JP2009141387A - Communication equipment, communicating method, program and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide communication equipment for surely establishing secure communication and to provide a communicating method, a program and a recording medium. <P>SOLUTION: The communication equipment 10 comprises: a storing means 66 connected to a network 20 to store private setting information 200 defining contents of security communication setting between the same models; a determining means 74 for determining whether the same model of apparatus is connected; a setting means 16 for reading the stored private setting information and setting security communication setting with the other apparatus when it is determined to be the same model; and a communication control means 72 for controlling security communication with the other apparatus in accordance with contents of the security communication setting. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a network security technique, and more particularly, to a communication device, a communication method, a program, and a recording medium for securely establishing a secure communication.

  In recent years, information security problems such as unauthorized access to confidential information via networks, unauthorized copying and unauthorized leakage have become social problems, and improvement of network security has been demanded. Against this background, various techniques for realizing secure communication for protecting information resources that require high confidentiality have been proposed.

  Among these technologies, IPsec (Security Architecture for Internet Protocol) communication, which is a secure communication standard used in VPN (Virtual Private Network) and IPv6 (Internet Protocol Version 6), provides IP layer level access control and transmission. This is a security infrastructure technology that provides functions such as ensuring data integrity and confidentiality, and authentication of the data transmission source, and can suitably prevent data tampering, eavesdropping, and spoofing in the transmission path ( Non-patent document 1).

  IPsec has an advanced and powerful security function and makes it possible to establish secure communication. However, IPsec is a barrier to introduction because of the complexity and inconvenience of parameter setting, which increases the cost of introduction and operation. Development of a technology that enables secure communication settings within the network has been desired.

  In particular, in IP-FAX that implements a facsimile function in an IP network, data transfer is frequently performed between a plurality of facsimile communication apparatuses. However, IPsec communication is realized through communication paths between all communication apparatuses related to the communication. In order to do so, it is necessary to make IPsec settings for all the communication apparatuses involved, and a great deal of labor is required. Further, when the transfer route is changed, the user is required to change the IPsec setting according to the change, and is forced to perform a very complicated and difficult work. In addition, if the setting is incorrect, a serious failure may occur in the communication, especially if the IPsec communication is set remotely, and it may occur that the IPsec communication is canceled and re-set by visiting the site. .

In order to eliminate the complexity of the IPsec communication setting, for example, Japanese Patent Application Laid-Open No. 2007-135083 (Patent Document 1) is a device having a security communication function, and means for performing communication using a plurality of addresses. And at least one of the plurality of addresses is not subject to security communication, and at least one of the plurality of addresses is subject to security communication, and the address not subject to security communication is Disclosed is a device provided with means for notifying a request source of a setting state of security communication set in the own device when a request is received from outside via a network.
JP 2007-135083 A IETF RFC4301 Security Architecture for the Internet Protocol December 2005

  However, in the prior art disclosed in Patent Document 1, key information used in AH (Authentication Header) and ESP (Encapsulating Security Payload) and authentication information used in IKE (Internet Key Exchange) are not subject to security protection. Although not transmitted by other communications, other key information related to IPsec communication settings such as encryption method and authentication method is transmitted by communications other than those subject to security communication, which is sufficient from the viewpoint of security. It wasn't.

  The present invention has been made in view of the above problems, and relates to security-protected communication such as IPsec communication, and the security communication can be easily performed between similar models without transmitting main information regarding the setting of the communication. It is an object of the present invention to provide a communication device, a communication method, a program, and a recording medium that can perform the above-described setting and can establish a communication that is securely secured.

  In the present invention, in order to solve the above problems, dedicated setting information that defines the contents of security communication settings between similar models is stored, it is determined whether the communication partner is the similar model, and it is determined that the model is the similar model. In such a case, a configuration is adopted in which the dedicated setting information is read and the security communication setting with the communication partner is set. The communication apparatus controls security communication with the communication partner in accordance with the contents of the communication setting after the security communication setting with the communication partner determined to be the same model is made.

  With the above configuration, even if the security communication setting with the communication partner is not manually set in advance, the security communication setting with the communication partner of the same model is automatically set, requiring a complicated manual setting operation by the user Therefore, it is possible to easily establish security communication such as IPsec communication. Note that the dedicated setting information is stored in common in communication devices of the same model, and can be information for directly instructing the security communication setting with the communication partner or an algorithm for creating. The communication device and the communication partner obtain common setting contents by using the common dedicated setting information.

  In addition, when reading the dedicated setting information and attempting to set the security communication setting with the communication partner, for example, when the security communication setting with the communication partner already exists by manual setting or the like, the dedicated setting information The setting using the setting information can be canceled and the existing security communication setting can be maintained. Thereby, it is suitably prevented that the content of the security communication setting manually set by the user is rewritten to the content contrary to the user's intention.

  Further, for example, when the expiration date related to the security communication setting such as the lifetime set in the logical connection of the security communication or the lifetime set in the security communication setting itself has expired, the dedicated setting information in response to the expiration Security communication settings using can be deleted. As a result, the load on the communication device is reduced, and even when there is an upper limit to the number of security communication settings, it can be used effectively within the limits.

