JP2007310509A - Remote access system and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a remote access system for performing access to data stored in a server connected through a network from a client terminal. <P>SOLUTION: This remote access system is provided with a device 10 having a storage device for storing an OS program and an application program, a client terminal 20 and a server 30. The client terminal 20 is provided with a first reading means 261 for reading the OS program and the application program from the device 10, and for making a memory installed in the client terminal 20 store the OS program and the application program; a starting means 262 for starting the OS by the OS program stored in the memory; an execution means 264 for executing the application program stored in the memory, and for generating the file; and a storage processing means 266 for transmitting the generated file to the server 30, and for making the storage device installed in the server store the file. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a remote access system and a program for accessing data stored in a server connected from a client terminal via a network.

  With the development of information technology, client terminals such as PCs (Personal Computers) are widely used. A user generally uses a file such as a document file or an image file stored in a storage device of a client terminal, or stores it in a storage device such as a flexible disk or a CD that can be connected to the client terminal. is there. On the other hand, if the user loses the client terminal, information may be leaked to the third party who acquired the client terminal or the storage device. Therefore, in recent years, when security is considered against information leakage or the like, storing a file in a client terminal or a storage device as in the past may cause a problem.

  As a technique for preventing leakage of information even if a user loses a client terminal, a thin client system having only a minimum necessary configuration in the client terminal has attracted attention. For example, in a thin client system, a diskless PC without a storage device may be used as a client terminal. However, in this case, an OS (Operating System) program, an application program, a file generated using the client terminal, and the like cannot be stored in the client terminal (see, for example, Non-Patent Document 1).

  With reference to FIG. 5, a case where a user executes an application using the client terminal 51a in a screen transfer type method which is an example of a thin client system will be described. In the client terminal 51a, an operation request input by the user via input means such as a keyboard or a mouse is transmitted to the server 50. In the server 50, in accordance with the operation request received from the client terminal 51a, the OS program and the application program stored in the storage device 501 are started and the application is executed. The server 50 that executed the application transmits only the screen data that executed the application to the client terminal 51a. The client terminal 51a that has received the screen data displays the received screen data on the display. In this screen transfer type, when the server 50 transmits screen data to the client terminal 51a, the server 50 transmits the screen data (difference data) that is different from the screen data transferred last time, thereby reducing the data communication amount in the network 52. Restricted.

  In the screen transfer type described above, when the difference between the screen previously displayed on the display of the client terminal 51a and the screen to be displayed next is large, the data amount of the differential data transmitted by the server 50 also increases. Therefore, there is a problem that the amount of data communication in the network 52 increases as the difference increases. Therefore, it is not suitable when using an application having a large difference between screens. In particular, in the client terminal 50a, the processing screen in the application operation on the display cannot be displayed unless image data (difference data) is received from the server 50. Therefore, the client terminal 50a may not be able to handle an application with a large difference that requires real-time performance. . In other words, there are cases where restrictions are imposed on applications that can be used.

  On the other hand, there is a network boot system as a thin client system that is not subject to application restrictions. A case where the user executes an application using the client terminal 61a in the network boot type method will be described with reference to FIG. The client terminal 61a accesses the server 60 and downloads an OS program or application program stored in the storage device 601 in accordance with an operation request input by the user via the input means. Thereafter, the client terminal 61a executes the application by executing the OS program and application program downloaded from the server 60 by the central processing unit of the client terminal 61a.

  According to this network boot type, since the downloaded application program is executed on the client terminal 61a, it is possible to cope with an application requiring real-time characteristics without problems when compared with the screen transfer type described above. There are no restrictions on the applications that can.

However, in the network boot type described above, the user needs to download an OS program or an application program from the server 60 at the client terminal 61a in order to execute the application. Since the amount of data of such an OS program or application program is large, not only does the amount of data communication in the network 62 increase at the time of downloading, but also downloading requires a certain amount of time, so the user needs to wait for this certain amount of time. There is. Therefore, there is no problem when the network 62 has a wide band, but when the network 62 has a narrow band, it takes a long time to download the program, which is not suitable. That is, it is unsuitable to use the network boot type in a remote environment using a general communication line such as the Internet network between the client terminal 61a and the server 30.
“Nikkei Communication” Nikkei Business Publications, September 1, 2005, p.55-58

  As described above, in the screen transfer type thin client system corresponding to the prevention of information leakage which becomes a problem by storing the file in the client terminal, the difference data of the image is received every operation. There was a problem that was limited to. In a network boot type thin client system that is not limited by available applications, it is necessary to download an OS program or application program from a server via a network, and therefore depends on the bandwidth of the network connected to the client terminal. There was a problem especially unsuitable for remote access.

