JP2022150599A - Setting assistance program, information processing apparatus, and information processing method - Google Patents

Abstract

To simplify a network setting for an offline device.SOLUTION: A display unit of a second device displays identification information. The identification information indicates setting information used by the second device to be connected to a network. The first device reads the identification information from the display unit of the second device in a state in which the device itself is not connected to the network. The first device acquires the setting information on the basis of the read identification information. The first device sets the acquired setting information in its own device.SELECTED DRAWING: Figure 7

Description

The present invention relates to a setting support program, an information processing apparatus, and an information processing method.

Currently, terminal devices that are easy to carry are used. Some terminal devices are capable of wireless communication. A terminal device wirelessly connects to a network provided outside or at home, and communicates with other devices such as a server computer via the network.

For example, there is a proposal for a wireless connection setting system that performs wireless connection setting for a wireless multifunction peripheral that has not been set for wireless connection. In the proposed wireless connection setting system, the wireless multifunction device generates encrypted data by encrypting the wireless connection data stored in the RAM (random access memory) of the wireless multifunction device, and outputs the encrypted data to a recording medium. do. The other wireless multi-function device decrypts the encrypted data acquired from the recording medium to generate the wireless connection data before encryption, and stores it in the RAM of the other wireless multi-function device.

JP-A-2006-279831

For an off-line device that is not connected to a network, setting for connecting to the network requires complicated work, and it is not easy for the user to perform the setting work.

In one aspect, an object of the present invention is to provide a setting support program, an information processing apparatus, and an information processing method for simplifying network settings.

In one aspect, a configuration assistance program is provided. The setting support program is the identification information displayed on the display of the second device in the computer used as the first device while the first device is not connected to the network. Identification information indicating setting information used for connection is read from the display section of the second device, setting information is acquired based on the identification information, and the setting information is set in the first device.

In one aspect, an information processing device is provided. The information processing device has a reading section and a processing section. The reading unit reads the identification information, which is displayed on the display unit of the other device while the device is not connected to the network, and indicates the setting information used by the other device for connection to the network, to the other device. Read from the display. The processing unit acquires the setting information based on the identification information, and sets the setting information in its own device.

Also, in one aspect, an information processing method is provided. In this information processing method, the identification information displayed on the display unit of the second device in a state in which the first device is not connected to the network is used by the second device to connect to the network. reading identification information indicating setting information from a display unit of the second device, acquiring setting information based on the identification information, setting the setting information in the first device, connecting to the network using the setting information, and connecting to the network using the setting information; authenticates the first device connected to the network, the first device obtains the result of the authentication by the third device, and if the first device is authenticated and authorized, authenticates the connection of the first device to the network and block the connection of the first device to the network if it is not authenticated.

Also, in one aspect, a setting support program is provided. The setting support program causes the computer to execute processing for displaying identification information indicating setting information used by the computer to connect to the network on the display of the computer, and the identification information is read by another device while not connected to the network. If so, network settings are made to the other device using the setting information based on the identification information.

In one aspect, an information processing device is provided. The information processing device includes a processing unit that displays identification information indicating setting information used by the information processing device to connect to a network on a display unit of the information processing device. If read, network settings are made to other devices using the setting information based on the identification information.

In one aspect, network setup can be simplified.

It is a figure explaining the apparatus of 1st Embodiment. It is a figure which shows the example of the information processing system of 2nd Embodiment. It is a figure which shows the hardware example of a terminal device. FIG. 2 is a diagram illustrating an example (part 1) of functions of a terminal device; FIG. 10 is a diagram illustrating an example (part 2) of functions of a terminal device; FIG. 10 is a diagram showing an example of a NW connection setting table; FIG. FIG. 10 is a diagram showing an example of sharing NW connection settings; 6 is a flow chart showing an example of NW setting sharing control; 9 is a flow chart showing an example of authentication code image display control; 6 is a flow chart showing an example of NW connection control; It is a figure which shows the example of a function of the server apparatus of 3rd Embodiment. FIG. 10 is a diagram showing an example of an authentication-permitted terminal list; 6 is a flow chart showing an example of NW setting sharing control; It is a flowchart which shows the authentication control example by a server apparatus. 6 is a flow chart showing an example of NW connection control;

Hereinafter, this embodiment will be described with reference to the drawings.
[First embodiment]
A first embodiment will be described.

