JP2018152796A - Remote apparatus control system and remote apparatus control method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enhance safety when a client device remotely controls an IoT apparatus by communication.SOLUTION: A first computation processing device generates a first key and a second key using a master key, client identification information, and key type information. The first computation processing device performs an authentication process of a client device using the first key. The first computation processing device transmits a third key to the client device by encryption communication using the second key, and transmits the third key to a second apparatus by encryption communication using a common key. The second apparatus relays communication between the client device and the first computation processing device. The client device and second apparatus perform encryption communication using the third key. The client device remotely controls an apparatus unit of the second apparatus by encryption communication performed using the third key.SELECTED DRAWING: Figure 7

Description

  The present invention relates to a remote device control system and a remote device control method.

  In recent years, home appliances such as air conditioners (commonly known as air conditioners) and devices for specific uses such as surveillance cameras have been connected to the Internet. At this time, a public key cryptosystem is known as one technique for concealing communication data. In the public key cryptosystem, a public key (public key certificate) is generally exchanged using PKI (Public Key Infrastructure) (for example, see Non-Patent Document 1).

ITpro, "Introduction to Information Security-PKI (Part 2) --- X.509 Certificate and PKI Mechanism", [Search February 20, 2017], Internet <URL: http://itpro.nikkeibp.co. jp / article / COLUMN / 20060725/244233 / ＞

  The client device accesses an IoT device for realizing the Internet of Things (IoT) from the client device, and the client device collects data from the IoT device by communication, or the client device remotely operates the IoT device by communication. Can be considered. However, there are cases where the security when the client device remotely controls the IoT device by communication is insufficient.

  The present invention has been made in consideration of such circumstances, and an object of the present invention is to improve safety when a client device remotely controls an IoT device by communication.

(1) One aspect of the present invention includes a client device, a first arithmetic processing device, and a second device, and the first arithmetic processing device stores a master key and a common key. A key generation unit that generates a first key and a second key using the master key, client identification information of the client device, and key type information, and the client device using the first key A third key is transmitted between the first authentication processing unit that performs authentication processing between the client device and the client device by encrypted communication using the second key, and the third key is transmitted by encrypted communication using the common key. A first key transmission unit that transmits a key to the second device, wherein the second device includes a device unique to the second device, and receives a remote control through communication, and the client Communication between the apparatus and the first arithmetic processing unit. A control unit that performs relaying, a second storage unit that stores the common key, a key reception unit that receives the third key from the first arithmetic processing unit by encrypted communication using the common key, and the client device A second communication unit that performs cryptographic communication using the third key between the client device, a client storage unit that stores the first key and the second key, and a local client A client authentication processing unit that transmits client identification information of the apparatus to the first arithmetic processing unit and performs an authentication process with the first arithmetic processing unit using the first key; and the first arithmetic processing unit A client key receiving unit that receives the third key by encrypted communication using the second key with the client, and a client communication unit that performs encrypted communication with the second device using the third key And in front of the second device A device unit, and a remote device controller for controlling remotely by the encryption communication performed by using the third key, a remote equipment control system.
(2) In one aspect of the present invention, the client key receiving unit of the client device transmits client identification information of the client device to the first arithmetic processing device, and the first key of the first arithmetic processing device. The transmission unit transmits the first key and the second key generated by the key generation unit using the client identification information received from the client device to the client device via an encryption communication path, and the client The client storage unit of the device is a remote device control system that stores the first key and the second key received from the first arithmetic processing device through the encryption communication path.

(3) One aspect of the present invention includes a client device, a first arithmetic processing device, and a second device, wherein the first arithmetic processing device is a common key and a public key certificate of the client device. A first storage for storing a first private key used for generating a certain client public key certificate, a first public key certificate corresponding to the first private key, and the first public key certificate A first authentication processing unit that performs public key cryptography authentication processing with the client device, and transmits a third key by encrypted communication using the client public key certificate with the client device. A first key transmission unit that transmits the third key to the second device by encrypted communication using the common key, and the second device includes a device unique to the second device, A device unit that accepts remote control by communication; The control unit that relays communication between the client device and the first arithmetic processing unit, the second storage unit that stores the common key, and the first arithmetic processing unit using encrypted communication that uses the common key A key receiving unit that receives the third key from the client, and a second communication unit that performs encrypted communication with the client device using the third key. The client device includes the client public key. A client storage unit that stores a certificate and a client private key that is a private key corresponding to the client public key certificate, and transmits the client public key certificate to the first processing unit. A client authentication processing unit that performs an authentication process with the first arithmetic processing unit and an encryption communication that uses the client secret key with the first arithmetic processing unit. The client key receiving unit that receives the third key according to the above, the client communication unit that performs cryptographic communication with the second device using the third key, and the device unit of the second device, And a remote device control unit that remotely controls the encrypted communication performed using a third key.
(4) In one aspect of the present invention, the client authentication processing unit of the client device transmits a client public key that is a public key of the client device to the first arithmetic processing device, and the first arithmetic processing device The first authentication processing unit generates the client public key certificate, which is a public key certificate of the client public key received from the client device, using the first private key, and the client public key certificate A remote device control system in which the client storage unit of the client device stores the client private key and the client public key certificate received from the first arithmetic processing device. is there.

(5) One aspect of the present invention is a remote device control method of a remote device control system including a client device, a first arithmetic processing device, and a second device including a device unit, and the device unit includes A first storage step including a device unique to the second device, receiving remote control by communication, the first processing unit storing a master key and a common key, and the first processing unit, A key generation step of generating a first key and a second key using the master key, client identification information of the client device and key type information; and the first arithmetic processing unit uses the first key. And a first authentication processing step for performing authentication processing with the client device, and the first arithmetic processing device transmits a third key by encrypted communication using the second key with the client device. And the common key A first key transmission step of transmitting the third key to the second device by encryption communication to be used, and a control in which the second device relays communication between the client device and the first arithmetic processing device; A second storage step in which the second device stores the common key; and the second device receives the third key from the first arithmetic processing unit by encrypted communication using the common key. A key receiving step, a second communication step in which the second device performs encrypted communication with the client device using the third key, and the client device has the first key and the second key. And the client storage step of transmitting client identification information of the client device to the first arithmetic processing device, and using the first key, the first arithmetic processing device A client authentication processing step for performing authentication processing between the client device and a client key receiving step for receiving the third key by encrypted communication using the second key between the client device and the first arithmetic processing device; A client communication step in which the client device performs encrypted communication with the second device using the third key; and the client device connects the device unit of the second device to the third key. And a remote device control step for remotely controlling the encrypted communication using the encryption communication.
(6) According to one aspect of the present invention, the client device transmits client identification information of the client device to the first arithmetic processing device, and the first arithmetic processing device receives the client identification information from the client device. Transmitting the first key and the second key generated using the encryption communication path to the client apparatus, and the client apparatus received from the first arithmetic processing apparatus via the encryption communication path. A remote device control method for storing a first key and the second key.

(7) One aspect of the present invention is a remote device control method of a remote device control system including a client device, a first arithmetic processing device, and a second device including a device unit, A device specific to the second device is provided, and remote control is accepted by communication, and the first processing unit is used to generate a common key and a client public key certificate that is a public key certificate of the client device. A first storage step for storing a first secret key to be executed and a first public key certificate corresponding to the first secret key; and the first arithmetic processing unit uses the first public key certificate. A first authentication processing step for performing public key cryptography authentication processing with the client device, and encryption communication in which the first arithmetic processing device uses the client public key certificate with the client device. By A first key transmission step of transmitting three keys and transmitting the third key to the second device by encrypted communication using the common key; and the second device includes the client device and the first arithmetic processing device. A control step for relaying communication between the second device, a second storage step in which the second device stores the common key, and a second operation in which the second device performs the first calculation by encrypted communication using the common key. A key receiving step of receiving the third key from a processing device; a second communication step in which the second device performs cryptographic communication with the client device using the third key; and the client device A client storage step of storing the client public key certificate and a client private key that is a private key corresponding to the client public key certificate; and A client authentication processing step of transmitting a client public key certificate to the first processing unit and performing an authentication process with the first processing unit using the client private key; and A client key receiving step of receiving the third key by encrypted communication using the client secret key with the first processing unit; and the client device sends the third key to the second device. A client communication step for performing encrypted communication using the remote device control step, wherein the client device remotely controls the device unit of the second device by the encrypted communication performed using the third key; , Including a remote device control method.
(8) In one aspect of the present invention, the client device transmits a client public key that is a public key of the client device to the first arithmetic processing device, and the first arithmetic processing device receives the client device from the client device. The client public key certificate that is the public key certificate of the client public key is generated using the first private key, the client public key certificate is transmitted to the client device, and the client device A remote device control method for storing the client secret key and the client public key certificate received from the first processing unit.

  According to the present invention, it is possible to improve the safety when the client device remotely controls the IoT device by communication.

