JP2008288757A - Method for transferring encrypted packet, repeater, its program, and communication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To check the contents of an encrypted packet by a repeater in end-to-end encrypted communication. <P>SOLUTION: An SIP server 3 instructs a repeater 4 for repeating a packet between an originating side terminal 1A and a terminating side terminal 1B to establish a security pass between the originating side terminal 1A and the incoming side terminal 1B. Then the security pass is established between the originating side terminal 1A and the terminating side terminal 1B. Since the repeater 4 can decrypt an encrypted packet once by using information concerned with SA which is exchanged between the repeater 4 and the originating side terminal 1A, the security of the packet can be checked. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to an end-to-end encrypted communication technique using an IP (Internet Protocol) network. In particular, the present invention relates to a secure communication technique that enables an apparatus in an IP network to confirm the contents of an encrypted packet by once decrypting the encrypted packet and to delete a virus, a worm, or the like.

  With the spread of broadband services and serious security problems such as eavesdropping, services using IPsec (IP Security) are being provided in order to realize end-to-end secure communication. Here, in order to improve the communication performance of communication between terminals in IPsec, there is an end-to-end encrypted communication method using a dynamic key exchange method using session control (see Patent Document 1). In addition, after session control is completed, IKE (Internet Key Exchange), which is a key exchange protocol, is used to dynamically generate encryption keys between terminals and realize end-to-end encrypted communication. There is technology (see Non-Patent Documents 1 and 2).

While broadband services including such encrypted communication are provided, damage from viruses and worms is also increasing. Therefore, in order for a network operator such as ISP (Internet Services Provider) to perform a security check such as detecting a virus in the network, it is necessary to take out the packet and confirm its contents in the relay device in this network. is there.
JP 2004-248169 A IETF, “The Internet Key Exchange (IKE)”, RFC2409, [online], [searched on April 17, 2007], Internet <URL: http://www.ietf.org/rfc/rfc2409.txt> IETF, “Internet Key Exchange (IKEv2) Protocol”, RFC4306, [online], [April 17, 2007 search], Internet <URL: http://www.ietf.org/rfc/rfc4306.txt>

  In such end-to-end encrypted communication, in order for a relay device in the network to perform a security check, it is necessary to decrypt a packet transmitted from a terminal. However, if an encryption key is dynamically generated by IKE between terminals in end-to-end encrypted communication, the relay device cannot know the encryption key. Therefore, in the end-to-end encrypted communication, there is a problem that the relay device cannot decrypt the relayed packet and cannot perform a packet security check.

  In view of the above, an object of the present invention is to solve the above-described problems and allow a relay device in a network to perform a security check in end-to-end encrypted communication.

  In order to solve the above-described problem, the invention described in claim 1 includes a session control server that performs session control between a first terminal and a second terminal that communicates with the first terminal, and the first terminal. In a communication system including a relay device that forwards encrypted packets transmitted and received between the second terminal and the second terminal, the relay device decrypts the encrypted packet received from the first terminal, An encrypted packet transfer method for transferring to the second terminal, wherein the relay device receives, from the session control server, addresses of the first terminal and the second terminal, the first terminal, and the Relay device control information including call identification information which is signaling session identification information with the second terminal is received, and the first terminal and the second terminal are received by IKE (Internet Key Exchange). Exchange information related to SA (Security Association) including the call identification information to establish IPsec SA, store the information related to SA in a storage unit, and the received relay device control information; For each call identification information, the addresses of the first terminal and the second terminal corresponding to the call identification information, the first terminal, and the information about the SA stored in the storage unit are used. When communication session information indicating an SPI value (Security Parameters Index) related to SA with each of the second terminals is created, stored in the storage unit, and an encrypted packet is received from the first terminal The information about the SA with the first terminal is searched from the storage unit using the SPI value included in the received encrypted packet as a key. And decrypting the encrypted packet, performing a security check on the decrypted packet, and using the combination of the address of the first terminal and the SPI value included in the packet subjected to the security check as a key. The communication session information is searched for the address of the second terminal that is the transmission destination of the encrypted packet from the first terminal and the SPI value related to the SA with the second terminal, and the decrypted packet The destination address is rewritten to the address of the searched second terminal, and information related to the SA with the second terminal is searched from the storage unit using the searched SPI value as a key. The decrypted packet is encrypted using the information regarding the encrypted packet, and the encrypted packet is transmitted to the second terminal. It is characterized by that.

  According to such a method, when performing end-to-end encrypted communication between the first terminal and the second terminal, the first terminal and the relay device, the second terminal and the relay device, respectively. IPS establishes IPsec SA between them and establishes a security path. The relay device can decrypt the encrypted packet by using the information related to the SA exchanged with the first terminal, so that the packet can be transferred to the second terminal after performing a security check on the packet. .

  The invention according to claim 2 is the encrypted packet transfer method according to claim 1, wherein the session control server receives session control information including a communication request for the encrypted packet from the first terminal. At this time, the source address in the received session control information is converted into the address of the relay device that forwards the encrypted packet, and is transmitted to the second terminal. From the second terminal, the received session When a control information response is received, a source address in the received session control information response is converted to an address of a relay device that forwards the encrypted packet, and is transmitted to the first terminal. Each of the first terminal and the second terminal is indicated by the IKE in the response to the session control information or the session control information. Between the address of the relay device, to exchange information about the SA, and establishes the IPsecSA.

  According to such a method, the session control server notifies the address of the relay device to the first terminal and the second terminal, so that the first terminal and the second terminal are end-to-end encryption. When performing encrypted communication, it is possible to know which relay device should establish IPsec SA.

  According to a third aspect of the present invention, in the encrypted packet transfer method according to the second aspect, the communication system includes a plurality of the relay devices, and the session control server includes an address of the first terminal. For each domain, the relay device address information indicating the address of the relay device to which the encrypted packet transmitted from the first terminal having the domain is transferred is stored in a storage unit, and the session control server When session control information is received from one terminal, the first domain name of the address of the first terminal included in the received session control information is used as a key from the relay apparatus indicated in the relay apparatus address information. Select a relay device that forwards the encrypted packet transmitted from the terminal, and send the relay device control information to the selected relay device. Characterized by trust.

  According to such a method, when the session control server selects a relay device that relays an encrypted packet from a plurality of relay devices, the session control server can select the relay device based on the domain of the address of the first terminal. it can. Therefore, for example, the session control server can select a relay device close to the network to which the first terminal belongs. The address of the first terminal uses, for example, SIP-URI (Session Initiation Protocol-Uniform Resource Identifier), and the domain name of the address is, for example, an address of SIP-UR “xxx@aaa.co.jp”. In other words, it refers to the part “aaa.co.jp”.

  The invention according to claim 4 is the encrypted packet transfer method according to claim 3, wherein the relay device address information has the IP address for each IP (Internet Protocol) address of the first terminal. Information indicating an address of a relay apparatus that transfers an encrypted packet transmitted from the first terminal, and when the session control server receives session control information from the first terminal, Using the IP address of the first terminal that is the transmission source as a key, selecting the relay device that transfers the encrypted packet transmitted from the first terminal from the relay device indicated in the relay device address information. Features.