  Moreover, according to this invention, the communication method between several communication apparatuses provided with the said structure is provided. Moreover, according to this invention, the apparatus executable program for functioning as a communication apparatus provided with the said structure is provided. Furthermore, according to the present invention, a device-readable recording medium in which the above program is recorded is provided.

  Hereinafter, although embodiment of this invention is described, embodiment of this invention is not limited to the following embodiment. In this embodiment, as an example of a communication apparatus, an example will be described in which a multifunction machine having a complex function that handles images such as a copy, a facsimile, a scanner, and a print in addition to a communication function is described.

  FIG. 1 is a schematic diagram illustrating an embodiment of a network environment to which a multifunction peripheral is connected. A network environment 100 shown in FIG. 1 includes a plurality of multifunction peripherals 10, 12, a laser printer 14, and a personal computer (hereinafter referred to as a PC) 16. Connected through. In the present embodiment, the MFPs 10 and 12, the laser printer 14, and the PC 16 are connected to the router 18 via a switch (not shown), and in the IPv4 protocol, configure a link 20a referred to as a so-called local area network. Yes.

  The router 18 performs network control at the network layer / transport layer level in the OSI reference model, and an appropriate network layer / transport such as TCP (Transmission Control Protocol) / IP or UDP (User Datagram Protocol) / IP. A layer protocol is used to connect the link 20a to another network, such as the Internet 22 or a wide area network (WAN).

  The link 20a is composed of neighboring nodes that can form an access link through a data link layer level protocol. More specifically, in IPv6, the link 20a participates in a link-local all-node multicast address. The IPV4 can be a domain that can access the broadcast at the link layer address level by a switch (not shown).

  In the network environment 100 shown in FIG. 1, the multifunction device 10 and the multifunction device 12 are similar types of multifunction devices, and establish IPsec communication. For example, the international standard ITU-TT. The configuration is such that IP-FAX communication conforming to the 38 recommendation is executed. Hereinafter, a setting process of IPsec communication performed between the MFP 10 and the MFP 12 which are similar models prior to the IP-FAX communication by IPsec will be described.

  Hereinafter, the hardware configuration of the multifunction machine will be described first. FIG. 2 is a block diagram illustrating a schematic hardware configuration of the multifunction machine 10 according to the present embodiment. The multifunction machine 10 of the present embodiment includes a central processing unit (CPU) 32, a cache memory 34 that enables high-speed access of data used by the CPU 32, and a solid-state memory such as RAM and DRAM that enables processing by the CPU 32. And a system memory 36 formed from the elements. The CPU 32, the cache memory 34, and the system memory 36 are connected to other devices or drivers of the multifunction machine 10, for example, the graphics driver 40 and the network device 42 via the system bus 38. . The graphics driver 40 is connected to the display 44 via the system bus 38 and displays the processing result by the CPU 32 on the display screen. The network device 42 connects the multi-function device 10 to the network 20 at the physical layer level.

  An I / O bus bridge 46 is further connected to the system bus 38. On the downstream side of the I / O bus bridge 46, a hard disk device (hereinafter referred to as HDD) is referred to by IDE, ATA, ATAPI, serial ATA, SCSI, USB, etc. via an I / O bus 48 such as PCI. ) 50 or other storage device is connected. An input device 52 such as a keyboard and a pointing device such as a mouse is connected to the I / O bus 48 via a bus such as a USB, and receives inputs and instructions from an operator.

  In this embodiment, the HDD 50 stores various IP settings such as an IP address and a subnet mask, various IPsec setting information, and IPsec setting information dedicated to similar models. Note that the IPsec setting information dedicated to similar models is stored in a protected area that can be accessed only by authorized users, or in a separately provided security-protected external storage device. In this embodiment, the data is stored in a protected area that is protected by security.

  The multifunction machine 10 further includes an image processing driver 54 and an image processing device 56 connected to the system bus 38. The image processing driver 54 and the image processing device 56 are used when an image forming engine using an ADF (Automatic Document Feeder) and electrophotography (not shown) is driven to perform image processing and image output. In a specific embodiment, when configured as an information processing apparatus such as a PC, the image processing driver 54 and the image processing device 56 may be omitted, and depending on the specific use of the communication apparatus. Configurations can be added / deleted.

  The multi function device 10 reads a program (not shown) stored in a storage device such as a ROM (not shown), HDD 50, NV-RAM (not shown), SD card (not shown), etc. By expanding the cache memory 34 providing the working memory area and the memory area of the system memory 36, an IPsec communication setting update process and each function means described later are realized on an appropriate operating system.

  More specifically, the CPU 32 used by the multifunction machine 10 is, for example, Itanium (registered trademark), Xeon (registered trademark), Pentium (registered trademark), Celeron (registered trademark), PowerPC (registered trademark), Athlon ( (Registered trademark), PA-RISC (abbreviation), MIPS, or any other suitable CPU. Further, as an operating system (OS) used by the multifunction machine 10, for example, Windows (registered trademark) Vista (registered trademark), Windows (registered trademark) 2000, Windows (registered trademark) XP, Windows (registered trademark) 200X. Server, UNIX (registered trademark), LINUX (registered trademark), FreeBSD (registered trademark), AIX (registered trademark), MacOS (registered trademark), Solaris (registered trademark), VxWorks (registered trademark) or other appropriate OS Can be mentioned. The multifunction machine 12 can also have the same hardware configuration as that shown in FIG.

