JP2009015616A - Server device, communication system, and communication terminal - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a server device for saving power of a server device and improving security. <P>SOLUTION: When a communication terminal (4) transmits link establishment request information to an image transmission server (1) by using electronic mail (step S1), the image transmission server (1) confirms the validity of a sender address (step S2), and turns on the power of a radio LAN (11) (step S3). Also, the image transmission server (1) generates address information necessary for the communication terminal (4) connected through the Internet to the image transmission server (1) to receive image data in an URL format (step S7), and transmits the generated URL included in electronic mail to the communication terminal (4) (step 8). <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a server device, and more particularly, to a server device, a communication system, and a communication terminal that achieve power saving and further improve security.

Opportunities to access a server device (image transmission server) connected to the Internet using a communication terminal such as a mobile phone are increasing.
In particular, a surveillance system that can know the situation inside and outside the facility in real time by installing a surveillance camera for crime prevention of the facility and transmitting an image captured by the surveillance camera to a communication terminal using an image transmission server ( An image transmission system) is generally known.

FIG. 5 shows a schematic diagram of the monitoring system.
Reference numeral 101 denotes an image transmission server provided with a monitoring camera (not shown). The image transmission server 101 transmits an image captured by the monitoring camera as image data to the communication terminal 104 via the gateway X102, the Internet I, and the like.

  In the image transmission server 101, PRV1 (for example, 192.168.0.5) is set as a private address (private IP address), and PRT1 (for example, 554) is set as a standby port number. The private address PRV1 is an address provided by a DHCP (Dynamic Host Configuration Protocol) function from the gateway X102 described later when the image transmission server (wireless LAN device) is activated.

  The gateway X102 provides a function for connecting the image transmission server 101 to the Internet I. Further, GLB1 is set as a global address (global IP address) in the gateway X102. Assume that the image transmission server 101 and the gateway X102 are connected by a wireless LAN.

  Reference numeral 103 denotes an AP (Access Point) that is a connection destination when the communication terminal 104 connects to the Internet I.

  The communication terminal 104 has a browser function that allows viewing of images transmitted from the image transmission server 101. The communication terminal 104 is connected to the Internet via the AP 103 via a wireless LAN. It is assumed that the terminal 104 has a global address GLB2.

Here, a connection method between the image transmission server 101 and the communication terminal 104 in the monitoring system will be described.
In the monitoring system, image data and the like are transmitted / received using IP packets (hereinafter referred to as packets). In order to enable packet transmission / reception, the source IP address area and the destination IP address area of the packet are used. It is necessary to set the source IP address and the destination IP address.

  However, when the packet is transmitted / received on the Internet, a private address cannot be set in the address area. This is because the private address is an address that can be used only in a closed network, that is, in a LAN.

  Therefore, in order to transmit / receive the packet between the image transmission server 101 / communication terminal 104 in which the private address is set, the private address and the global address are referred to by referring to the destination port number and the source port number set in the packet. By using a connection method using IP masquerade that mutually converts addresses, packets can be transmitted and received between the image transmission server 101 and the communication terminal 104 in which private addresses are set.

  The connection method (function) by this IP masquerade is executed on the gateway X102. For example, a packet addressed to the port number PRT1 addressed to the global address GLB1 of the gateway X102 is changed to the port number PRT1 addressed to the private address PRV1 and transferred to the image transmission server 101. As a result, the communication terminal 104 can access the image transmission server 101 as a result by accessing GLB1: PRT1.

  However, in the case of the connection method using the IP masquerade, anyone who has acquired the information for connecting to the image transmission server 101, that is, the global address GLB1 and the port number PRT1 of the gateway X102 is another Web server. In the same manner as in the case of connecting to the image transmission server 101, it is possible to connect to the image transmission server 101 and receive image data transmitted by the server 101.

Moreover, since the encryption process is not performed with respect to the packet transmitted / received on the internet, there exists a concern that the said packet is wiretapped.
In particular, if a video captured by a surveillance camera provided in the home is wiretapped, personal privacy information is dropped by a third party, so it is not preferable to employ the connection method as it is.

Therefore, a VPN connection method using the IPSec tunneling mode has been proposed.
Here, a VPN connection method will be described by taking as an example a case where a packet is transmitted from the image transmission server 101 to the communication terminal 104.
First, prior to the transmission of the packet, a VPN connection is established between the gateway X102 and the communication terminal 104.

