JP2021101521A - Communication system and information processing device - Google Patents

Abstract

To make it possible to determine identity of a wireless terminal even when the wireless terminal with a MAC address randomization function connects to a wireless access point corresponding to a different SSID.SOLUTION: A terminal identification device 30 includes: a first acquisition unit 31 that acquires, from a DHCP server device 50, a set of a network address assigned to a wireless terminal 10, a MAC address randomly assigned to the wireless terminal 10, and an SSID assigned to a wireless access point 20 connected to the wireless terminal 10; a second acquisition unit 32 that acquires, from a connection authentication server device 40, a set of the network address and a user ID assigned to the wireless terminal 10; a storage unit 33 that stores the MAC address, SSID, and user ID in association, on the basis of the common network address; and an identification unit 34 that identifies a set of the MAC address corresponding to each wireless terminal 10 and the SSID.SELECTED DRAWING: Figure 8

Description

The present invention relates to a technique for controlling a wireless access point.

A MAC address (Media Access Control address) is assigned to hardware such as a network card installed in each wireless terminal in order to identify the wireless terminal connected to the network. In the case of Ethernet (registered trademark), of the 6 octets that make up this MAC address, the first 3 octets correspond to the vendor ID part, the next 1 octet corresponds to the model ID, and the last 2 octets correspond to the serial ID, and the top 4 The model name of the wireless terminal can be specified by octet. Bit 0x02 in the first octet is a bit that identifies a global address and a local address, and is called a GL bit. When the GL bit is OFF, it is a global address, and when it is ON, it is a local address. With respect to global addresses, the IEEE manages MAC addresses around the world, and each wireless terminal is identified by its own unique MAC address. This enables analysis such as tracking the position of each wireless terminal by specifying the position of the wireless access point to which each wireless terminal is connected from the connection history.

On the other hand, from the viewpoint of privacy, there is a function called MAC address randomization in which the MAC address is made variable so that the position of the wireless terminal is difficult to be specified. This MAC address randomization function is often realized by using the above-mentioned local address. For example, in a wireless LAN (Local Area Network), there is a function to randomly change the MAC address of a wireless terminal for each SSID (Service Set Identifier), and each time the wireless terminal connects to a wireless access point corresponding to a new SSID. When a new MAC address is generated and subsequently connected to a wireless access point corresponding to the same SSID, the generated MAC address for that SSID is used. By doing so, it becomes difficult to determine the identity of the wireless terminals among different wireless access points while making it possible to identify a plurality of wireless terminals in one wireless access point. This makes it difficult to analyze the connection history, position tracking, and the like of one wireless terminal. Regarding this type of technology, for example, Patent Document 1 states that every time the mobile terminal 3 accesses the AP2, the MAC address is used when wireless LAN communication is performed between the AP 2 equipped in the shop 1 and the mobile terminal 3. The mechanism to change is disclosed.

JP-A-2007-235765

As described above, when a wireless terminal having a MAC address randomization function is connected to a wireless access point corresponding to a different SSID, the MAC address of the wireless terminal is different for each SSID. It is difficult to determine if the terminals are the same.

Therefore, an object of the present invention is to make it possible to determine the identity of a wireless terminal even when a wireless terminal having a MAC address randomization function is connected to a wireless access point corresponding to a different SSID.

In order to solve the above problems, in the present invention, a plurality of wireless terminals to which MAC (Media Access Control address) addresses are randomly assigned are any one of a plurality of wireless access points to which different SSIDs (Service Set Identifiers) are assigned. A storage unit that stores a set of a MAC address assigned to each of the plurality of the wireless terminals and the SSID of the wireless access point to which the wireless terminal is connected using the MAC address when connected to. Provided is a communication system including an identification unit that identifies a set of a MAC address and an SSID corresponding to each of the wireless terminals based on the contents stored in the storage unit.

