of receiving, from a mobile station device, encrypted authentication data which is obtained by encrypting authentication data transmitted from a base station device to the mobile station device; decrypting the received encrypted authentication data by using a mobile station key of the mobile station device; authenticating the mobile station device as an authentic party on the other end of communication, when the transmitted authentication data matches the decrypted authentication data, transmitting an authentication continuation key for continuing authentication, and a ticket obtained by encrypting the authentication continuation key, by using a ticket production key held in the base station device, to the mobile station device which has been authenticated as an authentic party at the other end of communication, and performing communication between the mobile station device which has been authenticated as an authentic party on the other end of communication, and the base station device. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a communication security maintenance system that maintains communication security in a network that performs communication with a mobile body, and in particular, between a mobile body that is moving and a plurality of base stations that are installed so as to cover a moving area of the mobile body. The present invention relates to a technology that is effective when applied to a communication security holding system that holds the security of communication performed in the Internet.

  In recent years, intelligent transport systems (ITS) have been built, and in these intelligent traffic systems, vehicles equipped with in-vehicle devices that perform Dedicated Short Range Communications (DSRC) Commercialization of an automatic toll collection system (ETC: Electronic Toll Collection system) that automatically pays a fee without stopping the vehicle is in progress.

  In the above intelligent road traffic system, a plurality of base stations are installed on the road, and the on-board unit mounted on the moving vehicle is connected to a network such as the Internet via the nearest base station and gateway to move the moving vehicle. Communication with external networks is also being considered.

  In the above-described intelligent transportation system, an autonomous decentralized system (ADS) is used to construct a network that connects base stations and gateways. This is a system that functions as a whole when each node autonomously selects and operates information based on broadcast-type communication that does not perform monitoring. Backup, switching of communication partners accompanying a system change can be easily performed.

  As described above, in intelligent transport systems, communication is required when connected to a network such as the Internet from a vehicle-mounted device mounted on a moving vehicle via the nearest base station and gateway to receive paid content. It is important to preserve the security of time. In this case, it may be possible to maintain security by performing authentication processing using encryption between the in-vehicle device and the base station, but the in-vehicle device mounted on the vehicle moving at high speed can In order to perform handover with the base station, there is a problem that if the authentication process between the vehicle-mounted device and the plurality of base stations is repeatedly performed at the time of handover, the possibility that the encryption is decrypted increases.

  In addition, when an autonomous distributed system is adopted for communication with a base station or a gateway as described above, broadcast communication without specifying a transmission destination is performed in the autonomous distributed system. Therefore, encryption using a transmission destination encryption key is performed. There is a problem that it is difficult to realize.

  An object of the present invention is to provide a technique capable of solving the above problems, reducing the amount of processing using a mobile station key, and improving communication security between the mobile station and the base station. Another object of the present invention is to provide a technique capable of increasing the security of communication even when broadcast-type communication without specifying a transmission destination is used.

  The present invention relates to a communication security holding system that holds security of communication performed between a mobile station side device and a base station side device, and authentication at the time of subsequent authentication continuation by an authentication continuation key issued at the time of establishing authentication. Is to do.

  In the communication security maintenance system of the present invention, base station side devices are installed at predetermined intervals on the road on which the vehicle travels, and a mobile station side device that is an in-vehicle device that communicates with those base station side devices is mounted. When the trained vehicle travels on the road, first, authentication data such as a random number is transmitted from the base station side device to the mobile station side device.

  In the mobile station side device that has received the authentication data transmitted from the base station side device, the received authentication data is encrypted with the mobile station key of the mobile station side device to generate encrypted authentication data. The encryption authentication data is transmitted to the base station side device, and authentication of the mobile station is requested to the base station side device.

  In the base station side device that has received the encrypted authentication data transmitted from the mobile station side device, the received encrypted authentication data is decrypted with the mobile station key of the mobile station side device to generate authentication data. Here, the mobile station key may be generated by encrypting the user ID of the mobile station side device with the master key of the base station side device. Then, the authentication data transmitted to the mobile station side device is compared with the decrypted authentication data, and if both are equal, the mobile station side device is authenticated as a regular communication partner.

  When the mobile station side apparatus is authenticated as a regular communication partner, the base station side apparatus uses the authentication continuation key for continuing authentication and the authentication with the ticket creation key shared by a plurality of base station side apparatuses. The ticket generated by encrypting the continuation key is transmitted to the mobile station side device. After receiving the authentication continuation key and the ticket transmitted from the base station side device, the mobile station side device performs communication with the base station side device.

  In the communication security maintenance system of the present invention, when a vehicle equipped with a mobile station side device moves and enters a communication area with another base station side device, a random number is transmitted from the base station side device to the mobile station side device. Send authentication data such as

  The mobile station side apparatus that has received the authentication data transmitted from the base station side apparatus generates encrypted authentication data by encrypting the received authentication data with the authentication continuation key, and the generated encrypted authentication The data and the ticket are transmitted to the base station side device, and the base station side device is requested to continue authentication of the mobile station.

  In the base station side device that has received the encrypted authentication data and the ticket transmitted from the mobile station side device, after decrypting the ticket with the ticket creation key and taking out the authentication continuation key, the received encrypted authentication data Authentication data is generated by decrypting the data with the extracted authentication continuation key. Then, the authentication data transmitted to the mobile station side device is compared with the decrypted authentication data, and if both are equal, authentication is continued with the mobile station side device as a regular communication partner. In the mobile station side device, after receiving a response indicating that the authentication is continued from the base station side device, the mobile station side device performs communication with the base station side device.

  As described above, according to the communication security maintenance system of the present invention, since authentication at the time of continuing authentication is performed by the authentication continuation key issued at the time of establishing authentication, the processing amount using the mobile station key is reduced, It is possible to improve communication security between the mobile station and the base station.

  According to the present invention, since authentication at the time of continuing authentication is performed by the authentication continuation key issued at the time of establishing authentication, the processing amount using the mobile station key is reduced, and communication between the mobile station and the base station is performed. Security can be increased.

