JP2022116642A - Communication system, communication management method, and program - Google Patents

Abstract

To unitarily manage log information on a local network side, in a communication system which remotely accesses a terminal of an access destination connected to the local network, via a cloud server and a communication apparatus.SOLUTION: A communication management system comprises: a first communication management unit which associates first communication between a terminal of an access source and a communication apparatus with identification information and manages them; a relay unit which relays the first communication, with the identification information, between the terminal of the access source and the communication apparatus; and a log information transmission unit which transmits first log information regarding the first communication to the communication apparatus. The communication apparatus comprises: a second communication management unit which manages second communication between the terminal of the access source and the terminal of the access destination; and a log information management unit which receives the first log information from the communication management system and manages third log information including the first log information and second log information regarding the second communication.SELECTED DRAWING: Figure 3

Description

The present invention relates to a communication system, communication management method, and program.

In recent years, due to work style reforms and the spread of telecommuting, there is a growing need for remote access from remote offices, etc., to personal computers (PCs) connected to the company's local network, or to electronic devices such as image forming devices. ing.

In addition, in an information processing system that executes workflows in cooperation with a cloud environment and an on-premises environment, there is a known technology that collectively displays job information of workflows executed in cooperation with a cloud environment and an on-premises environment (for example, patent Reference 1).

As a method of accessing an access destination terminal connected to a local network from an access source terminal connected to an external network, for example, there is a method of encrypted communication using a VPN (Virtual Private Network) or the like. However, in this method, there is a problem that the burden on the administrator (or user) who manages the network settings such as the firewall to enable communication between the access source terminal and the access destination terminal is increased. be.

In order to solve such problems, a communication device that performs encrypted communication with a server on the cloud is installed in the local network of the access destination, and the access destination is sent from the access source terminal via the server on the cloud and the communication device. A method of performing encrypted communication with a terminal of However, in this method, the first log information generated by the server on the cloud and the second log information generated by the communication device connected to the local network are managed separately and centrally managed on the local network side. There is a problem that it is not possible to Even if the technique disclosed in Patent Document 1 is applied, such a problem cannot be solved.

In one embodiment of the present invention, in a communication system in which an access source terminal remotely accesses an access destination terminal connected to a local network via a server on a cloud and a communication device, log information is stored on the local network side. Allow centralized management.

In order to solve the above problems, a communication system according to an embodiment of the present invention provides a communication device that connects a terminal that is an access source connected to a first network to a second network that is different from the first network. a communication management system that manages remote access to communicate with an access destination terminal that is connected to the second network via a communication device; a first communication management unit that manages a first communication between the terminal and the communication device in association with identification information; a relay unit that relays a first communication; and a log information transmission unit that transmits first log information related to the first communication to the communication device, wherein the communication device communicates with the access source terminal. a second communication management unit that manages a second communication with the access destination terminal; receives the first log information from the communication management system; and a log information management unit that manages third log information including second log information related to the communication of the

According to an embodiment of the present invention, in a communication system for remotely accessing a terminal connected to a local network via a cloud server and a communication device, log information can be centrally managed on the local network side. become.

1 is a diagram illustrating an example of a system configuration of a communication system according to one embodiment; FIG. It is a figure showing an example of hardware constitutions of a computer concerning one embodiment. It is a figure showing an example of functional composition of a communication management system concerning one embodiment. FIG. 2 is a diagram showing an example of the functional configuration of a secure box according to one embodiment; FIG. It is a figure which shows the example of functional structure of the information terminal which concerns on one Embodiment. 1 is a diagram (1) showing an example of information managed by a communication system according to an embodiment; FIG. FIG. 2 is a diagram (2) showing an example of information managed by the communication system according to one embodiment; FIG. 3 is a diagram (3) showing an example of information managed by the communication system according to one embodiment; FIG. 4 is a diagram (4) showing an example of information managed by the communication system according to one embodiment; FIG. 4 is a diagram for explaining the flow of log information according to one embodiment; 1 is a diagram (1) showing an example of log information according to an embodiment; FIG. FIG. 2 is a diagram (2) showing an example of log information according to an embodiment; FIG. 7 is a sequence diagram showing an example of processing when the secure box is activated according to one embodiment; FIG. 7 is a sequence diagram showing an example of login processing of an information terminal according to one embodiment; FIG. 11 is a sequence diagram (1) showing an example of processing during remote desktop connection according to an embodiment; FIG. 12 is a sequence diagram (2) showing an example of processing when connecting to a remote desktop according to one embodiment; FIG. 13 is a sequence diagram (3) showing an example of processing when connecting to a remote desktop according to one embodiment; FIG. 7 is a sequence diagram illustrating an example of setting information setting processing according to an embodiment; FIG. 7 is a sequence diagram illustrating an example of log information output processing according to an embodiment; FIG. 7 is a sequence diagram illustrating an example of log information transmission processing according to the first embodiment; FIG. 11 is a sequence diagram illustrating an example of log information transmission processing according to the second embodiment; FIG. 12 is a sequence diagram illustrating an example of log information transmission processing according to the third embodiment;

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
<System configuration>
FIG. 1 is a diagram showing an example of the system configuration of a communication system according to the first embodiment. The communication system 1 includes, for example, an application server 11, a service platform 12, and a relay server 13 connected to a communication network 2 such as the Internet, a secure box 14 connected to a local network 100, a log server 15, and the like. The communication system 1 is, for example, a system for remotely accessing the information processing apparatus 101, the image forming apparatus 102, etc. from the information terminal 111 connected to the remote network 110, etc. via the secure box 14 connected to the local network 100. is.

A remote network (first network) 110 is an example of an external network (first network) different from the local network 100, for example, provided at a home or a remote office. The information terminal 111 is not limited to the remote network 110. For example, the information terminal 111 is connected to the communication network 2 such as the Internet from outside using a WAN (Wide Area Network) or a public wireless LAN (Local Area Network). It may be something that is Note that the communication network 2 is another example of an external network (first network) different from the local network 100 . Here, as an example, the following description is given assuming that the information terminal 111 is connected to a remote network 110, which is a network provided in a remote office or the like.

An information terminal (access source terminal) 111 is an information processing apparatus having a web browser function, such as a PC (Personal Computer), a tablet terminal, or a smart phone, used by a user. The information terminal 111 can access the application server 11 , the relay server 13 and the like via the remote network 110 and the communication network 2 . The information terminal 111 is an example of an access source terminal connected to the first network.

A local network (second network) 100 is a network such as an in-house LAN (Local Area Network) to which access from an external network such as the communication network 2 or the remote network 110 is restricted by a firewall or the like. Note that the local network 100 is an example of a second network different from the first network.

In FIG. 1, it is assumed that the service platform 12 and the secure box 14 are set in advance so that they can communicate with each other using a communication protocol such as MQTT (Message Queue Telemetry Transport). It is also assumed that access to the secure box 14, the information processing apparatus 101, the image forming apparatus 102, etc. in the local network 100 from the information terminal 111, the relay server 13, etc. is prohibited.

An information processing device (access destination terminal) 101 is an information processing device such as a PC connected to the local network 100, and provides a predetermined service such as a remote desktop service. An image forming apparatus (access destination terminal) 102 is an electronic device connected to the local network 100 and provides a predetermined service such as a facsimile service.

The information processing apparatus 101 and the image forming apparatus 102 are examples of access destination terminals that are connected to the local network 100 and provide predetermined services. The terminal to be accessed may be, for example, a PJ (Projector), an IWB (Interactive White Board: a white board having an electronic blackboard function capable of mutual communication), a digital signage, or the like. The access destination terminal may be, for example, an industrial machine, an imaging device, a sound collector, a medical device, a network appliance, a smart phone, a tablet terminal, a game machine, a PDA (Personal Digital Assistant), a digital camera, or the like.

The application server 11 is, for example, an information processing device having a computer configuration, or a system including a plurality of information processing devices. The application server 11, for example, uses the communication system 1 to send web content or the like for using an access destination terminal such as the information processing apparatus 101 or the image forming apparatus 102 in the local network 100 to the information terminal 111. It has the function of a web server that provides The application server 11 also has a function of providing a web page for setting the communication system 1 to the management terminal 5 or the like, which is an information terminal used by an administrator or the like who manages the communication system 1, for example. can be

The service platform 12 is, for example, an information processing device having a computer configuration, or a system including a plurality of information processing devices. The service platform 12 cooperates with the application server 11 to execute device control processing for controlling the secure box 14 and the like. The service platform 12 also performs, for example, authentication processing and management of log information.

The relay server 13 is, for example, an information processing device having a computer configuration, or a system including a plurality of information processing devices. Relay server 13 relays communication between information terminal 111 and secure box 14 .

The application server 11, the service platform 12, and the relay server 13 constitute a communication management system 10 that provides a remote access service to an access source terminal such as the information terminal 111 or the like. Note that the functions of the application server 11, the service platform 12, and the relay server 13 may be included in one server device, or may be distributed among more server devices. In this way, the application server 11, the service platform 12, and the relay server 13 can have various system configurations. It is sometimes called a management system 10 .

The secure box (communication device) 14 is, for example, a communication device having a computer configuration and a communication function, or an information processing device. The secure box 14 is connected to the relay server 13 under the control of the communication management system 10, and from the information terminal 111 to the access destination terminal (the information processing device 101 or the image forming device 102) connected to the local network 100. Control remote access. Note that the secure box 14 is an example of a communication device that connects to the local network (second network) 100 .