Further, according to the present invention, a network address assigned to a wireless terminal, a MAC address randomly assigned to the wireless terminal, and a wireless access point to which the wireless terminal is connected from a DHCP (Dynamic Host Configuration Protocol) server device. Acquired by the first acquisition unit that acquires the SSID assigned to the above, the second acquisition unit that acquires the network address and the user ID assigned to the wireless terminal from the connection authentication server device, and the first acquisition unit. Based on the storage unit that stores the obtained MAC address and SSID and the user ID acquired by the second acquisition unit in association with each other based on the common network address, and the contents stored in the storage unit. Provided is an information processing apparatus including an identification unit that identifies a set of a MAC address and an SSID corresponding to each of the wireless terminals.

The storage unit includes a set of MAC address and SSID acquired by the first acquisition unit when the date and time difference between the log stored in the DHCP server device and the log stored in the connection authentication server device is within the threshold value, and the storage unit. The user ID acquired by the second acquisition unit may be associated and stored based on the common network address.

When there are a plurality of the logs satisfying the condition that the date and time difference is within the threshold value, the storage unit includes a set of MAC address and SSID and a user ID included in the log satisfying the condition that the date and time difference has a small value. And may be stored in association with each other based on the common network address.

The threshold value may be a fluctuating value.

Further, the present invention includes a plurality of wireless terminals to which MAC addresses are randomly assigned and an information processing device, and each of the wireless terminals is connected to one of a plurality of wireless access points to which different SSIDs are assigned. In this case, a storage unit that stores the set of the MAC address assigned to the own terminal and the SSID of the wireless access point to which the local terminal is connected using the MAC address, and the contents stored in the storage unit. The information processing device includes a transmission unit that transmits the above to the information processing device, and the information processing device acquires the contents transmitted from each of the wireless terminals, and sets a MAC address and an SSID corresponding to each of the wireless terminals. Provided is a communication system including an identification unit for identifying the above.

It is a figure which shows an example of the structure of the wireless communication system 1 which concerns on one Embodiment in this invention. It is a figure which shows the hardware composition of the terminal identification apparatus 30. It is a sequence diagram which shows an example of the outline of the operation of the wireless communication system 1. It is a figure which shows an example of the information (ID table) which a wireless terminal 10 stores. It is a figure which shows an example of the information (network address payout log) stored in the DHCP server apparatus 50. It is a figure which shows an example of the information (connection authentication log) stored in the connection authentication server apparatus 40. It is a figure which shows an example of the information (terminal discrimination table) stored in the terminal identification apparatus 30. It is a figure which shows an example of the functional structure of the terminal identification apparatus 30. It is a flowchart which shows an example of the operation of the terminal identification apparatus 30.

FIG. 1 is a diagram showing an example of a wireless communication system 1 according to the present embodiment. The wireless communication system 1 is a system that provides a wireless communication service conforming to, for example, IEEE802.11. As shown in FIG. 1, the wireless communication system 1 wirelessly communicates with the wireless terminal 10 used by the user and the wireless terminal 10 existing within the range of its own wireless communication area (for example, within a range of a dozen meters). A plurality of wireless access points 20 (three as an example in FIG. 1), a terminal identification device 30 that functions as an example of the information processing device according to the present invention, and a connection authentication server device that authenticates when the wireless terminal 10 is connected to the Internet. 40, a DHCP (Dynamic Host Configuration Protocol) server device 50 that dynamically assigns a network address to the wireless terminal 10, and a gateway device 60 that connects the wireless LAN (Local Area Network) 2 and the Internet 70 are provided. .. The wireless LAN 2 is composed of the wireless access point 20, the terminal identification device 30, the connection authentication server device 40, and the DHCP server device 50. Wireless Although only one wireless terminal 10 is shown in FIG. 1, there are actually a plurality of wireless terminals 10. Further, there may be a plurality of terminal identification devices 30, a connection authentication server device 40, and a DHCP server device 50, respectively.