FIG. 1 is a diagram for explaining the apparatus of the first embodiment.
First device 10 and second device 20 are connectable to network 40 via access point 30 . Access point 30 can wirelessly communicate with first device 10 and second device 20 , and relays between first device 10 and second device 20 and network 40 . However, at the initial stage, the first device 10 does not have setting information for the access point 30, and the first device 10 is not connected to the network 40, that is, is offline.

The first device 10 has a storage section 11 , a processing section 12 , a communication section 13 and a reading section 14 . The second device 20 has a storage section 21 , a processing section 22 , a communication section 23 and a display section 24 .
The storage units 11 and 21 may be volatile storage devices such as RAMs, or may be non-volatile storage devices such as HDDs (Hard Disk Drives) and flash memories.

The processing units 12 and 22 may include CPUs (Central Processing Units), DSPs (Digital Signal Processors), ASICs (Application Specific Integrated Circuits), FPGAs (Field Programmable Gate Arrays), and the like. The processing units 12 and 22 may be processors that execute programs. A "processor" may include a collection of multiple processors (multiprocessor).

The communication units 13 and 23 are wireless communication interfaces capable of wirelessly communicating with the access point 30 . IEEE (Institute of Electrical and Electronics Engineers) 802.11, for example, is used as a wireless communication standard. Setting information such as predetermined identifiers and passwords for first device 10 and second device 20 to communicate with access point 30 is set in storage unit 11 and storage unit 21 . The identifier may be, for example, an SSID (Service Set Identifier). The password may be information used for cryptographic processing of data to be wirelessly communicated, or may be information used for generating a key for cryptographic processing, for example.

At the initial stage, the setting information for communicating with the access point 30 is not stored in the storage unit 11 . Therefore, the communication unit 13 is not connected to the network 40 at the initial stage. Setting information D<b>1 for communicating with the access point 30 is stored in advance in the storage unit 21 . For example, the second device 20 can communicate with the access point 30 in advance based on the setting information D1. The setting information D1 includes an identifier such as an SSID for communicating with the access point 30 and a password corresponding to the identifier. That is, the second device 20 is preset with the setting information D<b>1 and is connected to the network 40 .

The display unit 24 displays the identification information D2. The identification information D<b>2 displayed on the display unit 24 is generated by the processing unit 22 based on the setting information D<b>1 stored in the storage unit 21 . The identification information D2 is obtained by encoding the setting information D1 using a predetermined algorithm so that the contents of the setting information D1 cannot be understood even by the user. For example, the identification information D2 may be a two-dimensional code.

The reading unit 14 reads the identification information D2 displayed by the second device 20 . The reading unit 14 may be an imaging device that captures an image including the two-dimensional code by capturing an image of the two-dimensional code.
The processing unit 12 acquires the setting information D1 based on the identification information D2 read by the reading unit 14 . For example, the processing unit 12 obtains the setting information D1 by decoding the identification information D2 using a predetermined algorithm.

The processing unit 12 sets the setting information D1 in the first device 10 . For example, the processing unit 12 saves the setting information D1 in the storage unit 11 and makes it available for communication with the access point 30 by the communication unit 13 . Thereby, the first device 10 is connected to the network 40 via the access point 30 .

Thus, the identification information D2 displayed on the display section 24 of the second device 20 is read from the display section 24 by the first device 10 while the first device 10 is not connected to the network 40 . The setting information D1 is acquired by the first device 10 based on the identification information D2, and the setting information D1 is set in the first device 10 .