  FIG. 3 is a block diagram illustrating a functional configuration of the multi-function device 10 relating to setting of IPsec communication. The multifunction machine 10 illustrated in FIG. 3 includes an OS unit 60 and a communication control processing unit 62. More specifically, the OS unit 60 includes a communication device driver 68 that directly controls the network device 42, and a network protocol processing unit 70 that controls a communication protocol corresponding to the transport layer from the data link layer in the OSI reference model. It is comprised including. The communication control processing unit 62 executes a task for requesting communication, and generates a communication request with another communication device on the network.

  The network protocol processing unit 70 reads the IPsec communication valid / invalid setting value stored in the communication setting storage unit 64 at the time of communication execution, and controls whether to enable or disable the IPsec communication. The IPsec communication valid / invalid setting value is set to an initial value by a vendor, and the setting value is changed by a system setting by an operator. The network protocol processing unit 70 may be configured to execute processing such as packet filtering and port mapping in addition to communication protocol processing such as Ethernet (registered trademark), IPv4, IPv6, IPsec, TCP, and UDP. Good.

  More specifically, the network protocol processing unit 70 includes an IPsec communication control unit 72, a similar model determination unit 74, and an IPsec communication setting unit 76. The IPsec communication setting unit 76 reads out the IPsec setting information from the communication setting storage unit 64, constructs an IPsec communication setting, and more specifically, an SPD (security policy database) that defines a processing policy for the IP packet. For example, it is constructed on the system memory 36. When IPsec communication with the communication partner has not been established, the IPsec communication control unit 72 performs key exchange with the communication partner according to the IKE (Internet Key Exchange) protocol, and logically communicates with the communication partner. Establish a connection, the so-called SA (Security Association). The IPsec communication control unit 72 controls packet exchange between the higher-level communication control processing unit 62 and the network 20 according to the SPD, and acquires the SA from the SAD (security association database) that manages the SA. Then, IPsec processing is performed on the exchanged packets.

  In the present embodiment, the IPsec communication setting covers an IP address or a range of IP addresses, and (1) the IPsec process is applied to the packet, or (2) the packet is allowed to pass without applying the IPsec process. Or (3) When a packet processing policy such as discarding, and (1) IPsec processing is applied, a partner authentication method at the time of key exchange by IKE, a proposal regarding an encryption method or an authentication method, It consists of entries including setting contents for specifying various key exchange parameters such as designation of transport mode or tunnel mode, and SA lifetime. Each entry constitutes a security communication setting with the communication partner.

  The similar model determination unit 74 inquires of the communication device of the communication partner or receives a notification from the communication device of the communication partner, and determines whether the own device and the communication partner are similar models. When the communication partner is a similar model, the IPsec communication setting unit 76 is made to read out the IPsec setting information provided exclusively for communication between similar models from the dedicated setting storage unit 66, and the communication partner's An IP address entry is added, and the IPsec communication setting is updated. In the present embodiment, the dedicated setting storage unit 66 is provided by a security-protected storage area that can be accessed only by a legitimate authority.

  In the present embodiment, the similar model determination unit 74 and the IPsec communication setting unit 76 are included in the network protocol processing unit 70. This is in order to take advantage of the advantage of IPsec that there is no need to be aware of IPsec in higher layers than the network layer. However, the module assignment of the similar model determination unit 74 and the IPsec communication setting unit 76 is not particularly limited, and in another embodiment, for example, interposed between the communication control processing unit 62 and the network protocol processing unit 70. You may let them.

  Hereinafter, processing when the IPsec process is activated will be described. FIG. 4 is a flowchart showing an operation when the IPsec process is activated. The process shown in FIG. 4 is started from step S100, for example, when the multifunction device 10 is activated. In step S101, the IPsec process activation process is started. Subsequently, in step S102, the IPsec valid / invalid setting value is read from the communication setting storage unit 64, and in step S103, it is determined whether or not the setting value is valid.

  If it is determined in step S103 that the IPsec valid / invalid setting value is valid (YES), the process branches to step S104. In step S104, the IPsec setting information is read from the communication setting storage unit 64, and in step S105, an IPsec communication setting including an entry for the IP address or address range specified in the IPsec setting information is constructed. Subsequently, in step S106, communication is started with IPsec valid, and the process is terminated in step S107.

  On the other hand, if it is determined in step S103 that the IPsec valid / invalid setting value is invalid (NO), the process branches to step S108 to start normal IP communication as IPsec invalid, and the process is performed in step S107. Terminate. In communication, the IPsec valid / invalid setting value is referred to, and it is controlled whether the IPsec communication is valid or invalid.

  When the IPsec valid / invalid setting value is valid by the processing shown in FIG. 4, the IPsec communication setting is established, and the IPsec communication is established with the communication partner that has been manually set in advance as the target of the IPsec communication. Possible state. However, it is not possible to establish IPsec communication with a communication partner that is not designated as a target for IPsec communication by manual setting.