  Then, as shown in FIG. 6A, the image transmission server 101 uses the private address PRV1 that is the address of the server 101 as the inner transmission source IP address, and GLB2 that is the address of the communication terminal 104 that is the transmission destination as the inner destination. A packet having an IP address is transmitted to the gateway X102.

When the gateway X102 receives the packet, the gateway X102 encrypts the packet by the VPN connection method described above.
Furthermore, the global address GLB1 of the gateway X102 is set as the outer source IP address, and the global address GLB2 of the communication terminal 104 is set as the outer destination IP address, and these IP addresses are encapsulated.
Then, the gateway X102, as shown in FIG. 6 (B), the encapsulated address, a security header including information that the received packet is encrypted and the encryption of the packet, and the encryption And the combined packet is transmitted to the Internet I.
Note that the payload in the figure is transmission data.

  As described above, since the source private address is encrypted (tunneled), a router on the Internet or the like does not refer to the private address. Further, since the private address and the transmission data are encrypted, and the decryption processing of the encrypted transmission data is executed by the VPN software in the communication terminal 104, it is possible to prevent data eavesdropping by a third party.

Next, power saving of the image transmission server 101 and the communication terminal 104 constituting such a monitoring system will be described.
Various power saving technologies for the communication terminal 104 constituting the monitoring system have been proposed, but little consideration has been given to the power saving technology for the image transmission server 101.

However, when a monitoring system is configured from a large number of image transmission servers 101, it becomes necessary to save power in the image transmission server 101.
Furthermore, as described above, when image data is transmitted via a wireless LAN, the amount of power consumed in the transmission waiting state until the image data transmission request is received from the communication terminal 104 is much smaller than that of the wired LAN. Therefore, it is desirable to save power. This is especially true when the image transmission server 101 is battery operated.

As a power saving method for a communication device, for example, there is a method disclosed in Patent Document 1.
The power saving method disclosed in Patent Document 1 is provided with a first communication device that consumes a large amount of power but capable of high-speed transmission, and a second communication device that is low-speed transmission but has low power consumption. In the state, the first communication device with high power consumption is turned off and communication is performed using the second communication device with low power consumption. For example, when transmitting / receiving image data or the like that requires high-speed transmission Turns on the power of the first communication device and executes data transmission / reception using the first communication device.
JP 2005-80199 A

When the power saving method disclosed in Patent Document 1 is applied to the system shown in FIG. 5, the result is as shown in FIG.
As shown in the figure, in addition to the wireless LAN device (first communication device) in the image transmission server 101 and the communication terminal 104, a mobile phone (second communication device) such as 3G (3rd Generation), etc. Cellular cellular phones 101a and 104a are provided for dual communication. Reference numerals 105a and 105b are base stations, and P is a public line network such as a mobile phone network.

  Here, a part of processing executed until the image transmission server 101 transmits image data using a wireless LAN device and the communication terminal 104 receives the image data will be described. Here, as described above, since the wireless LAN device of the image transmission server 101 is turned off in the standby state, when transmitting image data, the wireless LAN device is turned on and the image transmission server 101 / It is necessary to connect the gateways X102 and establish a data transfer path via the Internet I.

  In the standby state, as indicated by the symbol Req, the mobile phone 104a of the communication terminal 104 sends a request for establishing the data transfer path (link establishment request) to the image transmission server 101 (mobile phone) via the public network P. When the image transmission server 101 receives the link establishment request, the wireless LAN device of the server 101 is powered on.

  The private address acquired from the gateway X102 when the power of the wireless LAN device is turned on is normally provided randomly by DHCP, and is not always the same address. Therefore, the communication terminal 104 cannot access the image transmission server 101 via the Internet I (wireless LAN device) using the VPN connection method without notification of the private address of the image transmission server 101.

  In other words, for example, when a packet including image data transmission request information is transmitted from the communication terminal 104 to the image transmission server 101 using the VPN connection method, the image transmission server is set in the destination IP address area of the transmission packet. The private address acquired by 101 (PRV1 in FIG. 5) must be set. However, if there is no notification of the private address, the address cannot be set, and the communication terminal 104 transmits the packet to the image transmission server 101. Can not do it.