The wireless terminal 10 is a computer that can be connected to the wireless LAN 2, such as a smart phone, a wearable terminal, a tablet, or a personal computer, and has a MAC address randomization function. An SSID (Service Set Identifier) is set in each wireless access point 20. The connection support application program 101 installed in the wireless terminal 10 describes a procedure for the wireless terminal 10 to specify the SSID and connect to the wireless LAN 2 and the Internet 70. Further, in the connection support application program 101, a user ID that uniquely identifies the wireless terminal 10 is set in order to realize the above connection. The user ID is used for authentication when the wireless terminal 10 connects to the Internet 70. The connection support application program 101 may be provided to the wireless terminal 10 via some network.

FIG. 2 is a diagram showing a hardware configuration of a terminal identification device 30 that functions as an example of the information processing device according to the present invention. The terminal identification device 30 is physically configured as a computer including a processor 3001, a memory 3002, a storage 3003, a communication device 3004, a bus connecting them, and the like. Each of these devices is operated by electric power supplied from a power source (not shown). In the following description, the word "device" can be read as a circuit, a device, a unit, or the like. The hardware configuration of the terminal identification device 30 may be configured to include one or more of the devices shown in FIG. 2, or may be configured not to include some of the devices. Further, a plurality of devices having different housings may be connected by communication to form the terminal identification device 30.

Each function of the terminal identification device 30 is such that the processor 3001 performs an operation by loading predetermined software (program) on the hardware such as the processor 3001 and the memory 3002, and controls the communication by the communication device 3004, or the memory. It is realized by controlling at least one of reading and writing of data in the 3002 and the storage 3003.

Processor 3001 operates, for example, an operating system to control the entire computer. The processor 3001 may be configured by a central processing unit (CPU) including an interface with a peripheral device, a control device, an arithmetic unit, a register, and the like. Further, for example, a baseband signal processing unit, a call processing unit, and the like may be realized by the processor 3001.

The processor 3001 reads a program (program code), a software module, data, and the like from at least one of the storage 3003 and the communication device 3004 into the memory 3002, and executes various processes according to these. As the program, a program that causes a computer to execute at least a part of the operations described later is used. The functional block of the terminal identification device 30 may be stored in the memory 3002 and realized by a control program operating in the processor 3001. Various processes may be executed by one processor 3001, but may be executed simultaneously or sequentially by two or more processors 3001. Processor 3001 may be implemented by one or more chips.

The memory 3002 is a computer-readable recording medium, and is composed of at least one such as a ROM (Read Only Memory), an EPROM (Erasable Programmable ROM), an EPROM (Electrically Erasable Programmable ROM), and a RAM (Random access Memory). May be done. The memory 3002 may be referred to as a register, a cache, a main memory (main storage device), or the like. The memory 3002 can store a program (program code), a software module, or the like that can be executed to carry out the method according to the present embodiment.

The storage 3003 is a computer-readable recording medium, for example, an optical disk such as a CD-ROM (Compact Disc ROM), a hard disk drive, a flexible disk, an optical magnetic disk (for example, a compact disk, a digital versatile disk, a Blu-ray). It may consist of at least one (registered trademark) disk), smart card, flash memory (eg, card, stick, key drive), floppy (registered trademark) disk, magnetic strip, and the like. The storage 3003 may be referred to as an auxiliary storage device.

The communication device 3004 is hardware (transmission / reception device) for performing communication between computers via a network, and is also referred to as, for example, a network device, a network controller, a network card, a communication module, or the like.

Each device such as the processor 3001 and the memory 3002 is connected by a bus for communicating information. The bus may be configured by using a single bus, or may be configured by using a different bus for each device.

The terminal identification device 30 includes hardware such as a microprocessor, a digital signal processor (DSP: Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), a PLD (Programmable Logic Device), and an FPGA (Field Programmable Gate Array). The hardware may realize a part or all of each functional block. For example, processor 3001 may be implemented using at least one of these hardware. The wireless terminal 10, the connection authentication server device 40, and the DHCP server device 50 are also computers having the same hardware configuration as the terminal identification device 30.