The management terminal 5 is, for example, an information terminal equipped with a web browser function that is used by an administrator or the like who manages the communication system 1 .

In the above system configuration, the information terminal 111 can connect to the communication network 2 from the remote network 110, but cannot access the information processing device 101 and the image forming device 102 connected to the local network 100. Can not.

Conventionally, in such a case, in order to communicate from the information terminal 111 to an access destination terminal connected to the local network 100, for example, VPN (Virtual Private Network) or the like was used to perform encrypted communication.

As a method for connecting the information terminal 111 connected to the remote network 110 to the access destination terminal connected to the local network 100 via VPN, for example, IPsec (Internet Protocol Security) is known. When using this method, the administrator or the like needs to appropriately configure network settings such as router routing settings and firewall access control list settings so that IPsec communications can be performed correctly.

After being connected by VPN, for example, the information terminal 111 connected to the remote network 110 can access the access destination terminal connected to the local network 100 according to the access control of the firewall. However, access control by a firewall is basically access control by IP address or transport layer port number (for example, 3389/tcp). Therefore, for example, in order to implement access control for each logged-in user, complicated operations such as linking the logged-in user with an identifier such as an IP address and changing the existing network configuration are required.

Therefore, in the present embodiment, a secure box 14 for cryptographic communication with the communication management system 10 is installed in the local network 100, and the information terminal 111 communicates with the terminal to be accessed via the communication management system 10 and the secure box 14. perform encrypted communication with As a result, a user using the information terminal 111 can securely communicate with an access destination terminal connected to the local network 100 with a simple setting.

(Overview of connection processing)
In the above system configuration, a user using the information terminal 111, for example, when using a remote desktop service provided by the information processing apparatus 101, accesses a predetermined web page provided by the application server 11 using a web browser or the like. to access. The user can request a connection to, for example, a remote desktop service provided by the information processing apparatus 101 by selecting a desired service from this web page. The user is not limited to the web browser provided in the information terminal 111. For example, the user can access a predetermined web page using an application program (hereinafter referred to as an application) for the communication system 1 that has web browser functions. may access.

When receiving a connection request from the information terminal 111, the application server 11 generates (issues) a session ID, which is identification information for identifying a session. Also, the application server 11 uses the service platform 12 to notify the secure box 14 of the generated session ID and to request connection to the relay server 13 . Furthermore, the application server 11 notifies the information terminal 111 of the request source of the issued session ID.

The secure box 14 uses the notified session ID to connect to the relay server 13 through the first encrypted communication 3 according to the request from the communication management system 10 . For example, the secure box 14 establishes a session with the relay server 13 by first encrypted communication 3 using Web Socket over HTTPS (Hypertext Transfer Protocol Secure) (hereinafter referred to as wws).

Also, the information terminal 111 connects to the relay server 13 through the second encrypted communication 4 using the session ID notified from the communication management system 10 . For example, the information terminal 111 establishes a session with the relay server 13 through the second encrypted communication 4 using wws.

Relay server 13 relays communication between information terminal 111 and secure box 14 that have established a session with relay server 13 using the same session ID (identification information). For example, the relay server 13 communicatively connects the information terminal 111 and the secure box 14 by tunneling the first encrypted communication 3 and the second encrypted communication 4 .

By the above processing, the information terminal 111 can be connected to the secure box 14 by wss. The secure box 14 also has a protocol conversion function for using, for example, a remote desktop service provided by the information processing apparatus 101 connected to the local network 100 from the web browser of the information terminal 111 . Note that the protocol conversion according to the present embodiment converts an application level protocol, and is different from, for example, a lower layer protocol conversion executed by a general gateway or the like.

For example, the secure box 14 converts an RDP (Remote Desktop Protocol) format remote desktop screen from a remote desktop service provided by the information processing apparatus 101 into image data in a format displayable by the web browser of the information terminal 111 . The secure box 14 also converts the wws operation information received from the information terminal 111 into operation information in RDP format, and transmits the operation information to the remote desktop service.

With the above processing, the information terminal 111 can easily and securely communicate with the information processing device 101 connected to the local network 100 without performing complicated work such as changing the network configuration. can. In addition, the information terminal 111 uses the protocol conversion function of the secure box 14 to perform remote desktop services provided by the information processing apparatus 101 connected to the local network 100, for example, using the web browser of the information terminal 111. will be made available.

(About assignment)
In the communication system 1 described above, the communication management system 10 manages log information (first log information) relating to communication (first communication) for connecting the information terminal 111 to the secure box 14 . On the other hand, log information (second log information) relating to communication (second communication) between the information terminal 111 and the access destination terminal is managed on the local network side such as the secure box 14, for example. Here, the log information is information recording the date and time when various events such as the start and end of communication, login to the access source, various operations, etc. occurred, and the contents of the event. This log information can be used for various tasks such as attendance management in a business system such as an attendance system in the local network 100 .

However, in the communication system 1 described with reference to FIG. 1, the first log information managed by the communication management system 10 and the second log information managed by the secure box 14 or the like on the local network side are linked with each other. Therefore, in order to use the communication system 1 and manage the information of the user who uses the information terminal 111, the first log information managed by the communication management system 10 and the second log information managed by the secure box 14 or the like are required. It is required to check the third log information associated with the log information of .

Therefore, in the present embodiment, in the communication system 1 in which the terminal of the access source remotely accesses the terminal of the access destination via the communication management system 10 and the secure box 14, the log information can be centrally managed on the local network side. to

For example, the communication management system 10 acquires first log information regarding the first communication between the information terminal 111 and the secure box 14 and transmits it to the secure box 14 . In addition, the secure box 14 acquires second log information related to the second communication between the information terminal 111 and the access destination terminal, and stores the first log information received from the communication management system 10 and the acquired first log information. The third log information including the second log information is stored and managed in the log server 15 or the like.

As described above, according to the present embodiment, in the communication system 1 in which the access source terminal remotely accesses the access destination terminal via the communication management system 10 and the secure box 14, log information is stored on the local network 100 side. can be centrally managed. As a result, for example, a business system such as an attendance system in the local network 100 uses the third log information stored in the log server 15 or the like to notify the user who uses the information terminal 111 of the arrival/departure of work and the access destination terminal. You will be able to manage various information such as the usage status of

Note that the system configuration of the communication system 1 shown in FIG. 1 is an example. For example, in the example of FIG. 1, local network 100 is connected to communication network 2 via secure box 14 . However, this is only an example, and the local network 100 may be connected to the communication network 2 via routers, firewalls, and the like. In this case, the secure box 14 communicates with the service platform 12 and relay servers via routers and firewalls.

Also, the secure box 14 is an example of a communication device that connects to the local network 100 . The communication device may be, for example, a server device or the like that has a communication function and executes a predetermined program. Furthermore, the communication network 2 may include, for example, a connection section through wireless communication such as mobile communication or wireless LAN.

<Hardware configuration>
The information terminal 111, the information processing apparatus 101, the management terminal 5, and the like have the hardware configuration of a computer 200 as shown in FIG. 2, for example. Also, the application server 11 , service platform 12 , relay server 13 , communication management system 10 and the like are implemented by one or more computers 200 .

FIG. 2 is a diagram illustrating an example of a hardware configuration of a computer according to one embodiment; The computer 200 includes, for example, a CPU (Central Processing Unit) 201, a ROM (Read Only Memory) 202, a RAM (Random Access Memory) 203, an HD (Hard Disk) 204, an HDD (Hard Disk Drive), ) controller 205, display 206, external device connection I / F (Interface) 207, one or more network I / F 208, keyboard 209, pointing device 210, DVD-RW (Digital Versatile Disk Rewritable) drive 212, media I / F 214 , and a bus line 215 and the like.

Among these, the CPU 201 controls the operation of the computer 200 as a whole. The ROM 202 stores programs such as an IPL (Initial Program Loader) that are used to start the computer 200 . The RAM 203 is used as a work area for the CPU 201, for example. The HD 204 stores, for example, an OS (Operating System), applications, programs such as device drivers, and various data. The HDD controller 205 controls reading or writing of various data to the HD 204 under the control of the CPU 201, for example.

The display 206 displays various information such as cursors, menus, windows, characters, and images. Note that the display 206 may be provided outside the computer 200 . The external device connection I/F 207 is an interface such as USB and RS-232C for connecting various external devices such as electronic devices, measuring instruments, and external storage devices to the computer 200 . One or more network I/Fs 208 are interfaces for data communication using, for example, the communication network 2, local network 100, remote network 110, or the like.

The keyboard 209 is a type of input means having a plurality of keys for inputting characters, numerical values, various instructions, and the like. The pointing device 210 is a type of input means for selecting and executing various instructions, selecting processing targets, moving a cursor, and the like. Note that the keyboard 209 and pointing device 210 may be provided outside the computer 200 .

A DVD-RW drive 212 controls reading or writing of various data to a DVD-RW 211 as an example of a removable recording medium. The DVD-RW 211 is not limited to DVD-RW, and may be DVD-R or the like. A media I/F 214 controls reading or writing (storage) of data to a media 213 such as a flash memory. A bus line 215 includes an address bus, a data bus, various control signals, and the like for electrically connecting the components described above.