1 is a schematic configuration diagram of a remote device control system 1 according to an embodiment. 2 is a schematic functional configuration diagram of a server device 30 according to an embodiment. FIG. 2 is a schematic functional configuration diagram of a client device 50 according to an embodiment. FIG. It is a block diagram which shows the hardware structural example of the IoT apparatus 70 which concerns on one Embodiment. It is a figure which shows the function structural example of the IoT apparatus 70 which concerns on one Embodiment. It is a sequence chart which shows the initial setting phase of the example 1 of the remote device control method which concerns on one Embodiment. It is a sequence chart which shows the operation | movement phase of Example 1 of the remote device control method which concerns on one Embodiment. It is a schematic block diagram of the remote device control system 1a which concerns on one Embodiment. It is a block diagram which shows the hardware structural example of the communication gateway apparatus 14 which concerns on one Embodiment. It is a figure which shows the function structural example of SIM80 which concerns on one Embodiment. It is a sequence chart which shows the initial setting phase of the example 2 of the remote device control method which concerns on one Embodiment. It is a sequence chart which shows the operation | movement phase of Example 2 of the remote device control method which concerns on one Embodiment. It is a schematic structure figure of remote equipment control system 1a-a concerning one embodiment. It is a schematic block diagram of the remote equipment control system 1a-b which concerns on one Embodiment. It is a schematic structure figure of remote equipment control system 1a-c concerning one embodiment.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 1 is a schematic configuration diagram of a remote device control system 1 according to the present embodiment. In FIG. 1, the remote device control system 1 includes a server device 30, a client device 50, and an IoT device 70. The IoT device 70 is a device having a communication function. The IoT device 70 may be, for example, a home appliance such as an air conditioner, or may be a specific application device such as a traffic light, a weather observation sensor, or a monitoring camera.

  The server device 30 communicates with the IoT device 70 via the communication path 102. The communication path 102 may be a wireless communication path, a wired communication path, or may be configured by a wireless communication path and a wired communication path. For example, the communication path 102 may be a communication path of a wireless communication network used by the IoT device 70. Alternatively, the communication path 102 may be a communication path configured by a communication network such as the Internet and a wireless communication network used by the IoT device 70. Further, for example, the server device 30 and the IoT device 70 may be connected by a dedicated line such as a VPN (Virtual Private Network) line.

  The server device 30 communicates with the client device 50 via the communication path 104. The communication path 104 may be a wireless communication path, a wired communication path, or may be configured by a wireless communication path and a wired communication path. For example, the server device 30 and the client device 50 may be configured to communicate via a wired or wireless communication network. For example, the server device 30 and the client device 50 may be connected by a wired or wireless LAN (Local Area Network).

  The client device 50 communicates with the IoT device 70 via the communication path 106. The communication path 106 may be a wireless communication path such as near field communication. The communication path 106 may be, for example, a wireless LAN wireless communication path such as “Wi-Fi (registered trademark)” or a “Bluetooth (registered trademark)” wireless communication path.

  FIG. 2 is a schematic functional configuration diagram of the server device 30 according to the present embodiment. 2, the server device 30 includes a communication unit 31, a storage unit 32, a key generation unit 33, a key transmission unit 34, and an authentication processing unit 35. The communication unit 31 communicates with the IoT device 70 via the communication path 102. The communication unit 31 communicates with the client device 50 via the communication path 104. The storage unit 32 stores data. The key generation unit 33 generates a key. The key transmitter 34 transmits a key. The authentication processing unit 35 performs authentication processing with the client device 50.

  The functions of the server device 30 are realized by a CPU (Central Processing Unit) included in the server device 30 executing a computer program. Note that the server device 30 may be configured using a general-purpose computer device, or may be configured as a dedicated hardware device.

  In the present embodiment, the server device 30 is an example of a first arithmetic processing device. The storage unit 32 of the server device 30 corresponds to the first storage unit. The authentication processing unit 35 of the server device 30 corresponds to the first authentication processing unit. The key transmission unit 34 of the server device 30 corresponds to the first key transmission unit.

  FIG. 3 is a schematic functional configuration diagram of the client device 50 according to the present embodiment. In FIG. 3, the client device 50 includes a communication unit 51, a storage unit 52, a key reception unit 54, an authentication processing unit 55, and a remote device control unit 57. The communication unit 51 communicates with the server device 30 via the communication path 104. The communication unit 51 communicates with the IoT device 70 via the communication path 106. The storage unit 52 stores data. The key receiving unit 54 receives a key. The authentication processing unit 55 performs authentication processing with the server device 30. The remote device control unit 57 remotely controls the IoT device 70 by communication.

  The functions of the client device 50 are realized by the CPU provided in the client device 50 executing a computer program. Note that the client device 50 may be configured using a general-purpose computer device, or may be configured as a dedicated hardware device. The client device 50 may be, for example, a mobile communication terminal device such as a smartphone, a tablet computer device (tablet PC), or a stationary personal computer device.

  In the present embodiment, the storage unit 52 of the client device 50 corresponds to the client storage unit. The authentication processing unit 55 of the client device 50 corresponds to the client authentication processing unit. The key receiving unit 54 of the client device 50 corresponds to the client key receiving unit. The communication unit 51 of the client device 50 corresponds to the client communication unit.

  FIG. 4 is a block diagram illustrating a hardware configuration example of the IoT device 70 according to the present embodiment. In FIG. 4, the IoT device 70 includes a CPU 71, a storage unit 72, a communication interface 73, and a device unit 74. These units are configured to exchange data.

  The CPU 71 controls the IoT device 70. This control function is realized by the CPU 71 executing a computer program. The storage unit 72 stores a computer program executed by the CPU 71 and various data. The storage unit 72 stores a computer program for realizing various functions of the IoT device 70. Various functions of the IoT device 70 are realized by the CPU 71 executing the computer program.

  The communication interface 73 transmits / receives data to / from an external device of the local IoT device 70. The communication interface 73 includes an interface that transmits / receives data to / from the server apparatus 30 via the communication path 102, and an interface that transmits / receives data to / from the client apparatus 50 via the communication path 106.

  The device unit 74 includes a device specific to the IoT device 70. For example, when the IoT device 70 is an air conditioner, the device unit 74 is a device related to air conditioning unique to the air conditioner. For example, when the IoT device 70 is a monitoring camera, the device unit 74 is a device related to imaging specific to the monitoring camera. The device unit 74 receives remote control from the remote device control unit 57 of the client device 50 by communication.

  FIG. 5 is a diagram illustrating a functional configuration example of the IoT device 70 according to the present embodiment. In FIG. 5, the IoT device 70 includes a communication unit 701, a storage unit 702, a control unit 703, and a key reception unit 704. The communication unit 701 performs communication with an external device of the IoT device 70. The storage unit 702 stores data. The control unit 703 controls the IoT device 70. The key receiving unit 704 receives a key.

  In the present embodiment, the IoT device 70 is an example of a second device. The storage unit 702 of the IoT device 70 corresponds to the second storage unit. The communication unit 701 of the IoT device 70 corresponds to the second communication unit.

[Example of key generation method]
An example of a key generation method according to this embodiment will be described. In the present embodiment, a first encryption key K_gen1 and a second encryption key K_gen2 are generated as examples of keys. The first encryption key K_gen1 is a key used for authentication processing. The second encryption key K_gen2 is a key used for encryption communication in key transmission or reception. In the present embodiment, the first encryption key K_gen1 corresponds to the first key, and the second encryption key K_gen2 corresponds to the second key.

  In the present embodiment, a common key is generated using a predetermined key generation function. An example of the key generation function will be described below.

(Key generation function example 1)
Common key = digest (Master_Secret, client ID, Key_ID (Nk))
However, Master_Secret is a master key. The client ID (client identification information) is identification information of the client device 50. Key_ID (Nk) is key type information. Nk is a variable representing the type of key. The digest (Master_Secret, client ID, Key_ID (Nk)) is a digest value generated from the master key Master_Secret, client ID, and key type information Key_ID (Nk). Examples of the digest value include a value calculated by a hash function or a value calculated by an exclusive OR operation. For example, the common key is a hash function value calculated using the master key Master_Secret, the client ID, and the key type information Key_ID (Nk) as input values.

If the value of the key type information Key_ID (Nk) is different, the digest value is different. By changing the value of the key type information Key_ID (Nk), different common keys can be generated from the same master key Master_Secret and client ID. For example, the key type information of the first encryption key K_gen1 is Key_ID (gen1), and the key type information of the second encryption key K_gen2 is Key_ID (gen2). In this case, using the master key Master_Secret, the client ID, and the key type information Key_ID (gen1), Key_ID (gen2),
First encryption key K_gen1 = Digest (Master_Secret, Client ID, Key_ID (gen1)),
Second encryption key K_gen2 = Digest (Master_Secret, Client ID, Key_ID (gen2)),
Thus, the first encryption key K_gen1 and the second encryption key K_gen2 can be generated as different keys.

(Example 2 of key generation function)
In example 2 of the key generation function, a CMAC (Cipher-based Message Authentication Code) is generated as a common key.
Common key = CMAC (Master_Secret; client ID, Key_ID (Nk))
However, in CMAC (A; B), key A is a key used to generate CMAC, and data B is data to be generated by CMAC. Thus, in the second example of the key generation function, the common key is “CMAC of data B” generated using the key A. In CMAC (Master_Secret; client ID, Key_ID (Nk)), the master key Master_Secret is a key used for generating the CMAC, and the concatenated data between the client ID and the key type information Key_ID (Nk) is data to be generated by the CMAC. It is. Thus, in the second example of the key generation function, the common key is “CMAC of concatenated data of client ID and key type information Key_ID (Nk)” generated using the master key Master_Secret.