FIG. 3 is a sequence diagram showing an outline of the operation of the wireless communication system 1. Further, in the following description, when the terminal identification device 30 is described as the main body of the processing, specifically, by loading the predetermined software (program) on the hardware such as the processor 3001 and the memory 3002. It means that the processing is executed by the processor 3001 performing the calculation and controlling the communication by the communication device 3004 and the reading and / or writing of the data in the memory 3002 and the storage 3003. The same applies to the wireless terminal 10, the connection authentication server device 40, and the DHCP server device 50.

In FIG. 3, when the wireless terminal 10 connects to the Internet 70 via the wireless LAN 2 using the connection support application program 101, first, from the wireless terminal 10, the wireless terminal 10 is wirelessly communicated with the wireless terminal 10 via the wireless access point 20. A connection request (referred to as a wireless LAN connection request) to the wireless LAN 2 is transmitted (step S11). At this time, the wireless terminal 10 generates a new MAC address by the MAC address randomization function when passing through the wireless access point corresponding to the new SSID and uses this, and the wireless access point corresponding to the same SSID in the past. If you have made a connection using, use the MAC address generated for that SSID. The wireless terminal 10 stores an ID table as illustrated in FIG. In this ID table, the SSID corresponding to the wireless access point 20 connected in the past is described in association with the user ID (“UID 103” in the figure) set in the connection support application program 101.

In FIG. 3, the DHCP server device 50 requests the wireless terminal 10 to notify the MAC address in response to the wireless LAN connection request (step S12). In response to this, the wireless terminal 10 notifies the DHCP server device 50 of the MAC address corresponding to the SSID of the wireless access point 20 wirelessly connected when the wireless LAN connection request is made (step S13). When the MAC address is notified from the wireless terminal 10, the DHCP server device 50 generates a network address and assigns it to the wireless terminal 10 (step S14). Then, the DHCP server device 50 uses the authentication date and time, which is the date and time at that time, the SSID of the wireless access point 20 via which the wireless LAN connection request has passed, the MAC address notified from the wireless terminal 10, and the network assigned to the wireless terminal 10. The addresses are associated with each other and stored as a network address payout log as illustrated in FIG. 5 (step S15). The authentication date and time is not a concept that requires both the day and the time, and may be only the day or only the time.

The wireless terminal 10 to which the network address is assigned transmits a connection request for the Internet (referred to as an Internet connection request) to the connection authentication server device 40 by using the connection support application program 101 (step S16). The Internet connection request may be automatically transmitted by the wireless terminal 10 according to the procedure described in the connection support application program 101. The wireless terminal 10 may manually operate the Internet connection request according to the procedure described in the connection support application program 101. May be sent as a trigger.

The connection authentication server device 40 that has received the Internet connection request requests the user ID from the wireless terminal 10 (step S17), and when the wireless terminal 10 notifies the user ID in response to this request (step S18). , The authentication process is performed using the user ID (step S19). If this authentication is successful, the gateway device 60 is allowed to communicate from the wireless terminal 10 to the Internet 70. Then, the connection authentication server device 40 associates the authentication date and time, which is the date and time at that time, the user ID notified from the wireless terminal 10, and the network address assigned to the wireless terminal 10, as illustrated in FIG. Store as a connection authentication log (step S20).

The terminal identification device 30 acquires the above-mentioned network payout log and connection authentication log from the DHCP server device 50 and the connection authentication server device 40 (step S21), and performs an identification process for identifying the identity of the wireless terminal 10 (step S22). ).

Next, the identification process of the terminal identification device 30 will be described with reference to FIGS. 7 to 9. As shown in FIG. 8, in the terminal identification device 30, the functions of the first acquisition unit 31, the second acquisition unit 32, the storage unit 33, and the identification unit 34 are realized.

In FIG. 9, the first acquisition unit 31 acquires the network address allocation log, that is, the authentication date / time, the SSID, the MAC address, and the network address from the DHCP server device 50 (step S111).

Next, the second acquisition unit 32 acquires the connection authentication log, that is, the authentication date / time, the user iID, and the network address from the connection authentication server device 40 (step S112).