  According to such a method, when the session control server selects a relay device that relays encrypted packets from a plurality of relay devices, the relay device can be selected based on the IP address of the first terminal. . Therefore, for example, the session control server can select a relay device close to the network to which the first terminal belongs by referring to the network address in the IP address of the first terminal.

  According to a fifth aspect of the present invention, in the encrypted packet transfer method according to the second aspect, the communication system includes a plurality of the relay devices and a load monitoring server that monitors a processing load status of each of the plurality of relay devices. When the session control server receives session control information including a communication request for the encrypted packet from the first terminal and the second terminal, the load monitoring server The processing load information of each relay device is received, and the relay device having the smallest processing load in the received processing load information is selected as the relay device for transferring the encrypted packet transmitted from the first terminal. And

  According to such a method, when the session control server selects the relay device that relays the encrypted packet, the relay device with the smallest processing load is selected, so the communication speed of the end-to-end encrypted communication is reduced. Decline can be prevented.

  According to a sixth aspect of the present invention, in the encrypted packet transfer method according to any one of the second to fifth aspects, the session control server sends the first terminal and the second terminal, An encryption key used for transmission / reception of an encrypted packet in each of the first terminal and the second terminal is distributed, and the first terminal and the second terminal use the distributed encryption key to transmit the session A security path is established with the relay device indicated in the control information.

  According to such a method, the session control server distributes the encryption key, and the first terminal, the second terminal, and the relay device do not perform key exchange by IKE using the distributed encryption key. Can also establish an IPsec SA.

  The invention according to claim 7 is the encrypted packet transfer method according to any one of claims 1 to 6, wherein the relay apparatus executes the security check from an external apparatus. The security check is executed when an instruction input is received and an instruction input for executing the security check is received.

  According to such a method, when performing end-to-end encrypted communication between the first terminal and the second terminal, an operator or the like determines whether or not to perform a packet security check in the relay device. Can be set.

  The invention according to claim 8 is a session control server that performs session control between the first terminal and a second terminal that communicates with the first terminal, the first terminal, and the second terminal. In a communication system including a relay device that forwards encrypted packets transmitted / received between the relay device and the relay device, the relay device decrypts the encrypted packet received from the first terminal and forwards the encrypted packet to the second terminal. Call identification, which is a relay device, from the session control server, the addresses of the first terminal and the second terminal, and signaling session identification information between the first terminal and the second terminal An SA (Security) including the call identification information between the first terminal and the second terminal by an IKE (Internet Key Exchange) and an input / output unit that receives relay device control information including the information. A ssociation) to exchange information, establish an IPsec SA, store the SA information in the storage unit, the received relay device control information, and the SA information stored in the storage unit. And for each of the call identification information, addresses of the first terminal and the second terminal corresponding to the call identification information, and SAs between the first terminal and the second terminal, respectively. Create communication session information in association with an SPI value (Security Parameters Index), and store the communication session information processing unit stored in the storage unit, and the SPI value included in the encrypted packet received from the first terminal as keys A policy management unit that searches the storage unit for information related to the SA with the first terminal, and the encryption parameter using the searched information about the SA. A decryption unit that decrypts a packet, a security processing unit that performs a security check on the decrypted packet, and a combination of the address of the first terminal and the SPI value included in the packet that has performed the security check. As a key, the communication session information is searched for the address of the second terminal that is the transmission destination of the encrypted packet from the first terminal and the SPI value related to the SA between the second terminal, An IP address conversion unit that rewrites the destination address of the decrypted packet with the address of the searched second terminal, and the policy management unit searches the storage unit by using the searched SPI value as a key. The packet on which the security check has been executed is encrypted using information about the SA between the two terminals. And an encryption unit that transmits the encrypted packet to the second terminal.

  According to such a relay device, when performing end-to-end encrypted communication between the first terminal and the second terminal, the first terminal and the relay device, and the second terminal and the relay device, respectively. Establishes an IPsec SA by IKE and establishes a security path. Therefore, since the relay apparatus can decrypt the encrypted packet using the information regarding the SA exchanged with the first terminal, the relay apparatus can transfer the packet to the second terminal after performing a security check on the packet. .

  The invention according to claim 9 is a program that causes a computer to function as the relay apparatus according to claim 8.

  According to such a program, the computer can be caused to function as the relay device according to the eighth aspect.

  Invention of Claim 10 performs session control with the relay apparatus of Claim 8, and the said 1st terminal and said 2nd terminal, and session control which transmits the said session control information to the said relay apparatus A communication system comprising: a server, a session control protocol between the session control server and the IKE protocol for performing an IKE with the relay device. .

  According to such a communication system, when performing end-to-end encrypted communication between the first terminal and the second terminal, the first terminal and the relay device, and the second terminal and the relay device, respectively. Establishes an IPsec SA by IKE and establishes a security path. The relay device can decrypt the encrypted packet by using the information related to the SA exchanged with the first terminal, so that the packet can be transferred to the second terminal after performing a security check on the packet. .

  According to the present invention, a network relay device can perform a packet security check in end-to-end encrypted communication. Accordingly, it is possible to improve both confidentiality and security of communication contents in the IP network.

  Hereinafter, the best mode for carrying out the present invention (hereinafter referred to as an embodiment) will be described by dividing it from the first embodiment to the fourth embodiment.

<< First Embodiment >>
FIG. 1 is a diagram illustrating a configuration example of a communication system according to a first embodiment of this invention.

  As shown in FIG. 1, the communication system according to the first embodiment includes a session originating terminal (first terminal) 1 (1A) and a destination terminal (second terminal) 1 (1B) of this session. ), And a SIP (Session Initiation Protocol) server 3 that performs session control between the originating terminal 1A and the terminating terminal 1B, and packets transmitted and received between the originating terminal 1A and the terminating terminal 1B And the relay device 4 to be configured. The SIP server 3 and the relay device 4 are devices installed in, for example, an IP network.

  The originating terminal 1A and the terminating terminal 1B are computers equipped with a session control protocol for transmitting and receiving various data via the IP network, such as SIP. In addition, the originating terminal 1A and the terminating terminal 1B include an IKE that is an automatic key exchange protocol, and perform security association (SA) with another terminal (for example, the relay device 4) using this IKE, and IPsec Establish a security path such as Then, the calling terminal 1A and the called terminal 1B perform encrypted communication using this security path.

  The SIP server (session control server) 3 is a computer that performs session control between the calling terminal 1A and the called terminal 1B. When this SIP server 3 receives a session control start request with the callee terminal 1B from the caller terminal 1A, the SIP server 3 transfers the session control start request to the callee terminal 1B. At the same time, the address of the relay device 4 that performs packet transfer between both terminals is also notified. When the SIP server 3 receives the session control OK response from the destination terminal 1B, the SIP server 3 notifies the relay device 4 of the addresses (IP addresses) of the source terminal 1A and the destination terminal 1B. Further, the SIP server 3 notifies the address of the relay device 4 to the calling terminal 1A. Thereafter, the calling terminal 1A and the called terminal 1B execute IKE with the relay device 4 of the notified address, and establish a security path. Then, the originating terminal 1A and the terminating terminal 1B perform end-to-end encrypted communication using the security path established with the relay device 4. That is, since the relay device 4 establishes a security path between the originating terminal 1A and the terminating terminal 1B, the encrypted packet received from the originating terminal 1A is once decrypted and the decrypted packet is converted into the decrypted packet. After performing a security check or the like, it can be encrypted and transferred to the destination terminal 1B. In the communication system described above, a plurality of calling terminal 1A and receiving terminal 1B may be provided.