  Further, in the monitoring system, a mobile phone is generally used as a communication terminal. However, in the current mobile phone, the protocol stack does not support the VPN connection method. It is impossible to realize data transmission / reception between the image transmission server and the mobile phone using the.

  In consideration of the above-described security problem, it is not preferable to use the IP masquerade connection method as it is. Furthermore, although the IP masquerading is set in the gateway X102, and the communication terminal 104 needs to know the port number disclosed on the gateway X102, there is no means to know it.

  The present invention has been made in view of such a situation, and an object of the present invention is to provide a server device that saves power and further improves security.

  The first technical means is a server device including a first communication device connected to the Internet and a second communication device connected to at least a mobile phone network, wherein the second communication device is connected to a communication terminal. When the operation instruction signal is received, the first communication device is turned on, and the address information of the server device acquired as the power is turned on is transmitted to the communication terminal that has transmitted the operation instruction signal. Server device.

  The second technical means is the server device of the first technical means, wherein the communication terminal that has transmitted the operation instruction signal is determined to be a communication terminal that is permitted to receive data, and is determined to be a permitted terminal. In this case, the address information is transmitted to the communication terminal that has transmitted the operation instruction signal.

  The third technical means is the server device of the first or second technical means, wherein the address information includes URL information.

  A fourth technical means is the server device of any one of the first to third technical means, wherein the address information is encrypted and transmitted.

  A fifth technical means is the server device of any one of the first to fourth technical means, wherein the address information is transmitted by electronic mail.

  A sixth technical means is a communication system including a server device and a communication terminal, and the server device includes a first communication device connected to the Internet and at least a second communication device connected to a mobile phone network. The communication terminal includes a communication device that communicates with the server device, an operation instruction signal generation unit that generates an operation instruction signal and transmits the generated operation instruction signal to the server device via the communication device, When the server apparatus receives the operation instruction signal from the communication terminal, the server apparatus turns on the power of the first communication apparatus, and transmits the operation instruction signal with the address information of the server apparatus acquired when the power is turned on. The communication terminal transmits to a communication terminal, and the communication terminal accesses a server device based on the address information.

  The seventh technical means is a communication system according to the sixth technical means, wherein the first communication device of the server device is connected to the Internet via a router device.

  The eighth technical means is the communication system according to the sixth or seventh technical means, wherein the server device determines whether the communication terminal that has transmitted the operation instruction signal is a communication terminal that is permitted to receive data, and permits If it is determined that the terminal is an addressed terminal, the address information is transmitted to the communication terminal that has transmitted the operation instruction signal.

  A ninth technical means is the communication system according to any one of the sixth to eighth technical means, wherein the address information includes URL information.

  A tenth technical means is a communication system according to any one of the sixth to ninth technical means, wherein the address information is encrypted and transmitted.

  An eleventh technical means is a communication terminal in the communication system of any one of the sixth to tenth technical means, generates an operation instruction signal, and sends the generated operation instruction signal to the server device via the communication device. An operation instruction signal generator for transmitting to the server apparatus, receiving address information of the server apparatus transmitted by the server apparatus that has received the operation instruction signal, and accessing the server apparatus based on the address information. Communication terminal.

  The twelfth technical means is the communication terminal of the eleventh technical means, which receives the encrypted address information of the server apparatus transmitted by the server apparatus that has received the operation instruction signal, and is encrypted. The address information is decrypted, and the server device is accessed based on the decrypted address information.

  According to the present invention, power saving of a server device can be achieved. Further, wiretapping of data transmitted by the server device by a third party can be prevented.

(First embodiment)
FIG. 1 is a block diagram of a communication system, for example, an image transmission system.
1 is a server apparatus having a two-system communication function, that is, a wireless LAN function for connecting to the Internet I, and a cellular communication function such as 3G for connecting to a communication terminal having a mobile phone function, for example, an image transmission server It is.
Reference numeral 11 denotes a wireless LAN (first communication device) that performs wireless communication with the gateway X2. As will be described later, the wireless LAN is turned off in the standby state.
Reference numeral 12 denotes a 3G communication unit (second communication device) that performs cellular communication with the base station 5a. Reference numeral 12a denotes an antenna that transmits radio waves to the base station 5a.

A monitoring camera 13 performs predetermined processing on the captured image and outputs it to the image transmission application 14 as image data. The monitoring camera 13 may be externally attached without being integrated with the image transmission server 1.
The image transmission application 14 is an application that transmits the image data output from the monitoring camera 13 to the communication terminal 4 using the wireless LAN 11.