  In view of the above problems, an object of the present invention is to provide a remote access system between a client terminal that prevents data leakage and shortens the download time of a program and a server connected via a network.

  A remote access system according to a feature of the present invention includes a device having a storage device that stores an OS program and an application program, and a client that can be connected to the device and does not have an OS program or an application program or whose use is restricted And a server connected to the client terminal via a network, the client terminal reads the OS program and the application program from the device, and stores the OS program and the memory in a memory included in the client terminal. The first reading means for storing the application program, the starting means for starting the OS by the OS program stored in the memory, and the memory stored in the memory in accordance with an external operation instruction Serial having execution means for generating a file by executing an application program, and transmits the generated file to the server, and a storage processing means for storing the file in a storage device in which the server has.

  A remote access system according to another aspect of the present invention includes a device having a storage device that stores a first OS program and an application program, and can be connected to the device, and does not have an OS program and an application program or has limited use. And a server having a storage device connected to the client terminal via the network and storing a second OS program that is combined with the first OS program and starts the OS, the client terminal comprising: The first OS program and the application program are read from a device, the first OS program and the application program are stored in a memory included in the client terminal, and the second O A first reading means for reading the program and storing the second OS program in the memory; a starting means for combining the first OS program and the second OS program stored in the memory and starting the OS; Execution means for generating a file by executing the application program stored in the memory in accordance with the operation instruction, and storage for transmitting the generated file to the server and storing the file in a storage device provided in the server And processing means.

  A program according to another aspect of the present invention includes a device having a storage device that stores an OS program and an application program, a client that can be connected to the device and does not have an OS program or an application program or whose use is restricted A program used in a remote access system including a terminal and a server connected to the client terminal via a network, the OS program and the application program being read from the device and stored in a memory included in the client terminal According to the step of storing the OS program and the application program, the step of starting the OS by the OS program stored in the memory, and the operation instruction from the outside Executing the application program stored in the memory to generate a file, and transmitting the generated file to a server and storing the file in a storage device included in the server Let

  A program according to another aspect of the present invention is a device having a storage device that stores the first OS program and the application program, can be connected to the device, and does not have the OS program and the application program or is restricted in use. A program used in a remote access system including a client terminal and a server having a storage device connected to the client terminal via a network and storing a second OS program that is combined with the first OS program and starts the OS. Reading the first OS program and the application program from the device and storing the first OS program and the application program in a memory included in the client terminal Reading the second OS program from the server and storing the second OS program in the memory; and synthesizing the first OS program and the second OS program stored in the memory and starting an OS; Generating a file by executing the application program stored in the memory in accordance with an external operation instruction, transmitting the generated file to the server, and storing the file in a storage device included in the server The client terminal.

  According to the present invention, it is possible to provide a remote access system and a program for a client terminal and a server connected via a network that prevent data leakage and shorten the program download time.

[First Embodiment]
<Remote access system>
As shown in FIG. 1, the remote access system 1 according to the first embodiment of the present invention includes a device 10, a client terminal 20, and a server 30. The device 10 can be connected to the client terminal 20. The client terminal 20 is connected to the server 30 via the network 40. In the remote access system 1, since the client terminal 20 does not have a storage device, it does not store OS programs, application programs, files, and the like. Therefore, when the user uses the client terminal 20, the application is executed using the OS program and the application program stored in the device 10. Further, the client terminal 20 causes the server 30 to store a file generated using an application program stored in the device 10.

"device"
The device 10 includes a connection unit 11 and a storage device 12.

  The connection unit 11 is a unit for connecting to the client terminal 20. By using, for example, the existing USB standard in the client terminal 20 to the connection unit 11, the client terminal 20 can be connected without adding a new configuration.