(Embodiment 1)
The communication security maintaining system according to the first embodiment that maintains the security of communication performed between the mobile station side device and the base station side device will be described below.

  FIG. 1 is a diagram showing a schematic configuration of a communication security maintenance system according to the present embodiment. As shown in FIG. 1, the communication security maintenance system of this embodiment includes a base station side device 100 and a mobile station side device 110.

  The base station apparatus 100 is a base station apparatus installed at a predetermined interval on the road on which the vehicle is traveling, and is an apparatus that performs communication with the mobile station apparatus 110 while maintaining security. The mobile station side device 110 is a vehicle-mounted device mounted on a vehicle traveling on a road where a plurality of base stations are installed, and is a device that performs communication with the base station side device 100 while maintaining security.

  As shown in FIG. 1, in the communication security maintenance system of this embodiment, authentication is continued from the base station side device 100 to the mobile station side device 110 when the first authentication is established between the base station side device 100 and the mobile station side device 110. When the authentication between the other base station side device 100 and the mobile station side device 110 is continued, authentication is performed using the issued authentication continuation key.

  FIG. 2 is a diagram illustrating a schematic configuration of the base station apparatus 100 according to the present embodiment. As illustrated in FIG. 2, the base station apparatus 100 according to this embodiment includes a CPU 201, a RAM 202, a ROM 203, an input device 204, an output device 205, and a communication device 206.

  The CPU 201 is a device that controls the operation of the entire base station side device 100. The RAM 202 is a storage device that loads various processing programs and data for controlling the operation of the entire base station apparatus 100.

  A ROM 203 is a storage device that stores the various processing programs and data. The input device 204 is a device that performs various inputs for maintaining security of communication with the mobile station side device 110. The output device 205 is a device that performs various outputs accompanying the maintenance of the security. The communication device 206 is a device that communicates with other processing devices via a network.

  The base station apparatus 100 further includes an authentication processing unit 211, a key generation processing unit 212, a ticket / key issue processing unit 213, a communication processing unit 214, an authentication continuation processing unit 215, and a key acquisition processing unit 216. Have.

  The authentication processing unit 211 has the same authentication data such as a random number transmitted to the mobile station side device 110 and the authentication data obtained by decrypting the encrypted authentication data received from the mobile station side device 110 with the mobile station key. In this case, it is a processing unit that authenticates the mobile station side device 110 as a regular communication partner.

  The key generation processing unit 212 is a processing unit that generates the mobile station key by encrypting the user ID of the mobile station side device 110 with the master key held in the base station side device 100. The ticket / key issuance processing unit 213 sends the authentication continuation key for continuing authentication and the authentication continuation key to the mobile station side device 110 that has been authenticated as a legitimate communication partner. It is a processing unit that transmits a ticket encrypted with a ticket creation key to be held.

  The communication processing unit 214 is a processing unit that performs communication between the mobile station device 110 that has been authenticated as a regular communication partner and the base station device 100. The authentication continuation processing unit 215 uses the authentication continuation key obtained by extracting the authentication data transmitted to the mobile station side device 110 and the encrypted authentication data received from the mobile station side device 110 from the ticket of the mobile station side device 110. This is a processing unit that continues authentication with the mobile station apparatus 110 as a regular communication partner when the decrypted authentication data is equal. The key acquisition processing unit 216 is a processing unit that receives a ticket transmitted from the mobile station side device 110 to the base station side device 100, decrypts the ticket with the ticket creation key, and extracts an authentication continuation key.

  A program for causing the base station apparatus 100 to function as the authentication processing unit 211, the key generation processing unit 212, the ticket / key issue processing unit 213, the communication processing unit 214, the authentication continuation processing unit 215, and the key acquisition processing unit 216 is a ROM It is assumed that the program is recorded on a recording medium such as The recording medium for recording the program may be a recording medium other than the ROM. The program may be used by installing it from the recording medium into the information processing apparatus, or the program may be used by accessing the recording medium through a network.

  FIG. 3 is a diagram illustrating a schematic configuration of the mobile station apparatus 110 according to the present embodiment. As shown in FIG. 3, the mobile station apparatus 110 according to this embodiment includes a CPU 301, a RAM 302, a ROM 303, an input device 304, an output device 305, and a communication device 306.

  The CPU 301 is a device that controls the operation of the entire mobile station side device 110. The RAM 302 is a storage device that loads various processing programs and data for controlling the overall operation of the mobile station apparatus 110.

  A ROM 303 is a storage device that stores the various processing programs and data. The input device 304 is a device that performs various inputs for maintaining security of communication with the base station side device 100. The output device 305 is a device that performs various outputs accompanying the maintenance of the security. The communication device 306 is a device that communicates with other processing devices via a network.

  The mobile station side device 110 includes an authentication request processing unit 311, a ticket / key acquisition processing unit 312, a communication processing unit 313, and an authentication continuation request processing unit 314.

  The authentication request processing unit 311 transmits to the base station apparatus 100 encrypted authentication data generated by encrypting the authentication data received from the base station apparatus 100 with the mobile station key of the mobile station apparatus 110. A processing unit that requests authentication of the mobile station.

  The ticket / key acquisition processing unit 312 receives, from the base station side device 100, an authentication continuation key for continuing authentication and the ticket when the base station side device 100 is authenticated as a regular communication partner. Part.

  The communication processing unit 313 is a processing unit that performs communication with the base station apparatus 100 that has authenticated the mobile station apparatus 110 as a regular communication partner. The authentication continuation request processing unit 314 transmits the ticket and the encrypted authentication data generated by encrypting the authentication data received from the base station side device 100 with the authentication continuation key to the base station side device 100. And a processing unit that requests authentication continuation of the mobile station.

  A program for causing the mobile station side device 110 to function as the authentication request processing unit 311, the ticket / key acquisition processing unit 312, the communication processing unit 313, and the authentication continuation request processing unit 314 is recorded on a recording medium such as a ROM and executed. Shall be. The recording medium for recording the program may be a recording medium other than the ROM. The program may be used by installing it from the recording medium into the information processing apparatus, or the program may be used by accessing the recording medium through a network.