  Processing for adding an entry of the communication partner to the IPsec communication setting so that IPsec communication with the communication partner can be automatically established when the communication partner and the own device are of the same type. This will be described more specifically with reference to the sequence diagram. FIG. 5 is a sequence diagram illustrating a first embodiment of setting update processing of IPsec communication performed between the multifunction peripheral (MFP 1) 10 and the multifunction peripheral (MFP 2) 12. FIG. 6 is a diagram schematically showing IPsec setting information dedicated to similar models and a data structure of IPsec communication setting.

  FIG. 6A shows a data structure of IPsec setting information dedicated to similar models held in common between the multifunction device 10 and the multifunction device 12. The IPsec setting information 200 dedicated to similar models shown in FIG. 6A includes entry setting contents, a field 200a in which an encryption algorithm used between both parties performing IPsec communication is input, and an authentication algorithm used in IPsec communication. And an input field 200b. It should be noted that the IPsec setting information 200 dedicated between similar models can include fields for inputting various key exchange parameters and the like, although details are omitted.

  Referring to FIG. 5 again, the process shown in FIG. 5 is performed when the MFP 10 has received a communication request from the communication control processing unit 62 and has not established IPsec communication with the communication partner. Starts from. In this embodiment, the multifunction machine 10 (MFP 1) operates as an initiator, and the multifunction machine 12 (MFP 2) operates as a responder. FIGS. 6B and 6C schematically show data structures of IPsec communication settings in the initial state of the multifunction machine 10 and the multifunction machine 12, respectively. The IPsec communication setting 210 shown in FIG. 6B includes a field 210a in which an IP address to be communicated is input, a field 210b in which an encryption algorithm is input, and a field 210c in which an authentication algorithm is input. Composed. Similarly, the IPsec communication setting 210 can include a field for inputting various key exchange parameters. In addition, the other IPsec communication settings shown below including the IPsec communication setting 220 shown in FIG. 6C have the same data structure as in FIG. 6B.

  Referring to FIG. 5 again, in step S201, an ARP (Address Resolution Protocol) request packet including the IP address of the other party that requested the communication is broadcast. In step S202, the MFP 12 that has received the ARP request packet returns an ARP response packet including its own IP address and MAC (medium access control) address.

  In step S203, the multifunction device 10 that has received the ARP response packet determines whether or not it is a similar model from the source MAC address included in the ARP response packet by the similar model determination unit 74. For this, an entry for the IP address of the communication partner is added to the IPsec communication setting. The method for determining whether or not a similar model will be described later in detail. If it is determined in step S203 that an ARP response packet has not been received or the model is not similar, the process is terminated without adding an entry.

  Subsequently, in step S204, the IKE packet is transmitted to the multifunction machine 12, and the IKE phase 1 process is started. In step S205, the multifunction device 12 that has received the IKE packet uses the similar model determination unit 74 as a communication request for the received IKE packet as a communication request, using the same model from the source MAC (medium access control) address attached to the IKE packet. If there is a similar model, an entry for the communication partner's IP address is added to the IPsec communication setting. If it is determined that the model is not similar, the process is terminated without adding an entry.

  FIGS. 6D and 6E show the data structures of the IPsec communication settings after adding the entries of the multifunction machine 10 and the multifunction machine 12, respectively. Comparing FIG. 6D and FIG. 6B and FIG. 6E and FIG. 6C, the IPsec communication setting 212 of the added multifunction device 10 has a multifunction device [192.168.xx.2]. It can be seen that an entry for the IP address of 12 is added, and an entry for the IP address of the MFP 10 of [192.168.xx.1] is added to the IPsec communication setting 222 of the MFP 12. In addition, it is shown that the encryption algorithm and the authentication algorithm specified by the IPsec setting information 200 dedicated to similar models shown in FIG. 6A are set for these IP addresses.

  Referring to FIG. 5 again, in step S206, the multifunction device 12 returns an IKE packet, and in step S207, the IKE phase 1 processing is completed between the multifunction device 10 and the multifunction device 12, and in step S208, the multifunction device is completed. The IKE phase 2 process is completed between the MFP 10 and the MFP 12 to establish the SA, and in step S209, IPsec communication is started. Thereafter, communication between the MFP 10 and the MFP 12 such as transmission / reception of IP-FAX is performed by IPsec communication. The SA is established according to the key exchange parameter specified by the entry added in steps S203 and S205. If the negotiation fails in step S207 or step S208, the entry added in steps S203 and S205 is deleted.

  Usually, a predetermined lifetime is set in the SA established by IKE. Therefore, in this embodiment, after the IPsec communication is established, when the SA lifetime expires in step S210, the MFP 10 and the MFP 12 detect the expiration in step S211 and the SA lifetime expires. In response to this, the entry added to the IPsec communication setting is deleted. At this time, the IPsec communication settings of the multifunction machine 10 and the multifunction machine 12 are returned to those shown in FIGS. 6B and 6C, respectively. Thereafter, when a communication request between the multifunction device 10 and the multifunction device 12 is generated again, the processing sequence shown in FIG. 5 is repeated.