  The storage device 12 stores an OS program 121, an application program (AP program) 122, VPN data 123, and network data 124.

  The OS program 121 is a program for starting an OS (Operating System) on the client terminal 20. The OS program 121 is so-called “basic software” that provides basic functions commonly used by many application software, such as input / output functions and memory management, and manages the entire computer system.

  The application program 122 is a program used for executing an application on the client terminal 20. Specifically, application programs are word processor software, spreadsheet software, image editing software, database software, presentations that are used by incorporating what the user needs into an OS that summarizes basic functions common to all software. It is so-called “application software” designed for specific purposes, such as software, games, web browsers, and e-mail software.

  The VPN data 123 is data such as an ID and an electronic certificate used for transmitting and receiving data via a VPN (virtual private network) using a protocol such as IPSec or SSL.

  The network data 124 is data such as an IP address used by the user to communicate with the external network 40 using the client terminal 20.

  The device 10 is assigned to a user who is permitted to use the device 10 and is held by the user. Further, a user who is permitted to use the device 10 is also permitted to access the server 30 at the same time.

<Client terminal>
The client terminal 20 includes a connection unit 21, a communication unit 22, a central processing control device 26, a memory 24, an input unit 23, and a display 25.

  The connection means 21 is means for connecting to the device 10. By connecting the connection means 21 with the connection means 11 of the device 10, the client terminal 20 can download and use a program stored in the storage device 12 of the device 10.

  The communication unit 22 is a unit that executes communication with an external device connected to the network 40. For example, the communication unit 22 executes communication such as download or upload with the server 30 connected to the network 40.

  The input means 23 is a means for a user such as a mouse or a keyboard to input operation instructions and data. The memory 24 stores data input through the input unit 23, OS programs and application programs downloaded from the device 10, files downloaded from the server 30, and the like.

  The display 25 displays a desktop, an application program execution progress, an execution result, and the like.

  The central processing control device 26 includes first reading means 261, starting means 262, VPN communication means 263, execution means 264, second reading means 265, and storage processing means 266.

  When the connection unit 11 of the device 10 is connected to the connection unit 21, the first reading unit 261 downloads (reads) the OS program 121 from the storage device 12 of the device 10 via the connection unit 21 and stores it in the memory 24. To do.

  When the OS program 121 is stored in the memory 24, the activation unit 262 activates the OS by the OS program 121.

  The VPN communication unit 263 communicates with an external device such as the server 30 connected to the network 40 via the communication unit 22 using the VPN. First, the VPN communication unit 263 transmits a VPN connection request for starting communication using the VPN with the server 30 to the server 30 via the communication unit 22, and response data for which communication using the VPN is permitted. Is received from the server 30, communication using the VPN becomes possible.

  The execution unit 264 executes the application program 122 stored in the memory 24 in accordance with the input from the input unit 23. For example, the execution unit 264 executes the application program 122 according to the input from the input unit 23 and generates a file in a predetermined format.

  The second reading unit 265 reads (downloads) a file from the storage device 33 of the server 30 via the communication unit 22 in accordance with an input from the input unit 23 and stores the file in the memory 24. When executing the application program 122, the execution unit 264 may update the file using the file read by the second reading unit 265.

  The storage processing unit 266 stores (uploads) the file stored in the memory 24 in the storage device 33 of the server 30 via the communication unit 22 in accordance with the input from the input unit 23.

"server"
The server 30 includes a communication unit 31, a VPN authentication unit 32, and a storage device 33.

  The communication unit 31 is a unit that executes data transmission / reception with an external device connected to the network 40. For example, the communication unit 22 transmits and receives data and the like with the client terminal 20 connected to the network 40.

  The VPN authentication unit 32 executes an authentication process for authenticating whether or not communication using the VPN with the client terminal 20 is permitted in response to the VPN connection request received via the communication unit 31, It is a means for transmitting the processing result as response data via the communication means 31. In order to access the server 30, security can be improved by restricting access so that the VPN authentication means 32 only allows communication using VPN.