  FIG. 4 is a diagram showing an outline of the authentication establishment process of the present embodiment. As shown in FIG. 4, when the mobile station apparatus 110 enters the communication area of the base station after the power is turned on or after the expiration date of the ticket has passed, authentication establishment processing is started and the user ID is assigned to the base station apparatus 100. The base station apparatus 100 generates a mobile station key from the user ID using the master key.

  It is assumed that the mobile station key of this embodiment is generated by encrypting the user ID of each mobile station side device 110 with the master key and distributed to each mobile station side device 110 in advance. Also, each base station side device 100 does not hold the mobile station key itself of each mobile station side device 110, and generates a mobile station key for each mobile station side device 110 using a master key as necessary. Shall be used.

  The mobile station side device 110 encrypts the random number that is the authentication data issued by the base station side device 100 using the mobile station key of the mobile station side device 110. The base station side device 100 decrypts the encrypted authentication data generated by the mobile station side device 110 using the generated mobile station key, and compares the data with the authentication data transmitted to the mobile station side device 110 to move the data. Check the legitimacy of the station.

  When the validity of the mobile station is confirmed, the base station apparatus 100 generates a key for continuing authentication, a key for encrypted communication, and a key for generating a MAC (Message Authentication Code) as necessary. It is issued to the mobile station side device 110. In addition, the generated key is encrypted using a ticket creation key shared only by the base station side device 100 to generate a ticket, which is sent to the mobile station side device 110.

  FIG. 5 is a diagram showing a sequence of authentication establishment processing according to this embodiment. As shown in FIG. 5, in the present embodiment, a random number R1 is transmitted as authentication data from the base station side device 100 to the mobile station side device 110, and the mobile station side device 100 is transmitted to the base station side device 100 from the mobile station side. Enc_Ka (R1) in which the random number R1 is encrypted with the user ID of the device 110 and the mobile station key Ka is transmitted.

  The base station apparatus 100 generates a mobile station key Ka from the user ID, and when the transmitted random number R1 and the decrypted content of Enc_Ka (R1) match, the base station ID, user ID, expiration date, authentication continuation key K1 , Encryption communication key K2, MAC generation key K3, ticket Cert obtained by encrypting validity check code with ticket creation key Kb, authentication continuation key K1, encryption communication key K2, MAC generation key K3 The key distribution data encrypted with Ka is transmitted to the mobile station apparatus 110.

  FIG. 6 is a diagram showing an outline of the authentication continuation processing of this embodiment. As shown in FIG. 6, when the mobile station apparatus 110 enters the communication area of another base station after establishing authentication with a certain base station, it starts authentication continuation processing and sends a ticket to the base station apparatus 100. The base station apparatus 100 acquires the authentication continuation key from the ticket using the ticket creation key.

  Further, the mobile station side device 110 encrypts the random number that is the authentication data issued by the base station side device 100 using the authentication continuation key received by the mobile station side device 110. The base station side device 100 decrypts the encrypted authentication data generated by the mobile station side device 110 using the generated authentication continuation key and compares it with the authentication data transmitted to the mobile station side device 110. Confirm the validity of the mobile station and continue to authenticate the mobile station.

  FIG. 7 is a diagram showing a sequence of authentication continuation processing according to this embodiment. As shown in FIG. 7, in the present embodiment, a random number R2 is transmitted as authentication data from the base station side device 100 to the mobile station side device 110, and a ticket Cert is sent from the mobile station side device 110 to the base station side device 100. Enc_K1 (R2) is transmitted by encrypting the random number R2 with the authentication continuation key K1.

  In the base station side device 100, after checking the ticket with the validity period and validity check code in the ticket Cert, the authentication continuation key K1 is taken out, and the decrypted contents of the transmitted random number R2 and Enc_K1 (R2) are If they match, an authentication result indicating that the mobile station is continuously authenticated is transmitted to the mobile station side device 110.

  Hereinafter, in the communication security maintenance system according to the present embodiment, a processing procedure of authentication establishment processing and authentication continuation processing between the base station side device 100 and the mobile station side device 110 will be described.

  FIG. 8 is a flowchart showing a processing procedure of authentication establishment processing and authentication continuation processing of the mobile station side device 110 by the base station side device 100 of this embodiment. As shown in FIG. 8, when the authentication processing unit 211 of the base station side device 100 detects the mobile station side device 110 in the communication area of the base station side device 100 in step 801, a random number is used as authentication data. 110 to start authentication processing.

  FIG. 9 is a flowchart showing a processing procedure of authentication establishment request processing and authentication continuation request processing from the mobile station side device 110 to the base station side device 100 according to this embodiment. As shown in FIG. 9, in step 901, the authentication request processing unit 311 of the mobile station apparatus 110 checks whether or not a random number is received as authentication data from the base station apparatus 100, and receives authentication data. If so, go to Step 902. In step 902, it is checked whether or not the authentication process with the base station apparatus 100 that has transmitted the authentication data has not been executed. If the authentication process has not been executed, the process proceeds to step 903. In step 903, it is checked whether a ticket for continuing authentication has not been acquired or a ticket has been received from another base station side apparatus 100. If a ticket has not been acquired, the process proceeds to step 904. . In step 904, the authentication data received from the base station side apparatus 100 is encrypted with the mobile station key of the mobile station side apparatus 110 to generate encrypted authentication data. In step 905, the generated encryption authentication data is transmitted to the base station side apparatus 100 to request authentication of the mobile station.

  In step 802, the authentication processing unit 211 of the base station side apparatus 100 checks whether or not the encrypted authentication data is received from the mobile station side apparatus 110, and if the encrypted authentication data is received. Proceed to step 811.

  In step 811, the authentication continuation processing unit 215 checks whether a ticket is received from the mobile station apparatus 110 together with the encrypted authentication data. If a ticket has been received, the process proceeds to step 812 to receive the ticket. If not, the process proceeds to step 803.