  In the example 2 of the key generation function, the CMAC differs if the value of the key type information Key_ID (Nk) is different. Therefore, in the key generation function example 2 as well, as in the key generation function example 1, by changing the value of the key type information Key_ID (Nk), a different common key can be obtained from the same master key Master_Secret and client ID. Can be generated.

[Example 1 of remote device control method]
Next, Example 1 of the remote device control method according to the present embodiment will be described with reference to FIGS. Example 1 of the remote device control method according to the present embodiment includes an initial setting phase and an operation phase. The initial setting phase is a preliminary preparation stage. The operation phase is a stage where the client device 50 accesses the IoT device 70.

(Initial setting phase)
With reference to FIG. 6, the initial setting phase of Example 1 of the remote device control method according to the present embodiment will be described. FIG. 6 is a sequence chart showing an initial setting phase of Example 1 of the remote device control method according to the present embodiment. In FIG. 6, the server device 30 stores the master key Master_Secret in the storage unit 32 in advance. The communication unit 31 of the server device 30 and the communication unit 51 of the client device 50 establish an encryption communication path between the server device 30 and the client device 50 in advance. As an example of the encryption communication path, https (hypertext transfer protocol secure) communication may be performed.

  In the following description, the server device 30 and the client device 50 transmit and receive data through an encrypted communication path between the server device 30 and the client device 50.

In the initial setting phase, the client device 50 logs in to the server device 30.
(Step S11) The remote device control unit 57 of the client device 50 outputs a remote device control initial setting request signal to the authentication processing unit 55 and the key receiving unit 54. The authentication processing unit 55 of the client device 50 responds to the remote device control initial setting request signal from the remote device control unit 57, and the client ID of the client device 50 and the user identification information ID for logging in to the server device 30. A login request message including the password PWD is transmitted to the server device 30. The user identification information ID and the password PWD may be preset in the client device 50 or may be input from the user.

  The authentication processing unit 35 of the server device 30 performs authentication for the login request message received from the client device 50. A set of the user identification information ID and the password PWD is registered in the server device 30 in advance. The authentication processing unit 35 holds a set of user identification information ID and password PWD registered in the server device 30. The authentication processing unit 35 compares the set of user identification information ID and password PWD included in the login request message with the set of user identification information ID and password PWD registered in the server device 30. As a result of this comparison, if the two match, the authentication for the login request message is passed, and if the two do not match, the authentication for the login request message fails. Authentication for a login request message refers to authentication for a set of user identification information ID and password PWD included in the login request message. If the authentication for the login request message is successful, the process proceeds to step S12.

  On the other hand, if the authentication for the login request message is unacceptable, the processing in FIG. If the authentication for the login request message fails, the login from the client device 50 to the server device 30 has failed. If the authentication for the login request message fails, the server device 30 may execute a predetermined error process.

(Step S <b> 12) The key generation unit 33 of the server device 30 is included in the master key Master_Secret in the storage unit 32, key type information Key_ID (gen1), Key_ID (gen2), and the login request message received from the client device 50. Using the client ID, a first encryption key K_gen1 and a second encryption key K_gen2 are generated. The example of the key generation method mentioned above is applied to this key generation method. The key generation function is set in the key generation unit 33 in advance. The key type information Key_ID (gen1) and Key_ID (gen2) are set in the key generation unit 33 in advance.

As an example of the key generation function, the key generation unit 33 uses the key generation function example 1 “Common Key = Digest (Master_Secret, Client ID, Key_ID (Nk))”,
First encryption key K_gen1 = Digest (Master_Secret, Client ID, Key_ID (gen1)),
Second encryption key K_gen2 = Digest (Master_Secret, Client ID, Key_ID (gen2)),
Thus, the first encryption key K_gen1 and the second encryption key K_gen2 are generated. Here, the digest value is, for example, a value calculated by a hash function.

(Step S13) The key transmitter 34 of the server device 30 transmits the first encryption key K_gen1 and the second encryption key K_gen2 to the client device 50. The key receiving unit 54 of the client device 50 receives the first encryption key K_gen1 and the second encryption key K_gen2 from the server device 30.

(Step S14) The key reception unit 54 of the client device 50 stores the first encryption key K_gen1 and the second encryption key K_gen2 received from the server device 30 in the storage unit 52. The key receiving unit 54 of the client device 50 outputs a remote device control initial setting request completion signal to the remote device control unit 57. In the client device 50, the first encryption key K_gen1 and the second encryption key K_gen2 are stored in the storage unit 52.

  The above is the description of the initial setting phase of Example 1 of the remote device control method according to the present embodiment.

(Operation phase)
The operation phase of Example 1 of the remote device control method according to the present embodiment will be described with reference to FIG. FIG. 7 is a sequence chart showing an operation phase of Example 1 of the remote device control method according to the present embodiment. In FIG. 7, the server device 30 stores the master key Master_Secret and the common key K_s in the storage unit 32 in advance. The IoT device 70 stores the common key K_s in the storage unit 702 in advance. The common key K_s stored in the storage unit 32 by the server device 30 and the common key K_s stored in the storage unit 702 by the IoT device 70 are the same. The common key K_s is shared between the server device 30 and the IoT device 70 in advance. The client device 50 stores the first encryption key K_gen1 and the second encryption key K_gen2 in the storage unit 52 in the initial setting phase described above.

  The communication unit 31 of the server device 30 and the communication unit 701 of the IoT device 70 establish an encryption communication path between the server device 30 and the IoT device 70 in advance. The communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70 establish an encryption communication path between the client device 50 and the IoT device 70 in advance. As an example of the encryption communication path, https communication may be performed.

  In the following description, the server device 30 and the IoT device 70 transmit and receive data through an encrypted communication path between the server device 30 and the IoT device 70. The client device 50 and the IoT device 70 transmit and receive data via an encrypted communication path between the client device 50 and the IoT device 70.

In the operation phase, the client device 50 accesses the IoT device 70.
(Step S <b> 21) The remote device control unit 57 of the client device 50 outputs a remote device control request signal to the authentication processing unit 55 and the key receiving unit 54. The authentication processing unit 55 of the client device 50 transmits a connection request message to the IoT device 70 in response to the remote device control request signal from the remote device control unit 57.

(Step S <b> 22) The control unit 703 of the IoT device 70 transmits a challenge (random number a) to the client device 50 in response to the connection request message received from the client device 50. The control unit 703 generates a random number a and uses the random number a for the challenge. The control unit 703 holds a challenge (random number a).

(Step S23) The authentication processing unit 55 of the client device 50 uses the first encryption key K_gen1 in the storage unit 52 and the challenge (random number a) received from the IoT device 70 to obtain a response K_gen1 (random number a). Generate. This response generation method is set in the authentication processing unit 55 in advance. The response K_gen1 (random number a) is encrypted data obtained by encrypting the random number a with the first encryption key K_gen1 as an example according to the present embodiment.

  Note that the response K_gen1 (random number a) may be CMAC (K_gen1; random number a), that is, “CMAC of random number a” generated using the first encryption key K_gen1, as an example according to the present embodiment. Good.

(Step S24) The authentication processing unit 55 of the client device 50 transmits the client ID of the client device 50 and the response K_gen1 (random number a) to the IoT device 70.

(Step S25) Upon receiving the client ID and the response K_gen1 (random number a) from the client device 50, the control unit 703 of the IoT device 70 receives the received client ID and response K_gen1 (random number a), and the challenge (random number a). Are transmitted to the server device 30. The challenge (random number a) is a value held by the control unit 703 in step S22 described above.

(Step S26) The key generation unit 33 of the server device 30 uses the master key Master_Secret in the storage unit 32, the key type information Key_ID (gen1), Key_ID (gen2), and the client ID received from the IoT device 70. Thus, the first encryption key K_gen1 and the second encryption key K_gen2 are generated. This key generation method is the same as step S12 described above.

(Step S27) The authentication processing unit 35 of the server device 30 verifies the response K_gen1 (random number a) received from the IoT device 70. As this response verification method, a method corresponding to the response generation method in the authentication processing unit 55 of the client device 50 is set in the authentication processing unit 35 in advance. In verifying the response K_gen1 (random number a), the authentication processing unit 35 uses the challenge (random number a) received from the IoT device 70 and the first encryption key K_gen1 generated by the key generation unit 33.

  For example, when the response K_gen1 (random number a) is encrypted data of the random number a using the first encryption key K_gen1, the authentication processing unit 35 encrypts the challenge (random number a) using the first encryption key K_gen1, The encrypted data generated by the encryption is compared with the response K_gen1 (random number a). As a result of the comparison, if the two match, the verification of the response K_gen1 (random number a) is passed, and if the two do not match, the verification of the response K_gen1 (random number a) fails.

  As another verification method in the case where the response K_gen1 (random number a) is encrypted data of the random number a using the first encryption key K_gen1, the authentication processing unit 35 uses the first encryption key K_gen1 and uses the response K_gen1 ( The random number a) may be decrypted, and the decryption result may be compared with the challenge (random number a) received from the IoT device 70. As a result of the comparison, if the two match, the verification of the response K_gen1 (random number a) is passed, and if the two do not match, the verification of the response K_gen1 (random number a) fails.