  Note that the VPN authentication unit 32 is not an essential component of the server 30. When the server 30 does not have the VPN authentication means 32, a VPN authentication server (not shown) is connected to the network 40. The VPN authentication server executes an authentication process for authenticating whether or not communication using the VPN similar to the VPN authentication unit 32 is permitted, and transmits the authentication result to the client terminal 20 and the authentication unit server 30. . Between the client terminal 20 and the server 30, communication using VPN is started when a result of authentication permitted for communication is received from the VPN authentication server.

  The storage device 33 stores data such as files. Specifically, the file stored in the storage device 33 is data such as a document file, a chart file, and an audio file generated in the client terminal 20.

  In FIG. 1, only one device 10, client terminal 20, and server 30 are shown, but a plurality of devices may be provided. For example, by configuring the device 10 to a portable size, a user having the device 10 can move to a place where the client terminal 20 is installed and use a file stored in the server 30 at any time. In this case, the client terminal 20 is installed in each of a plurality of different places, and the user who has moved to the place where the client terminal 20 is installed can use the terminal.

<Processing in the remote access system>
The flow of processing in the remote access system 1 according to the first embodiment will be described using the sequence diagram shown in FIG. Here, a process of updating the file A331 stored in the storage device 33 of the server 30 using an application program will be described.

  When the client terminal 20 is turned on with the device 10 connected to the client terminal 20 (S01), the first reading means 261 of the client terminal 20 reads the OS program 121 stored in the storage device 12 of the device 10. The application program 122, the VPN data 123, and the network data 124 are downloaded (S02) and stored in the memory 24 (S03).

  Authentication using a user ID and password or biometrics at the timing when the device 10 is connected to the client terminal 20 and the power is turned on (S01) or when the OS program or application program is downloaded from the device 10 (S02) Processing may be performed. Such authentication can prevent a client terminal from being used by an unauthorized user and improve security.

  When the OS program 121 and the application program 122 are downloaded, the activation unit 262 activates the OS using the OS program 121 stored in the memory 24 (S04). When the OS is activated, the activation unit 262 displays a desktop screen on the display 25 (S05).

  When the OS is activated and the desktop screen is displayed on the display 25, the Internet connection is established based on the network data stored in the memory 24 via the communication means 22 (S06). Thereafter, the VPN communication unit 263 transmits a VPN connection request to the server 30 via the communication unit 22 (S07). The VPN connection request transmitted here includes data such as an ID or an electronic certificate read out in step S02 and stored in the memory 24.

  When the communication means 31 of the server 30 receives a VPN connection request via the network 40, the VPN authentication means 32 of the server 30 determines whether VPN connection with the client terminal 20 is permitted as an authentication process. (S08). Thereafter, the communication unit 31 transmits the authentication result by the VPN authentication unit 32 to the client terminal 20 (S09).

  The execution unit 264 of the client terminal 20 that has received the authentication result permitted for access activates the application program 122 stored in the memory 24 in accordance with the input from the input unit 23 (S10).

  In the client terminal 20, when the user selects a file (file A) to be downloaded from the server 30 via the input unit 23 (S 11), the second reading unit 265 downloads the selected file A from the storage device 33. (S12). In steps S11 and S12, communication between the client terminal 20 and the server 30 is performed using VPN.

  Thereafter, the execution unit 264 of the client terminal 20 executes the update process of the file A using the application program stored in the memory 24 according to the input from the input unit 23 to generate the file A ′ (S13). . Further, the execution unit 264 stores the file A ′ generated in S13 in the memory 24 of the client terminal 20 (S14).

  Subsequently, in the client terminal 20, when a storage request is input by the user via the input unit 23, the storage processing unit 266 transmits the file A ′ stored in the memory 24 to the server 30 (S15). The data is stored in the storage device 33 of the server 30 (S16). In the case of file update, the file A ′ updated in step S14 is overwritten with the file A before update in the storage device 33 in step S12.

  In addition, when not updating the file memorize | stored in the memory | storage device but updating a file newly, the reading process of the file in step S11 and S12 in the sequence diagram of FIG. 2 is unnecessary, and it newly produces | generates. The transmitted file is transmitted in step S15, stored in the storage device 33, and stored.

  As described above, according to the remote access system according to the first embodiment, the client terminal is not provided with a storage device, and the file is stored in the storage device of the server that is restricted for access. As a result, security that is a problem due to information leakage or the like can be improved.