Next, the storage unit 33 determines whether or not there is a common network address in the network address payout log and the connection authentication log for each of all the combinations of the network address payout log and the connection authentication log. (Step S113). A combination that does not have a common network address in the network address allocation log and the connection authentication log is discarded (step S113; NO, step S114), and it is determined whether or not there is a common network address for the next combination. (Step S113).

If there is a common network address in the network address payout log and the connection authentication log (step S113; YES), the storage unit 33 sets the difference between the authentication date and time included in the network payout log and the connection authentication log server related to the combination. (Date and time difference) is calculated (step S115). Then, the storage unit 33 determines whether or not the difference between the authentication dates and times related to each combination is within the threshold value (step S116). If the difference between the authentication dates and times related to a certain combination exceeds the threshold value, the combination is discarded (step S116; NO, step S117), and it is determined whether or not the difference between the authentication dates and times is within the threshold value for the next combination. (Step S116).

When the difference between the authentication dates and times related to a certain combination is within the threshold value (step S116; YES), the storage unit 33 acquires the MAC address and SSID acquired by the first acquisition unit 31 and the second acquisition unit 32. The user ID is associated with the user ID, and it is determined whether or not there are a plurality of pairs of the MAC address and the SSID and the user ID associated with the MAC address (step S118). When there is only one set that satisfies the condition that the difference between the authentication dates and times is within the threshold value (step S118; NO), the storage unit 33 displays the network address allocation log and the connection authentication log as illustrated in FIG. The included MAC address and SSID and the user ID are stored in association with each other (step S119). On the other hand, when there are a plurality of sets satisfying the condition that the difference between the authentication dates and times is within the threshold value (step S118; YES), the storage unit 33 displays the network address payout log and the connection authentication log in which the difference is minimized. The included MAC address and SSID and the user ID are stored in association with each other (step S120). Since the MAC address randomization function randomly assigns a MAC address to the wireless terminal 10, the MAC addresses assigned to the same wireless terminal 10 do not overlap in a short period of time, but when viewed over a long period of time, the same wireless terminal is used. There is a possibility that the MAC addresses assigned to 10 will be duplicated. Therefore, in the present embodiment, the condition that the difference between the authentication dates and times is within the threshold value is imposed as described above.

The identification unit 34 identifies a set of MAC address and SSID corresponding to each wireless terminal 10 based on the contents stored in the storage unit 33. That is, since the identification unit 34 can specify the set of MAC address and SSID corresponding to a certain wireless terminal 10, the connection of the above-mentioned wireless terminal 10 is performed by using this set of MAC address and SSID. By analyzing the history, it is possible to grasp which wireless access point the wireless terminal 10 is connected to. Explaining with the example of FIGS. 4 to 7, since the MAC addresses “MACad104”, “MACad106” and “MACad108” are associated with the user ID “UID103”, the identification unit 34 uses the user ID “UID103”. By searching the stored contents of the storage unit 33, it is possible to identify that the wireless terminals 10 to which the MAC addresses "MACad104", "MACad106", and "MACad108" are assigned are the same wireless terminal. Therefore, by analyzing the SSID included in the connection history of the wireless terminal 10 including the MAC addresses "MACad104", "MACad106", and "MACad108", it is possible to grasp which wireless access point the wireless terminal 10 is connected to. It becomes possible to do.

According to the embodiment described above, even when a wireless terminal having a MAC address randomization function is connected to a wireless access point corresponding to a different SSID, the identity of the wireless terminal can be determined.

[Modification example]
The present invention is not limited to the embodiments described above. The above-described embodiment may be modified as follows. Further, the following two or more modified examples may be combined and carried out.
[Modification 1]
The threshold value compared with the difference between the authentication dates and times may be a fluctuating value. For example, when a small value is determined as the default value of the threshold value and the storage unit 33 has a common network address in the combination of the network address allocation log and the connection authentication log (step S113; YES), the authentication date and time If there is no combination such that the difference is within the threshold value (step S116), the threshold value is increased by a certain value, and again, whether or not there is a network address common to the combination of the network address issue log and the connection authentication log. (Step S113). The process of gradually increasing the threshold value may be repeated, and the threshold value when there is a combination such that the difference between the authentication dates and times is within the threshold value (step S116) may be used thereafter. In this way, it is possible to specify a threshold value having a necessary and sufficient size.