  In step 803, the authentication processing unit 211 checks whether the user ID is received from the mobile station apparatus 110 together with the encrypted authentication data. If the user ID is received, the process proceeds to step 804.

  In step 804, the key generation processing unit 212 encrypts the user ID of the mobile station side device 110 with the master key held in the ROM 203 of the base station side device 100 to generate the mobile station key of the mobile station side device 110. . In step 805, the authentication processing unit 211 restores the authentication data by decrypting the received encrypted authentication data with the generated mobile station key.

  In step 806, the authentication data transmitted to the mobile station side device 110 is compared with the decrypted authentication data. If they are equal, the process proceeds to step 807. In step 807, the mobile station apparatus 110 is registered in the RAM 202 of the base station apparatus 100 as a regular communication partner.

  In step 808, the ticket / key issuance processing unit 213 generates an authentication continuation key for continuing the authentication with the mobile station apparatus 110 that has been authenticated as a legitimate communication partner at another base station, The authentication continuation key is encrypted with the mobile station key to generate key distribution data.

  In step 809, the generated authentication continuation key is encrypted with the ticket creation key held in the ROM 203 of the base station apparatus 100 to generate a ticket. Here, it is assumed that the ticket creation key is a key shared by a plurality of base station side devices 100 and the mobile station side device 110 cannot decrypt the ticket.

  In step 810, information indicating that the mobile station side device 110 has been authenticated, and the generated key distribution data and ticket are transmitted to the mobile station side device 110. Note that an encryption communication key or a MAC generation key may be generated by the above processing and transmitted together with the authentication continuation key.

  In step 906, the ticket / key acquisition processing unit 312 of the mobile station side device 110 uses the information indicating that the mobile station side device 110 has been authenticated, the key distribution data, and the ticket as a result of the requested authentication process. It is checked whether or not the information is received from the station side device 100. If the information indicating the authentication, the ticket, and the key distribution data are received, the process proceeds to step 907.

  In step 907, the authentication request processing unit 311 registers information indicating that the authentication process with the base station side device 100 has been completed in the RAM 302 of the mobile station side device 110. In step 908, the received key distribution data is decrypted with the mobile station key of the mobile station side device 110 to restore the authentication continuation key and store it in the RAM 302. If the received key distribution data includes an encryption communication key or a MAC generation key, these keys are also restored. In step 909, the received ticket is stored in the RAM 302 of the mobile station apparatus 110.

  On the other hand, if it is determined in step 903 whether or not a ticket for continuing authentication has not been acquired, the process proceeds to step 910 if the ticket has already been acquired. In step 910, the authentication continuation request processing unit 314 encrypts the authentication data received from the base station side device 100 with the received authentication continuation key and generates encrypted authentication data. In step 911, the generated encrypted authentication data and the acquired ticket are transmitted to the base station side device 100 to request continuation of authentication of the mobile station.

  In step 811, the authentication continuation processing unit 215 of the base station side apparatus 100 receives the ticket from the mobile station side apparatus 110 together with the encrypted authentication data, and proceeds to step 812.

  In step 812, the key acquisition processing unit 216 decrypts the ticket transmitted from the mobile station side device 110 with the ticket creation key and extracts the authentication continuation key. In step 813, the authentication continuation processing unit 215 decrypts the received encrypted authentication data with the extracted authentication continuation key, and restores the authentication data.

  In step 814, the authentication data transmitted to the mobile station apparatus 110 is compared with the decrypted authentication data, and if both are equal, the process proceeds to step 815. In step 815, the mobile station apparatus 110 is registered in the RAM 202 of the base station apparatus 100 as a regular communication partner. In step 816, information indicating that continuation of authentication is permitted as a result of the authentication processing is transmitted to the mobile station apparatus 110.

  In step 912, the authentication continuation request processing unit 314 of the mobile station side device 110 determines whether information indicating that continuation of authentication is permitted is received from the base station side device 100 as a result of the requested authentication processing. If the information indicating the permission to continue authentication is received, the process proceeds to step 913. In step 913, information indicating that the authentication process with the base station side device 100 has been completed is registered in the RAM 302 of the mobile station side device 110.

  In the communication security maintenance system of this embodiment, after the authentication establishment process and the authentication continuation process are performed, between the communication processing unit 214 of the base station side device 100 and the communication processing unit 313 of the mobile station side device 110. Perform communication processing.

  As described above, according to the communication security maintenance system of the present embodiment, authentication at the time of subsequent authentication continuation is performed by the authentication continuation key issued at the time of authentication establishment, so the processing amount using the mobile station key is reduced. In addition, communication security between the mobile station and the base station can be enhanced.

(Embodiment 2)
A communication security maintaining system according to the second embodiment that maintains communication security on a network to which a base station side device or a gateway device is connected will be described below.

  FIG. 10 is a diagram showing a schematic configuration of the communication security maintenance system of the present embodiment. As shown in FIG. 10, the communication security maintenance system of the present embodiment includes a base station side device 1000, a gateway device 1010, an authentication device 1020, and a key table 1030.

  The base station side device 1000 is a base station side device installed at a predetermined interval on the road on which the vehicle travels, and is a device that performs secure communication with the gateway device 1010 in response to a request from the mobile station. is there.

  The gateway device 1010 is a device that performs communication between the base station side device 1000 and an external network, and is a device that performs communication with the base station side device 1000 while maintaining security. The authentication device 1020 authenticates the base station side device 1000 newly connected to the network, transmits the contents of the key table 1030 indicating the key corresponding to the service ID, and detects the base station side device 1000 that has been illegally disconnected. In this case, the device updates the key corresponding to the service ID. The key table 1030 is a table that stores keys corresponding to service IDs indicating the contents of transmission data.

  As shown in FIG. 10, in the communication security maintenance system of the present embodiment, the base station side device 1000 and the gateway device 1010 are connected by the autonomous distributed protocol when communicating from the mobile station to the Internet of the higher level network via the roadside network. The key corresponding to the service ID is read from the key table 1030 and is encrypted with respect to transmission data transmitted / received between the two.