  Further, according to the remote access system according to the first embodiment, OS programs and application programs with a large amount of data are stored in a storage device of a device that can be directly connected to the client terminal, and only files with a small amount of data are stored. Is stored in the server. This reduces the amount of data communication between the client terminal and the server, speeds up the execution of the OS program and application program in the conventional thin client system, and also reduces congestion in the network. it can.

  Furthermore, in the remote access system according to the first embodiment, when VPN is used for communication between the client terminal and the server, it is not necessary to provide a dedicated communication network, and security can be provided using an existing network. The maintained data communication can be executed.

[Second Embodiment]
<system>
As shown in FIG. 3, the remote access system 1a according to the second embodiment of the present invention also includes a device 10a, a client terminal 20a, and a server 30a. In the remote access system 1 a according to the second embodiment, the device 10 a can be connected to the client terminal 20 a and is connected to the server 30 a via the network 40.

  The remote access system 1a according to the second embodiment is different from the remote access system 1 according to the first embodiment in that the client terminal 20a includes a first OS program 121a stored in the storage device 12a of the device 10a. The point is that the OS is started using both of the second OS programs 333a stored in the storage device 33a of the server 30a. Here, the first OS program 121a stored in the storage device 12a of the device 10a is only a part of the OS program for starting the OS on the client terminal 20a, and is stored in the storage device 33a of the server 30a, which is the other part. The OS is started in the client terminal 20a by combining the stored second OS program 322a.

  Hereinafter, regarding the device 10a, the client terminal 20a, and the server 30a of the remote access system 1a according to the second embodiment, differences from the device 10, the client terminal 20, and the server 30 described in the first embodiment. explain.

"device"
The device 10a includes a connection unit 11 and a storage device 12a.

  The storage device 12a stores a first OS program 121a, an application program 122, VPN data 123, and network data 124. As described above, the first OS program 121a is a part of the OS program used to start the OS on the client terminal 20a.

"server"
The server 30a includes a communication unit 31, a VPN authentication unit 32, and a storage device 33a.

  The storage device 33a stores a file A331, a file B332, and a second OS program 333a. As described above, the file A331 and the file B332 stored in the storage device 33a are files such as a document file generated in the client terminal 20. The second OS program 333a is a part of the OS program used to start the OS on the client terminal 20a, and the startup of the OS is completed by combining the first OS program read from the device 10a by the client terminal 20a. To do. Since the second OS program 333a is downloaded to the client terminal 20a via the network 40, it is desirable that the data amount is smaller than that of the first OS program 121a.

<Client terminal>
The client terminal 20a includes a connection unit 21, a communication unit 22, a central processing control device 26, a memory 24, an input unit 23, and a display 25.

  The central processing control device 26 includes a first reading unit 261a, an activation unit 262a, a VPN communication unit 263, an execution unit 264, a second reading unit 265, and a storage processing unit 266.

  When the connection unit 11 of the device 10 a is connected to the connection unit 21, the first reading unit 261 a downloads (reads) the first OS program 121 a from the storage device 12 a and stores it in the memory 24. When communication using the VPN with the server 30 a is possible via the communication unit 22, the second OS program 333 a is downloaded (read) from the storage device 33 and stored in the memory 24.

  The booting unit 262a starts booting the OS by the first OS program 121a stored in the memory 24, and the booting of the OS is completed by combining the second OS program stored in the memory 24.

  3, only one device 10a, client terminal 20a, and server 30a are shown, but a plurality of devices may be provided. For example, by configuring the device 10a to a portable size, a user having the device 10a can move to a place where the client terminal 20a is installed and use a file stored in the server 30a at any time. In this case, the client terminal 20a is installed in each of a plurality of different places, and a user who has moved to the place where the client terminal 20a is installed can use it.

<Processing in the remote access system>
The flow of processing in the remote access system 1a according to the second embodiment will be described using the sequence diagram shown in FIG. In the sequence diagram shown in FIG. 4, the same processes as those in the first embodiment will be described with the same numbers as those used in FIG. Here, a process of updating the file A331 stored in the storage device 33a of the server 30a using the application program will be described.