[Modification 2]
In the above embodiment, the terminal identification device 30 acquires the network address allocation log and the connection authentication log to identify the identity of the wireless terminal 10, but the wireless terminal 10 performs the main processing for identity identification. May be good. Specifically, in addition to the user ID and SSID, the wireless terminal 10 stores the MAC address used when wirelessly connecting to the wireless access point 20 corresponding to the SSID in association with each other. In the example of FIG. 4, the MAC address "MACad104" used when wirelessly connecting to the wireless access point 20 corresponding to the SSID "SSID211" is corresponded to the pair of the user ID "UDID103" and the SSID "SSID211". Attached, the user ID is associated with the set of the user ID "UID103" and the SSID "SSID212", and the MAC address "MACad106" used when wirelessly connecting to the wireless access point 20 corresponding to the SSID "SSID212" is associated with the user ID. The MAC address "MACad106" used when wirelessly connecting to the wireless access point 20 corresponding to the SSID "SSID 213" is stored in association with the set of the "UID 103" and the SSID "SSID 213". Then, the terminal identification device 30 collects such a set of the user ID, the SSID, and the MAC address from the wireless terminal 10, and assigns the MAC addresses "MACad104", "MACad106", and "MACad108" to the user ID "UID3". Store in association with each other. By doing so, it is possible to identify that the wireless terminals 10 to which the MAC addresses "MACad104", "MACad106", and "MACad108" are assigned are the same wireless terminal by searching the stored contents by the user ID "UID103". Is possible. Therefore, by analyzing the SSID included in the connection history of the wireless terminal 10 including the MAC addresses "MACad104", "MACad106", and "MACad108", it is possible to grasp which wireless access point the wireless terminal 10 is connected to. It becomes possible to do. As described above, the present invention includes a plurality of wireless terminals to which MAC addresses are randomly assigned and an information processing device, and each of the wireless terminals is assigned a different SSID to any one of the plurality of wireless access points. A storage unit that stores the set of the MAC address assigned to the local terminal and the SSID of the wireless access point to which the local terminal is connected using the MAC address, and the contents stored in the storage unit. As a communication system including a transmission unit that transmits the above to the information processing device, and the information processing device includes an identification unit that acquires the transmitted contents and identifies the set of MAC address and SSID corresponding to each wireless terminal. Can also be thought of.

Further, based on the concept of the present invention including the example of the embodiment and the above-described modification, a plurality of wireless terminals to which different MAC addresses are randomly assigned can be any of a plurality of wireless access points to which different SSIDs are assigned. A storage unit that stores a set of a MAC address assigned to each of the plurality of wireless terminals and the SSID of the wireless access point to which the wireless terminal is connected using the MAC address when connected to the wireless terminal. It can also be considered as a communication system characterized by including an identification unit that identifies a set of MAC address and SSID corresponding to each wireless terminal based on the contents stored in the storage unit.

[Modification 3]
In the above embodiment, when there are a plurality of sets satisfying the condition that the difference between the authentication dates and times is within the threshold value (step S118; YES), the storage unit 33 displays the network address payout log and the connection authentication log in which the difference is minimized. The included MAC address and SSID and the user ID were stored in association with each other (step S120). In step S120, the storage unit 33 does not need to select the target to be stored by paying attention to the point that the difference between the authentication dates and times is minimized. In short, the condition that the difference between the authentication dates and times has a small value (for example). The MAC address, SSID, and user ID included in the network address allocation log and the connection authentication log that satisfy the conditions such as the smallest or the second smallest) may be stored in association with each other.