Note that the configuration of the computer 200 shown in FIG. 2 is an example. The computer 200 may have any configuration as long as it has, for example, a CPU 201, a ROM 202, a RAM 203, one or more network I/Fs 208, and a bus line 215. Further, for example, the hardware configuration of the access destination terminal such as the image forming apparatus 102 may be any configuration as long as it has a communication function and a computer configuration.

<Functional configuration>
Next, each device related to the communication system 1 and the functional configuration of the system will be described.

(Functional configuration of communication management system)
FIG. 3 is a diagram illustrating an example of a functional configuration of a communication management system according to one embodiment; For example, by executing a predetermined program on one or more computers 200, the communication management system 10 stores a reception unit 311, a first communication management unit 312, a storage unit 313, an authentication unit 321, a device control unit 322, a log It implements an information transmission unit 323, an acquisition unit 324, a log information storage unit 325, a user information storage unit 326, a connection management unit 331, a relay unit 332, and the like. It should be noted that at least part of the functional configurations described above may be realized by hardware.

The reception unit 311 is realized by, for example, a program executed by the CPU 201 or the like provided in the application server 11, and executes reception processing for receiving request information such as a connection request from the information terminal 111 or a setting request from the management terminal 5. . For example, the reception unit 311 functions as a web server that provides web content for using services provided by the communication management system 10 .

The first communication management unit 312 is realized, for example, by a program executed by the CPU 201 or the like included in the application server 11 . The first communication management unit 312, for example, sets the communication (hereinafter referred to as first communication) between the information terminal (an example of an access source terminal) 111 and the secure box (an example of a communication device) 14 to a session ID. (identification information) and a first communication management process that is managed in association with the (identification information).

The storage unit 313 is implemented by, for example, a program executed by the CPU 201 or the like included in the application server 11, the HD 204, the HDD controller 205, or the like, and stores various information managed by the communication system 1. FIG. Information managed by the communication system 1 will be described later.

The authentication unit 321 is realized by, for example, a program executed by the CPU 201 or the like included in the service platform 12 (hereinafter referred to as service PF 12). The authentication unit 321 executes, for example, authentication processing for authenticating the user using the information terminal 111, the administrator using the management terminal 5, the information terminal 111, the secure box 14, and the like. Note that the communication system 1 may perform authentication using, for example, an external authentication server or the like.

The device control unit 322 is implemented by, for example, a program executed by the CPU 201 or the like provided in the service PF 12 , and executes device control processing for controlling communication devices such as the secure box 14 connected to the local network 100 . For example, the device control unit 322 establishes communication (for example, constant connection by MQTT) between the secure box 14 and the communication management system 10 in response to a request from the secure box 14 connected to the local network 100 . In addition, when the reception unit 311 receives a connection request from the information terminal 111 , the device control unit 322 notifies the secure box 14 of the session ID generated by the reception unit 311 to request connection to the relay server 13 . demand. Also, each functional configuration included in the communication management system 10 can communicate with the secure box 14 using the device control section 322 .

The log information transmission unit 323 transmits, for example, the first log information related to the first communication between the access source terminal such as the information terminal 111 and the communication device such as the secure box 14 to the secure box 14 or the like. Execute log information transmission processing. The first log information transmitted by the log information transmission unit 323 to the secure box 14 or the like is not limited to log information related to the first communication. Various log information may be included.

The acquisition unit 324 is implemented by, for example, a program executed by the CPU 201 or the like provided in the service PF 12, and acquires log information (third log information) managed by the log server 15 via the device control unit 322, the secure box 14, and the like. Execute the acquisition process to acquire by

The log information storage unit 325 is implemented by, for example, a program executed by the CPU 201 of the service PF 12, the HD 204, the HDD controller 205, and the like, and stores first log information generated by the communication management system 10. FIG.

The user information storage unit 326 is implemented by, for example, a program executed by the CPU 201 included in the service PF 12, the HD 204, the HDD controller 205, and the like, and stores user information and the like used by the authentication unit 321 for authentication. For example, the user information storage unit 326 stores a tenant list 602, a user list 603, a user group list 701, etc., which will be described later.

The connection management unit 331 is realized by, for example, a program executed by the CPU 201 or the like included in the relay server 13, and manages the connection between the first encrypted communication 3 relayed by the relay server 13 and the second encrypted communication 4. .

The relay unit 308 is implemented by, for example, a program executed by the CPU 201 or the like included in the relay server 13 , and relays communication between the information terminal (access source terminal) 111 and the secure box (communication device) 14 . For example, the relay unit 308 uses the same session ID to perform the first encrypted communication 3 established with the secure box 14 and the second encrypted communication 4 established with the information terminal 111. It relays between the first cryptographic communication 3 and the second cryptographic communication 4 by establishing a tunnel between.

Note that the functional configuration of the communication management system 10 shown in FIG. 3 is an example. Each functional configuration included in the communication management system 10 can be realized by a program executed by any computer 200 included in the communication management system 10 . Further, the relay server 13 may be provided outside the communication management system 10 . Furthermore, the authentication unit 321 and the storage unit 313 may be implemented by a server device external to the communication management system 10 or the communication system 1 .

(Functional configuration of secure box)
FIG. 4 is a diagram illustrating an example of a functional configuration of a secure box according to one embodiment; Before describing the functional configuration of the secure box 14, an overview of an example of the local network 100 will be described. In the example of FIG. 4, the local network 100 includes a first local network 410 connected to the communication network 2 via a router 411 and a firewall 412 . Local network 100 may also include a second local network 420 that connects to first local network 410 via secure box 14 .

In the example of FIG. 4, the first local network 410 is connected to the secure box 14, the log server 15a, the information processing device 101, the image forming device 102, and the like. Further, the first local network 410 is not limited to the information processing apparatus 101 and the image forming apparatus 102, and various information processing apparatuses, electronic devices, or systems may be connected.

Also, the second local network 420 is connected to, for example, a request for approval server 421 that provides a request for approval service dedicated to tenants, or an attendance server 422 that provides a time and attendance management service dedicated to tenants, and the log server 15b. Note that the local network 100 may include either one of the log server 15a and the log server 15b. Further, in the following description, "log server 15" is used when indicating an arbitrary log server out of log server 15a and log server 15b.

Next, the functional configuration of the secure box 14 will be explained. Note that the secure box 14 is an example of a communication device that connects to a second network different from the first network.

The secure box 14 executes a predetermined program on the computer 200 included in the secure box 14, for example, a first communication unit 401, an encryption communication unit 402, a second communication management unit 403, one or more conversion units. 404, a device management unit 405, a log information management unit 406, a second communication unit 407, a storage unit 408, and the like. It should be noted that at least part of the functional configurations described above may be realized by hardware.

The first communication unit 401 connects the secure box 14 to the first local network 410 using, for example, the network I/F 208, and executes first communication processing for communicating with other devices.

The cryptographic communication unit 402 executes cryptographic communication processing for establishing a session with the relay server 13 in the first cryptographic communication 3 using, for example, a session ID (identification information) notified from the communication management system 10 .

The second communication management unit 403 controls communication (hereinafter referred to as second 2 communication) is executed.

For example, it is assumed that the second communication management unit 403 receives a login request to the remote desktop service provided by the information processing apparatus 101 from the information terminal 111 that is the access source. In this case, the second communication management unit 403 converts between the wss (WebSocket over HTTPS) protocol used by the information terminal 111 and the RDP (Remote Desktop Protocol) protocol used by the information processing apparatus 101. 404 is activated. In addition, the second communication management unit 403 sets the access source information terminal 111 and the access destination information processing apparatus 101 to perform second communication via the activated conversion unit 404 . Further, the second communication management unit 403 generates log information regarding the second communication (hereinafter referred to as second log information) and outputs it to the log information management unit 406 and the like.

One or more conversion units 404 execute conversion processing for mutual protocol conversion between a protocol used by an access source terminal and a protocol used by an access destination terminal. For example, one or more conversion units 404 include one conversion unit 404 that mutually converts between the wss protocol used by the information terminal 111 and the RDP protocol used by the information processing apparatus 101 at the access destination. Further, one or more conversion units 404 each convert between the wss protocol used by the information terminal 111 and a Web API (Application Programming Interface) for using the fax service provided by the image forming apparatus 102 . includes a conversion unit 404 of . Note that the Web API for using the fax service provided by the image forming apparatus 102 is an example of a protocol used by the access destination terminal according to the present embodiment.

The device management unit 405 performs processing of the entire secure box 14 such as activation processing of the secure box 14, for example. Also, the device management unit 405 stores and manages, for example, the setting information of the secure box 14 set by the communication management system 10 or the like in the storage unit 408 or the like.

The log information management unit 406 receives the first log information from the communication management system 10, and creates a third log including the first log information and the second log information output by the second communication management unit 403. A log information management process for storing and managing information in the storage unit 408 or the like is executed.

The second communication unit 407 connects the second local network 420 to the secure box 14 using, for example, the network I/F 208 different from that of the first communication unit 401 .

The storage unit 408 is implemented by, for example, a program executed by the CPU 201 or the like included in the secure box 14, the HD 204, the HDD controller 205, or the like, and stores various information including setting information of the secure box 14. FIG.