  Reference numeral 15 denotes a mail application that performs e-mail transmission / reception processing using the 3G communication unit 12. The mail application 15 transmits an operation instruction signal, that is, link establishment request information (a request to connect the image transmission server 1 / gateway X2 between the image transmission server 1 and the gateway X2 via the wireless LAN 11), Address (URL) transmission request) is received, and the received link establishment request information is output to the communication control unit 16.

  Here, the communication control unit 16 of the image transmission server 1 acquires the source address information of the email from the header information of the email. Then, the address information of the e-mail is compared with the address information of the e-mail registered in advance in the memory 17 of the image transmission server 1, and whether the e-mail transmission source address is registered in the image transmission server 1. Check.

  If registered, the communication control unit 16 causes the communication terminal 4 to connect to the image transmission server 1 via the Internet I, which will be described later (URL information of the image transmission server 1). Is transmitted to the transmission source address as an electronic mail.

That is, it is determined whether the communication terminal that has transmitted the e-mail is a communication terminal that is permitted to receive data. If it is determined that the communication terminal is permitted, URL information is sent to the communication terminal that has transmitted the e-mail. Send.
If it is not registered, error information indicating that the image data cannot be transmitted is transmitted to the transmission source address.

  When the communication control unit 16 determines that the communication terminal that has transmitted the e-mail is the communication terminal 4 that is permitted to receive data, the communication control unit 16 executes a process of turning on the power of the wireless LAN 11.

  When the wireless LAN 11 is turned on, the communication control unit 16 or the wireless LAN 11 generates a private address or a privacy extension address in IPv6 required for the image transmission server 1 to connect to the Internet I with respect to the gateway X2. Request to transmit information (address allocation request).

In response to the request, the private address transmitted by the gateway X2 is received and stored in the memory 17. In the figure, the private address PRV1 is stored.
Next, the wireless LAN 11 is connected to the Internet I via the gateway X2 at the address.

The communication control unit 16 includes a URL generation unit 16a.
The URL generation unit 16a generates, in the URL format, address information necessary for the communication terminal 4 to connect to the image transmission server 1 via the Internet I and receive image data. The URL to be generated is, for example, RTSP (Real Time Streaming Protocol) for controlling a process for transmitting image data to the communication terminal 4, address information “PRV1: PRT1”, and a directory for image data acquisition control “hogehofoo”. Rtsp: // PRV1: PRT1 / hogehogefoo. The directory is also used for password purposes.

  Here, the PRV1 will be described. In the case of IPv4, since this PRV1 is a private address, as described above, it becomes an address that cannot be routed on the Internet. Therefore, the URL generation unit 16a executes URL conversion.

The URL conversion will be described. First, the URL generation unit 16a makes an IP masquerade setting request to the gateway X2 using UPnP (Universal Plug and Play, registered trademark of Microsoft Corporation), NAT-Traversal, or the like.
Upon receiving the setting request, the gateway X2 performs a setting (transfer setting) for converting the destination address to PRV1: PRT1 when receiving a packet whose destination address is GLB1: PRT1.

The URL generation unit 16a of the image transmission server 1 uses the URL (rtsp: // PRV1) including the private address based on the destination address (GLB1: PRT1) acquired from the gateway X2 using UPnP / NAT-Traversal or the like. : PRT1 / hogehogefoo) is converted to a URL (rtsp: // GLB1: PRT1 / hogehogefoo) that does not include a private address.
Thereafter, as described later, when the communication terminal 4 notified of the URL accesses the URL via the gateway X2, the gateway X2 sends GLB1: PRT1 (destination address) to PRV1: PRT1 as described above. Convert. Therefore, the communication terminal 4 can access the image transmission server 1.

  In the case of IPv6, PRV1 is a global address created by a privacy extension. Therefore, URL conversion as in IPv4 is unnecessary, and the above-mentioned “rtsp: // PRV1: PRT1 / hogehogefoo” can be used as a URL as it is. However, if the gateway X2 has a firewall, the transfer is set to be permitted by UPnP, SSH (Secure Shell), or the like.

  Then, the generated URL is included in an e-mail reply mail transmitted by the communication terminal 4, and the reply mail is transmitted to the communication terminal 4 via the mail application 15. The communication terminal 4 that has received the reply mail can view the image transmitted by the image transmission server 1 by connecting to the URL in the reply mail.