  FIG. 11 is a diagram illustrating a schematic configuration of the base station apparatus 1000 according to the present embodiment. As shown in FIG. 11, the base station apparatus 1000 of this embodiment includes a CPU 1101, a RAM 1102, a ROM 1103, an input device 1104, an output device 1105, and a communication device 1106.

  The CPU 1101 is a device that controls the overall operation of the base station side device 1000. The RAM 1102 is a storage device that loads various processing programs and data for controlling the operation of the entire base station side device 1000.

  A ROM 1103 is a storage device that stores the various processing programs and data. The input device 1104 is a device that performs various inputs for maintaining security of communication with the gateway device 1010. The output device 1105 is a device that performs various outputs accompanying the maintenance of the security. The communication device 1106 is a device that communicates with other processing devices via a network.

  In addition, the base station side apparatus 1000 includes an encryption processing unit 1111, a packet transmission processing unit 1112, a connection notification processing unit 1113, a signature transmission processing unit 1114, and a survival notification processing unit 1115.

  The encryption processing unit 1111 is a processing unit that generates encrypted data by encrypting the transmission data with a key corresponding to a service ID indicating the content of the transmission data. The packet transmission processing unit 1112 is a processing unit that stores the generated encrypted data in a packet, adds the service ID to the header of the packet, and transmits the packet to the network.

  The connection notification processing unit 1113 is a processing unit that transmits a connection notification indicating the base station device 1000 newly connected to the network. The signature transmission processing unit 1114 is a processing unit that transmits a signature for authentication data transmitted from the authentication device 1020. The existence notification processing unit 1115 is a processing unit that transmits encrypted authentication data obtained by encrypting the authentication data transmitted from the authentication device 1020.

  A program for causing the base station side apparatus 1000 to function as the encryption processing unit 1111, the packet transmission processing unit 1112, the connection notification processing unit 1113, the signature transmission processing unit 1114, and the existence notification processing unit 1115 is recorded on a recording medium such as a ROM. To be executed. The recording medium for recording the program may be a recording medium other than the ROM. The program may be used by installing it from the recording medium into the information processing apparatus, or the program may be used by accessing the recording medium through a network.

  FIG. 12 is a diagram showing a schematic configuration of the gateway apparatus 1010 of the present embodiment. As shown in FIG. 12, the gateway device 1010 of this embodiment includes a CPU 1201, a memory 1202, a magnetic disk device 1203, an input device 1204, an output device 1205, a CD-ROM device 1206, and a communication device 1207. Have.

  The CPU 1201 is a device that controls the overall operation of the gateway device 1010. The memory 1202 is a storage device that loads various processing programs and data for controlling the overall operation of the gateway device 1010.

  The magnetic disk device 1203 is a storage device for storing the various processing programs and data. The input device 1204 is a device that performs various inputs for maintaining security of communication with the base station side device 1000.

The output device 1205 is a device that performs various outputs accompanying the maintenance of the security. A CD-ROM device 1206 is a device for reading the contents of a CD-ROM in which the various processing programs are recorded. The communication device 1207 is a device that communicates with other processing devices via a network such as the Internet or an intranet.
The gateway device 1010 includes a decryption processing unit 1211 and a data processing unit 1212.

  The decryption processing unit 1211 responds to the service ID when the service ID added to the header of the packet received on the network indicates the service provided by the device. The processing unit decrypts the encrypted data in the packet with the key to be used. The data processing unit 1212 is a processing unit that performs a corresponding process according to the content of the decrypted data.

  A program for causing the gateway device 1010 to function as the decryption processing unit 1211 and the data processing unit 1212 is recorded on a recording medium such as a CD-ROM and stored in a magnetic disk or the like, and then loaded into a memory and executed. And The recording medium for recording the program may be a recording medium other than the CD-ROM. The program may be used by installing it from the recording medium into the information processing apparatus, or the program may be used by accessing the recording medium through a network.

  FIG. 13 is a diagram showing a schematic configuration of the authentication device 1020 of the present embodiment. As shown in FIG. 13, the authentication device 1020 of this embodiment includes a CPU 1301, a memory 1302, a magnetic disk device 1303, an input device 1304, an output device 1305, a CD-ROM device 1306, and a communication device 1307. Have.

  The CPU 1301 is a device that controls the overall operation of the authentication device 1020. The memory 1302 is a storage device that loads various processing programs and data for controlling the overall operation of the authentication device 1020.

  A magnetic disk device 1303 is a storage device for storing the various processing programs and data. The input device 1304 is a device that performs various inputs for managing the newly connected base station device 1000 and the illegally disconnected base station device 1000.

  The output device 1305 is a device that performs various outputs accompanying management of the base station side device 1000. A CD-ROM device 1306 is a device for reading the contents of a CD-ROM in which the various processing programs are recorded. The communication device 1307 is a device that communicates with other processing devices via a network such as the Internet or an intranet.

  The authentication device 1020 includes an authentication data transmission processing unit 1311, a key transmission processing unit 1312, a monitoring data transmission processing unit 1313, and a key update processing unit 1314.

  The authentication data transmission processing unit 1311 is a processing unit that transmits authentication data for authenticating the base station apparatus 1000 connected to the network. The key transmission processing unit 1312 is a processing unit that verifies the transmitted signature and transmits a key table 1030 indicating the key corresponding to the service ID to the authenticated base station apparatus 1000.

  The monitoring data transmission processing unit 1313 is a processing unit that transmits authentication data for monitoring the base station apparatus 1000 connected to the network. The key update processing unit 1314 is a processing unit that verifies the transmitted signature and updates the key corresponding to the service ID when an illegally disconnected base station side device 1000 is detected.

  A program for causing the authentication device 1020 to function as the authentication data transmission processing unit 1311, the key transmission processing unit 1312, the monitoring data transmission processing unit 1313, and the key update processing unit 1314 is recorded on a recording medium such as a CD-ROM. It is assumed that the data is stored in the memory and then loaded into the memory and executed. The recording medium for recording the program may be a recording medium other than the CD-ROM. The program may be used by installing it from the recording medium into the information processing apparatus, or the program may be used by accessing the recording medium through a network.