  Hereinafter, description will be added regarding the determination of the similar model by the similar model determination unit 74 of the present embodiment. FIG. 7 is a diagram schematically illustrating communication packets exchanged between the multifunction device 10 and the multifunction device 12. As shown in FIG. 7, the ARP request packet 230 transmitted from the multifunction machine 10 in step S201 includes the MAC address and IP address of the multifunction machine 10 that is the transmission source and the IP address of the multifunction machine 12 that is the destination. included. On the other hand, in step S202, the ARP response packet 240 returned from the MFP 12 in response to the ARP request packet includes the MAC address and IP address of the MFP 12 that is the return source in addition to the MAC address and IP address of the return destination. Will be included. The multifunction device 10 that is the initiator receives the ARP response packet, and the similar model determination unit 74 acquires the MAC address of the multifunction device 12 from the ARP response packet and uses the MAC address to determine the similar model. Refer to as If the MAC address corresponding to the IP address of the communication request has already been registered in the ARP cache on the multifunction machine 10 side, the ARP cache can be referred to.

  Further, the IKE packet 250 transmitted from the multifunction device 10 in step S204 includes the MAC address and IP address of the multifunction device 10 that is the transmission source. The multifunction device 12 as a responder needs to be added to an entry only after receiving a communication request. For this reason, after receiving the IKE packet 250 indicating the communication request, the similar model determination unit 74 on the responder side refers to the transmission source MAC address included in the packet 250 as information for determining the similar model. Note that the IKE packet 260 returned from the multifunction device 12 to the IKE packet 250 includes the MAC address and the IP address of the return source multifunction device 12.

  FIG. 8 is a diagram schematically showing the arrangement of MAC address allocation. As shown in FIG. 8, the upper 24 bits of the MAC address are uniquely allocated to each vendor as an OUI (Organizationally Unique Identifier) by the Institute of Electrical and Electronics Engineers (IEEE), and the lower 24 bits are assigned to each vendor. Allocated to the product. The similar model determination unit 74 of the MFP 10 and the MFP 12 according to the present embodiment determines whether or not the higher-order bits of the source MAC address included in the communication packet exchanged with each other are the same as its own. Based on the above, it is determined whether or not the model is similar. In this embodiment, communication devices supplied by the same vendor are determined as similar models. However, in other embodiments, a predetermined lower address range is determined for each model on the vendor side, and lower addresses are used. Thus, it may be configured to determine whether or not the model is the same type by a more specific classification model.

  When it is determined by the IPsec communication setting process described with reference to FIGS. 3 to 8 that the communication partner device is the same model, the IPsec communication setting entry for the mutual IP address in both devices Will be added automatically. Therefore, even if the entry of the communication partner is not included in the IPsec communication setting that is manually set in advance, the IPsec communication can be established. In particular, when it is desired to establish an IPsec communication path having the same content between a plurality of communication devices, the user can save time and effort for manually setting the IPsec communication settings by arranging all of the plurality of communication devices with the same type. It is possible to configure easily without applying.

  Further, in the above-described processing, since the IPsec setting information dedicated to similar models previously held in common in both communication apparatuses is used, information related to the IPsec communication setting is not exchanged via the network, so that higher security is ensured. . Furthermore, in the above IPsec communication setting process, it is possible to determine whether the communication partner is a similar model without greatly changing the packet flow of the existing Ethernet (registered trademark) or IPsec protocol. Does not generate extra network traffic.

  If there is already a manual entry for the same IP address as the entry to be added in the processes in steps S203 and S205, the entry addition by the IPsec communication setting process is canceled. Can do. As a result, it is possible to favorably prevent manual setting by the user from being prioritized and setting the IPsec communication contrary to the user's intention to be performed arbitrarily.

  Further, in the above-described step S210 and step S211, an entry automatically set between similar types of communication devices becomes unnecessary and is deleted by the configuration in which the entry of the IPsec communication setting is deleted in response to the expiration of the SA lifetime. The Rukoto. For this reason, an excessive load of packet processing by the IPsec communication control unit 72 is reduced, and it is possible to suitably prevent the IPsec communication setting entries having a finite upper limit from being exhausted. In the above-described embodiment, the entry is deleted in response to the expiration of the SA lifetime. However, in another embodiment, for example, a lifetime is set in advance in the entry, and the lifetime of the entry is set. An entry may be deleted in response to expiration.

  In addition, in the IPsec communication setting process, the MFP 10 on the initiator side uses the ARP request packet to determine whether the communication partner is a similar model even when the IPsec valid / invalid setting value is invalid. It is possible to determine. In addition, since IPsec communication is higher in security than ordinary IP communication and causes little disadvantage, if IPsec communication can be forcibly executed even when IPsec communication is disabled, its merit is , Considered big.

  Therefore, in another embodiment, even if the IPsec communication valid / invalid setting value is invalid, it is determined whether or not the communication partner is a similar model by receiving the ARP response packet in step S202. When it is determined that the model is similar, the IPsec valid / invalid setting can be ignored and IPsec communication can be established between similar types of communication apparatuses.

  In office devices such as multifunction peripherals, in many cases, the IPsec valid / invalid setting is invalidated, which is supplied from the vendor. However, particularly in such cases, IPsec communication can be automatically established between similar models. The user can use the IPsec communication without performing any special setting, so that the security level can be improved as high as possible without the user's manual setting.