  For example, when the response K_gen1 (random number a) is CMAC (K_gen1; random number a), the authentication processing unit 35 generates the CMAC of the challenge (random number a) using the first encryption key K_gen1, and generates the generated CMAC. And response K_gen1 (random number a). As a result of the comparison, if the two match, the verification of the response K_gen1 (random number a) is passed, and if the two do not match, the verification of the response K_gen1 (random number a) fails.

  If the verification of the response K_gen1 (random number a) is successful, the process proceeds to step S28. On the other hand, if the verification of the response K_gen1 (random number a) fails, the process of FIG. When the verification of the response K_gen1 (random number a) fails, the server device 30 may execute a predetermined error process.

(Step S28) The key generation unit 33 of the server device 30 generates a communication key K_com. For example, the key generation unit 33 may generate a random number and generate the communication key K_com based on the random number. In the present embodiment, the communication key K_com corresponds to the third key.

(Step S29) The key transmission unit 34 of the server device 30 encrypts the communication key K_com generated by the key generation unit 33 using the second encryption key K_gen2 generated by the key generation unit 33. By this encryption, the first encrypted communication key K_gen2 (K_com) is generated. The key transmission unit 34 encrypts the communication key K_com generated by the key generation unit 33 using the common key K_s in the storage unit 32. By this encryption, a second encrypted communication key K_s (K_com) is generated. The key transmission unit 34 transmits the first encrypted communication key K_gen2 (K_com) and the second encrypted communication key K_s (K_com) to the IoT device 70.

(Step S30) The key receiving unit 704 of the IoT device 70 decrypts the second encrypted communication key K_s (K_com) received from the server device 30 with the common key K_s in the storage unit 702. As a result of this decryption, the communication key K_com is acquired. The key receiving unit 704 stores the communication key K_com in the storage unit 702. In the IoT device 70, the communication key K_com is stored in the storage unit 702.

(Step S31) The control unit 703 of the IoT device 70 transmits the first encrypted communication key K_gen2 (K_com) received from the server device 30 to the client device 50.

(Step S32) The key receiving unit 54 of the client device 50 decrypts the first encrypted communication key K_gen2 (K_com) received from the IoT device 70 using the second encryption key K_gen2 in the storage unit 52. As a result of this decryption, the communication key K_com is acquired. The key receiving unit 54 stores the communication key K_com in the storage unit 52. The key receiving unit 54 of the client device 50 outputs a remote device control request completion signal to the remote device control unit 57. In the client device 50, the communication key K_com is stored in the storage unit 52.

(Step S33) The communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70 perform encrypted communication using the communication key K_com. In this encrypted communication, encrypted data K_com (data) obtained by encrypting data using the communication key K_com is transmitted and received between the communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70. . As a result, an encrypted communication path using the communication key K_com is established between the communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70.

  The remote device control unit 57 of the client device 50 remotely controls the IoT device 70 via the encrypted communication path by the communication unit 51. The remote device control unit 57 outputs a remote control signal for controlling the device unit 74 of the IoT device 70 to the communication unit 51. The communication unit 51 encrypts the remote control signal using the communication key K_com, and transmits the encrypted data K_com (remote control signal) to the IoT device 70. The communication unit 701 of the IoT device 70 decrypts the encrypted data K_com (remote control signal) received from the client device 50 using the communication key K_com. As a result of this decoding, a remote control signal is acquired. The control unit 703 of the IoT device 70 controls the device unit 74 in accordance with the remote control signal. The device unit 74 performs an operation based on the remote control signal.

  The control unit 703 of the IoT device 70 outputs information on the device unit 74 (device provision information) provided to the client device 50 to the communication unit 701. The communication unit 701 encrypts the device provision information using the communication key K_com, and transmits the encrypted data K_com (device provision information) to the client device 50. The communication unit 51 of the client device 50 decrypts the encrypted data K_com (device provision information) received from the IoT device 70 using the communication key K_com. Device provision information is acquired as a result of this decryption. The remote device control unit 57 of the client device 50 executes a predetermined process for the device provision information.

  The above is the description of the operation phase of the remote device control method example 1.

  According to the first embodiment described above, the server device 30 uses the first encryption key K_gen1 based on the master key Master_Secret when accessing the IoT device 70 by communication from the client device 50 such as a smartphone. The client device 50 is authenticated. Thereby, the authentication reliability of the client device 50 is improved. Further, the communication key K_com is transmitted from the server device 30 to the client device 50 by encrypted communication using the second encryption key K_gen2 based on the master key Master_Secret. Further, the communication key K_com is transmitted from the server device 30 to the IoT device 70 by encrypted communication using the common key K_s. This improves the security of encryption communication between the client device 50 and the IoT device 70 in which the communication key K_com is used. Furthermore, an effect of improving the safety when the client device 50 remotely controls the IoT device 70 by communication is obtained.

  As described above, according to the first embodiment, it is possible to improve the safety when the client device 50 such as a smartphone can remotely control the IoT device 70 by communication.

[Second Embodiment]
FIG. 8 is a schematic configuration diagram of a remote device control system 1a according to the present embodiment. In FIG. 8, portions corresponding to the respective portions in FIG. The client device 50 can apply the configuration of FIG. The configuration of FIGS. 4 and 5 can be applied to the IoT device 70. Hereinafter, the remote device control system 1a of FIG. 8 according to the second embodiment will be described mainly with respect to differences from the remote device control system 1 of FIG. 1 according to the first embodiment.

  A remote device control system 1 a shown in FIG. 8 includes a communication gateway device 14. The communication gateway device 14 is a communication device having a communication monitoring function. The communication gateway device 14 is provided, for example, in a home network system to which an IoT device 70 such as an air conditioner is connected, and monitors communication between the inside and outside of the home network system. Alternatively, the communication gateway device 14 is provided in, for example, a monitoring camera network system to which the IoT devices 70 of a plurality of monitoring cameras are connected, and monitors communication between the inside and the outside of the monitoring camera network system.

  The client device 50 communicates with the communication gateway device 14 via the communication path 108. The communication path 108 is a communication path including a wireless communication path of a wireless communication network used by the communication gateway device 14. The communication path 108 may be composed of a wireless communication path and a wired communication path. The IoT device 70 communicates with the communication gateway device 14 via the communication path 110. The communication path 110 may be a wireless communication path, a wired communication path, or may be configured by a wireless communication path and a wired communication path. The client device 50 communicates with the IoT device 70 via the communication path 106 as in the first embodiment.

  FIG. 9 is a block diagram illustrating a hardware configuration example of the communication gateway device 14 according to the present embodiment. In FIG. 9, the communication gateway device 14 includes a CPU 141, a storage unit 142, a communication interface 143, and a communication module 144. These units are configured to exchange data. The communication module 144 includes a SIM (Subscriber Identity Module) 80.

  The CPU 141 controls the communication gateway device 14. This control function is realized by the CPU 141 executing a computer program. The storage unit 142 stores a computer program executed by the CPU 141 and various data. The storage unit 142 stores a computer program for realizing various functions of the communication gateway device 14. Various functions of the communication gateway apparatus 14 are realized by the CPU 141 executing the computer program.

  The communication interface 143 transmits / receives data to / from an external device of the self-communication gateway device 14. The communication interface 143 includes an interface that transmits / receives data to / from the client device 50 via the communication path 108, and an interface that transmits / receives data to / from the IoT device 70 via the communication path 110.

  The communication module 144 performs wireless communication using a wireless communication network. The communication module 144 includes a SIM 80. The SIM 80 is a SIM in which information for using the wireless communication network is written. The communication module 144 can connect to the wireless communication network and perform wireless communication by using the SIM 80. As the SIM 80, an eSIM (Embedded Subscriber Identity Module) may be used. SIM and eSIM are examples of secure elements (SE). SIM and eSIM have tamper resistant properties.

  FIG. 10 is a diagram illustrating a functional configuration example of the SIM 80 according to the present embodiment. In FIG. 10, the SIM 80 includes a communication unit 81, a storage unit 82, a key generation unit 83, a key transmission unit 84, and an authentication processing unit 85. The function of the SIM 80 is realized by a CPU provided in the SIM 80 executing a computer program.

  The communication unit 81 communicates with the client device 50 via the communication path 108. The storage unit 82 stores data. The key generation unit 83 generates a key. The key transmitter 84 transmits a key. The authentication processing unit 85 performs authentication processing with the client device 50.

  In the present embodiment, the SIM 80 is an example of a first arithmetic processing device. The storage unit 82 of the SIM 80 corresponds to the first storage unit. The authentication processing unit 85 of the SIM 80 corresponds to the first authentication processing unit. The key transmission unit 84 of the SIM 80 corresponds to the first key transmission unit.

  In the present embodiment, the IoT device 70 is an example of a second device. The storage unit 702 of the IoT device 70 corresponds to the second storage unit. The communication unit 701 of the IoT device 70 corresponds to the second communication unit.