Since the image data transmission directory is a randomly generated character string, a third party cannot easily know the image data access directory character string.
As a result, even if the address information (the portion corresponding to “GLB1: PRT1” or “PRV1: PRT1” in the URL) is acquired, a third party accesses the image transmission server 1 without permission to view the image data. Can not do it.

  In addition to the above, the address information may be a domain name regardless of the type as long as it can be connected to the image transmission server 1.

The memory 17 stores a global address GLB1 of the gateway X2, a private address PRV1 of the image transmission server 1, a port number PRT1 opened for RTSP, control information, and the like. The port number PRT1 is output to the gateway X2 as necessary.
The control unit 18 controls each functional block.

Note that the functions of the gateway X2 and the base stations 5a and 5b have the same functions as the gateway X102 and the base stations 105a and 105b described above, and thus description thereof is omitted.
The image transmission server 1, the gateway X2, and the communication terminal 4 are set with the same address / port number as the address / port number described with reference to FIG.

The communication terminal 4 has a cellular communication function such as 3G and a browser function that allows viewing of images transmitted by the image transmission server 1.
Reference numeral 41 denotes a communication device for communicating with the image transmission server 1, that is, a 3G communication unit that performs cellular communication with the base station 5b. 41a is an antenna that transmits radio waves to the base station 5b.
Reference numeral 42 denotes a browser application having a browser function capable of viewing image data transmitted by the image transmission server 1.

  Reference numeral 43 denotes a mail application that executes e-mail transmission / reception processing via the 3G communication unit 41. The mail application 43 transmits link establishment request information generated by an operation instruction signal generation unit 44a of the communication control unit 44 described later to the image transmission server 1 via an electronic mail.

Further, the electronic mail containing the URL of the image transmission source transmitted by the image transmission server 1 is received, and the URL is displayed on a display unit (not shown). The user clicks on the URL and accesses the directory of the image transmission server 1 specified by the URL via the 3G communication unit 41, so that the image data transmitted by the wireless LAN 11 of the image transmission server 1 is transmitted. It can be viewed using the browser application 42.
That is, the communication terminal 4 can access the image transmission server 1 based on the URL (address information).

  The communication control unit 44 controls various communication processes and includes an operation instruction signal creation unit 44a.

The operation instruction signal creation unit 44 a generates the above-described operation instruction signal, that is, link establishment request information (for example, REQ_LINK) for the image transmission server 1 and outputs it to the mail application 43.
As described above, when receiving the link establishment request information, the mail application 43 creates an electronic mail including the link establishment request information and transmits it to the image transmission server 1.

  The link establishment request information is transmitted using e-mail, but SIP (Session Initiation Protocol) / SMS (Short Message Service) / MMS (Multimedia Messaging Service) or the like can also be used.

  The control unit 46 controls each functional block.

  Next, a series of processing executed until the image transmission server 1 transmits data to the communication terminal 4 will be described using the flowchart of FIG.

  When the communication terminal 4 transmits the link establishment request information generated by the operation instruction signal generation unit 44a to the image transmission server 1 using electronic mail (step S1), the communication control unit 16 of the image transmission server 1 Thus, the validity of the source address is confirmed by comparing the source address information of the electronic mail and the address information stored in the memory 17 of the image transmission server 1 (step S2). If the validity is confirmed, a process of turning on the power of the wireless LAN 11 is executed (step S3). If the validity cannot be confirmed, error information is returned as described above.

  Along with power-on of the wireless LAN 11 (step S3), the communication control unit 16 is necessary to generate a private address or a privacy address necessary for the image transmission server 1 to connect to the Internet I with respect to the gateway X2. Request to transmit the necessary information (step S4).

  When the gateway X2 returns information (for example, RA, Router Advertisement) necessary for generating a private address or a privacy address to the image transmission server 1 in response to the request (step S5), the image transmission server 1 At this address, connection to the Internet I is established via the gateway X2, that is, a link is established (step S6). It should be noted that more detailed data communication may be required for address acquisition and generation, but a description thereof will be omitted.