  Hereinafter, another embodiment of the IPsec communication setting update process will be specifically described with reference to a sequence diagram. FIG. 9 is a sequence diagram illustrating a second embodiment of setting update processing for IPsec communication performed between the multifunction peripheral (MFP 1) 10 and the multifunction peripheral (MFP 2) 12. In the first embodiment shown in FIG. 5, the similar model is determined using the MAC address included in the ARP packet and the IKE packet. In the second embodiment described below, a dedicated protocol for determining the similar model is defined, and a packet including model information for determining the similar model is exchanged in the payload portion to determine the similar model. Various types of information can be adopted as the model information. For example, it is possible to determine whether the model is a similar model, such as a device vendor, model, or model name or identifier. Any information can be adopted.

  The process illustrated in FIG. 9 is started from step S300 when a communication request from the communication control processing unit 62 is generated in the multifunction machine 10. Also in the second embodiment, the multifunction device 10 (MFP 1) operates as an initiator and the multifunction device 12 (MFP 2) operates as a responder.

  Subsequently, in step S301, a similar model confirmation request packet that includes the model information of the multifunction machine 10 itself and requests notification of the model information of the partner is transmitted with the IP address of the partner that requested the communication as the destination. In step S302, the multifunction device 12 that has received the similar model confirmation request packet acquires the model information of the multifunction device 10 from the payload portion of the packet by the similar model determination unit 74, and determines whether the model is the similar model from the model information. If it is a similar model, an entry for the IP address of the communication partner is added to the IPsec communication setting. Subsequently, in step S303, the multifunction machine 12 returns a similar model confirmation response packet including its own model information with the IP address of the requested multifunction machine 10 as the destination.

  In step S304, the multifunction device 10 that has received the similar model confirmation response packet acquires the model information of the multifunction device 12 from the payload portion of the packet by the similar model determination unit 74, and determines whether the model is the similar model from the model information. If it is a similar model, an entry for the IP address of the communication partner is added to the IPsec communication setting.

  In step S305, the IKE phase 1 process is completed between the MFP 10 and the MFP 12. Thereafter, the processing sequence of steps S306 to S309 is executed. Note that the processing sequence from step S306 to step S309 is the same as that of steps S208 to S211 shown in FIG.

  In the update processing of the IPsec communication setting of the first embodiment shown in FIG. 5, the similar model is determined using the MAC address included in the packet exchanged between apparatuses. On the other hand, in the IPsec communication setting update process of the second embodiment shown in FIG. 9, a similar protocol is determined by exchanging a packet that includes a dedicated protocol and includes model information in the payload portion. As a result, it is possible to determine the model using the device vendor, model, name or identifier indicating the model decided by the vendor, and it is possible to determine the similar model by more detailed classification. In addition, because the information contained in the payload part that is transmitted end-to-end between devices is used, there is no restriction on the communication range in which model information can be exchanged, and it can also be applied to communication between communication devices across routers. is there.

  FIG. 10 is a sequence diagram illustrating a third embodiment of setting update processing for IPsec communication performed between the multifunction peripheral (MFP 1) 10 and the multifunction peripheral (MFP 2) 12. In the third embodiment described below, an LLTD (Link Layer Topology Discovery) protocol, which is a data link layer protocol, is used to exchange an LLTD packet including model information for determining the similar model in the extension area of the payload portion. Then, the similar model is determined. As the model information, the same information as in the second embodiment can be adopted.

  The process illustrated in FIG. 10 is started from step S400 when a communication request from the communication control processing unit 62 is generated in the multifunction machine 10. Also in the third embodiment, the multifunction device 10 (MFP 1) operates as an initiator and the multifunction device 12 (MFP 2) operates as a responder.

  In step S401, an LLTD packet that includes the model information of the multifunction machine 10 itself in the extension area and requests notification of the model information of the partner is transmitted to the partner that requested the communication. Upon receiving the LLTD packet, the multifunction machine 12 sends back the LLTD packet including its model information in the extension area, with the requested multifunction machine 10 as the destination.

  In step S403, the multifunction device 12 that has returned the LLTD packet and the multifunction device 10 that has received the reply obtain the model information of the multifunction device 10 from the extended area of the packet by the similar model determination unit 74, respectively. It is determined whether or not the model is similar. If the model is similar, an entry for the IP address of the communication partner is added to the IPsec communication setting.

  In step S404, the multi-function device 10 transmits an IKE packet to the multi-function device 12 and starts IKE phase 1 processing. The multifunction device 12 that has received the IKE packet returns the IKE packet in step S405. In step S406, the IKE phase 1 process is completed between the multifunction machine 10 and the multifunction machine 12. Thereafter, the processing sequence of steps S407 to S410 is executed. Note that the processing sequence from step S407 to step S410 is the same as that of steps S208 to S211 shown in FIG.

  In the update processing of the IPsec communication setting according to the third embodiment, similar models are determined by exchanging packets including model information, preferably using the extended area of the LLTD packet in the data link layer. This eliminates the need to use a higher-layer protocol to establish IPsec communication, which is a network layer protocol, while using a lower-level general-purpose data link layer protocol to provide the device vendor, model, It is possible to determine a similar model by a more detailed classification using a name or identifier indicating a model decided by the vendor. Further, in the above description, it has been described as a configuration for determining whether or not it is a similar model using only the model information exchanged by the LLTD packet, but in another embodiment, the accuracy of the determination of the similar model is improved. Therefore, it is possible to adopt a configuration in which the determination is made including the MAC address included in the IKE packet exchange.