  In the present embodiment, the storage unit 52 of the client device 50 corresponds to the client storage unit. The authentication processing unit 55 of the client device 50 corresponds to the client authentication processing unit. The key receiving unit 54 of the client device 50 corresponds to the client key receiving unit. The communication unit 51 of the client device 50 corresponds to the client communication unit.

[Example 2 of remote device control method]
Next, a second example of the remote device control method according to the present embodiment will be described with reference to FIGS. Similar to Example 1 of the remote device control method of the first embodiment described above, Example 2 of the remote device control method according to the present embodiment includes an initial setting phase and an operation phase. The initial setting phase is a preliminary preparation stage. The operation phase is a stage where the client device 50 accesses the IoT device 70.

(Initial setting phase)
With reference to FIG. 11, the initial setting phase of Example 2 of the remote device control method according to the present embodiment will be described. FIG. 11 is a sequence chart showing an initial setting phase of the second example of the remote device control method according to the present embodiment. In FIG. 11, the SIM 80 stores a private CA public key certificate and a private CA private key in the storage unit 82 in advance. The private CA public key certificate is a public key certificate of a public key corresponding to a private CA private key. The client device 50 stores the own private key (client private key) K_c_sec and the public key (client public key) K_c_pub corresponding to the client private key K_c_sec in the storage unit 52 in advance.

  The communication unit 81 of the SIM 80 and the communication unit 51 of the client device 50 establish an encryption communication path between the SIM 80 and the client device 50 in advance. As an example of the encryption communication path, https communication may be performed.

  In the following description, the SIM 80 and the client device 50 transmit and receive data via an encrypted communication path between the SIM 80 and the client device 50.

In the initial setting phase, the client device 50 logs in to the SIM 80.
(Step S51) The remote device control unit 57 of the client device 50 outputs a remote device control initial setting request signal to the authentication processing unit 55 and the storage unit 52. The authentication processing unit 55 of the client device 50 responds to the remote device control initial setting request signal from the remote device control unit 57, and the client public key K_c_pub of the client device 50 and the user identification information ID for logging in to the SIM 80. A login request message including the password PWD is transmitted to the SIM 80. The user identification information ID and the password PWD may be preset in the client device 50 or may be input from the user.

  The authentication processing unit 85 of the SIM 80 authenticates the login request message received from the client device 50. A set of the user identification information ID and the password PWD is registered in the SIM 80 in advance. The authentication processing unit 85 holds a set of user identification information ID and password PWD registered in the SIM 80. The authentication processing unit 85 compares the set of user identification information ID and password PWD included in the login request message with the set of user identification information ID and password PWD registered in the SIM 80. As a result of this comparison, if the two match, the authentication for the login request message is passed, and if the two do not match, the authentication for the login request message fails. Authentication for a login request message refers to authentication for a set of user identification information ID and password PWD included in the login request message. If the authentication for the login request message is successful, the process proceeds to step S52.

  On the other hand, if the authentication for the login request message is unacceptable, the processing in FIG. If the authentication for the login request message fails, the login from the client device 50 to the SIM 80 is unsuccessful. If the authentication for the login request message fails, the SIM 80 may perform predetermined error processing.

(Step S52) The authentication processing unit 85 of the SIM 80 obtains the public key certificate (client public key certificate) K_c_pub_cer of the client public key K_c_pub included in the login request message received from the client device 50 from the private CA in the storage unit 82. Generate using a private key.

(Step S53) The authentication processing unit 85 of the SIM 80 transmits the client public key certificate K_c_pub_cer to the client device 50.

(Step S54) The storage unit 52 of the client device 50 stores the client public key certificate K_c_pub_cer received from the SIM 80. The storage unit 52 of the client device 50 outputs a remote device control initial setting request completion signal to the remote device control unit 57. In the client device 50, the client private key K_c_sec and the client public key certificate K_c_pub_cer are stored in the storage unit 52.

  The above is the description of the initial setting phase of the second example of the remote device control method according to the present embodiment.

(Operation phase)
The operation phase of Example 2 of the remote device control method according to this embodiment will be described with reference to FIG. FIG. 12 is a sequence chart showing an operation phase of Example 2 of the remote device control method according to the present embodiment. In FIG. 12, the SIM 80 stores a private CA public key certificate, a private CA private key, and a common key K_s in the storage unit 82 in advance. The IoT device 70 stores the common key K_s in the storage unit 702 in advance. The common key K_s stored in the storage unit 82 by the SIM 80 and the common key K_s stored in the storage unit 702 by the IoT device 70 are the same. The common key K_s is shared between the SIM 80 and the IoT device 70 in advance. The client device 50 stores the client secret key K_c_sec and the client public key certificate K_c_pub_cer in the storage unit 52 in the initial setting phase described above.

  The communication unit 81 of the SIM 80 and the communication unit 701 of the IoT device 70 establish an encryption communication path between the SIM 80 and the IoT device 70 in advance. The communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70 establish an encryption communication path between the client device 50 and the IoT device 70 in advance. As an example of the encryption communication path, https communication may be performed.

  In the following description, the SIM 80 and the IoT device 70 transmit and receive data through an encrypted communication path between the SIM 80 and the IoT device 70. The client device 50 and the IoT device 70 transmit and receive data via an encrypted communication path between the client device 50 and the IoT device 70.

In the operation phase, the client device 50 accesses the IoT device 70.
(Step S61) The remote device control unit 57 of the client device 50 outputs a remote device control request signal to the authentication processing unit 55 and the key receiving unit 54. The authentication processing unit 55 of the client device 50 transmits a connection request message to the IoT device 70 in response to the remote device control request signal from the remote device control unit 57.

(Step S <b> 62) The control unit 703 of the IoT device 70 transmits a challenge (random number a) to the client device 50 in response to the connection request message received from the client device 50. The control unit 703 generates a random number a and uses the random number a for the challenge. The control unit 703 holds a challenge (random number a).

(Step S63) The authentication processing unit 55 of the client device 50 generates a response K_c_sec (random number a) using the client secret key K_c_sec in the storage unit 52 and the challenge (random number a) received from the IoT device 70. To do. This response generation method is set in the authentication processing unit 55 in advance. The response K_c_sec (random number a) is encrypted data obtained by encrypting the random number a with the client secret key K_c_sec as an example according to the present embodiment.

(Step S64) The authentication processing unit 55 of the client device 50 transmits the client public key certificate K_c_pub_cer and the response K_c_sec (random number a) to the IoT device 70.

(Step S65) Upon receiving the client public key certificate K_c_pub_cer and the response K_c_sec (random number a) from the client device 50, the control unit 703 of the IoT device 70 receives the received client public key certificate K_c_pub_cer and response K_c_sec (random number a). ) And a challenge (random number a) are transmitted to the SIM 80. The challenge (random number a) is a value held by the control unit 703 in step S62 described above.

(Step S66) The authentication processing unit 85 of the SIM 80 verifies the validity of the client public key certificate K_c_pub_cer received from the IoT device 70 using the private CA public key certificate in the storage unit 82. When the verification of the validity of the client public key certificate K_c_pub_cer is passed, the process proceeds to step S67. On the other hand, when the verification of the validity of the client public key certificate K_c_pub_cer is unsuccessful, the processing in FIG. If the verification of the validity of the client public key certificate K_c_pub_cer is unsuccessful, the SIM 80 may execute a predetermined error process.

(Step S67) The authentication processing unit 85 of the SIM 80 verifies the response K_c_sec (random number a) received from the IoT device 70. As this response verification method, a method corresponding to the response generation method in the authentication processing unit 55 of the client device 50 is set in the authentication processing unit 85 in advance. In verification of the response K_c_sec (random number a), the authentication processing unit 85 uses the challenge (random number a) received from the IoT device 70 and the client public key certificate K_c_pub_cer that has passed the verification of validity.

  The authentication processing unit 85 decrypts the response K_c_sec (random number a) using the client public key K_c_pub of the client public key certificate K_c_pub_cer, and compares this decryption result with the challenge (random number a). As a result of the comparison, if the two match, the response K_c_sec (random number a) is verified, and if the two do not match, the response K_c_sec (random number a) is not verified.

  If the response K_c_sec (random number a) is verified, the process proceeds to step S68. On the other hand, when the verification of the response K_c_sec (random number a) fails, the process of FIG. If the verification of the response K_c_sec (random number a) fails, the SIM 80 may execute a predetermined error process.

(Step S68) The key generation unit 83 of the SIM 80 generates a communication key K_com. For example, the key generation unit 83 may generate a random number and generate the communication key K_com based on the random number. In the present embodiment, the communication key K_com corresponds to the third key.

(Step S69) The key transmission unit 84 of the SIM 80 encrypts the communication key K_com generated by the key generation unit 83 using the client public key K_c_pub of the client public key certificate K_c_pub_cer that has passed the verification of validity. By this encryption, a first encrypted communication key K_c_pub (K_com) is generated. The key transmission unit 84 encrypts the communication key K_com generated by the key generation unit 83 using the common key K_s in the storage unit 82. By this encryption, a second encrypted communication key K_s (K_com) is generated. The key transmission unit 84 transmits the first encrypted communication key K_c_pub (K_com) and the second encrypted communication key K_s (K_com) to the IoT device 70.