<SIP server>
Next, the configuration of the SIP server 3 will be described in detail with reference to FIG. FIG. 2A is a diagram showing the configuration of the SIP server in each embodiment. Note that the SIP servers 3A, 3B, and 3C will be described in the second and subsequent embodiments.

  The SIP server 3 includes an input / output unit 31, a communication processing unit 32, and a storage unit 33.

  The input / output unit 31 is an interface that controls input / output of various data such as session control packets, relay device control packets, and setting information of relay device address information 331 (described later).

  The communication processing unit 32 executes communication processing with an external device. The communication processing unit 32 includes a session control processing unit 320 that transmits and receives control packets to and from the originating terminal 1A and the terminating terminal 1B, and a relay device control unit 321 that controls the relay device 4. The load status acquisition unit 322 indicated by a broken line will be described in the fourth embodiment.

  The session control processing unit 320 performs session control between the calling terminal 1A and the called terminal 1B. Specifically, when an INVITE request packet that is a session control start request is received from the originating terminal 1A, the INVITE request packet is transferred to the called terminal 1B. At this time, the session control processing unit 320 notifies the IP address of the relay device 4 recorded in the relay device address information 331 (described later) of the storage unit 33. As a result, the destination terminal 1B can know the address of the relay device 4 that transfers the packet in the end-to-end encrypted communication. That is, in the end-to-end encrypted communication with the originating terminal 1A, it is possible to know which relay device 4 should establish an IPsec SA and establish a security path.

  The INVITE request packet from the calling terminal 1A includes a flag indicating the presence or absence of a secure communication request (that is, information indicating whether encryption is necessary), the SIP address (SIP-URI) of the calling terminal 1A, It includes the SIP-URI of the called terminal 1B, the IP address of the calling terminal 1A, Call-ID, and the like. Call-ID (call identification information) is signaling session identification information for communication with the called terminal 1B, and is issued by the calling terminal 1A.

  In addition, when the session control processing unit 320 receives the response of the INVITE request packet from the destination terminal 1B, the IP address of the source terminal 1A, the IP address of the destination terminal 1B, and the Call received from the source terminal 1A -Recorded in session control information 332 (described later) in association with ID.

  The relay device control unit 321 includes the IP addresses of the terminals (the originating terminal 1A and the terminating terminal 1B) that are both ends of the end-to-end encrypted communication indicated by the session control information 332 in the storage unit 33, and the Call-ID. Are transmitted to the relay device 4. That is, the relay device control unit 321 instructs the relay device 4 to establish an IPsec SA between the originating terminal 1A and the called terminal 1B and to establish a security path.

  The storage unit 33 includes relay device address information 331 indicating the IP address of the relay device 4 and the session control information 332 described above. The session control information 332 is information recorded in association with the IP address of the originating terminal 1A, the IP address of the terminating terminal 1B, and the Call-ID received from the originating terminal 1A, although not shown here. is there. The relay device address information 331 can be rewritten by an operator or the like via the input / output unit 31. In this way, the relay device 4 desired by the operator can be set as the relay device 4 that relays between the calling terminal 1A and the called terminal 1B. The relay device address information 331A and 331B will be described in the second embodiment and the third embodiment. Further, the load status information 333 indicated by a broken line will be described in the fourth embodiment.

  The input / output unit 31 includes an input / output interface that performs data input / output with an external device. The communication processing unit 32 is realized by a program execution process by a CPU (Central Processing Unit) included in the SIP server 3 or a dedicated circuit. The storage unit 33 includes a storage medium such as a random access memory (RAM), a read only memory (ROM), a hard disk drive (HDD), and a flash memory. When the function of the communication processing unit 32 is realized by program execution processing, the storage unit 33 stores a program for realizing the function of the communication processing unit 32.

<Calling terminal and called terminal>
Next, the configuration of the originating terminal 1A and the terminating terminal 1B will be described with reference to FIG. FIG.2 (b) is a figure which shows the structure of the origination side terminal and destination side terminal in each embodiment. Since the calling side terminal 1A and the called side terminal 1B have the same configuration, the terminal 1 will be collectively described below. The terminal 1 includes an input / output unit 11, a communication processing unit 12, and a storage unit 13.

  The input / output unit 11 is an interface that controls input / output of various data such as a session control packet transmitted / received to / from the SIP server 3, information related to IPsec SA, and an encrypted packet.

  The communication processing unit 12 executes communication processing with an external device. The communication processing unit 12 includes a session control protocol such as SIP, and an automatic key exchange protocol such as IKE. For example, the communication processing unit 12 transmits / receives a session control packet to / from the SIP server 3 or performs IPsec SA with the relay device 4 by IKE. Establish and perform encrypted communication.

  The communication processing unit 12 includes a session control processing unit 120, an SA processing unit 121, a policy management unit 122, an encryption unit 123, and a decryption unit 124.

  The session control processing unit 120 transmits and receives session control packets to and from the SIP server 3. Specifically, when the terminal 1 serving as the calling terminal 1A performs communication with the called terminal 1B, the terminal 1 issues a Call-ID that is identification information of communication with the called terminal 1B. Then, a flag indicating the presence or absence of a secure communication request, the SIP-URI of the calling terminal 1A, the SIP-URI of the called terminal 1B, the IP address of the calling terminal 1A, the issued Call-ID, etc. An INVITE request packet is transmitted. Thereafter, when a response to the transmitted INVITE request packet is received from the SIP server 3, information such as the address of the relay device 4 and Call-ID included in the response is recorded as session control information 131 in the storage unit 13. The session control processing unit 120 has a function of resolving the SIP-URI name and specifying an IP address corresponding to the SIP-URI.

  The SA processing unit 121 negotiates IPsec SA with the relay device 4 notified from the SIP server 3 by IKE, and registers the negotiation result at this time in the SAD 132 (described later) as information on the SA.

  The policy management unit 122 refers to the header information indicating the attribute of the communication packet, searches the SPD 133 for the security policy of the communication packet, and determines the security policy for the communication packet. Further, the policy management unit 122 searches the SAD 132 for information related to the SA of this communication data. And based on this search result (security policy and SA), the processing content of communication data is determined. Thereafter, if the communication packet needs to be encrypted, the fact and information on the SA used for encryption are output to the encryption unit 123. If decoding is necessary, the fact and information on SA used for decoding are output to decoding section 124.

  The encryption unit 123 encrypts the packet by using the processing content (information about SA) determined by the policy management unit 122.

  The decryption unit 124 decrypts the packet using the processing content (information related to SA) determined by the policy management unit 122.

  The storage unit 13 includes session control information 131, SAD 132, and SPD 133.

  The session control information 131 is information indicating the address of the communication partner terminal 1, the Call-ID, the IP address of the relay device 4 that relays when performing end-to-end encrypted communication with the terminal 1, and the like. It is.

  The SAD 132 stores information related to IPsec SA established by the terminal 1 (information related to SA). The information about the SA includes the end point IP address (destination IP address) of the communication packet, the type of the IPsec protocol, the SPI that is a value for identifying the parameter of each SA, the encryption algorithm, the information about the encryption key, and various information. Information is described. Since this SAD 132 is the same as the SAD 432 of the relay apparatus 4, it will be described in detail in the description of the relay apparatus 4.