  FIG. 14 is a diagram showing an outline of cryptographic communication processing in the autonomous distributed system of this embodiment. As shown in FIG. 14, in the communication security maintenance system of this embodiment, the transmission data is encrypted with a key corresponding to the service ID of the transmission data, and is transmitted onto the network. Each device on the network receives the transmitted packet, and when the service ID added to the header of the packet indicates a service provided by the device, the device uses a key corresponding to the service ID. The encrypted data in the packet is decrypted, and processing corresponding to the content of the data is performed.

  The processing procedure for encrypting transmission data and transmitting the encrypted data from the base station side apparatus 1000 to the gateway apparatus 1010 using the autonomous distributed protocol will be described below in the communication security maintenance system of this embodiment. Here, encryption communication from the base station side device 1000 to the gateway device 1010 will be described. The encryption processing unit 1111 and the packet transmission processing unit 1112 are used as the gateway device 1010, and the decryption processing unit 1211 and the data processing unit 1212 are used as the base. In the station side device 1000, encryption communication from the gateway device 1010 to the base station side device 1000 or encryption communication between the base station side devices 1000 may be performed.

  FIG. 15 is a flowchart showing a processing procedure of data transmission processing from the base station apparatus 1000 according to the present embodiment. As shown in FIG. 15, the base station apparatus 1000 checks in step 1501 whether or not transmission data is received from the mobile station, and proceeds to step 1502 if transmission data is received. In step 1502, the encryption processing unit 1111 reads the key corresponding to the service ID indicating the content of the transmission data from the key table 1030 in the ROM 1103.

  FIG. 16 is a diagram showing an example of the key table 1030 of this embodiment. As shown in FIG. 16, in the key table 1030 of this embodiment, encryption keys corresponding to service IDs are stored, and different encryption keys are stored for each data content.

  In step 1503, the encryption processing unit 1111 encrypts the transmission data with the read key to generate encrypted data. In step 1504, the packet transmission processing unit 1112 stores the generated encrypted data in a packet, adds the service ID to the header of the packet, and transmits the packet to the network.

  FIG. 17 is a flowchart showing a processing procedure of data reception processing in the gateway apparatus 1010 of this embodiment. As shown in FIG. 17, in step 1701, the gateway apparatus 1010 checks whether a packet is transmitted on the network. If a packet is transmitted, the gateway apparatus 1010 receives the packet and proceeds to step 1702.

  In step 1702, the decryption processing unit 1211 reads the service ID added to the header of the received packet. In step 1703, it is checked whether or not the read service ID indicates a service provided by the apparatus. If the read service ID indicates a service provided by the apparatus, the process proceeds to step 1704.

  In step 1704, the key corresponding to the service ID is read from the key table 1030 in the magnetic disk device 1203. In step 1705, the encrypted data in the packet is decrypted with the read key. In step 1706, the data processing unit 1212 performs corresponding processing according to the content of the data, such as sending the decrypted data to an external network.

  As described above, in this embodiment, since transmission data is encrypted with a key corresponding to a service ID indicating the content of transmission data and transmitted over the network, broadcast-type communication that does not specify a transmission destination as in an autonomous distributed system Even when using, it is possible to increase the security of communication by encrypting the data.

  As described above, in order to increase communication security, the key table 1030 needs to be appropriately managed. Hereinafter, in the communication security maintenance system according to the present embodiment, after the newly network-connected base station apparatus 1000 is authenticated as a regular base station, the contents of the key table 1030 are delivered to the base station apparatus 1000. Will be described.

  FIG. 18 is a diagram showing an outline of the authentication process of the new base station of this embodiment. As shown in FIG. 18, in this embodiment, the base station side device 1000 newly connected to the network transmits a connection notification to the authentication device 1020, and the authentication device 1020 sends authentication data such as a random number to the base station side device. Processing to transmit to 1000 is performed. The base station apparatus 1000 signs the received authentication data and transmits it to the authentication apparatus 1020. After verifying the transmitted signature, the authentication apparatus 1020 transmits the key table 1030 to the base station apparatus 1000. Process.

  FIG. 19 is a flowchart showing the processing procedure of the authentication request processing of the new base station of this embodiment. As shown in FIG. 19, in step 1901, the connection notification processing unit 1113 of the base station side device 1000 uses the service ID of the connection notification as a header as a connection notification indicating that the base station side device 1000 is newly connected to the network. Send the set packet over the network.

  FIG. 20 is a flowchart showing a processing procedure of authentication processing of a new base station by the authentication device 1020 of this embodiment. As shown in FIG. 20, in step 2001, the authentication apparatus 1020 checks the service ID of a packet sent out on the network, and if a connection notification is sent, receives the connection notification and proceeds to step 2002.

  In step 2002, the authentication data transmission processing unit 1311 stores authentication data such as a random number for authenticating the base station side device 1000 connected to the network, and a service ID indicating the authentication random number. Send the packet over the network.

  In step 1902, the base station apparatus 1000 checks the service ID of the packet transmitted on the network, and if authentication data is transmitted, receives the authentication data and proceeds to step 1903.

  In step 1903, the signature transmission processing unit 1114 performs a digital signature on the received authentication data using the secret key of the base station apparatus 1000. In step 1904, a packet storing the authentication data for which the digital signature has been performed and the service ID indicating the signature at the time of new connection is transmitted to the network.

  In step 2003, the authentication apparatus 1020 checks the service ID of the packet transmitted on the network. If the signature at the time of new connection has been transmitted, the authentication apparatus 1020 receives the signature at the time of new connection and proceeds to step 2004.

  In step 2004, the key transmission processing unit 1312 verifies the transmitted signature using the public key of the base station side device 1000. It is assumed that the public key of the base station side device 1000 is registered in the authentication device 1020 in advance.