  Next, the URL generation unit 16a of the image transmission server 1 connects the address information necessary for the communication terminal 4 to receive the image data by connecting to the image transmission server 1 via the Internet I or the like in the URL format. It is generated (step S7), and the generated URL is included in the electronic mail and transmitted to the communication terminal 4 (step S8). Note that the generation of this URL may require communication with the gateway X2, but the description thereof has been omitted since it has been described above.

  When the communication terminal 4 that has received the e-mail including the URL transmits an image data transmission request to the image transmission server 1, that is, connects to the URL (step S9), the image transmission server 1 transmits the image data. (Step S10). In this way, the communication terminal 4 can receive the image data transmitted by the image transmission server 1 via the 3G communication unit 41.

(Example 2)
Next, the image transmission server 1 that encrypts the generated URL and image data and transmits it to the communication terminal 4 and the communication terminal 4 that can receive and decrypt the encrypted URL and the image data transmitted by the server 1 will be described.

FIG. 3 is a block diagram of an image transmission system that can transmit encrypted data and decrypt the received encrypted data.
The image transmission server 1 ′ in FIG. 3 is obtained by providing the image transmission server 1 in FIG. 1 with an encryption unit 19 that encrypts transmission data.

The communication terminal 4 ′ in FIG. 3 is obtained by providing the communication terminal 4 in FIG. 1 with a wireless LAN 47 that performs wireless communication with the gateway Y3 and a decryption unit 48 that decrypts the received encrypted data. The wireless LAN 47 also functions as a communication device for communicating with the image transmission server 1.
Further, it is assumed that PRV2 is set as the private address and PRT2 is set as the port number in the communication terminal 4 ′.

  It is assumed that GLB2 is set as a global address in the gateway Y3.

  The encryption unit 19 of the image transmission server 1 ′ includes a URL generated by the URL generation unit 16a and a predetermined encryption method such as a secret key (common key) encryption method for image data transmitted by the image transmission application 14, and public disclosure. Performs encryption processing using the key encryption method. Since various key exchange methods have been proposed, description thereof is omitted here, and it is assumed that key exchange is performed between the image transmission server 1 and the communication terminal 4 '.

Further, in order to more effectively prevent a third party from eavesdropping on the URL, the URL generation unit 16a preferably makes the image data transmission directory randomly and long like “gjlasjgkajopwegtjoplsdlfjkalsjsdtuaopsjn”.
In this case, the URL is http: // GLB1: PRT3 / gjlasjgkajopwegtjoplsdlfjkalsjsdtuaopsjn. The protocol is not limited to the above-described RTSP and HTTP, and various protocols can be used.

The communication control unit 44 of the communication terminal 4 ′ turns on the wireless LAN 47 when the communication terminal 4 is turned on, and the private address required for the communication terminal 4 to connect to the Internet with respect to the gateway Y3. Ask to send etc.
In response to the request, the private address transmitted by the gateway Y3 is received and stored in the memory 45. In the figure, the private address PRV2 transmitted by the gateway Y3 is stored.

  The gateway Y3 has the same function as that of the gateway X2, and therefore the description thereof is omitted.

Next, a process in which the image transmission server 1 ′ transmits encrypted data to the communication terminal 4 ′ will be described using the flowchart of FIG.
After the link is established (steps S11 to S16), the encryption unit 19 encrypts the URL generated by the URL generation unit 16a of the image transmission server 1 ′ in step S17 (step S18), and the encrypted URL is sent to the e-mail. And transmitted to the communication terminal 4 ′ (step S19).

When the communication terminal 4 ′ receives the electronic mail containing the encrypted URL, the decryption unit 48 of the communication terminal 4 ′ decrypts the encrypted URL (step S20).
Next, when the communication terminal 4 ′ transmits an image data transmission request to the image transmission server 1 ′, that is, connects to the decrypted URL (step S21), the encryption unit 19 of the image transmission server 1 ′ Is encrypted (step S22) and transmitted to the communication terminal 4 ′ (step S23).

  When the communication terminal 4 'receives the encrypted image data via the 3G communication unit 41 or the wireless LAN 47, the decryption unit 48 of the communication terminal 4' decrypts the encrypted image data (step S24).

In this way, by encrypting the URL and the image data, it is possible to prevent eavesdropping of the image data transmitted by the image transmission server by a third party.
In addition, since the wireless LAN device operates only when a request is made from the communication terminal, the chance of unauthorized access by a third party can be reduced.