  The SPD 133 stores a security policy for communication packets such as encryption / non-encryption. The security policy also includes information on the encapsulation mode, encryption algorithm, and authentication algorithm when the encryption unit 123 encrypts the packet. A specific example of information related to the security policy will be described later with reference to FIG. Since this SPD 133 is the same as the SPD 433 of the relay apparatus 4, it will be described in detail in the description of the relay apparatus 4.

  The input / output unit 11 includes an input / output interface that performs data input / output with an external device. The communication processing unit 12 is realized by a program execution process by a CPU provided in the terminal 1 or a dedicated circuit. The storage unit 13 includes a storage medium such as a RAM, a ROM, an HDD, and a flash memory. When the function of the communication processing unit 12 is realized by a program execution process, the storage unit 13 stores a program for realizing the function of the communication processing unit 12.

<Relay device>
Next, the configuration of the relay device 4 will be described with reference to FIG. FIG. 3 is a diagram illustrating a configuration of the relay device in each embodiment. Note that the relay devices 4A, 4B, and 4C will be described in the second and subsequent embodiments.

  The relay device 4 includes an input / output unit 41, a communication processing unit 42, and a storage unit 43.

  The input / output unit 41 is an interface that controls input / output of session control packets, information exchanged by IKE, and encrypted packets.

  The communication processing unit 42 executes communication processing with external devices such as the SIP server 3, the calling terminal 1A, and the receiving terminal 1B. When receiving the relay device control packet from the SIP server 3, the communication processing unit 42 establishes IPsec SA between the calling terminal 1A and the called terminal 1B and performs encrypted communication.

  Such a communication processing unit 42 includes a communication session information processing unit 420, an SA processing unit 421, a policy management unit 422, an encryption unit 423, a decryption unit 424, an IP address conversion unit 425, and a security processing unit. 426.

  When receiving the relay device control packet from the SIP server 3, the communication session information processing unit 420 stores this information in the storage unit 43 as communication session information 431. Then, the SA processing unit 421 is instructed to negotiate SA for establishing a security path between the originating terminal 1A and the terminating terminal 1B indicated by the communication session information 431. Alternatively, the SA processing unit 421 is instructed to respond to the SA negotiation from the calling terminal 1A or the called terminal 1B. Further, when the SA processing unit 421 completes the SA negotiation with the calling terminal 1A and the called terminal 1B, the communication session information processing unit 420 records the SPI indicated in the SA negotiation result in the communication session information 431. Details of the communication session information 431 will be described later with reference to the drawings.

  Based on an instruction from the communication session information processing unit 420, the SA processing unit 421 performs SA negotiation using the IKE between the calling terminal 1A and the called terminal 1B. The SA negotiation here is performed by IKE execution processing using the Call-ID indicated in the relay apparatus control packet. Here, when the SA negotiation between the originating terminal 1A and the terminating terminal 1B is completed in the SA processing unit 421, the SA negotiation result is registered in the SAD 432 (described later).

  The policy management unit 422 refers to the header information indicating the attribute of the communication packet, searches the security policy of this communication packet from the SPD 433 (described later), and determines the security policy. Further, the policy management unit 422 searches the SAD 432 for information related to the SA of the communication data. Then, based on this search result (information on security policy and SA), the processing content of the communication data is determined. Thereafter, if the communication packet needs to be encrypted, the fact and information on the SA used for the encryption are output to the encryption unit 423. If decoding is necessary, the fact and information on SA used for the decoding are output to decoding section 424.

  The encryption unit 423 encrypts the packet using the processing content (information regarding SA) determined by the policy management unit 122.

  The decoding unit 424 decodes the packet by using the processing content (information about SA) determined by the policy management unit 122.

  The IP address conversion unit 425 converts the destination address of the encrypted packet transmitted from the calling terminal 1A into the address of the terminal 1 (the called terminal 1B) that is the other end in the end-to-end encrypted communication. In other words, when receiving the encrypted packet from the calling terminal 1A, the communication processing unit 42 changes the address of this packet from the address of the relay device 4 to the address of the called terminal 1B. Specifically, when the decryption unit 424 decrypts the encrypted packet, the IP address conversion unit 425 uses the combination of the IP address of the originating terminal 1A and the SPI of the encrypted packet as a key to communicate session information 431. From this, the IP address of the destination terminal 1B to which this packet should reach is searched. Next, the IP address conversion unit 425 converts the destination of the decrypted packet from the address of the relay device 4 to the IP address of the searched destination terminal 1B. Then, the packet after IP address conversion is encrypted by the encryption unit 423 and transmitted to the destination terminal 1B.

  The security processing unit 426 once decrypts the encrypted packet transmitted from the originating terminal 1A by the decryption unit 424, and then performs a security check (detection or deletion of a virus, a worm, etc.) on the packet. The security processing unit 426 may be provided outside the relay device 4. That is, the communication processing unit 42 may perform a security check on the decrypted packet with an external security check device, and transmit the packet after the check to the destination terminal 1B that has encrypted the packet. Further, a network administrator or the like sets an instruction input for necessity of execution of security check by the security processing unit 426 via the input / output unit 41, and inputs an instruction to execute this security check in the security processing unit 426. When it is accepted, a security check may be performed.

  The storage unit 43 includes the communication session information 431, the SAD 432, and the SPD 433 described above.

  FIG. 4 is a diagram illustrating an example of communication session information in each embodiment. As shown in FIG. 4, the communication session information 431 includes, for each communication session number, the Call-ID of this session, the address of the calling terminal 1A and the address of the called terminal 1B corresponding to this Call-ID, This is information indicating the SPI related to the SA between the calling terminal 1A and the relay device 4 and the SPI related to the SA between the relay device 4 and the called terminal 1B.

  For example, the communication session number “1” in FIG. 4 is information related to the session with Call-ID “100”, the IP address “x” of the calling terminal 1A, and the IP address of the called terminal 1B is “y”. The SPI related to the SA between the calling terminal 1A and the relay device 4 is “1000”, and the SPI related to the SA between the relay device 4 and the called terminal 1B is “2000”.

  Since the relay device 4 includes such communication session information 431, when the relay device 4 receives the encrypted packet from the originating terminal 1A, it knows which address the encrypted packet address should be converted to. be able to. That is, in the encrypted communication between the originating terminal 1A and the terminating terminal 1B, the destination address of the packet received by the relay device 4 from the originating terminal 1A is the address of the relay device 4. Here, when the relay device 4 refers to the communication session information 431, the SPI (eg, “1000”) of the encrypted packet received from the originating terminal 1A and the address (eg, “x”) of the originating terminal 1A From this combination, it is possible to know the address (for example, “y”) of the destination terminal 1B to which the packet is transferred.