[Other variants]
The block diagram used in the description of the above embodiment shows a block of functional units. These functional blocks (components) are realized by any combination of at least one of hardware and software. Further, the method of realizing each functional block is not particularly limited. That is, each functional block may be realized by using one device that is physically or logically connected, or directly or indirectly (for example, by two or more devices that are physically or logically separated). , Wired, wireless, etc.) and may be realized using these plurality of devices. The functional block may be realized by combining the software with the one device or the plurality of devices.

Functions include judgment, decision, judgment, calculation, calculation, processing, derivation, investigation, search, confirmation, reception, transmission, output, access, solution, selection, selection, establishment, comparison, assumption, expectation, and assumption. There are broadcasting, notifying, communicating, forwarding, configuring, reconfiguring, allocating, mapping, assigning, etc., but only these. I can't. For example, a functional block (component) that functions transmission is called a transmission control unit (transmitting unit) or a transmitter (transmitter). As described above, the method of realizing each of them is not particularly limited.

For example, the payment management device in one embodiment of the present disclosure may function as a computer that processes the present disclosure.

Each aspect / embodiment described in the present disclosure includes LTE (Long Term Evolution), LTE-A (LTE-Advanced), SUPER 3G, IMT-Advanced, 4G (4th generation mobile communication system), and 5G (5th generation mobile communication). system), FRA (Future Radio Access), NR (new Radio), W-CDMA (registered trademark), GSM (registered trademark), CDMA2000, UMB (Ultra Mobile Broadband), IEEE 802.11 (Wi-Fi (registered trademark)) )), IEEE 802.16 (WiMAX®), IEEE 802.20, UWB (Ultra-WIDeBand), Bluetooth®, and other systems that utilize and extend based on them. It may be applied to at least one of the next generation systems. Further, a plurality of systems may be applied in combination (for example, a combination of at least one of LTE and LTE-A and 5G).

The order of the processing procedures, sequences, flowcharts, etc. of each aspect / embodiment described in the present disclosure may be changed as long as there is no contradiction. For example, the methods described in the present disclosure present elements of various steps using exemplary order, and are not limited to the particular order presented.

The input / output information and the like may be stored in a specific location (for example, a memory), or may be managed using a management table. Input / output information and the like can be overwritten, updated, or added. The output information and the like may be deleted. The input information or the like may be transmitted to another device.

The determination may be made by a value represented by 1 bit (0 or 1), by a boolean value (Boolean: true or false), or by comparing numerical values (for example, a predetermined value). It may be done by comparison with the value).

Although the present disclosure has been described in detail above, it is clear to those skilled in the art that the present disclosure is not limited to the embodiments described in the present disclosure. The present disclosure may be implemented as an amendment or modification without departing from the purpose and scope of the present disclosure, which is determined by the description of the claims. Therefore, the description of the present disclosure is for the purpose of exemplary explanation and does not have any limiting meaning to the present disclosure.

Software, whether referred to as software, firmware, middleware, microcode, hardware description language, or by any other name, is an instruction, instruction set, code, code segment, program code, program, subprogram, software module. , Applications, software applications, software packages, routines, subroutines, objects, executable files, execution threads, procedures, features, etc. should be broadly interpreted. Further, software, instructions, information and the like may be transmitted and received via a transmission medium. For example, a website where the software uses at least one of wired technology (coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), etc.) and wireless technology (infrared, microwave, etc.). When transmitted from a server, or other remote source, at least one of these wired and wireless technologies is included within the definition of transmission medium.

The information, signals, etc. described in the present disclosure may be represented using any of a variety of different techniques. For example, data, instructions, commands, information, signals, bits, symbols, chips, etc. that may be referred to throughout the above description are voltages, currents, electromagnetic waves, magnetic fields or magnetic particles, light fields or photons, or any of these. It may be represented by a combination of.
The terms described in the present disclosure and the terms necessary for understanding the present disclosure may be replaced with terms having the same or similar meanings.

In addition, the information, parameters, etc. described in the present disclosure may be expressed using absolute values, relative values from predetermined values, or using other corresponding information. It may be represented.