  When the client terminal 20a is turned on while the device 10a is connected to the client terminal 20a (S01), the first reading means 261a of the client terminal 20a stores the first OS program stored in the storage device 12a of the device 10a. 121a, the application program 122, the VPN data 123, and the network data 124 are downloaded (S02) and stored in the memory 24 (S03).

  Thereafter, the booting unit 262a starts booting the OS using the first OS program 121a stored in the memory 24 (S21). However, unlike the case of the remote access system 1 according to the first embodiment described above with reference to FIG. 2, the first OS program 121 a and the remote OS 1 a according to the second embodiment are used for starting the OS. Since the second OS program 333a is required, in step S21, the OS is still being activated. For this reason, the desktop is not displayed while the OS is being activated.

  When the OS is started, the Internet connection is established based on the network data stored in the memory 24 via the communication unit 22 (S06). Subsequently, the VPN communication unit 263 is connected via the communication unit 22. A VPN connection request is transmitted to the server 30a (S07).

  When the communication means 31 of the server 30a receives a VPN connection request via the network 40, the VPN authentication means 32 of the server 30a determines whether VPN connection with the client terminal 20a is permitted as an authentication process. (S08). Thereafter, the communication unit 31 transmits the authentication result by the VPN authentication unit 32 to the client terminal 20a (S09).

  The second reading means 261a of the client terminal 20a that has received the authentication result permitted for access downloads the second OS program 333a stored in the storage device 33 of the server 30a (S22) and stores it in the memory 24 (S22). S23). In step S22, communication between the client terminal 20a and the server 30a is executed using VPN communication.

  Thereafter, the activation unit 262a activates the OS by combining the first OS program 121a stored in the memory 24 with the second OS program 333a (S24). When the OS is activated, the activation unit 262a displays a desktop screen on the display 25 (S25).

  Subsequently, the execution unit 264 activates the application program 122 stored in the memory 24 in accordance with the input from the input unit 23 (S24).

  In the client terminal 20a, when a file to be read (file A) is selected by the user via the input unit 23 (S11), the second reading unit 265 downloads the selected file A from the storage device 33 (S12). ).

  Thereafter, the execution unit 264 of the client terminal 20a executes the update process of the file A using the application program stored in the memory 24 according to the input from the input unit 23, and generates the file A ′ (S13). . Further, the execution unit 264 stores the file A ′ generated in S13 in the memory 24 of the client terminal 20a (S14).

  Subsequently, when a storage request is input by the user via the input means 23, the client terminal 20a transmits the file A ′ stored in the memory 24 to the server 30a (S15), and the storage device 33 of the server 30a. (S15).

  As described above, according to the remote access system of the second embodiment, a storage device is not provided in the client terminal, and the file is stored in the storage device of the server that is restricted for access. As a result, security that is a problem due to information leakage or the like can be improved.

  Also, according to the remote access system according to the second embodiment, an OS program or application program with a large amount of data is stored in a device that can be directly connected to the client terminal, and a part of the OS program with a small amount of data is stored. And store only the file on the server. This reduces the amount of data communication between the client terminal and the server, speeds up the execution of the OS program and application program in the conventional thin client system, and also reduces congestion in the network. it can.

  Furthermore, according to the remote access system according to the second embodiment, the device stores only the first OS program that is a part of the OS program, and stores the second OS program that is the other part of the OS program in the server. The client terminal downloads the second OS program from the server so that the activation of the OS is completed. As a result, when the second OS program cannot be downloaded, the startup of the OS is not completed, so that the security is further improved.

  Also, in the remote access system according to the second embodiment, when VPN is used for communication between the client terminal and the server, it is not necessary to provide a dedicated communication network, and security can be provided using an existing network. The maintained data communication can be executed.

  1 and 3 show so-called diskless PCs that do not have a storage device as the client terminals 20 and 20a. However, writing to the storage device (hard disk) that the client terminals 20 and 20a have is limited. For example, the client terminals 20 and 20a are not limited to diskless PCs.