  The SAD 432 stores the SA negotiation result (information related to SA) by the SA processing unit 421. The information related to SA includes information related to the SAs of the originating terminal 1A (IP address “x”) and the relay device 4, and the relay device 4 and the terminating terminal 1B (IP address “y”). FIG. 5 is a diagram illustrating an example of SAD in each embodiment. As illustrated in FIG. 5, the SA-related information includes, as illustrated in FIG. 5, the end IP address (IP address) of the communication packet, the type of IPsec protocol, the SPI that is a value for identifying each SA, the encryption algorithm, and the encryption key. The information about is recorded. Although not shown, the SAD 432 includes an output SAD that stores an SA related to a communication packet output by the relay device 4 and an input SAD that stores an SA of the communication packet received by the relay device 4. It consists of two types of SAD.

  The SPD 433 stores a security policy of a communication packet such that the packet is encrypted (IPsec is applied) or not (IPsec is not applied). FIG. 6 is a diagram illustrating an example of an SPD in each embodiment. As shown in FIG. 6, this security policy includes the priority to which each processing content is applied, the starting IP address (source terminal 1A) of the communication data packet to be processed, and the destination IP address (destination terminal). 1B), a protocol, a destination port, and information regarding processing contents applied to communication packets corresponding to these items (selectors). The information regarding the processing contents includes information regarding the encapsulation mode, encryption algorithm, and authentication algorithm when the encryption unit 423 applies IPsec. The SPD 433 shown in FIG. 6 indicates that “apply IPsec (apply IPsec)” is selected between the calling terminal 1A and the called terminal 1B. Although not shown, the SPD 433 also includes an output SPD that stores a security policy related to a communication packet output by the relay device 4, and an input SPD that stores the SA of the communication packet received by the relay device 4. It consists of two types of SPDs.

  The input / output unit 41 includes an input / output interface that performs data input / output with an external device. The communication processing unit 42 is realized by a program execution process by a CPU provided in the terminal 1 or a dedicated circuit. The storage unit 43 includes a storage medium such as a RAM, a ROM, an HDD, and a flash memory. When the function of the communication processing unit 42 is realized by program execution processing, the storage unit 43 stores a program for realizing the function of the communication processing unit 42.

<Operation procedure>
Next, the operation procedure of the communication system of FIG. 1 will be described with reference to FIG. 7 (see FIGS. 2 to 6 as appropriate). FIG. 7 is a diagram showing an operation procedure of the communication system of FIG.

  First, the session control processing unit 120 (see FIG. 2B) of the calling terminal 1A adds a flag indicating a secure communication request to the INVITE request packet (session control information) indicating the start of session control. The SIP-URI, the SIP-URI of the called terminal 1B, the IP address of the calling terminal 1A, the Call-ID, etc. are transmitted to the SIP server 3 (S81).

  Next, the session control processing unit 320 of the SIP server 3 transfers the INVITE request packet to the called terminal 1B (S82). At this time, when the session control processing unit 320 confirms that the flag indicating the secure communication request is attached to the INVITE request packet received from the originating terminal 1A, the session control processor 320 (source terminal 1A's source address) (IP address) is rewritten to the IP address of the relay device 4 and transferred. In this way, the SIP server 3 can notify the destination terminal 1B of the relay device 4 that should establish a security path in communication with the originating terminal 1A. When there is no secure communication request, the SIP server 3 transmits an INVITE request packet to the destination terminal 1B while keeping the IP address of the calling terminal 1A.

  When receiving the INVITE request packet from the SIP server 3, the session control processing unit 120 of the called terminal 1B records the Call-ID included in this packet and the IP address of the relay device 4 in the session control information 131 (S83).

  Then, the session control processing unit 120 of the receiving terminal 1B adds a flag indicating a secure communication request, a SIP-URI of the receiving terminal 1B, a SIP-URI of the calling terminal 1A, to the 200OK packet that is a response to the INVITE request packet. The information including the IP address, Call-ID and the like of the called terminal 1B is transmitted to the SIP server 3 (S84).

  The session control processing unit 320 of the SIP server 3 confirms the packet transmitted from the destination terminal 1B, and if there is a flag indicating a secure communication request, the relay device control unit 321 causes the IP address of the source terminal 1A, A relay device control request (relay device control packet) including the IP address and Call-ID of the called terminal 1B is transmitted to the relay device 4 (S85). As a result, the relay device 4 can know the IP addresses of the originating terminal 1A and the terminating terminal 1B of End-to-End encrypted communication and the Call-ID. In S82, the session control processing unit 320 of the SIP server 3 confirms the packet transmitted from the destination terminal 1B. If there is no flag indicating a secure communication request, the IP address of the destination terminal 1B is left as it is. The 200 OK packet is transmitted to the calling terminal 1A.

  The communication session information processing unit 420 (see FIG. 3) of the relay device 4 uses the communication session information 433 (see FIG. 3) as the IP address of the calling terminal 1A, the IP address of the called terminal 1B, and the Call-ID included in the relay device control request. 4). That is, session generation for end-to-end communication is performed (S86). Then, the communication session information processing unit 420 transmits a relay device control response to the SIP server 3 (S87). That is, the relay device 4 is notified that the relay device control request including the IP address of the calling terminal 1A, the IP address of the called terminal 1B, and the Call-ID has been received.

  When the SIP server 3 receives the relay device control response from the relay device 4, the SIP server 3 rewrites the source address (IP address of the called terminal 1 B) included in the 200 OK packet received in S 84 with the IP address of the relay device 4. It transmits to the side terminal 1A (S88). In this way, the SIP server 3 can notify the originating terminal 1A of the relay device 4 that should establish a security path in communication with the called terminal 1B.

  When receiving the 200 OK packet, the session control processing unit 120 of the originating terminal 1A records the Call-ID included in this packet and the IP address of the relay device 4 in the session control information 131 (S89).

  In this way, preparation is made for performing encrypted communication between the calling terminal 1A and the relay device 4 and between the relay device 4 and the called terminal 1B in the calling terminal 1A, the relay device 4 and the called terminal 1B, respectively. .

  Thereafter, when the SIP server 3 receives the SIP ACK packet from the calling terminal 1A (S90), the session control processing unit 320 of the SIP server 3 transfers the ACK packet to the called terminal 1B (S91). When receiving the ACK packet, the SA processing unit 121 of the receiving terminal 1B negotiates SA with the relay device 4 by IKE including the Call-ID to establish IPsec SA (S92). Further, the SA processing unit 121 of the originating terminal 1A makes an SA negotiation with the relay device 4 by IKE including the Call-ID with the transmission of the ACK packet as a trigger, and establishes IPsec SA (S93). . That is, the security path is established between the calling terminal 1A and the relay device 4, and between the relay device 4 and the called terminal 1B.

  The negotiation result here is recorded as SA information in the SAD 132 of the receiving terminal 1B, the SAD 432 of the relay apparatus 4, and the SAD 132 of the calling terminal 1A. Further, the communication session information processing unit 40 of the relay device 4 records the IPsec SA SPI in the calling terminal 1A and the called terminal 1B established in S92 and S93 in the communication session information 431. For example, when the relay device 4 establishes SA with the calling terminal 1A (IP address “x”) by IKE including the Call-ID “100”, the communication session information processing unit 420 sets the communication session information 431 (FIG. 4), the SPI related to the SA with the calling terminal 1A is registered in the record in which the Call-ID “100” and the IP address “x” are registered. When the relay device 4 establishes SA with the destination terminal 1B (IP address “y”) by IKE including the Call-ID “100”, the communication session information processing unit 420 calls the Call in the communication session information 431. -For the record in which the ID “100” and the IP address “y” are registered, the SPI related to the SA with the destination terminal 1B is registered.