(Functional configuration of information terminal)
The information terminal 111 implements a communication unit 501, an encrypted communication unit 502, a display control unit 503, an operation reception unit 504, a storage unit 505, and the like by executing a predetermined program on the CPU 201 of the information terminal 111, for example. ing. It should be noted that at least part of the functional configurations described above may be realized by hardware.

For example, the communication unit 501 connects the information terminal 111 to the communication network 2 or the remote network 110 using the network I/F 208, and executes communication processing for communicating with other devices.

The cryptographic communication unit 502 is realized by, for example, a web browser or OS executed by the CPU 201, and uses the session ID (identification information) notified from the communication management system 10 to communicate with the relay server in the second cryptographic communication 4. 13 to establish a session.

The display control unit 503 is implemented by, for example, a web browser executed by the computer 200, and displays a display screen (Web UI, HTML screen, etc.) transmitted from the communication management system 10, the secure box 14, or the like. In addition, the display control unit 503 also controls the reproduction of audio when the display screen includes audio data.

The operation reception unit 504 is implemented by, for example, a web browser executed by the computer 200 and receives an operation by a user (or an administrator) or the like on the display screen displayed by the display control unit 503 .

The storage unit 505 is realized by, for example, a program executed by the CPU 201, the HD 204, the HDD controller 205, etc., and stores various information or data.

Note that the management terminal 5 is a computer 200 equipped with a general web browser. It has a functional configuration.

<Information managed by the communication system>
6 to 10 are diagrams showing examples of information managed by the communication system according to one embodiment. FIG. 6A shows an image of an example of a service URL list managed by the communication system 1. FIG. Each device included in the communication system 1 preferably stores URL information for connecting to a device to be accessed in, for example, a service URL list 601 as shown in FIG. 6(A).

FIG. 6B shows an image of an example of a tenant list 602 managed by the communication system 1. As shown in FIG. The communication management system 10 stores and manages, for example, a tenant list 602 as shown in FIG. 6B in the user information storage unit 326 or the like. The tenant list 602 stores, for example, tenant IDs and tenant names in association with each other. A tenant ID is, for example, identification information (tenant identification information) that identifies a tenant that is a contract unit such as a company, an organization, an organization, or a group. The tenant name is information indicating the name of the tenant and the like.

FIG. 6C shows an example image of the user list 603 managed by the communication system 1 . The communication management system 10 stores and manages, for example, a user list 603 as shown in FIG. 6C in the user information storage unit 326 or the like. The user list 603 stores, for example, tenant IDs, user IDs, user names, display names, and passwords (hashed) in association with each other. A user ID is identification information for identifying a user registered in the communication system 1 . The user name is information indicating the user's name and the like. The display name is the user's display name. A password (hashed) is an example of authentication information for authenticating a user. The authentication information for authenticating the user may be, for example, authentication information other than a password, such as an electronic certificate.

FIG. 7A shows an image of an example of a user group list 701 managed by the communication system 1. FIG. The communication management system 10 stores and manages, for example, a user group list 701 as shown in FIG. 7A in the user information storage unit 326 or the like. The user group list 701 stores, for example, tenant IDs, user group IDs, user group names, and member lists in association with each other. A user group ID is identification information for identifying a user group that groups users. A user group name is information indicating the name of a user group. The member list stores user IDs of one or more users belonging to the user group.

FIG. 7B shows an example image of the type list 702 managed by the communication system 1 . The communication management system 10 stores and manages, for example, a type list 702 as shown in FIG. 7B in the storage unit 313 or the like. The type list 702 stores, for example, tenant IDs, type IDs, type names, and conversion programs in association with each other. The type ID is identification information that identifies the type of conversion program. The type name is information indicating the name of the conversion program type. The conversion programs include, for example, a conversion program common to each tenant (common) and a conversion program dedicated to each tenant (tenant).

FIG. 8A shows an image of an example of a service list 801 managed by the communication system 1. FIG. The communication management system 10 stores and manages, for example, a service list 801 as shown in FIG. 8A in the storage unit 313 or the like. The service list 801 stores, for example, tenant IDs, service IDs, service names, types, and destinations in association with each other. A service ID is identification information for identifying a service provided by the communication system 1 . The service name is information indicating the name of the service and the like.

The type is information indicating the type of service. The destination is information indicating the destination of the electronic device that provides the service. The destination may be an IP address or an FQDN (Fully Qualified Domain Name). Also, if the destination is an electronic device that cannot perform IP communication, it may be, for example, an RS-232C COM port or a USB interface.

FIG. 8B shows an example image of the service group list 802 managed by the communication system 1 . The communication management system 10 stores and manages, for example, a service group list 802 as shown in FIG. 8B in the storage unit 313 or the like. The service group list 802 stores, for example, tenant IDs, service group IDs, service group names, member lists, and log server service IDs in association with each other.

The service group ID is identification information that identifies a service group in which services are grouped. The service group name is information indicating the name of the service group. The member list stores service IDs and the like of services included in the service group. The log server service ID is identification information for identifying the log server 15 used by each tenant.

FIG. 8C shows an example image of the action list 803 managed by the communication system 1 . The communication management system 10 stores and manages, for example, an action list 803 as shown in FIG. 8C in the storage unit 313 or the like. The action list 803 stores, for example, tenant IDs, action IDs, action names, and actions in association with each other. Action ID is identification information that identifies an action. The action name is information indicating the name of the action and the like. The actions include actions common to each tenant (common) and actions dedicated to each tenant (tenant). Also, the action defines execution contents such as permitting, denying, or performing multi-factor authentication. In addition, log information can be left in the action.

FIG. 9A shows an image of an example of a policy list 901 managed by the communication system 1. FIG. The communication management system 10 stores and manages, for example, a policy list 901 as shown in FIG. 9A in the storage unit 313 or the like. The policy list 901 stores, for example, tenant IDs, policy IDs, policy names, priorities, users, services, and actions in association with each other. A policy ID is identification information that identifies a policy. The policy name is information indicating the name of the policy.

Priority is information indicating the priority of the policy. The user stores the user ID of the user corresponding to each policy, or the user group ID of the user group. The service stores a service ID of a service corresponding to each policy, a service group ID of a service group, or the like. The action stores an action corresponding to each policy.

Based on the policy list 901, the communication management system 10 executes the "action" when the accessed "user or user group" matches the "service or service group". In addition, since these policies may match multiple "users or user groups" or "services or service groups", the communication management system 10 can set the priority and Take action when matched.

Here, the policy is supposed to execute actions according to the set priority, but it is not limited to this. For example, the communication management system 10 uses a method such as the longest match for executing an action in the case of more detailed settings, or continuously confirms whether or not the next policy matches after executing the action, and then confirms whether the next matched policy matches. It is also possible to take the method of executing the action of

FIG. 9B shows an example image of a secure box list 902 managed by the communication system 1 . For example, the communication management system 10 stores and manages a secure box list 902 as shown in FIG. 9B in the storage unit 313 or the like. The secure box list 902 stores, for example, tenant IDs, device IDs, device names, and setting information such as automatic updates in association with each other. The device ID is identification information (device identification information) that identifies the secure box 14 . The device name is information indicating the name of the secure box 14 and the like. Automatic update is an example of setting information indicating whether or not automatic updating of the setting information of the secure box 14 is enabled, and update timing when automatic updating is enabled.

FIG. 9C shows an example image of the log data transfer destination list 903 managed by the communication system 1 . The communication management system 10 stores and manages, for example, a log data transfer destination list 903 as shown in FIG. 9C in the storage unit 313 or the like. The log data transfer destination list 903 stores a device ID and a log server service ID that specify a transfer destination device to which log information is transferred, in association with a tenant ID that identifies a tenant.

<About log information>
(Flow of log information)
FIG. 10 is a diagram for explaining the flow of log information according to one embodiment. In FIG. 10, the information terminal 111a uses the communication system 1 to connect to the secure box 14a of the local network 100a, and uses, for example, the remote desktop service provided by the information processing device in the local network 100a. . Similarly, the information terminal 111b uses the communication system 1 to connect to the secure box 14b of the local network 100b, and uses, for example, a remote desktop service provided by an information processing device within the local network 100b. In FIG. 10, the solid line arrows mainly indicate the flow of communication related to log information, and the dashed lines indicate the communication of the remote desktop service.

A user using the information terminal 111a can access the application server 11 using a web browser or the like of the information terminal 111 and request the communication system 1 to start a remote desktop service, for example.

For example, upon receiving a remote desktop service start request from the information terminal 111a, the application server 11 uses the service PF12 to start a session (hereinafter referred to as session A) corresponding to the information terminal 111a. As a result, the information terminal 111a is encrypted by the session A through the secure box 14a in the local network 100a provided in the tenant A to which the information terminal 111a (or the user of the information terminal 111a) belongs, and the relay server 13. can communicate. At this time, the service PF 12 transmits log information (first log information) regarding this session A (first communication) to the secure box 14a of the local network 100a.

Further, when session A is established, the information terminal 111a transmits PC login information and the like for logging in to the remote desktop service provided by the information processing apparatus 101 to the secure box 14a via the relay server 13 . In response to this, the secure box 14a activates the conversion unit 404 corresponding to the remote desktop service and relays communication between the information terminal 111a and the information processing device. At this time, the secure box 14a outputs log information (second log information) regarding communication (second communication) between the information terminal 111a and the information processing device.