(Step S70) The key receiving unit 704 of the IoT device 70 decrypts the second encrypted communication key K_s (K_com) received from the SIM 80 with the common key K_s in the storage unit 702. As a result of this decryption, the communication key K_com is acquired. The key receiving unit 704 stores the communication key K_com in the storage unit 702. In the IoT device 70, the communication key K_com is stored in the storage unit 702.

(Step S71) The control unit 703 of the IoT device 70 transmits the first encrypted communication key K_c_pub (K_com) received from the SIM 80 to the client device 50.

(Step S72) The key receiving unit 54 of the client device 50 decrypts the first encrypted communication key K_c_pub (K_com) received from the IoT device 70 with the client secret key K_c_sec in the storage unit 52. As a result of this decryption, the communication key K_com is acquired. The key receiving unit 54 stores the communication key K_com in the storage unit 52. The key receiving unit 54 of the client device 50 outputs a remote device control request completion signal to the remote device control unit 57. In the client device 50, the communication key K_com is stored in the storage unit 52.

(Step S73) The communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70 perform encrypted communication using the communication key K_com. In this encrypted communication, encrypted data K_com (data) obtained by encrypting data using the communication key K_com is transmitted and received between the communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70. . As a result, an encrypted communication path using the communication key K_com is established between the communication unit 51 of the client device 50 and the communication unit 701 of the IoT device 70.

  The remote device control unit 57 of the client device 50 remotely controls the IoT device 70 via the encrypted communication path by the communication unit 51. The remote device control unit 57 outputs a remote control signal for controlling the device unit 74 of the IoT device 70 to the communication unit 51. The communication unit 51 encrypts the remote control signal using the communication key K_com, and transmits the encrypted data K_com (remote control signal) to the IoT device 70. The communication unit 701 of the IoT device 70 decrypts the encrypted data K_com (remote control signal) received from the client device 50 using the communication key K_com. As a result of this decoding, a remote control signal is acquired. The control unit 703 of the IoT device 70 controls the device unit 74 in accordance with the remote control signal. The device unit 74 performs an operation based on the remote control signal.

  The control unit 703 of the IoT device 70 outputs information on the device unit 74 (device provision information) provided to the client device 50 to the communication unit 701. The communication unit 701 encrypts the device provision information using the communication key K_com, and transmits the encrypted data K_com (device provision information) to the client device 50. The communication unit 51 of the client device 50 decrypts the encrypted data K_com (device provision information) received from the IoT device 70 using the communication key K_com. Device provision information is acquired as a result of this decryption. The remote device control unit 57 of the client device 50 executes a predetermined process for the device provision information.

  The above is the description of the operation phase of the remote device control method example 2.

  According to the second embodiment described above, the SIM 80 uses the client public key certificate K_c_pub_cer based on the private CA private key when accessing the IoT device 70 by communication from the client device 50 such as a smartphone. The client device 50 is authenticated. Thereby, the authentication reliability of the client device 50 is improved. The communication key K_com is transmitted from the SIM 80 to the client device 50 by encrypted communication using the client public key certificate K_c_pub_cer of the client public key certificate K_c_pub_cer based on the private CA private key. Further, the communication key K_com is transmitted from the SIM 80 to the IoT device 70 by encrypted communication using the common key K_s. This improves the security of encryption communication between the client device 50 and the IoT device 70 in which the communication key K_com is used. Furthermore, an effect of improving the safety when the client device 50 remotely controls the IoT device 70 by communication is obtained.

  As described above, according to the second embodiment, it is possible to improve safety when the client device 50 such as a smartphone can remotely control the IoT device 70 by communication.

  Next, an example of the remote device control system 1a according to the second embodiment will be described with reference to FIG. 13, FIG. 14, and FIG.

[Example 1 of remote device control system]
The first embodiment of the remote device control system is an embodiment applied to a home network system. FIG. 13 is a schematic configuration diagram of a remote device control system 1a-a according to the second embodiment. In FIG. 13, the remote device control system 1a-a includes a home network system 1000 and a smartphone (client device) 50a.

  The home network system 1000 includes a plurality of home appliances (IoT devices) 70-a (70-a1, 70-a2, 70-a3,...) And a communication gateway device 14a. Examples of home appliances include air conditioners, video recorders, and bath water heaters. The home appliance 70-a (70-a1, 70-a2, 70-a3,...) Has the same configuration as that of the IoT device 70 shown in FIGS. However, the device unit 74 illustrated in FIG. 4 is a device unique to each home appliance. For example, the device unit 74 of the air conditioner 70-a1 is a device related to air conditioning. For example, the device unit 74 of the video recorder 70-a2 is a device related to video recording and playback. For example, the device part 74 of the bath water heater 70-a3 is a device related to hot water heating.

  Household appliances 70-a (70-a1, 70-a2, 70-a3,...) And the communication gateway device 14a transmit and receive data via the communication path 110a. The communication path 110a may be a wireless communication path, a wired communication path, or may be configured by a wireless communication path and a wired communication path. The communication path 110a may be a home LAN, for example. The home LAN may be a wireless LAN, a wired LAN, or a wireless LAN and a wired LAN.

  A configuration similar to that of the communication gateway device 14 of FIG. 9 is applied to the communication gateway device 14a. The communication module 144 of the communication gateway device 14a includes a SIM 80a. The same configuration as the SIM 80 of FIG. 10 is applied to the SIM 80a. The communication gateway device 14a connects to the Internet 1010 via the communication path 108a1. The communication path 108a1 is a communication path including a wireless communication path of a wireless communication network to which the communication module 144 of the communication gateway apparatus 14a connects using the SIM 80a.

  A configuration similar to that of the client device 50 of FIG. 3 is applied to the smartphone 50a. The smartphone 50a connects to the Internet 1010 through the communication path 108a2. The communication path 108a2 is a communication path including a wireless communication path of a wireless communication network used by the smartphone 50a. The smartphone 50a accesses the communication gateway device 14a via the Internet 1010.

  The communication gateway device 14a monitors communication between the inside and outside of the home network system 1000. The communication gateway device 14a determines whether to permit access from the smartphone 50a. If the communication gateway device 14a determines that access from the smartphone 50a is permitted, the communication gateway device 14a is connected between the smartphone 50a and each home appliance 70-a (70-a1, 70-a2, 70-a3,...). Relay of communication.

  The smartphone 50a communicates with each home appliance 70-a (70-a1, 70-a2, 70-a3,...) Via the communication gateway device 14a. The remote device control unit 57 of the smartphone 50a has a home appliance remote control function of remotely controlling each home appliance 70-a (70-a1, 70-a2, 70-a3,...) By communication. The remote device control unit 57 of the smartphone 50a may have a remote operation function of performing remote operation of each home appliance 70-a (70-a1, 70-a2, 70-a3,...) Through communication. In addition, the remote device control unit 57 of the smartphone 50a acquires an operation state information indicating an operation state of each home appliance 70-a (70-a1, 70-a2, 70-a3,...) Through communication. It may have an information acquisition function. Further, the remote device control unit 57 of the smartphone 50a displays the operation state information acquired from each home appliance 70-a (70-a1, 70-a2, 70-a3,...) On the display screen of the display device. It may have an operation state information display control function. Further, the remote device control unit 57 of the smartphone 50a stores information such as operation state information acquired from each home appliance 70-a (70-a1, 70-a2, 70-a3,...) In the storage device. An information recording function may be provided.

  The remote device control method example 2 shown in FIGS. 11 and 12 is applied to the remote device control system 1a-a. However, the smartphone 50a corresponds to the client device 50, the SIM 80a of the communication gateway device 14a corresponds to the SIM 80, and each home appliance 70-a (70-a1, 70-a2, 70-a3,...) Is an IoT device. 70.

  According to the remote device control system 1a-a shown in FIG. 13, each home appliance 70-a (70-a1, 70-a2, 70-a3,...) In the home network system 1000 is communicated from the smartphone 50a. The safety at the time of access can be improved. Furthermore, the effect of improving safety when the smartphone 50a remotely controls each home appliance 70-a (70-a1, 70-a2, 70-a3,...) In the home network system 1000 by communication. Is obtained.

[Embodiment 2 of remote device control system]
The second embodiment of the remote device control system is an embodiment applied to a surveillance camera network system. FIG. 14 is a schematic configuration diagram of a remote device control system 1a-b according to the second embodiment. In FIG. 14, a remote device control system 1a-b includes a surveillance camera network system 1100 and a surveillance terminal (client device) 50b.

  The surveillance camera network system 1100 includes a plurality of imaging devices (IoT devices) 70-b (70-b1, 70-b2, 70-b3,...) And a communication gateway device 14b. A configuration similar to that of the IoT device 70 of FIGS. 4 and 5 is applied to the imaging device 70-b (70-b1, 70-b2, 70-b3,...). However, the device unit 74 illustrated in FIG. 4 is a device related to imaging unique to the imaging apparatus.

  The imaging device 70-b (70-b1, 70-b2, 70-b3,...) And the communication gateway device 14b transmit and receive data via the communication path 110b. The communication path 110b may be a wireless communication path, a wired communication path, or a wireless communication path and a wired communication path. The communication path 110b may be, for example, a LAN in a building where the surveillance camera network system 1100 is provided. The LAN in the building may be a wireless LAN, a wired LAN, or a wireless LAN and a wired LAN.