  In step 2005, the verification result is referred to, and if it is verified that the transmitted signature is transmitted from the legitimate base station side apparatus 1000, the process proceeds to step 2006. In step 2006, key distribution data is generated by encrypting the key table 1030 with the public key of the authenticated base station apparatus 1000, and the key distribution data and the service ID indicating the key distribution are stored. Send the packet over the network.

  In step 1905, the base station apparatus 1000 checks the service ID of the packet transmitted on the network. If the key distribution data is transmitted, the base station apparatus 1000 receives the key distribution data and proceeds to step 1906. In step 1906, the received key distribution data is decrypted with the secret key of the base station apparatus 1000 to restore the key table 1030 and store it in the ROM 1103.

  Next, processing for detecting the base station apparatus 1000 that has been illegally disconnected and changing the contents of the key table 1030 in the communication security maintenance system of this embodiment will be described.

  FIG. 21 is a diagram showing an outline of the monitoring process of the base station of this embodiment. As shown in FIG. 21, in this embodiment, the authentication device 1020 transmits authentication data such as a random number for authenticating the base station side device 1000 connected to the network according to a predetermined condition, and each base station side device 1000 signs the received authentication data and transmits it to the authentication device 1020. When the authentication apparatus 1020 verifies the transmitted signature and detects the base station side apparatus 1000 that has been illegally disconnected, the authentication apparatus 1020 generates a new key table 1030 in which the key corresponding to the service ID has been updated. Send to.

  FIG. 22 is a flowchart showing the processing procedure of the base station monitoring processing of this embodiment. As shown in FIG. 22, in step 2201, the monitoring data transmission processing unit 1313 of the authentication device 1020 uses a random number or the like for monitoring the base station side device 1000 connected to the network when a condition such as elapse of a predetermined time is satisfied. A packet storing authentication data and a service ID indicating monitoring authentication data is transmitted over the network.

  The existence notification processing unit 1115 of each base station side device 1000 checks the service ID of the packet transmitted on the network, and receives the authentication data when monitoring authentication data is transmitted. The key corresponding to the service ID indicating the existence notification is read from the key table 1030 and the authentication data is encrypted, and the encrypted authentication data and the service ID indicating the existence notification are stored. Send the packet over the network.

  In step 2202, the authentication apparatus 1020 checks the service ID of the packet transmitted on the network, and if a life notification is transmitted, receives the life notification and proceeds to step 2203.

  In step 2203, the key update processing unit 1314 decrypts the transmitted encrypted authentication data in the life notification using a key corresponding to the service ID. In step 2204, it is checked whether or not the transmitted authentication data matches the decrypted authentication data. If they match, the process proceeds to step 2205.

  In step 2205, it is checked whether or not the survival notifications from all the base station side devices 1000 connected on the network have been received, and if there is a base station side device 1000 that has not yet received the survival notifications, go to step 2202. Return.

  In step 2202, the service ID of the packet transmitted on the network is checked, and if no survival notification is transmitted, the process proceeds to step 2206. In step 2206, it is checked whether or not a predetermined time has passed since the authentication data was sent. If the predetermined time has passed, it is assumed that there is an illegally disconnected base station apparatus 1000 and the process proceeds to step 2207. .

  In step 2207, the key update processing unit 1314 generates a key table 1030 in which the key corresponding to the service ID is updated, and encrypts the updated key table 1030 with the key corresponding to the service ID indicating key update. Key distribution data is generated, and a packet storing the key distribution data and a service ID indicating key distribution is transmitted to the network.

  Each base station side device 1000 checks the service ID of the packet transmitted on the network, and if the key distribution data by key update is transmitted, receives the key distribution data and performs the key update Is read from the key table 1030, the key distribution data is decrypted, and the decrypted key data is stored in the key table 1030 in the ROM 1103 to update the key data.

  As described above, in the communication security maintenance system of this embodiment, after the base station side device 1000 newly connected to the network is authenticated as a legitimate base station, the contents of the key table 1030 are delivered and illegally disconnected. Since the base station apparatus 1000 is detected and the contents of the key table 1030 are changed, it is possible to increase the security of encrypted communication using the key corresponding to the service ID.

  As described above, according to the communication security maintenance system of the present embodiment, the transmission data is encrypted with the key corresponding to the service ID indicating the content of the transmission data and transmitted to the network. Even in the case of using this communication, it is possible to increase the security of the communication.