The secure box 14a transmits the first log information of the tenant A transmitted by the service PF 12 and the second log information output by the secure box 14a to the log server 15 corresponding to the tenant A, and outputs the third log Manage as information.

Similarly, the information terminal 111b can perform cryptographic communication in session B with the secure box 14b of the local network 100b via the relay server 13. FIG. At this time, the service PF 12 transmits log information (first log information) regarding this session B (first communication) to the secure box 14b of the local network 100b. Further, when the session B is established, the information terminal 111b communicates with the information processing device that provides the remote desktop service via the secure box 14b. In addition, the secure box 14b transmits the first log information of the tenant B transmitted by the service PF 12 and the second log information related to the second communication output by the secure box 14b to the log server 15 corresponding to the tenant B. and managed as third log information.

Note that log information output by the relay server 13 may be further included in the first log information managed by the service PF 12 .

(Example of log information)
11 and 12 are diagrams showing examples of log information according to one embodiment. FIG. 11A shows an image of an example of the first log information (user) output by the communication management system 10. FIG. The first log information (user) 1101 includes log information related to the user (end user) who uses the information terminal 111 . In the example of FIG. 11A, the first log information (user) 1101 includes items such as time stamp, tenant ID, session ID, log server ID, user, service, operation, and result. included.

The time stamp is information indicating the date and time when the event occurred or the date and time when the log information was output. A tenant ID is identification information that identifies a tenant. A session ID is identification information that identifies a session. The log server ID is identification information for identifying the destination log server 15 or the like to which the first log information 1101 is sent. The user is information such as the name of the user who uses the information terminal 111, the display name, or identification information for identifying the user. The service is information such as the service name of the service used by the user or identification information for identifying the service. The operation is information indicating the content of the operation performed by the user. The result is information indicating the result of the user's operation.

The first log information (user) 1101 indicates how the user using the information terminal 111 operated the service. For example, in protocol conversion processing, the content of operation from the browser is converted, and a meaningful log can be acquired at the timing of instructing the service to be operated and the timing of receiving the response. This can be an advantage over normal network access logs, which provide information such as the access source address, destination address, and processing, and cannot determine "who" and "what". In the communication system 1 according to the present embodiment, the first log information (user) 1101 allows the user using the information terminal 111 to grasp what kind of operation was performed on what kind of resource. For example, security tracking and non-repudiation can be implemented.

FIG. 11B shows an image of an example of first log information (administrator) output by the communication management system 10 . The first log information (administrator) 1102 includes log information related to an administrator or the like who uses the management terminal 5 . In the example of FIG. 11B, the first log information (administrator) 1102 includes items such as time stamp, tenant ID, session ID, log server ID, user, operation, and result. . These items are the same as the items included in the first log information (user) 1101 described with reference to FIG. It is content.

In the first log information (administrator) 1102, it is possible to grasp what kind of operation the administrator or the like has performed on what kind of resource. can do.

For the first log information (user) 1101 and the second log information (administrator) 1102, settings such as the transfer destination log server 15 or the presence or absence of transfer can be changed. Also, the first log information (user) 1101 and the second log information (administrator) 1102 can be viewed, downloaded, or accessed by accessing the application server 11 using the management terminal 5, for example. Transfer etc. can be performed.

Note that the first log information (user) 1101 and the second log information (administrator) 1102 may be included in one piece of first log information, for example. In the following description, the first log information (user) 1101 and the second log information (administrator) 1102 are simply referred to as "first log information" when there is no particular need to distinguish them. .

The communication management system 10, for example, when an event such as "login and logout to a service", "relay server connection start and end", or "remote desktop connection start, end and forced end" occurs, Generate first log information. Also, the communication management system 10 generates the first log information when an event such as "registration, deletion, and change of service" or "registration, deletion, and change of user information" occurs. can be Further, the communication management system 10, for example, when an event such as "access policy registration, deletion, and change", "secure box registration, deletion, and change" or "user operation error" occurs, First log information may be generated.

FIG. 11C shows an image of an example of the second log information output by the secure box 14. FIG. The second log information 1103 includes, for example, log information related to the second communication between the access source terminal such as the information terminal 111 and the access destination terminal such as the information processing apparatus 101 or the attendance server 422. be In the example of FIG. 11C, the second log information 1103 includes, for example, the same as the first log information (user) 1101, such as timestamp, tenant ID, session ID, log server ID, user, service , operations, and results.

The secure box 14, for example, when events such as "registration, deletion, and change of service", "start, end, and forced termination of connection with a relay server" and "error related to operation of the secure box" occur , to generate the second log information. Also, the secure box 14, for example, when an event such as "activation of the secure box", "login and logout of the secure box", or "change of setting information of the secure box or update of firmware" occurs , may generate the second log information.

FIG. 12A shows an image of an example of the third log information stored or output by the log server 15. FIG. The third log information 1201 includes, for example, first log information and second log information. In the example of FIG. 12A, the third log information 1201 includes the first log information (user) 1101 as shown in FIG. 11A and the second log information as shown in FIG. 11C. of log information 1103 is included. In the example of FIG. 12A, the first log information (user) 1101 is indicated by reverse characters, but the third log information 1201 indicates the origin of the log information (for example, the communication management system 10, Alternatively, information indicating the secure box 14, etc.) may be included.

<Process flow>
Next, the flow of processing of the communication management method according to one embodiment will be described.

(Processing when the secure box starts up)
FIG. 13 is a sequence diagram illustrating an example of processing when the secure box is activated according to one embodiment. This processing is an example of processing executed by the communication system 1 when the power of the secure box 14 registered in the communication system 1 provided in the local network 100 is turned on.

In step S1301, when the power of the secure box 14 is turned on from off, the communication system 1 executes the processes from step S1302 onward.

In step S<b>1302 , the first communication unit 401 of the secure box 14 transmits a connection start request requesting connection with the communication management system 10 to the communication management system 10 . This connection start request includes, for example, authentication information for the secure box 14 .

In step S1303, upon receiving the connection start request from the secure box, the device control unit 322 of the service PF 12 requests the authentication unit 321 to authenticate the authentication information included in the connection start request.

In step S<b>1304 , the authentication unit 321 of the service PF 12 authenticates the authentication information of the secure box 14 . Here, as described above, the secure box 14 has already been registered in the communication system 1, so the authentication is successful (the authentication result is OK). Also, in step S1305, the authentication unit 321 notifies the log information transmission unit 323 of log information including the authentication result.

In step S1306, the authentication unit 321 notifies the device control unit 322 of the authentication result (OK) indicating that the authentication has succeeded. In response, in step S1307, the device control unit 322 notifies the secure box 14 that the connection is permitted. (permanent connection by

In step S<b>1309 , the device management unit 405 of the secure box 14 transmits a setting acquisition request requesting acquisition of setting information to the communication management system 10 via the first communication unit 401 .

In step S<b>1310 , the device control unit 322 of the service PF 12 notifies the application server 11 of the setting acquisition request received from the secure box 14 .

In step S<b>1311 , the reception unit 311 of the application server 11 notifies the log information transmission unit 323 of log information indicating that the setting acquisition request has been received from the secure box 14 . In step S1312, the reception unit 311 acquires the setting information of the secure box 14 from, for example, the secure box list 902 shown in FIG. 9B, and notifies the device control unit 322 of the acquired setting information. do.

In step S1313, the device control unit 322 of the service PF 12 transmits the setting information notified from the application server 11 to the secure box 14 that made the request.

In step S<b>1314 , the device management unit 405 of the secure box 14 reflects the setting information notified from the communication management system 10 to the setting information of the secure box 14 .

In steps S1315 and S1316, the device control unit 322 of the service PF 12 acquires state information indicating the state of the secure box 14 from the secure box 14, and updates the state of the secure box 14 managed by the device control unit 322. .

In step S1318, the log information transmission unit 323 of the service PF 12 transmits the first log information including the log information received in steps S1305 and S1311 to the secure box 14, for example. Note that the transmission timing of the first log information shown in FIG. 13 is an example. For example, when log information is received from the authentication unit 321, the application server 11, or the like, the log information transmission unit 323 transmits first log information including the received log information to the secure box 14. can be

In steps S<b>1319 and S<b>1320 , the log information management unit 406 of the secure box 14 stores the first log information received from the communication management system 10 in the log server 15 .

(Login processing of information terminal)
FIG. 14 is a sequence diagram illustrating an example of login processing of the information terminal according to the embodiment; This process shows an example of a process in which a user registered in the communication system 1 logs into the communication management system 10 using the information terminal 111 .

In step S1401, the user uses the web browser of the information terminal 111 (or an application having a web browser function, etc.) to perform a connection operation to connect to the application server 11 of the communication management system 10. FIG.

In steps S<b>1402 and S<b>1403 , upon receiving the user's connection operation, the operation reception unit 504 of the information terminal 111 accesses the specified URL and acquires the web UI from the application server 11 .

In steps S1404 and S1405, the display control unit 503 of the information terminal 111 generates authorization request parameters and saves the generated authorization request parameters in the session storage. Also, in step S1406, the display control unit 503 transmits an authorization request including the generated authorization request parameter to the authentication unit 321 of the service PF12.