  The same configuration as that of the communication gateway device 14 of FIG. 9 is applied to the communication gateway device 14b. The communication module 144 of the communication gateway device 14b includes a SIM 80b. The same configuration as the SIM 80 of FIG. 10 is applied to the SIM 80b. The communication gateway device 14b is connected to the Internet 1010 via the communication path 108b1. The communication path 108b1 is a communication path including a wireless communication path of a wireless communication network to which the communication module 144 of the communication gateway apparatus 14b is connected using the SIM 80b.

  A configuration similar to that of the client device 50 of FIG. 3 is applied to the monitoring terminal 50b. The monitoring terminal 50b is connected to the Internet 1010 via the communication path 108b2. The communication path 108b2 may be a wireless communication path, a wired communication path, or a wireless communication path and a wired communication path. The monitoring terminal 50b accesses the communication gateway device 14b via the Internet 1010.

  The communication gateway device 14b monitors communication between the inside and outside of the monitoring camera network system 1100. The communication gateway device 14b determines whether to permit access from the monitoring terminal 50b. If the communication gateway device 14b determines that access from the monitoring terminal 50b is permitted, the monitoring terminal 50b and each imaging device 70-b (70-b1, 70-b2, 70-b3,...) Relay communication between the two.

  The monitoring terminal 50b communicates with each imaging device 70-b (70-b1, 70-b2, 70-b3,...) Via the communication gateway device 14b. The remote device control unit 57 of the monitoring terminal 50b has an imaging device remote control function for remotely controlling each imaging device 70-b (70-b1, 70-b2, 70-b3,...) By communication. The remote device control unit 57 of the monitoring terminal 50b may have a remote operation function of performing remote operation of each imaging device 70-b (70-b1, 70-b2, 70-b3,...) Through communication. . Further, the remote device control unit 57 of the monitoring terminal 50b has an imaging data acquisition function for acquiring imaging data captured by each imaging device 70-b (70-b1, 70-b2, 70-b3,...) Through communication. You may have. Further, the remote device control unit 57 of the monitoring terminal 50b displays the imaging data acquired from each imaging device 70-b (70-b1, 70-b2, 70-b3,...) On the display screen of the display device. An imaging data display control function may be provided. In addition, the remote device control unit 57 of the monitoring terminal 50b acquires operation state information indicating the operation state of each imaging device 70-b (70-b1, 70-b2, 70-b3,...) Through communication. You may have a status information acquisition function. Further, the remote device control unit 57 of the monitoring terminal 50b displays the operation state information acquired from each imaging device 70-b (70-b1, 70-b2, 70-b3,...) On the display screen of the display device. It may have an operation state information display control function. Further, the remote device control unit 57 of the monitoring terminal 50b stores information such as imaging data and operation state information acquired from each imaging device 70-b (70-b1, 70-b2, 70-b3,...). You may have the information recording function stored in an apparatus.

  Example 2 of the remote device control method of FIGS. 11 and 12 is applied to the remote device control system 1a-b. However, the monitoring terminal 50b corresponds to the client device 50, the SIM 80b of the communication gateway device 14b corresponds to the SIM 80, and each imaging device 70-b (70-b1, 70-b2, 70-b3,...) Is IoT. This corresponds to the device 70.

  According to the remote device control system 1a-b shown in FIG. 14, each imaging device 70-b (70-b1, 70-b2, 70-b3,...) In the surveillance camera network system 1100 is communicated from the monitoring terminal 50b. ) To improve safety when accessing. Furthermore, the safety when the monitoring terminal 50b remotely controls each imaging device 70-b (70-b1, 70-b2, 70-b3,...) In the monitoring camera network system 1100 through communication is improved. Effect is obtained.

[Third embodiment of remote device control system]
The third embodiment of the remote device control system is an embodiment applied to a sensor network system. FIG. 15 is a schematic configuration diagram of a remote device control system 1a-c according to the second embodiment. In FIG. 15, remote device control systems 1 a to c include a sensor network system 1200 and a sensor information collection device (client device) 50 c.

  The sensor network system 1200 includes a plurality of sensor devices (IoT devices) 70-c (70-c1, 70-c2, 70-c3,...) And a communication gateway device 14c. A configuration similar to that of the IoT device 70 of FIGS. 4 and 5 is applied to the sensor device 70-c (70-c1, 70-c2, 70-c3,...). However, the device unit 74 shown in FIG. 4 is a device related to sensing unique to the sensor device. For example, the device unit 74 of the weather observation sensor device 70-c is a sensor that measures weather data such as temperature, humidity, and atmospheric pressure. For example, the device unit 74 of the traffic volume observation sensor device 70-c is a sensor that measures traffic volume. For example, the device unit 74 of the water amount observation sensor device 70-c is a sensor that measures the amount of water.

  The sensor device 70-c (70-c1, 70-c2, 70-c3,...) And the communication gateway device 14c transmit and receive data via the communication path 110c. The communication path 110c may be a wireless communication path, a wired communication path, or a wireless communication path and a wired communication path. The communication path 110c may be, for example, a local area LAN where the sensor network system 1200 is provided. The local area LAN may be a wireless LAN, a wired LAN, or a wireless LAN and a wired LAN.

  A configuration similar to that of the communication gateway device 14 of FIG. 9 is applied to the communication gateway device 14c. The communication module 144 of the communication gateway device 14c includes a SIM 80c. A configuration similar to that of the SIM 80 in FIG. 10 is applied to the SIM 80c. The communication gateway device 14c is connected to the Internet 1010 via the communication path 108c1. The communication path 108c1 is a communication path including a wireless communication path of a wireless communication network to which the communication module 144 of the communication gateway apparatus 14c is connected using the SIM 80c.

  A configuration similar to that of the client device 50 of FIG. 3 is applied to the sensor information collecting device 50c. The sensor information collection device 50c is connected to the Internet 1010 via the communication path 108c2. The communication path 108c2 may be a wireless communication path, a wired communication path, or a wireless communication path and a wired communication path. The sensor information collection device 50c accesses the communication gateway device 14c via the Internet 1010.

  The communication gateway device 14c monitors communication between the inside and the outside of the sensor network system 1200. The communication gateway device 14c determines whether to permit access from the sensor information collection device 50c. If the communication gateway device 14c determines that access from the sensor information collection device 50c is permitted, the communication gateway device 14c and each sensor device 70-c (70-c1, 70-c2, 70-c3,.・ ・） Relay communication with.

  The sensor information collection device 50c communicates with each sensor device 70-c (70-c1, 70-c2, 70-c3,...) Via the communication gateway device 14c. The remote device controller 57 of the sensor information collecting device 50c has a sensor device remote control function for remotely controlling each sensor device 70-c (70-c1, 70-c2, 70-c3,...) By communication. Have. The remote device control unit 57 of the sensor information collecting device 50c has a measurement data acquisition function for acquiring measurement data measured by each sensor device 70-c (70-c1, 70-c2, 70-c3,...) Through communication. You may have. Further, the remote device control unit 57 of the sensor information collecting device 50c displays the measurement data acquired from each sensor device 70-c (70-c1, 70-c2, 70-c3,...) On the display screen of the display device. You may have a measurement data display control function to display. In addition, the remote device control unit 57 of the sensor information collecting device 50c acquires operation state information indicating the operation state of each sensor device 70-c (70-c1, 70-c2, 70-c3,...) Through communication. It may have an operation state information acquisition function. The remote device control unit 57 of the sensor information collecting device 50c displays the operation state information acquired from each sensor device 70-c (70-c1, 70-c2, 70-c3,...) On the display screen of the display device. It may have an operation state information display control function to be displayed. In addition, the remote device control unit 57 of the sensor information collecting device 50c provides information such as measurement data and operation state information acquired from each sensor device 70-c (70-c1, 70-c2, 70-c3,...). May be stored in a storage device.

  Example 2 of the remote device control method of FIGS. 11 and 12 is applied to the remote device control system 1a-c. However, the sensor information collecting device 50c corresponds to the client device 50, the SIM 80c of the communication gateway device 14c corresponds to the SIM 80, and each sensor device 70-c (70-c1, 70-c2, 70-c3,...). Corresponds to the IoT device 70.

  According to the remote device control system 1a-c shown in FIG. 14, each sensor device 70-c (70-c1, 70-c2, 70-c3,...) In the sensor network system 1200 is communicated from the sensor information collecting device 50c.・) Safety when accessing can be improved. Furthermore, the safety when the sensor information collection device 50c remotely controls each of the sensor devices 70-c (70-c1, 70-c2, 70-c3,...) In the sensor network system 1200 by communication. An improving effect is obtained.

  The above is description of the Example of the remote device control system 1a which concerns on 2nd Embodiment.

  Note that, as an example of the remote device control system 1 according to the first embodiment, the present invention may be applied to the home network system 1000, the surveillance camera network system 1100, or the sensor network system 1200. In this case, the server device 30 accesses the communication gateway devices 14a, 14b, and 14c via the Internet 1010, and the IoT devices 70-a, 70-b, and 70 via the communication gateway devices 14a, 14b, and 14c. Communicate with -c.