  When the relay device 4 receives the encrypted packet from the calling terminal 1A, the policy management unit 422 searches the SPD 433 for a security policy related to communication with the calling terminal 1A, and the SAD 432 communicates with the calling terminal 1A. Search for information on IPsec SA established in between. Then, the policy management unit 422 instructs the decoding unit 424 to decode the packet based on the searched information. When the decryption unit 424 decrypts the packet, the security processing unit 426 performs a security check on the decrypted packet. Thereafter, the IP address conversion unit 425 refers to the combination of the packet source IP address (source terminal 1A), the SPI attached to the packet, and the communication session information 431, and forwards the packet. Address (the address of the called terminal 1B) and the SPI value related to the IPsec SA of this called terminal 1B. Then, the IP address conversion unit 425 rewrites the address of the decrypted packet with the address of the specified called terminal 1B. Further, the policy management unit 422 searches the SPD 433 for a security policy related to communication with the called terminal 1B using the identified SPI value as a key, and relates to the IPsec SA established between the SAD 432 and the called terminal 1B. Search for information. Then, the policy management unit 422 determines the processing content for the packet based on these search results. Next, when the policy management unit 422 confirms that the determined processing content requires encryption, the policy management unit 422 causes the encryption unit 423 to encrypt the packet after this address rewriting based on the retrieved information. Instruct them to Then, when encryption is completed in the encryption unit 423, this encrypted packet is transmitted to the destination terminal 1B. That is, end-to-end encrypted communication is executed between the calling terminal 1A and the called terminal 1B (S94).

  In this way, the relay apparatus 4 can perform a packet security check in end-to-end encrypted communication between the calling terminal 1A and the called terminal 1B. Further, when the relay device 4 performs the security check in this way, the calling side terminal 1A and the called side terminal 1B do not need to be aware of the hop-by-hop encrypted communication via the relay device 4.

<< Second Embodiment >>
Next, a second embodiment of the present invention will be described with reference to FIG. 8 (see FIGS. 1 to 7 as appropriate). FIG. 8 is a diagram illustrating a configuration example of a communication system according to the second embodiment. In the communication system of the second embodiment, the SIP server 3A relays a relay device 4 that relays between the originating terminal 1A and the terminating terminal 1B from a plurality of relay devices 4 (4A, 4B, 4C) in the IP network. It is characterized by selecting. Note that the same components as those in the first embodiment described above are denoted by the same reference numerals, and description thereof is omitted.

  Here, as shown in FIG. 8, the relay device 4 (4A, 4B, 4C) is installed in the IP network of the communication system. The SIP server 3A then relays the packet from the originating terminal 1A for each SIP-URI domain name (information after “@”) of the originating terminal 1A (4A, 4B, 4C). Relay device address information 331A indicating the address (control destination). When the SIP server 3A receives the INVITE request packet from the calling terminal 1A, the relay device control unit 321 (see FIG. 2A) uses the SIP-URI domain name and the relay device address of the calling terminal 1A. With reference to the information 331A, the relay device 4 that relays the encrypted packet from the originating terminal 1A is selected. For example, when the SIP-URI domain name of the calling terminal 1A is “aaa.co.jp”, the relay device 4 (for example, the relay device 4A) with the IP address “192.168.1.100” is selected. select.

  The relay device address information 331A is also rewritable by an operator or the like via the input / output unit 31 (see FIG. 2A). In this way, the operator can set the relay device 4 that relays the encrypted packet from the calling terminal 1A for each domain of the address of the calling terminal 1A.

  The operation procedure of the communication system according to the second embodiment will be described with reference to FIG. FIG. 9 is a diagram showing an operation procedure of the communication system of FIG.

  First, the originating terminal 1A transmits an INVITE request packet indicating the start of session control, similarly to S81 of FIG. 7 described above (S11). When the session control processing unit 320 of the SIP server 3A receives this INVITE request packet and confirms that the flag indicating the secure communication request is attached to this packet, the originating terminal included in this INVITE request packet The relay device 4 is determined (selected) from the SIP-URI of 1A (S12). That is, the session control processing unit 320 searches for the IP address of the relay device 4 from the relay device address information 331A using the SIP-URI of the calling terminal 1A as a key, and uses the relay device 4 of the searched IP address as the calling terminal. It is selected as a relay device 4 that relays between 1A and the called terminal 1B.

  Then, the session control processing unit 320 rewrites the IP address of the calling terminal 1A included in this packet with the IP address of the relay device 4 selected in S12, and transmits it to the called terminal 1B (S13). Subsequent S14 and S15 are the same as S83 and S84 in FIG. Then, the relay device control unit 321 of the SIP server 3A transmits a relay device control request (relay device control packet) to the relay device 4 selected in S12 (S16). The subsequent processing up to S25 is the same as S85 to S94 in FIG.

  In this way, when the SIP server 3A selects the relay device 4 that relays the encrypted packet from the plurality of relay devices 4, the SIP server 3A selects the relay device 4 based on the SIP-URI domain of the originating terminal 1A. can do. For example, if the relay device 4 in the network having the same domain as the originating terminal 1A is set in the relay device address information 331A, the relay device in the network having the same domain as the originating terminal 1A is set in the SIP server 3A. 4 will be selected. Accordingly, the SIP server 3A can also relay the encrypted packet to the relay device 4 located relatively close to the originating terminal 1A.

  In the present embodiment, the SIP server 3A selects the relay device 4 based on the SIP-URI domain of the calling terminal 1A, but also includes the SIP-URI domain of the called terminal 1B. Alternatively, the relay device 4 may be selected. In this way, for example, if the relay device 4 in the network having the same domain as the called terminal 1B is set in the relay device address information 331A, the same domain as the called terminal 1B is set in the SIP server 3A. The relay device 4 in the network having is selected. Therefore, the SIP server 3A can also relay the encrypted packet to the relay device 4 located relatively close to the destination terminal 1B. Note that the relay device 4 may be selected based not only on the domain part of the SIP-URI but also on the entire SIP-URI (the entire address including the account name).

<< Third Embodiment >>
Next, a third embodiment of the present invention will be described with reference to FIG. 10 (see FIGS. 1 to 7 as appropriate). FIG. 10 is a diagram illustrating a configuration example of a communication system according to the third embodiment. The communication system according to the third embodiment is characterized in that when the SIP server 3B selects the relay device 4, the selection is made based on the IP address of the calling terminal 1A. The same components as those in the first embodiment and the second embodiment described above are denoted by the same reference numerals, and description thereof is omitted.

  As shown in FIG. 10, for each terminal address (network address of the originating terminal 1A), the SIP server 3B addresses the relay device 4 (4A, 4B, 4C) that relays the packet from the originating terminal 1A ( Relay device address information 331B indicating the control destination). When the SIP server 3B receives the SIP INVITE request packet from the calling terminal 1A, the SIP server 3B refers to the relay device address information 331B and the IP address of the calling terminal 1A, and encrypts it from the calling terminal 1A. The relay device 4 that relays the packet is selected. For example, if the IP address of the calling terminal 1A is “192.168.1.0”, the network address is “192.168.1.0/24”, and therefore the IP address is “192.168.1. 100 ”(for example, the relay device 4A) is selected.