In step S<b>1407 , the authentication unit 321 of the service PF 12 notifies the information terminal 111 of the login redirect destination URL in response to the authorization request from the information terminal 111 .

In step S<b>1408 , the display control unit 503 of the information terminal 111 requests the application server 11 to display the login screen using the URL of the redirect destination notified from the authentication unit 321 .

In step S<b>1409 , the application server 11 transmits a login screen to the information terminal 111 . Accordingly, in step S1410, the display control unit 503 of the information terminal 111 displays the login screen.

In step S1411, when the user performs a login operation of inputting login information on the login screen, the communication system 1 executes the processes after step S1412.

In step S<b>1412 , upon receiving the user's login operation, the operation reception unit 504 of the information terminal 111 transmits a login request including the input login information to the application server 11 .

In step S1413, upon receiving the login request from the information terminal 111, the application server 11 notifies the requesting information terminal 111 of the callback destination and the temporary code.

In step S1414, the display control unit 503 of the information terminal 111 transmits a token acquisition request including the temporary code notified from the application server 11 to the authentication unit 321 of the service PF12.

In step S<b>1415 , the authentication unit 321 of the service PF 12 authenticates the user in response to the token acquisition request from the information terminal 111 . Here, as described above, the user is a registered user in the communication system 1, so the authentication is successful (the authentication result is OK). Also, in step S1416, the authentication unit 321 notifies the log information transmission unit 323 of log information indicating the authentication result.

In step S1417, the authentication unit 321 of the service PF 12 notifies the information terminal 111 of information such as the access token, the refresh token, and the expiration date.

In steps S1418 and S1419, the display control unit 503 of the information terminal 111 acquires user information from the authentication unit 321 of the service PF 12 using the user ID of the user, the notified access token, and the like. In step S1420, the display control unit 503 of the information terminal 111 displays the screen after login using the acquired user information.

In step S1421, the application server 11 notifies the log information transmission unit 323 of the log information generated by the above process.

In step S1422, the log information transmission unit 323 of the service PF 12 transmits the first log information including the log information received in steps S1416 and S1421 to the secure box 14, for example. Note that the transmission timing of the first log information shown in FIG. 14 is an example.

In steps S 1423 and S 1424 , the log information management section 406 of the secure box 14 stores the first log information received from the communication management system 10 in the log server 15 .

Note that the login process shown in FIG. 14 is an example, and the communication system 1 may authenticate the user and permit login by other procedures.

(Processing when connecting to remote desktop)
15 to 17 are sequence diagrams illustrating an example of processing during remote desktop connection according to an embodiment. This processing shows an example of processing executed by the communication system 1 when connecting from the information terminal 111 to the remote desktop service provided by the information processing apparatus 101 . It is assumed that the information terminal 111 has already logged into the communication management system 10 by the information terminal login process described in FIG. 14 at the start of the process shown in FIG.

In step S1501, when the user performs a portal screen display operation on the information terminal 111, the communication system 1 executes the processes after step S1502.

In step S1502, upon receiving the portal screen display operation by the user, the operation reception unit 504 of the information terminal 111 requests the application server 11 to display the portal screen.

In step S<b>1503 , the reception unit 311 of the application server 11 transmits the portal screen to the information terminal 111 in response to the request from the information terminal 111 . Accordingly, in step S1504, the display control unit 503 of the information terminal 111 displays the portal screen.

In step S1505, when the user selects a remote desktop connection (hereinafter referred to as RDP connection) from the portal screen, the communication system 1 executes the processes from step S1506.

In step S1506, the operation reception unit 504 of the information terminal 111 requests the application server 11 to display a login screen for RDP connection.

In step S<b>1507 , the reception unit 311 of the application server 11 transmits a login screen for RDP connection to the information terminal 111 in response to the request from the information terminal 111 . Accordingly, in step S1508, the display control unit 503 of the information terminal 111 displays, for example, a login screen for inputting login information for RDP connection (hereinafter referred to as PC login information).

In step S1509, when the user inputs the PC login information on the login screen, the communication system 1 executes the processes from step S1510.

In step S1510, when the operation accepting unit 504 of the information terminal 111 accepts input of PC login information (for example, user name, password, domain, etc.) by the user, an RDP connection request including the accepted PC login information is Send to application server 11 .

In step S1511, when the reception unit 311 of the application server 11 receives an RDP connection request including PC login information from the information terminal 111, the first communication management unit 312 generates a session ID.

In steps S1512 and S1513, the first communication management unit 312 of the application server 11 transmits a connection instruction to the relay server 13 including the generated session ID to the secure box 14 via the device control unit 322 of the service PF 12. do.

In step S<b>1514 , the encryption communication unit 402 of the secure box 14 transmits a connection request including the session ID notified from the communication management system 10 to the relay server 13 via the first communication unit 401 .

In step S1515, the connection management unit 331 of the relay server 13 establishes the first cryptographic communication 3 with the cryptographic communication unit 402 of the secure box .

In steps S1516 and S1517, the encryption communication unit 402 of the secure box 14 notifies the application server 11 via the device control unit 322 of the service PF 12 of a connection completion notification indicating connection to the relay server 13 .

In step S1518, the device control unit 322 of the service PF 12 notifies the log information transmission unit 323 of the log information regarding the above process. For example, the device control unit 322 notifies the log information transmission unit 323 of log information indicating that the secure box 14 has connected to the relay server 13 in response to a request from the information terminal 111 .

In step S<b>1519 , the log information transmission unit 323 of the service PF 12 transmits the first log information including the log information received from the device control unit 322 to the secure box 14 .

In steps S 1520 and S 1521 , the log information management unit 406 of the secure box 14 stores the first log information received from the service PF 12 in the log server 15 .

Following the above process, in step S1522 of FIG. 16, the first communication management unit 312 of the application server 11 transmits a session start instruction including the session ID generated in step S1511 to the information terminal 111 via the reception unit 311. Send to

In step S<b>1523 , the encrypted communication unit 502 of the information terminal 111 transmits a connection request including the session ID notified from the application server 11 to the relay server 13 via the communication unit 501 .

In step S<b>1524 , the connection management unit 331 of the relay server 13 establishes the second encrypted communication 4 with the encrypted communication unit 502 of the information terminal 111 . As a result, the information terminal 111 and the secure box 14 can participate in the same session provided by the relay server 13 and exchange data with each other through encrypted communication (eg, wss).

In steps S1523 and S1526, the information terminal 111 transmits the PC login information accepted in step S1509 to the secure box 14 via the relay server 13, for example.

In step S1527, the conversion unit 404 of the secure box 14 protocol-converts the PC login information received from the information terminal 111 into PC login information in RDP format. As a specific example of processing, when the second communication management unit 403 of the secure box 14 receives the PC login information from the information terminal 111, it activates the conversion unit 404 corresponding to the RDP connection. Further, the second communication management unit 403 makes settings so that the information terminal 111 and the information processing apparatus 101 to be accessed can communicate with each other via the activated conversion unit 404 . As a result, the conversion unit 404 converts data in the HTTP format or the like received from the information terminal 111 into data in the RDP format, and transmits the data to the information processing apparatus 101 . Further, the conversion unit 404 converts data in the RDP format received from the information processing apparatus 101 into data in the HTTP format or the like, and transmits the data to the information terminal 111 (relay server 13).

In step S<b>1528 , the conversion unit 404 of the secure box 14 transmits the PC login information converted into the RDP format to the information processing apparatus 101 . Here, it is assumed that the user of the information terminal 111 is an authorized user of the remote desktop service provided by the information processing apparatus 101 and has successfully logged in.

In step S1529, the remote desktop service provided by the information processing apparatus 101 transmits information indicating successful login, a remote desktop screen, etc. to the secure box 14 in RDP format.

In steps S1530 and S1531, the second communication management section 403 of the secure box 14 stores second log information regarding the processing of steps S1526 to S1529 in the log server 15. FIG.

In step S<b>1532 , the conversion unit 404 of the secure box 14 converts the remote desktop screen received from the information processing apparatus 101 into image data in a format displayable by the information terminal 111 .

In steps S 1533 and S 1534 , encryption communication section 402 of secure box 14 transmits the image data converted by conversion section 404 to information terminal 111 via relay server 13 .

In step S<b>1535 , the user can use the remote desktop service provided by the information processing apparatus 101 using, for example, the web browser of the information terminal 111 .

After the above process, for example, in step S1536 of FIG. 17, when the user performs a logout operation of the remote desktop service, the communication system 1 executes the processes after step S1537.

In steps S<b>1537 and S<b>1538 , the information terminal 111 transmits data of the user's logout operation to the secure box 14 via the relay server 13 .

In steps S<b>1539 and S<b>1540 , the conversion unit 404 of the secure box 14 converts the data of the logout operation received from the information terminal 111 into logout operation data in RDP format, and transmits the logout operation data to the information processing apparatus 101 .

In step S<b>1541 , the remote desktop service provided by the information processing apparatus 101 transmits information indicating that the logout was successful to the secure box 14 .

In steps S1542 and S1543, the second communication management unit 403 of the secure box 14 stores the second log information regarding the above logout processing in the log server 15. FIG.

In step S1544, the conversion unit 404 of the secure box 14 converts the information indicating the successful logout received from the information processing apparatus 101 into a predetermined format as necessary.