It is a figure which shows schematic structure of the communication security maintenance system of Embodiment 1. FIG. 1 is a diagram illustrating a schematic configuration of a base station side device 100 according to Embodiment 1. FIG. FIG. 2 is a diagram illustrating a schematic configuration of a mobile station side device 110 according to the first embodiment. It is a figure which shows the outline | summary of the authentication establishment process of Embodiment 1. FIG. It is a figure which shows the sequence of the authentication establishment process of Embodiment 1. FIG. It is a figure which shows the outline | summary of the authentication continuation process of Embodiment 1. FIG. It is a figure which shows the sequence of the authentication continuation process of Embodiment 1. FIG. 6 is a flowchart illustrating a processing procedure of authentication establishment processing and authentication continuation processing of the mobile station side device 110 by the base station side device 100 according to the first embodiment. 4 is a flowchart illustrating a processing procedure of authentication establishment request processing and authentication continuation request processing from the mobile station side device 110 to the base station side device 100 according to the first embodiment. It is a figure which shows schematic structure of the communication security maintenance system of Embodiment 2. It is a figure which shows schematic structure of the base station side apparatus 1000 of Embodiment 2. FIG. It is a figure which shows schematic structure of the gateway apparatus 1010 of Embodiment 2. FIG. It is a figure which shows schematic structure of the authentication apparatus 1020 of Embodiment 2. FIG. It is a figure which shows the outline | summary of the encryption communication process in the autonomous distributed system of Embodiment 2. FIG. 10 is a flowchart illustrating a processing procedure of data transmission processing from the base station side device 1000 according to the second embodiment. It is a figure which shows an example of the key table 1030 of Embodiment 2. FIG. 10 is a flowchart illustrating a processing procedure of data reception processing in the gateway device 1010 according to the second embodiment. It is a figure which shows the outline | summary of the authentication process of the new base station of Embodiment 2. FIG. 6 is a flowchart illustrating a processing procedure for authentication request processing of a new base station according to the second embodiment. 10 is a flowchart illustrating a processing procedure of a new base station authentication process performed by the authentication apparatus 1020 according to the second embodiment. It is a figure which shows the outline | summary of the monitoring process of the base station of Embodiment 2. FIG. 7 is a flowchart illustrating a processing procedure of a base station monitoring process according to the second embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 100 ... Base station side apparatus, 110 ... Mobile station side apparatus, 201 ... CPU, 202 ... RAM, 203 ... ROM, 204 ... Input apparatus, 205 ... Output apparatus, 206 ... Communication apparatus, 211 ... Authentication processing part, 212 ... Key Generation processing unit, 213 ... Ticket / key issuing processing unit, 214 ... Communication processing unit, 215 ... Authentication continuation processing unit, 216 ... Key acquisition processing unit, 301 ... CPU, 302 ... RAM, 303 ... ROM, 304 ... Input device, 305 ... Output device, 306 ... Communication device, 311 ... Authentication request processing unit, 312 ... Ticket / key acquisition processing unit, 313 ... Communication processing unit, 314 ... Authentication continuation request processing unit, 1000 ... Base station side device, 1010 ... Gateway Device, 1020 ... Authentication device, 1030 ... Key table, 1101 ... CPU, 1102 ... RAM, 1103 ... ROM, 1104 ... Input device, 110 ... output device, 1106 ... communication device, 1111 ... encryption processing unit, 1112 ... packet transmission processing unit, 1113 ... connection notification processing unit, 1114 ... signature transmission processing unit, 1115 ... survival notification processing unit, 1201 ... CPU, 1202 ... Memory 1203 Magnetic disk device 1204 Input device 1205 Output device 1206 CD-ROM device 1207 Communication device 1211 Decoding processing unit 1212 Data processing unit 1301 CPU 1302 Memory DESCRIPTION OF SYMBOLS 1303 ... Magnetic disk unit, 1304 ... Input device, 1305 ... Output device, 1306 ... CD-ROM device, 1307 ... Communication device, 1311 ... Authentication data transmission processing unit, 1312 ... Key transmission processing unit, 1313 ... Monitoring data transmission Processing unit 1314... Key update processing unit.

Claims (7)

In a communication security maintaining method for maintaining communication security on a network to which a base station side device or a gateway device is connected,
Encrypting the transmission data with a key corresponding to a service ID indicating the content of the transmission data to generate encrypted data; storing the generated encrypted data in a packet; and storing the service ID in a header of the packet Adding and sending to the network;
When the service ID received in the packet received on the network and added to the header of the packet indicates a service provided by the device, the key in the packet is used with the key corresponding to the service ID. A method for maintaining communication security, comprising: decrypting encrypted data; and performing corresponding processing according to the content of the decrypted data. A step of transmitting a connection notification indicating a base station side device newly connected to the network; and a step of transmitting authentication data for authenticating the base station side device when the connection notification is transmitted; A step of transmitting a signature for authentication data by a base station side device newly connected to the network, and verifying the transmitted signature, and a key corresponding to the service ID for the authenticated base station side device The communication security maintaining method according to claim 1, further comprising a step of transmitting a key table indicating: Transmitting authentication data for monitoring a base station side device connected to the network; transmitting encrypted authentication data obtained by encrypting the transmitted authentication data by a base station side device; 2. The method according to claim 1, further comprising the step of: verifying the transmitted encryption authentication data and updating a key corresponding to the service ID when an illegally disconnected base station side device is detected. The communication security maintenance method according to claim 2. In the communication security maintenance system that maintains the security of communication on the network to which the base station side device or gateway device is connected,
An encryption processing unit that encrypts the transmission data with a key corresponding to a service ID indicating the content of the transmission data to generate encrypted data, stores the generated encrypted data in a packet, and stores the encrypted data in the header of the packet A packet transmission processing unit that adds a service ID and transmits the data to the network;
When the service ID received in the packet received on the network and added to the header of the packet indicates a service provided by the device, the key in the packet is used with the key corresponding to the service ID. A communication security maintenance system comprising: a decryption processing unit that decrypts encrypted data; and a data processing unit that performs a corresponding process in accordance with the content of the decrypted data. A connection notification processing unit that transmits a connection notification indicating a base station side device newly connected to the network, and, when the connection notification is transmitted, transmits authentication data for authenticating the base station side device An authentication data transmission processing unit, a signature transmission processing unit for transmitting a signature for authentication data by a base station side device newly connected to the network, and a base station side device that verifies and authenticates the transmitted signature The communication security holding system according to claim 4, further comprising: a key transmission processing unit that transmits a key table indicating a key corresponding to the service ID. A monitoring data transmission processing unit for transmitting authentication data for monitoring a base station side device connected to the network, and transmitting encrypted authentication data obtained by encrypting the transmitted authentication data by the base station side device A survival notification processing unit, and a key update processing unit that verifies the transmitted encryption authentication data and updates a key corresponding to the service ID when an illegally disconnected base station side device is detected; The communication security maintenance system according to claim 4 or 5, characterized by comprising: In a program for causing a computer to function as a communication security holding system that holds communication security over a network to which a base station side device or a gateway device is connected,
An encryption processing unit that encrypts the transmission data with a key corresponding to a service ID indicating the content of the transmission data to generate encrypted data, stores the generated encrypted data in a packet, and stores the encrypted data in the header of the packet A packet transmission processing unit that adds a service ID and transmits the data to the network;
When the service ID received in the packet received on the network and added to the header of the packet indicates a service provided by the device, the key in the packet is used with the key corresponding to the service ID. A program that causes a computer to function as a decryption processing unit that decrypts encrypted data and a data processing unit that performs a corresponding process in accordance with the content of the decrypted data.

Images