  The relay device address information 331B is also rewritable by an operator or the like via the input / output unit 31 (see FIG. 2A). In this way, the operator can set the relay device 4 that relays the encrypted packet from the calling terminal 1A for each IP address of the calling terminal 1A.

  Since the operation procedures of the calling terminal 1A, the called terminal 1B, and the relay device 4 after the SIP server 3B selects the relay device 4 are the same as those in the second embodiment, the description thereof is omitted.

  Even in this way, the SIP server 3B can select the relay device 4 close to the network of the calling terminal 1A. For example, the relay device 4 in the same network as the originating terminal 1A can be selected.

  Note that the SIP server 3B may also determine the relay device 4 based on the IP address of the destination terminal 1B, as in the second embodiment. In this way, the SIP server 3B can select the relay device 4 that is close to the network of the called terminal 1B.

<< Fourth Embodiment >>
Next, a fourth embodiment of the present invention will be described with reference to FIG. 11 (see FIGS. 1 to 7 as appropriate). FIG. 11 is a diagram illustrating a configuration example of a communication system according to the fourth embodiment. The communication system of the fourth embodiment includes a load monitoring server 5 that monitors the load status of the relay device 4 (4A, 4B, 4C) in the IP network. Then, the SIP server 3C acquires the load status of each relay device 4 in the IP network from the load monitoring server 5, and based on the acquired load status of the relay device 4, the originating terminal 1A and the destination terminal The relay apparatus 4 that performs relay with 1B is selected. The same components as those in the first embodiment, the second embodiment, and the third embodiment described above are denoted by the same reference numerals, and description thereof is omitted.

  As shown in FIG. 11, in the communication system according to the fourth embodiment, the load monitoring server 5 transmits a relay device load monitoring packet, and the current load of the relay device 4 (4A, 4B, 4C) in the IP network. Monitor the situation. Then, the SIP server 3C transmits a load status acquisition packet of the relay apparatus 4 (4A, 4B, 4C) in the IP network from the load monitoring server 5, and the relay apparatus 4 (4A, 4B, 4C) is acquired.

  As shown in FIG. 2A, the communication processing unit 32 of the SIP server 3C transmits a relay device load monitoring packet, and the current load of the relay device 4 (4A, 4B, 4C) in the IP network. A load status acquisition unit 322 that acquires the status is included. The storage unit 33 of the SIP server 3C includes load status information 333 that is the acquired load status of each relay device 4.

  FIG. 12 is a diagram showing an operation procedure of the communication system of FIG.

  As shown in FIG. 12, the load monitoring server 5 always acquires the load status of the relay device 4 (4A, 4B, 4C) (S51).

  When the SIP server 3C receives the INVITE request packet from the originating terminal 1A (S52), the load status acquisition unit 322 (FIG. 2A) transmits a load status acquisition request to the load monitoring server 5. Then (S53), the load status acquisition response of the relay device 4 (4A, 4B, 4C) is received (S54). Then, the load status acquisition unit 322 records the received load status as the load status information 333 in the storage unit 33. Then, the relay device control unit 321 selects, for example, the relay device 4 with the smallest processing load based on the load status information 333 recorded in the storage unit 33. That is, the relay device control unit 321 determines an optimal relay device 4 in consideration of the load status of each relay device 4 (S55). The subsequent processing up to S68 is the same as S13 to S25 in FIG.

  By doing in this way, since the SIP server 3C selects the relay device 4 with the smallest processing load, the processing load of each relay device 4 in the IP network can be distributed. In addition, in the end-to-end encrypted communication between the calling terminal 1A and the called terminal 1B, the relay device 4 having the smallest processing load can be selected, so that a reduction in communication speed due to the encrypted communication can be prevented. Can do.

  In each of the above-described embodiments, the IKE is executed between the calling terminal 1A and the called terminal 1B and the relay device 4 to establish the IPsec SA. However, the present invention is not limited to this. For example, the SIP server 3 (3A, 3B, 3C) generates an encryption key and distributes the generated encryption key to the originating terminal 1A and the terminating terminal 1B using a session control packet. Good. That is, the originating terminal 1A and the terminating terminal 1B may establish IPsec SA with the relay device 4 using the encryption key distributed by the session control packet from the SIP server 3. In this way, the originating terminal 1A and the terminating terminal 1B can establish IPsec SA with the relay device 4 without exchanging keys with the relay device 4 by IKE.

  Further, the generation of the encryption key may be performed on the originating terminal 1A and the terminating terminal 1B side. In this case, when the INVITE request packet is transmitted to the SIP server 3, the encryption key generated by the calling terminal 1A is transmitted together. In addition, the receiving terminal 1B generates an encryption key when receiving the INVITE request packet from the SIP server 3, includes the generated encryption key in the response (200 OK packet) of the INVITE request packet, and transmits it to the SIP server 3. To do. Then, the SIP server 3 includes the encryption key transmitted from the originating terminal 1A and the terminating terminal 1B in the relay device control packet and transmits it to the relay device 4. Then, the originating terminal 1A and the terminating terminal 1B establish IPsec SA with the relay device 4 using the encryption key notified to the relay device 4 via the SIP server 3. Even in this way, the calling terminal 1A and the called terminal 1B can establish IPsec SA with the relay device 4 without exchanging keys with the relay device 4 by IKE.

  The SIP server 3, the relay device 4, the originating terminal 1A, and the terminating terminal 1B according to the present embodiment can be realized by a program that executes the processing as described above, and the program can be read by a computer. It can be provided by being stored in a medium (CD-ROM or the like). It is also possible to provide the program through a network such as the Internet.

  In each of the above-described embodiments, the case where a session control request is transmitted from the calling terminal 1A to the SIP server 3 to the called terminal 1B has been described as an example. However, a session is transmitted from the called terminal 1B to the calling terminal 1A. The same applies when transmitting a control request.

  Further, when establishing an IPsec SA between the originating terminal 1A and the relay device 4 and between the relay device 4 and the terminating terminal 1B, the relay device 4 side may be an initiator (IPsecSA negotiation start side device). The side terminal 1A or the destination terminal 1B may be the initiator. Furthermore, an input device such as a keyboard and a mouse, and a display device such as a liquid crystal display may be connected to the calling terminal 1A, the called terminal 1B, the relay device 4, and the SIP server 3. Others can be changed without departing from the gist of the present invention.

It is a figure which shows the structural example of the communication system of the 1st Embodiment of this invention. (A) is a figure which shows the structure of the SIP server in each embodiment, (b) is a figure which shows the structure of the origination terminal and destination terminal of each embodiment. It is a figure which shows the structure of the relay apparatus in each embodiment. It is a figure which shows the example of the communication session information in each embodiment. It is a figure which shows the example of SAD in each embodiment. It is a figure which shows the example of SPD in each embodiment. It is a figure which shows the operation | movement procedure of the communication system of FIG. It is a figure which shows the structural example of the communication system of 2nd Embodiment. It is a figure which shows the operation | movement procedure of the communication system of FIG. It is a figure which shows the structural example of the communication system of 3rd Embodiment. It is a figure which shows the structural example of the communication system of 4th Embodiment. It is a figure which shows the operation | movement procedure of the communication system of FIG.