In steps S 1545 and S 1546 , encrypted communication section 402 of secure box 14 transmits information indicating that the logout was successful to information terminal 111 via relay server 13 .

In step S1547, the encryption communication unit 502 of the information terminal 111 requests the relay server 13 to disconnect the session.

In steps S1548 and S1549, the connection manager 331 of the relay server 13 disconnects the session with the secure box 14. FIG. Also, in step S1550, the connection management unit 331 of the relay server 13 disconnects the session with the information terminal 111. FIG.

In step S1551, the display control unit 503 of the information terminal 111 displays, for example, a screen indicating that logout has been completed.

In step S1552, the encryption communication unit 402 of the secure box 14 notifies the device control unit 322 of the service PF 12 of a disconnection notification indicating that the session with the relay server 13 has been disconnected. As a result, in step S1553, the device control unit 322 notifies the log information transmission unit 323 of log information indicating that the session between the secure box 14 and the relay server 13 has been disconnected, for example.

In step S<b>1554 , the log information transmission unit 323 of the service PF 12 transmits the first log information including the log information received from the device control unit 322 to the secure box 14 .

In steps S<b>1555 and S<b>1556 , the log information management unit 406 of the secure box 14 stores the first log information received from the service PF 12 in the log server 15 .

Through the above processing, the log server 15 stores the third log information including the first log information generated by the communication management system 10 and the second log information generated by the secure box 14 at the time of remote desktop connection. be done.

(setting information setting processing)
FIG. 19 is a sequence diagram illustrating an example of setting information setting processing according to an embodiment. This processing shows an example of processing in which an administrator or the like uses the management terminal 5 to set various information managed by the communication system 1 .

In step S1801, when the administrator or the like performs a portal screen display operation on the web browser of the management terminal 5, in step S1802, the web browser of the management terminal 5 requests the application server 11 to display the portal screen. Send.

In step S<b>1803 , the receiving unit 311 of the application server 11 transmits the portal screen to the requesting management terminal 5 in response to the request from the management terminal 5 . As a result, in step S1804, the web browser of the management terminal 5 displays the portal screen.

In step S1805, the administrator or the like selects, for example, "Settings" from the portal screen. In response, in step 3006, the web browser of the management terminal 5 requests the application server 11 to display the selected setting screen.

In step S1807, the reception unit 311 of the application server 11 transmits the setting screen requested by the management terminal 5 to the management terminal 5 that made the request. Accordingly, in step S1808, the web browser of the management terminal 5 displays a setting screen.

In step S1809, when the administrator or the like performs a change operation to change the setting information of the communication system 1 on the setting screen, the communication system 1 executes the processes from step 1810 onwards.

In step S<b>1810 , the web browser of the management terminal 5 transmits the setting change made by the administrator or the like to the application server 11 .

In step S1811, the reception unit 311 of the application server 11 reflects the settings received from the management terminal 5 in the setting information stored in the storage unit 313, the user information storage unit 326, or the like. Also, in step S1812, the reception unit 311 notifies the log information transmission unit 323 of log information including the content of the setting change.

In step S<b>1813 , the log information transmission unit 323 of the service PF 12 transmits the first log information including the log information notified from the application server 11 to the secure box 14 .

In steps S<b>1814 and S<b>1815 , the log information management unit 406 of the secure box 14 stores the first log information received from the service PF 12 in the log server 15 .

In step S<b>1816 , the reception unit 311 of the application server 11 transmits to the management terminal 5 a setting screen indicating that the setting has been completed. As a result, in step S1817, the web browser of the management terminal 5 displays a setting completion screen.

It should be noted that if the above process requires changing the setting information of the secure box 14, the communication system 1 further executes the processes of steps S1821 to S1827.

In step S<b>1821 , the reception unit 311 of the application server 11 notifies the secure box 14 of the setting change via the device control unit 322 of the service PF 12 . In response, in step S 1823 , device management section 405 of secure box 14 reflects the setting change received from communication management system 10 in the setting information stored in storage section 408 . Also, in steps S1824 and S1825, the device management unit 405 stores second log information indicating the changed content of the setting information in the log server 15. FIG.

In steps S1826 and S1827, the device management unit 405 of the secure box 14 transmits a completion notification indicating that the setting information change has been completed to the application server 11 via the device control unit 322 of the service PF12.

13 to 18, third log information including the first log information generated by the communication management system 10 and the second log information generated by the secure box 14 is accumulated in the log server 15. be.

(Log information output processing)
FIG. 19 is a sequence diagram illustrating an example of log information output processing according to an embodiment. This processing shows an example of output processing in which an administrator or the like uses the management terminal 5 to output the third log information stored in the log server 15 .

In step S1901, the communication system 1 executes portal screen display processing as shown in steps S1801 to S1804 of FIG. 8, for example.

In step S1902, the administrator or the like selects log management from the portal screen. In response to this, the web browser of the management terminal 5 transmits a log information display request to the application server 11 in step S1903.

In step S1903, the reception unit 311 of the application server 11 requests the acquisition unit 324 of the service PF 12 to acquire log information. In response, in step S1905, the acquisition unit 324 transmits a log information acquisition request to the secure box 14. FIG.

In steps S<b>1906 and S<b>1907 , the log information management unit 406 of the secure box 14 acquires the third log information stored in the log server 15 . Also, in step SS1908, the log information management unit 406 transmits the acquired third log information to the service PF12. In response to this, the acquisition unit 324 of the service PF 12 transmits the acquired third log information to the application server 11 in step S1909.

In step S<b>1910 , the reception unit 311 of the application server 11 creates a log information display screen for displaying the third log information acquired by the acquisition unit 324 and transmits it to the management terminal 5 . As a result, in step S1911, the web browser of the management terminal 5 displays the log information display screen.

Through the above process, the administrator or the like can use the communication management system 10 to display the third log information stored in the log server 15 of each tenant on the management terminal 5 . Note that the log information display process for displaying the third log information is an example of the log information output process. For example, in step S1910, the application server 11 executes log information download processing (another example of log information output processing) for downloading the third log information to the management terminal 5 instead of displaying the log information display screen. You can

(Transmission processing of log information)
Next, log information transmission processing will be described.

[First Embodiment]
FIG. 20 is a sequence diagram illustrating an example of log information transmission processing according to the first embodiment. This processing shows an example of processing (transfer processing) in which the communication management system 10 transmits the first log information to the log server 15 in response to an operation by an administrator (or an auditor) or the like.

In step S2001, the communication system 1 executes portal screen display processing as shown in steps S1801 to S1804 of FIG. 8, for example.

In step S2002, the administrator or the like selects a log screen from the portal screen. In response, in step S2003, the web browser of the management terminal 5 requests the application server 11 to display the log screen.

In step S<b>2004 , upon receiving the log screen request from the management terminal 5 , the reception unit 311 of the application server 11 transmits the log screen for receiving the log transfer operation to the request source management terminal 5 . As a result, in step S2005, the web browser of the management terminal 5 displays the log screen.

In step S<b>2006 , it is assumed that the administrator or the like performs a log transfer operation requesting transmission of log information managed by the communication management system 10 to the log server 15 . For example, the administrator or the like may select log information to be transferred to the log server 15 from among multiple pieces of log information displayed on the log screen. Also, the administrator or the like may specify a period and select old log information that is no longer needed, for example, on the log screen. Alternatively, the administrator or the like may specify, for example, the tenant name or the like to select the log information or the like of the tenant whose contract is terminated on the log screen.

In step S2007, the web browser of the management terminal 5 transmits to the application server 11 a transfer request requesting transfer of the log information selected by the administrator or the like.

In step S<b>2008 , the reception unit 311 of the application server 11 notifies the log information transmission unit 323 of the service PF 12 of the log information transfer request received from the management terminal 5 .

In step S<b>2009 , the log information transmission unit 323 transmits the first log information specified in the log information transfer request among the first log information stored in the log information storage unit 325 to the secure box 14 .

In steps S2010 to S2012, the log information management unit 406 of the secure box 14 stores the first log information received from the service PF 12 in the log server 15. FIG. Further, in steps S2013 and S2014, the log information management unit 406 notifies the application server 11 via the service PF 12 of completion notification indicating that the storage of the log information has been completed.

In step S<b>2015 , the receiving unit 311 of the application server 11 transmits to the management terminal 5 a completion screen indicating that the log information has been transferred. Accordingly, in step S2016, the web browser of the management terminal 5 displays the completion screen.

With the above process, the administrator can selectively transfer unnecessary log information such as old log information that is no longer subject to management (or auditing), or log information of tenants whose contracts are terminated, to the log server. 15 can be sent. This makes it easier for the administrator or the like to delete unnecessary data from the first log information managed by the communication management system 10 .

[Second embodiment]
FIG. 21 is a sequence diagram illustrating an example of log information transmission processing according to the second embodiment. This process shows another example of the process (transfer process) in which the communication management system 10 transmits the first log information to the log server 15 according to the operation of the administrator (or auditor) or the like.

In step S2101, the communication system 1 executes portal screen display processing as shown in steps S1801 to S1804 of FIG. 8, for example. Also, in step S2102, the communication system 1 executes log screen display processing as shown in steps S2002 to S2005 of FIG. 20, for example.