  FIG. 11 is a sequence diagram illustrating a fourth embodiment of the setting update process for IPsec communication performed between the multifunction machine (MFP 1) 10 and the multifunction machine (MFP 2) 12. In the fourth embodiment shown below, an LLTD protocol, which is a data link layer protocol, is used to exchange LLTD packets containing seed information in the extension area of the payload portion for common setting between similar models. Then, using this shared seed information, an IPsec communication setting entry for the communication partner is added.

  The MFPs 10 and 12 that execute the setting update processing of the present embodiment commonly use a setting creation algorithm for creating entry setting contents such as key exchange parameters in advance as IPsec setting information dedicated to similar models. It is stored in the dedicated setting storage unit 66. Then, the setting contents of the common entry are created by applying the setting creation algorithm to the common seed information exchanged by the LLTD packet. The seed information can be, for example, a random numerical value or a character string. As the setting creation algorithm, any algorithm can be used as long as the setting contents are uniquely created by using the seed information as an input.

  The process illustrated in FIG. 11 is started from step S500 when the communication request from the communication control processing unit 62 is generated in the multifunction machine 10. Also in the fourth embodiment, the multifunction device 10 (MFP 1) operates as an initiator and the multifunction device 12 (MFP 2) operates as a responder.

  In step S501, the multi-function device 10 broadcasts an ARP request packet including the IP address of the other party that requested the communication. In step S502, the multifunction machine 12 that has received the ARP request packet returns an ARP response packet including its own IP address and MAC address.

  When the multifunction device 10 receives the ARP response packet, in step S503, the similar model determination unit 74 determines whether it is the similar model from the transmission source MAC address included in the ARP response packet. Is configured to generate seed information, read the setting creation algorithm from the dedicated setting storage unit 66 using the seed information as input, create setting contents, and set an entry for the IP address of the communication partner as an IPsec communication setting. Add.

  Subsequently, in step S504, the multifunction device 10 transmits the LLTD packet including the generated seed information to the multifunction device 12 as a destination. Thereby, seed information for creating setting contents is shared between the multifunction machine 10 and the multifunction machine 12. In step S505, the multi-function device 10 transmits an IKE packet to the multi-function device 12 and starts IKE phase 1 processing. In step S506, the multifunction device 12 that has received the IKE packet uses the received similar IKE packet as a communication request by the similar model determination unit 74, and determines whether or not it is a similar model from the transmission source MAC address attached to the IKE packet. If it is determined that the model is similar, the setting creation algorithm is read from the dedicated setting storage unit 66, setting contents are created using the received seed information, and an entry for the IP address of the communication partner is set as an IPsec. Add to communication settings.

  In step S507, the multifunction machine 12 returns an IKE packet. In step S508, the multifunction machine 10 and the multifunction machine 12 complete the IKE phase 1 process. Thereafter, the processing sequence of steps S509 to S512 is executed. Note that the processing sequence from step S509 to step S512 is the same as that of steps S208 to S211 shown in FIG.

  In the update processing of the IPsec communication setting of the fourth embodiment, the extended region of the LLTD packet of the data link layer is preferably used to exchange packets including seed information, and a setting creation algorithm is used in common for both communication devices. Create settings and add entries. In this case, a different IPsec communication setting is made for each group that establishes the IPsec communication among the communication apparatuses on the network, and the dedicated IPsec communication setting of the similar model stored in advance is uniformly used in the embodiment. In comparison, security safety can be improved. In the description of the fourth embodiment, it is determined whether or not the model is a similar model using the ARP packet. However, as in the third embodiment, whether or not the model is a similar model using the extended area of the LLTD packet. It can also be configured to determine whether or not. In this case, the seed information may be included in the LLTD packet that requests the notification of the partner model information.

  As described above, according to the embodiments described above, regarding secure communication such as IPsec communication, the security communication can be easily performed between similar models without transmitting main information regarding the setting of the communication. It is possible to provide a communication device, a communication method, a program, and a recording medium that enable the setting to be performed and establish a secure communication safely. Further, by applying the update processing of the IPsec communication setting of the above-described embodiment to the MFP that executes IP-FAX, even if the IP-FAX transfer route is changed, the change is made according to the change. Thus, the IPsec communication path is automatically established, and it is possible to reduce complicated and difficult setting work conventionally required by the user.

  In the above-described embodiments, the multifunction peripheral is described as an example of the communication device. However, other image forming apparatuses such as laser printers, portable terminals such as PDAs, information processing apparatuses such as personal computers, image reading apparatuses such as scanners, image communication apparatuses such as facsimiles, and imaging apparatuses such as digital cameras, etc. A device having the communication function can be configured as a communication device.

  The above functions can be realized by computer-executable programs written in legacy programming languages such as assembler, C, C ++, C #, Java (registered trademark), object-oriented programming languages, and the like, such as ROM, EEPROM, EPROM, It can be stored in a device-readable recording medium such as flash memory, flexible disk, CD-ROM, CD-RW, DVD, SD card, MO, and distributed.