  In the description of the first embodiment and the second embodiment, the image transmission server 1 is connected to the Internet I through the gateway X2, but a router device is connected to the image transmission server 1 and the Internet is transmitted through the router device. I may be connected. In this case, when the image transmission server 1 receives the link establishment request information from the communication terminal 4, the server 1 confirms from the header information of the e-mail that the link establishment request is from a legitimate sender. Thereafter, the wireless LAN 11 is turned on, and data transfer settings for the image transmission server 1 are performed in the router device.

It is a block diagram of an image transmission system. It is a flowchart explaining a series of processes performed before an image transmission server transmits data to a communication terminal. It is a block diagram of the image transmission system which can transmit / receive encrypted data. It is a flowchart explaining a series of processes performed until an image transmission server transmits encryption data to a communication terminal. It is the schematic of a monitoring system. It is a figure for demonstrating the VPN connection method. This is a monitoring system having the power saving method disclosed in Patent Document 1.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Image transmission server, 2 ... Gateway X, 3 ... Gateway Y, 4 ... Communication terminal, 5a, 5b ... Base station, 11 ... Wireless LAN, 12 ... 3G communication part, 13 ... Surveillance camera, 14 ... Image transmission application, DESCRIPTION OF SYMBOLS 15 ... Mail application, 16 ... Communication control part, 16a ... URL generation part, 17 ... Memory, 18 ... Control part, 19 ... Encryption part, 41 ... 3G communication part, 42 ... Browser application, 43 ... Mail application, 44 ... Communication control unit 44a ... Operation instruction signal creation unit 45 ... Memory 46 ... Control unit 47 ... Wireless LAN 48 ... Decoding unit 101 ... Image transmission server 101a ... Cellular phone 102 ... Gateway X 103 ... AP, 104 ... communication terminal, 104a ... mobile phone, 105a, 105b ... base station, I ... Internet, P ... public line network.

Claims (12)

A server device comprising a first communication device connected to the Internet and a second communication device connected to at least a mobile phone network,
When the second communication device receives an operation instruction signal from a communication terminal, the first communication device is turned on, and the address information of the server device acquired when the power is turned on is used as the operation instruction signal. A server device, wherein the server device transmits the data to the transmitting communication terminal.   It is determined whether the communication terminal that has transmitted the operation instruction signal is a communication terminal that is permitted to receive data. When it is determined that the communication terminal is an authorized terminal, the address information is transmitted to the communication terminal that has transmitted the operation instruction signal. The server device according to claim 1, wherein the server device transmits the server device.   The server apparatus according to claim 1, wherein the address information includes URL information.   4. The server device according to claim 1, wherein the address information is encrypted and transmitted.   The server apparatus according to claim 1, wherein the address information is transmitted by electronic mail. A communication system comprising a server device and a communication terminal,
The server device includes a first communication device connected to the Internet and at least a second communication device connected to a mobile phone network,
The communication terminal includes a communication device that communicates with the server device, an operation instruction signal generation unit that generates an operation instruction signal and transmits the generated operation instruction signal to the server device via the communication device,
When the server device receives the operation instruction signal from the communication terminal, the server device turns on the power of the first communication device, and transmits the operation instruction signal with the address information of the server device acquired when the power is turned on. To the communication terminal
The communication terminal accesses a server device based on the address information.   The communication system according to claim 6, wherein the first communication device of the server device is connected to the Internet via a router device.   The server device determines whether the communication terminal that has transmitted the operation instruction signal is a communication terminal that is permitted to receive data, and if it is determined to be a permitted terminal, to the communication terminal that has transmitted the operation instruction signal, The communication system according to claim 6 or 7, wherein the address information is transmitted.   The communication system according to claim 6, wherein the address information includes URL information.   The communication system according to claim 6, wherein the address information is encrypted and transmitted. A communication terminal in the communication system according to any one of claims 6 to 10,
An operation instruction signal generating unit that generates an operation instruction signal and transmits the generated operation instruction signal to a server device via a communication device,
A communication terminal that receives address information of the server device transmitted by the server device that has received the operation instruction signal, and accesses the server device based on the address information. The communication terminal according to claim 11, wherein
The server device that has received the operation instruction signal receives the encrypted address information of the server device, decrypts the encrypted address information, and transmits the encrypted address information to the server device based on the decrypted address information. A communication terminal characterized by accessing.

Images