In step S2103, it is assumed that the administrator or the like performs a log transfer operation requesting transmission of log information managed by the communication management system 10 to the log server 15. FIG. For example, the administrator or the like selects log information to be transferred to the log server 15 from the log information managed by the communication management system 10 in the same manner as in the first embodiment. In step S2104, the web browser of the management terminal 5 transmits to the application server 11 a transfer request requesting transfer of the log information selected by the administrator or the like. In step S<b>2105 , the reception unit 311 of the application server 11 notifies the log information transmission unit 323 of the service PF 12 of the log information transfer request received from the management terminal 5 .

In step S2106, the log information transmission unit 323 of the service PF 12 extracts untransmitted first log information from among the first log information specified in the log information transfer request. For example, in the first log information 1202 as shown in FIG. The log server ID of the previous log server 15 may be stored and managed. As a result, the log information transmitting unit 323 can determine that the first log information 1203 in which the log server ID is not stored in the "log server ID" item is the untransmitted first log information. However, it is not limited to this, and the log information transmission unit 323 may add a transmitted flag or the like to the transmitted first information, for example, and manage the information.

In step S<b>2107 , the log information transmitting unit 323 transmits to the secure box 14 the untransmitted first log information among the first log information specified in the log information transfer request.

In steps S2108 to S2110, the log information management unit 406 of the secure box 14 stores the first log information received from the service PF 12 in the log server 15. FIG. Also, in steps S2111 and S2112, the log information management unit 406 notifies the application server 11 via the service PF 12 of completion notification indicating that the storage of the log information has been completed.

In step S<b>2113 , the reception unit 311 of the application server 11 transmits to the management terminal 5 a completion screen indicating that the log information has been transferred. As a result, in step S2114, the web browser of the management terminal 5 displays the completion screen.

Through the above processing, the communication management system 10 can selectively transfer to the log server 15 unsent first log information among the first log information designated by the administrator or the like. As a result, for example, the effect of shortening the transmission time, the effect of reducing the data communication charge, or the like can be obtained. Moreover, the above process prevents the secure box 14 and the log server 15 from redundantly receiving log data that has already been received, thereby facilitating management of log information.

[Third embodiment]
FIG. 22 is a sequence diagram illustrating an example of log information transmission processing according to the third embodiment. This process shows another example of the process (transfer process) in which the communication management system 10 transmits the first log information to the log server 15 according to the operation of the administrator (or auditor) or the like.

In step S2201, the communication system 1 executes portal screen display processing as shown in steps S1801 to S1804 of FIG. 8, for example. Also, in step S2202, the communication system 1 executes log screen display processing as shown in steps S2002 to S2005 of FIG. 20, for example.

In step S2203, the administrator or the like performs a log transfer operation requesting transmission of log information managed by the communication management system 10 to the log server 15. FIG. For example, the administrator or the like selects log information to be transferred to the log server 15 from the log information managed by the communication management system 10 in the same manner as in the first embodiment. At this time, the administrator or the like selects a log information transmission method such as, for example, transmitting only untransmitted log information, or transmitting only unsaved log information as described below. can be

In step S2204, the web browser of the management terminal 5 transmits to the application server 11 a transfer request requesting transfer of the log information selected by the administrator or the like. In step S<b>2205 , the reception unit 311 of the application server 11 notifies the log information transmission unit 323 of the service PF 12 of the log information transfer request received from the management terminal 5 .

In step S<b>2206 , the log information transmission unit 323 of the service PF 12 transmits a log information acquisition request requesting acquisition of the third log information stored in the log server 15 to the secure box 14 .

In steps S2207 and S2208, the log information management unit 406 of the secure box 14 acquires the third log information stored in the log server 15. FIG. Also, in step S2209, the log information management unit 406 transmits the acquired third log information to the service PF12.

In steps S2210 and S2211, the log information transmission unit 323 of the service PF 12 compares the acquired third log information with the first log information stored in the log information storage unit 325, and compares the third log information with the first log information. Extract the unsaved first log information.

In step S2212, the log information transmission unit 323 of the service PF 12 transfers the first log information that has not been saved in the third log information among the first log information specified in the log information transfer request to the secure box 14. Send to

For example, in steps S2210 and S2211, as shown in FIG. 12C, the log information transmission unit 323 adds the unsaved first log information to the third log information with the log server ID blank. The log information 1204 may be created. Further, in step S2212, the log information transmitting unit 323 selectively selects the first log information 1205, 1206, and 1207 in which the log server ID is not stored among the log information 1204 as shown in FIG. may be transmitted to the secure box 14 at the same time.

In steps S<b>2213 and S<b>2214 , the log information management unit 406 of the secure box 14 stores the first log information received from the service PF 12 in the log server 15 . Also, in step S2215, the log information management unit 406 executes the completion screen display processing shown in steps S2110 to S2114 of FIG. 21, for example.

Through the above processing, the first log information not stored in the log server 15 among the first log information stored in the communication management system 10 can be selectively transferred to the log server 15 .

Note that the log information transmission process shown in FIG. 22 is an example. For example, in steps S2206 to S2209, the log information transmission unit 323 may acquire only the first log information included in the third log information from the secure box 14 instead of the third log information. Alternatively, in steps S2206 to S2209, the log information transmitting unit 323 transmits only the first log information transmitted by the log information transmitting unit 323 out of the first log information included in the third log information from the secure box 14. may be obtained. Further, the processing of steps S2210 and S2211 may be performed by a party other than the service PF 12.

According to each embodiment of the present invention, in a communication system in which an access source terminal remotely accesses an access destination terminal connected to a local network via a server on a cloud and a communication device, a log is generated on the local network side. Information can be centrally managed.

<Supplement>
Each function of each embodiment described above can be realized by one or more processing circuits. Here, the "processing circuit" in this specification means a processor programmed by software to perform each function, such as a processor implemented by an electronic circuit, or a processor designed to perform each function described above. ASICs (Application Specific Integrated Circuits), DSPs (digital signal processors), FPGAs (field programmable gate arrays) and devices such as conventional circuit modules.

Moreover, the devices described in the examples are only representative of one of several computing environments for implementing the embodiments disclosed herein. In some embodiments, communication management system 10 includes multiple computing devices, such as server clusters. Multiple computing devices are configured to communicate with each other over any type of communication link, including a network, shared memory, etc., to perform the processes disclosed herein. Similarly, secure box 14 may include multiple computing devices configured to communicate with each other.

Also, each element of the communication management system 10 may be integrated into one server device, or may be divided into a plurality of devices.

1 communication system 2 communication network (an example of a first network)
10 communication management system 14 secure box (communication device)
15 log server 100 local network (second network)
101 information processing device (an example of an access destination terminal)
102 image forming device (an example of a terminal to be accessed)
110 remote network (an example of the first network)
111 information terminal (access source terminal)
312 first communication management unit 323 log information transmission unit 324 acquisition unit 325 log information storage unit 332 relay unit 403 second communication management unit 406 log information management unit

JP 2019-161610 A

Claims (10)

Remote communication from an access source terminal connected to a first network to an access destination terminal connected to the second network via a communication device connected to a second network different from the first network A communication system including a communication management system for managing access and the communication device,
The communication management system is
a first communication management unit that manages a first communication between the access source terminal and the communication device in association with identification information;
a relay unit that relays the first communication between the access source terminal having the identification information and the communication device;
a log information transmission unit that transmits first log information related to the first communication to the communication device;
has
The communication device
a second communication management unit that manages a second communication between the access source terminal and the access destination terminal;
a log information management unit that receives the first log information from the communication management system and manages third log information including the first log information and second log information related to the second communication; ,
A communication system having 2. The communication system according to claim 1, wherein said log information management unit stores and manages said third log information in a log server included in said second network. The communication management system has a log information storage unit that stores the first log information,
The log information transmission unit selectively transmits log information not stored in the log server among the first log information stored in the log information storage unit to the communication device, A communication system according to claim 2. The communication management system has a log information storage unit that stores the first log information,
The log information transmission unit selectively transmits log information that has not been transmitted to the communication device from among the first log information stored in the log information storage unit, to the communication device. A communication system according to claim 1 or 2. The communication management system has a reception unit that receives a transfer request for the first log information from a management terminal that manages the communication system,
5. The communication system according to claim 3, wherein said log information transmission section executes said transfer processing when said reception section receives said transfer request. The communication management system has an acquisition unit that acquires the third log information from the communication device,
The communication system according to any one of claims 1 to 5, wherein said log information management unit provides said third log information to said communication management system in response to a request from said communication management system. The communication system according to any one of claims 1 to 6, wherein said third log information managed by said log information management unit includes tenant identification information for identifying tenants using said communication management system. The communication system according to any one of claims 1 to 7, wherein said first log information transmitted by said log information transmission unit includes device identification information for identifying said communication device. Remote communication from an access source terminal connected to a first network to an access destination terminal connected to the second network via a communication device connected to a second network different from the first network A communications management system that manages access to
a process of managing the first communication between the access source terminal and the communication device in association with identification information;
a process of relaying the first communication between the access source terminal having the identification information and the communication device;
managing third log information including first log information relating to the first communication and second log information relating to second communication between the access source terminal and the access destination terminal; a process of transmitting the first log information to a communication device;
communication management method. A program that causes a communication management system to execute the communication management method according to claim 9 .

Images