1 is a block diagram illustrating a remote access system according to a first embodiment of the present invention. It is a flowchart explaining the process in the remote access system which concerns on the 1st Embodiment of this invention. It is a block diagram explaining the remote access system which concerns on the 2nd Embodiment of this invention. It is a flowchart explaining the process in the remote access system which concerns on the 2nd Embodiment of this invention. It is a figure explaining an example of the conventional thin client system. It is a figure explaining another example of the conventional thin client system.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1, 1a ... Remote access system 10, 10a ... Device 11 ... Connection means 12, 12a ... Storage device 20, 20a ... Client terminal 21 ... Connection means 22 ... Communication means 23 ... Input means 24 ... Memory 25 ... Display 26 ... Central processing Control device 30, 30a ... Server 31 ... Communication means 32 ... VPN authentication means 33, 33a ... Storage device 40 ... Network 121 ... OS program 121a ... First OS program 122 ... Application program 123 ... VPN data 124 ... Network data 261 261a ... first reading means 262,262a ... starting means 263 ... VPN communication means 264 ... execution means 265 ... second reading means 266 ... storage processing means 322a ... second OS program 331,332 ... file 333a ... second O Program

Claims (6)

A device having a storage device for storing an OS program and an application program; a client terminal that is connectable to the device and does not have an OS program and an application program or whose use is restricted; and the client terminal and the network via a network A remote access system comprising a connected server,
The client terminal is
First reading means for reading the OS program and the application program from the device and storing the OS program and the application program in a memory included in the client terminal;
Booting means for booting an OS by the OS program stored in the memory;
Execution means for generating a file by executing the application program stored in the memory in accordance with an external operation instruction;
Storage processing means for transmitting the generated file to the server and storing the file in a storage device included in the server;
A remote access system comprising: A device having a storage device for storing the first OS program and the application program; a client terminal connectable to the device; having no OS program and application program; or using restricted; and via the network and the client terminal And a server having a storage device for storing a second OS program that is combined with the first OS program and starts the OS,
The client terminal is
The first OS program and the application program are read from the device, the first OS program and the application program are stored in a memory included in the client terminal, and the second OS program is read from the server, and the second OS program is stored in the memory. First reading means for storing a 2OS program;
Booting means for booting an OS by synthesizing the first OS program and the second OS program stored in the memory;
Execution means for generating a file by executing the application program stored in the memory in accordance with an external operation instruction;
Storage processing means for transmitting the generated file to the server and storing the file in a storage device included in the server;
A remote access system comprising: The client terminal further comprises second reading means for reading the file from the server and storing the file in the memory,
The execution means updates the file stored in the memory to a new file by executing the application program stored in the memory in accordance with an input from the input means,
The remote access system according to claim 1, wherein the storage processing unit transmits the new file to the server and stores the new file in a storage device included in the server. The storage device of the device further stores VPN connection data used when performing communication using VPN,
The first reading means further reads the VPN connection data from the device, stores the VPN connection data in a memory provided in the client terminal,
The client terminal further transmits a VPN connection request, and when the VPN connection request is authenticated to enable communication using VPN, VPN communication is performed to access the server using VPN. The remote access system according to any one of claims 1 to 3, further comprising: means. A device having a storage device for storing an OS program and an application program; a client terminal that is connectable to the device and does not have an OS program and an application program or whose use is restricted; and the client terminal and the network via a network A program used in a remote access system including a server to be connected,
Reading the OS program and the application program from the device and storing the OS program and the application program in a memory provided in the client terminal;
Starting an OS by the OS program stored in the memory;
In accordance with an external operation instruction, executing the application program stored in the memory to generate a file;
Transmitting the generated file to a server and storing the file in a storage device included in the server;
For the client terminal to execute. A device having a storage device for storing the first OS program and the application program; a client terminal connectable to the device; having no OS program and application program; or using restricted; and via the network and the client terminal Connected to the first OS program and used in a remote access system comprising a server having a storage device for storing a second OS program for starting the OS,
Reading the first OS program and the application program from the device and storing the first OS program and the application program in a memory included in the client terminal;
Reading the second OS program from the server and storing the second OS program in the memory;
Combining the first OS program and the second OS program stored in the memory and starting the OS;
Generating a file by executing the application program stored in the memory in accordance with an external operation instruction;
Transmitting the generated file to the server and storing the file in a storage device included in the server;
For the client terminal to execute.

Images