Explanation of symbols

1A Originating terminal (first terminal)
1B called terminal (second terminal)
3 (3A, 3B, 3C) SIP server (session control server)
4 (4A, 4B, 4C) Relay device 5 Load monitoring server 11, 31, 41 Input / output unit 12, 32, 42 Communication processing unit 13, 33, 43 Storage unit 120, 320 Session control processing unit 121, 421 SA processing unit 122, 422 Policy management unit 123, 423 Encryption unit 124, 424 Decryption unit 131, 431 Session control information 132, 432 SAD
133,433 SPD
321 Relay device control unit 322 Load status acquisition unit 331 (331A, 311B) Relay device address information 332 Session control information 333 Load status information 420 Communication session information processing unit 425 IP address conversion unit 426 Security processing unit

Claims (10)

A session control server that performs session control between the first terminal and a second terminal that communicates with the first terminal, and encryption that is transmitted and received between the first terminal and the second terminal In a communication system including a relay device that transfers a packet, the encrypted packet transfer method in which the relay device decrypts the encrypted packet received from the first terminal and transfers the packet to the second terminal,
The relay device is
A relay device including, from the session control server, addresses of the first terminal and the second terminal, and call identification information that is signaling session identification information between the first terminal and the second terminal Receive control information,
Information regarding SA (Security Association) including the call identification information is exchanged between the first terminal and the second terminal by IKE (Internet Key Exchange) to establish IPsec SA, and the SA Information on the storage unit,
Using the received relay device control information and information on SA stored in the storage unit, for each call identification information, the first terminal and the second terminal corresponding to the call identification information Creating communication session information indicating an address and an SPI value (Security Parameters Index) regarding the SA between each of the first terminal and the second terminal, and storing the communication session information in the storage unit;
When receiving an encrypted packet from the first terminal,
Using the SPI value included in the received encrypted packet as a key, the storage unit is searched for information regarding the SA with the first terminal, and the encrypted packet is stored using the information regarding the searched SA. Decrypt,
Performing a security check on the decrypted packet;
Using the combination of the address of the first terminal and the SPI value included in the packet for which the security check has been performed as a key, the destination of the encrypted packet from the first terminal is determined from the communication session information. Retrieve the SPI value for the SA between the address of the second terminal and the second terminal;
Rewriting the destination address of the decrypted packet to the address of the retrieved second terminal;
Using the searched SPI value as a key, the storage unit is searched for information related to the SA with the second terminal,
Using the retrieved SA information, the decrypted packet is encrypted,
An encrypted packet transfer method, wherein the encrypted packet is transmitted to the second terminal. When the session control server receives session control information including a communication request for the encrypted packet from the first terminal,
The source address in the received session control information is converted into the address of the relay device that transfers the encrypted packet, and transmitted to the second terminal,
When the response of the received session control information is received from the second terminal,
The source address in the response of the received session control information is converted into the address of the relay device that transfers the encrypted packet, and transmitted to the first terminal,
Each of the first terminal and the second terminal exchanges information about the SA with the relay device at the address indicated in the response to the session control information or the session control information by the IKE, The encrypted packet transfer method according to claim 1, wherein IPsec SA is established. The communication system includes a plurality of the relay devices,
The session control server stores, for each domain of the address of the first terminal, relay apparatus address information indicating an address of a relay apparatus that transfers the encrypted packet transmitted from the first terminal having the domain. Remember in the department,
When the session control server receives session control information from the first terminal, it is indicated in the relay device address information using the domain name of the address of the first terminal included in the received session control information as a key. Selecting the relay device that transfers the encrypted packet transmitted from the first terminal,
3. The encrypted packet transfer method according to claim 2, wherein the relay device control information is transmitted to the selected relay device. The relay apparatus address information is information indicating an address of a relay apparatus that transfers an encrypted packet transmitted from the first terminal having the IP address for each IP (Internet Protocol) address of the first terminal. And
When the session control server receives the session control information from the first terminal, the relay indicated by the relay device address information using the IP address of the first terminal that is the transmission source of the session control information as a key 4. The encrypted packet transfer method according to claim 3, wherein a relay device that transfers an encrypted packet transmitted from the first terminal is selected from an apparatus. The communication system includes a plurality of relay devices and a load monitoring server that monitors a processing load status of each of the plurality of relay devices.
When the session control server receives session control information including a communication request for the encrypted packet from the first terminal and the second terminal,
Receiving the processing load information of each of the plurality of relay devices from the load monitoring server;
3. The encrypted packet according to claim 2, wherein the relay device having the smallest processing load in the received processing load information is selected as a relay device for transferring the encrypted packet transmitted from the first terminal. Transfer method. The session control server distributes encryption keys used for transmission / reception of encrypted packets in the first terminal and the second terminal to the first terminal and the second terminal,
The first terminal and the second terminal establish an IPsec SA with the relay apparatus indicated by the session control information using the distributed encryption key. 6. The encrypted packet transfer method according to any one of items 5. The relay device accepts an instruction input as to whether to execute the security check from an external device,
The encrypted packet transfer method according to claim 1, wherein the security check is executed when an instruction input for executing the security check is received. A session control server that performs session control between the first terminal and a second terminal that communicates with the first terminal, and encryption that is transmitted and received between the first terminal and the second terminal In a communication system including a relay device for transferring a packet, the relay device decrypts the encrypted packet received from the first terminal by the relay device and transfers the packet to the second terminal,
A relay device including, from the session control server, addresses of the first terminal and the second terminal, and call identification information that is signaling session identification information between the first terminal and the second terminal An input / output unit for receiving control information;
Information regarding SA (Security Association) including the call identification information is exchanged between the first terminal and the second terminal by IKE (Internet Key Exchange) to establish IPsec SA, and the SA An SA processing unit for storing information on the storage unit;
Using the received relay device control information and information on SA stored in the storage unit, for each call identification information, the first terminal and the second terminal corresponding to the call identification information Communication session information processing that creates communication session information in which an address is associated with an SPI value (Security Parameters Index) related to SA between each of the first terminal and the second terminal, and stores the communication session information in the storage unit And
A policy management unit that searches the storage unit for information related to the SA with the first terminal using an SPI value included in the encrypted packet received from the first terminal as a key;
A decryption unit that decrypts the encrypted packet using the information about the retrieved SA;
A security check unit that performs a security check on the decrypted packet;
Using the combination of the address of the first terminal and the SPI value included in the packet on which the security check has been executed as a key, the communication session information is used as the destination of the encrypted packet from the first terminal. An IP address conversion unit that searches for an SPI value related to the SA between the terminal of the second terminal and the second terminal, and rewrites the destination address of the decoded packet with the address of the second terminal searched for;
Using the retrieved SPI value as a key, the policy management unit encrypts the packet that has been subjected to the security check using information about the SA with the second terminal retrieved from the storage unit, and A relay apparatus comprising: an encryption unit that transmits an encrypted packet to the second terminal.   A program for causing a computer to function as the relay device according to claim 8.   A session control server that performs session control between the relay device according to claim 8, the first terminal, and the second terminal, and that transmits the session control information to the relay device; and the session control server A communication system comprising the first terminal and the second terminal, each having a session control protocol and an IKE protocol for performing IKE with the relay device.

Images