  As mentioned above, although embodiment of this invention was explained in full detail with reference to drawings, the specific structure is not restricted to this embodiment, The design change etc. of the range which does not deviate from the summary of this invention are included.

  In the remote device control system 1 of FIG. 1 according to the first embodiment described above, the second example of the remote device control method of FIGS. 11 and 12 according to the second embodiment described above may be applied. In this case, each unit 31-35 of the server device 30 (first arithmetic processing unit) functions in the same manner as each unit 81-85 of the SIM 80 according to the second embodiment.

  In the remote device control system 1a of FIG. 8 according to the second embodiment described above, the first example of the remote device control method of FIGS. 6 and 7 according to the first embodiment described above may be applied. In this case, each part 81-85 of SIM80 (1st arithmetic processing apparatus) functions similarly to each part 31-35 of the server apparatus 30 which concerns on 1st Embodiment.

In addition, a computer program for realizing the functions of each device described above may be recorded on a computer-readable recording medium, and the program recorded on the recording medium may be read into a computer system and executed. Here, the “computer system” may include an OS and hardware such as peripheral devices.
“Computer-readable recording medium” refers to a flexible disk, a magneto-optical disk, a ROM, a writable nonvolatile memory such as a flash memory, a portable medium such as a DVD (Digital Versatile Disc), and a built-in computer system. A storage device such as a hard disk.

Further, the “computer-readable recording medium” means a volatile memory (for example, DRAM (Dynamic DRAM) in a computer system that becomes a server or a client when a program is transmitted through a network such as the Internet or a communication line such as a telephone line. Random Access Memory)), etc., which hold programs for a certain period of time.
The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.
The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

DESCRIPTION OF SYMBOLS 1, 1a, 1a-a, 1a-b, 1a-c ... Remote equipment control system, 14 ... Communication gateway apparatus, 30 ... Server apparatus, 31, 51, 81, 701 ... Communication part, 32, 52, 82, 702 ... storage unit, 33, 83 ... key generation unit, 34, 84 ... key transmission unit, 35, 55, 85 ... authentication processing unit, 50 ... client device, 54, 704 ... key reception unit, 57 ... remote device control unit, 70 ... IoT equipment, 74 ... equipment section, 80, 80a ... SIM, 703 ... control section, 1000 ... home network system, 1100 ... surveillance camera network system, 1200 ... sensor network system

Claims (8)

A client device, a first arithmetic processing device, and a second device;
The first arithmetic processing unit includes:
A first storage unit for storing a master key and a common key;
A key generation unit that generates a first key and a second key using the master key, client identification information of the client device, and key type information;
A first authentication processing unit that performs authentication processing with the client device using the first key;
A first key transmission unit configured to transmit a third key to the second device by encrypted communication using the second key and to transmit the third key to the second device by encrypted communication using the common key. And comprising
The second device is
A device unit including a device unique to the second device, and receiving remote control by communication;
A control unit that relays communication between the client device and the first arithmetic processing unit;
A second storage unit for storing the common key;
A key receiving unit that receives the third key from the first arithmetic processing unit by encrypted communication using the common key;
A second communication unit that performs cryptographic communication with the client device using the third key,
The client device is
A client storage unit for storing the first key and the second key;
A client authentication processing unit that transmits client identification information of its own client device to the first arithmetic processing device, and performs authentication processing with the first arithmetic processing device using the first key;
A client key receiving unit that receives the third key by encrypted communication using the second key with the first arithmetic processing unit;
A client communication unit that performs cryptographic communication with the second device using the third key;
A remote device control unit that remotely controls the device unit of the second device by the encryption communication performed using the third key,
Remote equipment control system. The client key receiving unit of the client device transmits client identification information of the client device to the first arithmetic processing device,
The first key transmission unit of the first arithmetic processing unit uses the client identification information received from the client device to perform encryption communication between the first key and the second key generated by the key generation unit. Sent to the client device by way,
The client storage unit of the client device stores the first key and the second key received from the first arithmetic processing device through the encryption communication path.
The remote device control system according to claim 1. A client device, a first arithmetic processing device, and a second device;
The first arithmetic processing unit includes:
A first key that stores a common key, a first private key used to generate a client public key certificate that is a public key certificate of the client device, and a first public key certificate corresponding to the first private key. 1 storage unit,
A first authentication processing unit that performs authentication processing of a public key cryptosystem with the client device using the first public key certificate;
A first key for transmitting a third key to the second device by encrypted communication using the client public key certificate and for transmitting the third key to the second device by encrypted communication using the common key. A transmission unit,
The second device is
A device unit including a device unique to the second device, and receiving remote control by communication;
A control unit that relays communication between the client device and the first arithmetic processing unit;
A second storage unit for storing the common key;
A key receiving unit that receives the third key from the first arithmetic processing unit by encrypted communication using the common key;
A second communication unit that performs cryptographic communication with the client device using the third key,
The client device is
A client storage unit that stores the client public key certificate and a client private key that is a private key corresponding to the client public key certificate;
A client authentication processing unit that transmits the client public key certificate to the first processing unit and performs an authentication process with the first processing unit using the client secret key;
A client key receiving unit that receives the third key by encrypted communication using the client secret key with the first processing unit;
A client communication unit that performs cryptographic communication with the second device using the third key;
A remote device control unit that remotely controls the device unit of the second device by the encryption communication performed using the third key,
Remote equipment control system. The client authentication processing unit of the client device transmits a client public key that is a public key of the client device to the first arithmetic processing device,
The first authentication processing unit of the first arithmetic processing device generates the client public key certificate that is a public key certificate of the client public key received from the client device, using the first secret key. And sending the client public key certificate to the client device,
The client storage unit of the client device stores the client secret key and the client public key certificate received from the first processing unit;
The remote device control system according to claim 3. A remote device control method of a remote device control system comprising a client device, a first arithmetic processing device, and a second device comprising a device unit,
The device unit includes a device unique to the second device, and accepts remote control by communication,
A first storage step in which the first arithmetic processing unit stores a master key and a common key;
A key generation step in which the first arithmetic processing device generates a first key and a second key using the master key, client identification information of the client device, and key type information;
A first authentication processing step in which the first arithmetic processing device performs authentication processing with the client device using the first key;
The first processing unit transmits a third key to the client device by encrypted communication using the second key, and transmits the third key to the second device by encrypted communication using the common key. A first key transmission step of transmitting to
A control step in which the second device relays communication between the client device and the first arithmetic processing device;
A second storage step in which the second device stores the common key;
A key receiving step in which the second device receives the third key from the first arithmetic processing unit by encrypted communication using the common key;
A second communication step in which the second device performs cryptographic communication with the client device using the third key;
A client storage step in which the client device stores the first key and the second key;
A client authentication processing step in which the client device transmits client identification information of the client device to the first arithmetic processing device, and performs an authentication process with the first arithmetic processing device using the first key; ,
A client key receiving step in which the client device receives the third key by encrypted communication using the second key with the first arithmetic processing device;
A client communication step in which the client device performs cryptographic communication with the second device using the third key;
A remote device control step in which the client device remotely controls the device unit of the second device by the encryption communication performed using the third key;
A remote device control method. The client device transmits client identification information of the client device to the first arithmetic processing device;
The first arithmetic processing unit transmits the first key and the second key generated using the client identification information received from the client device to the client device via an encrypted communication path;
The client device stores the first key and the second key received from the first arithmetic processing device via the encryption communication path;
The remote device control method according to claim 5. A remote device control method of a remote device control system comprising a client device, a first arithmetic processing device, and a second device comprising a device unit,
The device unit includes a device unique to the second device, and accepts remote control by communication,
The first arithmetic processing unit has a common key, a first secret key used to generate a client public key certificate that is a public key certificate of the client device, and a first public corresponding to the first secret key. A first storage step for storing a key certificate;
A first authentication processing step in which the first arithmetic processing device performs authentication processing of a public key cryptosystem with the client device using the first public key certificate;
The first arithmetic processing unit transmits a third key to the client device by encrypted communication using the client public key certificate, and transmits the third key to the third key by encrypted communication using the common key. A first key transmission step of transmitting to two devices;
A control step in which the second device relays communication between the client device and the first arithmetic processing device;
A second storage step in which the second device stores the common key;
A key receiving step in which the second device receives the third key from the first arithmetic processing unit by encrypted communication using the common key;
A second communication step in which the second device performs cryptographic communication with the client device using the third key;
A client storage step in which the client device stores the client public key certificate and a client private key that is a private key corresponding to the client public key certificate;
A client authentication processing step in which the client device transmits the client public key certificate to the first processing unit and performs an authentication process with the first processing unit using the client secret key;
A client key receiving step in which the client device receives the third key by encrypted communication using the client secret key with the first arithmetic processing unit;
A client communication step in which the client device performs cryptographic communication with the second device using the third key;
A remote device control step in which the client device remotely controls the device unit of the second device by the encryption communication performed using the third key;
A remote device control method. The client device transmits a client public key which is a public key of the client device to the first arithmetic processing device;
The first processing unit generates the client public key certificate, which is a public key certificate of the client public key received from the client device, using the first private key, and the client public key certificate To the client device,
The client device stores the client private key and the client public key certificate received from the first processing unit;
The remote device control method according to claim 7.

Images