  Although the embodiments of the present invention have been described so far, the embodiments of the present invention are not limited to the above-described embodiments, and those skilled in the art may conceive other embodiments, additions, modifications, deletions, and the like. It can be changed within the range that can be done, and any embodiment is included in the scope of the present invention as long as the effects of the present invention are exhibited.

1 is a schematic diagram showing an embodiment of a network environment to which a multifunction device is connected. FIG. 2 is a block diagram illustrating a schematic hardware configuration of the multifunction peripheral according to the embodiment. FIG. 2 is a block diagram showing a functional configuration of a multifunction peripheral related to setting of IPsec communication. The flowchart which shows the operation | movement at the time of IPsec process starting. The sequence diagram which shows 1st Embodiment of the setting update process of IPsec communication. The figure which shows typically the data structure of IPsec setting information and IPsec communication setting only for similar models. The figure which shows typically the communication packet exchanged between two multifunction devices. The figure which shows typically the rule of how to allocate a MAC address. The sequence diagram which shows 2nd Embodiment of the setting update process of IPsec communication. The sequence diagram which shows 3rd Embodiment of the setting update process of IPsec communication. The sequence diagram which shows 4th Embodiment of the setting update process of IPsec communication.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 ... MFP, 12 ... MFP, 14 ... Laser printer, 16 ... PC, 18 ... Router, 20 ... Network, 22 ... Internet, 32 ... CPU, 34 ... Cache memory, 36 ... System memory, 38 ... System -Bus, 40 ... Graphics driver, 42 ... Network device, 44 ... Display, 46 ... I / O bus bridge, 48 ... I / O bus, 50 ... HDD, 52 ... Input device, 54 ... Image processing driver 56 ... Image processing device, 60 ... OS unit, 62 ... Communication control processing unit, 64 ... Communication setting storage unit, 66 ... Dedicated setting storage unit, 68 ... Communication device / driver, 70 ... Network protocol processing unit, 72 ... IPsec Communication control unit, 74 ... Similar model determination unit, 76 ... IPsec communication setting unit, 100 ... Network environment, 200 IPsec configuration information, 210,212,220,222, IPsec communication setting

Claims (15)

A communication device connected to a network,
Storage means for storing dedicated setting information defining the contents of security communication settings between similar models;
Determination means for determining whether the communication partner is a similar model;
A setting means for reading out the stored dedicated setting information and setting a security communication setting with the communication partner when it is determined that the model is similar;
Communication control means for controlling security communication with the communication partner according to the contents of the security communication setting.   The setting unit cancels the setting using the dedicated setting information and maintains the existing security communication setting when a security communication setting with a communication partner determined to be the same model already exists. The communication apparatus according to claim 1.   The communication device according to claim 1, wherein the setting unit deletes the security communication setting when an expiration date related to the security communication setting set using the dedicated setting information has expired.   Even when the security communication function of the communication device is disabled, the setting unit forcibly performs setting using the dedicated setting information, and the communication control unit is configured to perform security with the communication partner. The communication device according to claim 1, wherein communication can be established.   The setting means sets security communication settings with the communication partner by further using information included in a payload portion of a communication packet transmitted to or received from the communication partner. 5. The communication device according to any one of 4.   The determination means determines whether the model is a similar model based on a response packet returned from the communication partner in response to an inquiry or a model information of a communication partner included in a communication request packet received from the communication partner. Item 6. The communication device according to any one of Items 1 to 5.   The model information is a medium access control address of a transmission source included in a packet sent from a communication partner, and the determination unit determines a similar model by referring to the medium access control address of the transmission source. 6. The communication device according to 6.   The said model information is identification information which shows the model of the said communication other party contained in the payload part of the packet sent from the communication other party, The said determination means determines a similar model from the said identification information. Communication equipment.   The communication device according to any one of claims 5 to 8, wherein the packet is a communication packet of a data link layer protocol or a communication packet of a protocol specified exclusively for determining a similar model. A communication method between a plurality of communication devices connected to a network,
The communication device determining whether a communication partner is a similar model; and
When the communication partner is a similar model, the communication device reads dedicated setting information that defines the content of security communication settings between similar models;
Using the read dedicated setting information, the communication device to set security communication settings with the communication partner determined to be a similar model;
The communication device executes a step of controlling security communication with the communication partner according to the content of the security communication setting.   The setting step cancels the setting using the dedicated setting information when the security communication setting with the communication partner determined to be the same model in the determining step already exists, and the existing setting The communication method according to claim 10, comprising the step of maintaining security communication settings. The communication device detecting that an expiration date related to the security communication setting set using the dedicated setting information has expired;
The communication method according to claim 10 or 11, wherein the communication device further executes a step of deleting the security communication setting in response to the expiration. One communication device generates information for setting the security communication setting with the communication partner, and transmits a communication packet including the information in a payload portion to the other communication device;
The other communication device receives the communication packet and obtains the information included in the payload portion; and
The communication method according to claim 10, wherein, in the setting step, the security communication setting with the communication partner is set using the information.   An apparatus-executable program for causing a communication apparatus to function as each unit according to any one of claims 1 to 9.   A device-readable recording medium on which the program according to claim 14 is recorded.

Images