The phrase "based on" as used in this disclosure does not mean "based on" unless otherwise stated. In other words, the statement "based on" means both "based only" and "at least based on".

Any reference to elements using designations such as "first", "second" as used in this disclosure does not generally limit the quantity or order of those elements. These designations can be used in the present disclosure as a convenient way to distinguish between two or more elements. Thus, references to the first and second elements do not mean that only two elements can be adopted, or that the first element must somehow precede the second element.

The "part" in the configuration of each of the above devices may be replaced with a "means", a "circuit", a "device" and the like.

When "include", "including" and variations thereof are used in the present disclosure, these terms are as comprehensive as the term "comprising". Is intended. Furthermore, the term "or" used in the present disclosure is intended not to be an exclusive OR.

In the present disclosure, if articles are added by translation, for example a, an and the in English, the disclosure may include the plural nouns following these articles.

In the present disclosure, the term "A and B are different" may mean "A and B are different from each other". The term may mean that "A and B are different from C". Terms such as "separate" and "combined" may be interpreted in the same way as "different".

1: Wireless communication system, 2: Wireless LAN, 10: Wireless terminal, 101: Connection support application program, 20: Wireless access point, 30: Terminal identification device, 31: First acquisition unit, 32: Second acquisition unit, 33 : Storage unit, 34: Identification unit, 3001: Processor, 3002: Memory, 3003: Storage, 3004: Communication device, 40: Connection authentication server device, 50: DHCP server device, 60: Gateway device, 70: Internet.

Claims (6)

When a plurality of wireless terminals randomly assigned different MAC (Media Access Control address) addresses are connected to any of a plurality of wireless access points to which different SSIDs (Service Set Identifiers) are assigned, the plurality of wireless terminals may be connected. A storage unit that stores a set of a MAC address assigned to each of the wireless terminals and an SSID of the wireless access point to which the wireless terminal is connected using the MAC address.
A communication system including an identification unit that identifies a set of MAC address and SSID corresponding to each wireless terminal based on the contents stored in the storage unit. From the DHCP (Dynamic Host Configuration Protocol) server device, the network address assigned to the wireless terminal, the MAC address randomly assigned to the wireless terminal, and the SSID assigned to the wireless access point to which the wireless terminal is connected. The first acquisition department to acquire the set and
A second acquisition unit that acquires a set of the network address and the user ID assigned to the wireless terminal from the connection authentication server device, and
A storage unit that stores the MAC address and SSID acquired by the first acquisition unit and the user ID acquired by the second acquisition unit in association with each other based on the common network address.
An information processing device including an identification unit that identifies a set of MAC address and SSID corresponding to each wireless terminal based on the contents stored in the storage unit. The storage unit includes the MAC address and SSID acquired by the first acquisition unit and the second storage unit when the date and time difference between the log stored in the DHCP server device and the log stored in the connection authentication server device is within the threshold value. The information processing apparatus according to claim 2, wherein the user ID acquired by the acquisition unit is associated and stored based on the common network address. When there are a plurality of the logs satisfying the condition that the date and time difference is within the threshold value, the storage unit stores the MAC address, SSID, and user ID included in the log satisfying the condition that the date and time difference satisfies the small value. The information processing apparatus according to claim 3, wherein the information processing apparatus is associated and stored based on the common network address. The information processing apparatus according to claim 3 or 4, wherein the threshold value is a fluctuating value. It is equipped with a plurality of wireless terminals to which MAC addresses are randomly assigned and an information processing device.
Each of the wireless terminals
When connected to any of a plurality of wireless access points to which different SSIDs are assigned, the MAC address assigned to the local terminal and the SSID of the wireless access point to which the local terminal is connected using the MAC address A storage unit that memorizes the set and
A transmission unit that transmits the contents stored in the storage unit to the information processing device is provided.
The information processing device
A communication system including an identification unit that acquires the contents transmitted from each of the wireless terminals and identifies a set of MAC address and SSID corresponding to each of the wireless terminals.

Images