Thus, by sharing the setting information D1 held by the second device 20 with the first device 10 and controlling the first device 10 to use the same setting information D1 as the second device 20, the offline first device 10 can be simplified.

When the user wants to share the setting information D1 possessed by the second device 20 with the first device 10, the user can cause the first device 10 to read the identification information D2 displayed on the display unit 24 of the second device 20. . For this reason, for example, the user has to output the information output by the second device 20 to a portable recording medium, carry the recording medium to the first device 10, and cause the first device 10 to acquire the information on the recording medium. work becomes unnecessary. Therefore, even if there is no recording medium for carrying information from the second device 20 to the first device 10, network setting can be simplified.

The functionality of the first device 10 is particularly useful when the first device 10 is a portable device. For example, the user can read the identification information D2 displayed on the second device 20 of another user on the first device 10 while the user is away from the home, thereby making settings for connecting to a network that can be used outside the home. It becomes easy to do for one device 10 .

[Second embodiment]
Next, a second embodiment will be described.
FIG. 2 is a diagram illustrating an example of an information processing system according to the second embodiment.

An information processing system according to the second embodiment provides learning support for students at a school or the like. Students are provided with terminal devices that are easy to carry. A student uses a terminal device at school or at home to receive support such as timetable management and preparation/review.

An information processing system according to the second embodiment includes terminal devices 100 and 200 and a server device 300 . A terminal device 200 is connected to a network 60 via a wireless access point 50 . The network 60 is, for example, a LAN (Local Area Network) provided in a school or in a student's home.

Network 60 is connected to the Internet 70 . Another network such as a WAN (Wide Area Network) may intervene between the network 60 and the Internet 70 . Server device 300 is connected to the Internet 70 . At the initial stage, the terminal device 100 does not have setting information for communicating with the access point 50 and is in an offline state not connected to the network 60 .

A terminal device 100 is a client computer used by a student A. FIG. A terminal device 200 is a client computer used by student B. FIG. The terminal devices 100 and 200 may be tablet-type terminal devices, for example. The server device 300 is a server computer that provides learning support services. Each of terminal devices 100 and 200 and server device 300 may be called an information processing device.

In order for each student to receive the learning support service, the student's terminal device must be able to communicate with the access point 50 and access the server device 300 via the access point 50 and the network 60 . It is not easy to make settings for communicating with the access point 50 in advance for all terminal devices used by students. In addition, when a terminal device lent to a student is repaired due to a failure, etc., the network connection settings may be deleted, or the settings may be deleted from the terminal device in preparation for a change in the student to whom it is lent. There is also In addition, when connecting to a new access point in a new classroom or the like, the settings for connecting to the new access point may not be set. In addition, relatively young users such as elementary and junior high school students may have low information literacy, and the user has to perform complicated setting tasks such as inputting identification information and passwords for communicating with the access point 50. It can be difficult to do on your own.

Therefore, the terminal device 100 provides a function of supporting setting of network connection.
FIG. 3 is a diagram illustrating an example of hardware of a terminal device.
The terminal device 100 has a CPU 101 , a RAM 102 , an SSD (Solid State Drive) 103 , a camera 104 , a display 105 , an input device 106 , a medium reader 107 and a wireless communication IF (Interface) 108 .

The CPU 101 is a processor that executes program instructions. The CPU 101 loads at least part of the programs and data stored in the SSD 103 into the RAM 102 and executes the programs. Note that the CPU 101 may include multiple processor cores. Also, the terminal device 100 may have a plurality of processors. The processing described below may be performed in parallel using multiple processors or processor cores. Also, a set of multiple processors is sometimes called a "multiprocessor" or simply a "processor".

The RAM 102 is a volatile semiconductor memory that temporarily stores programs executed by the CPU 101 and data used by the CPU 101 for calculation. Note that the terminal device 100 may be provided with a type of memory other than the RAM, and may be provided with a plurality of memories.

The SSD 103 is a nonvolatile storage device that stores an OS (Operating System), software programs such as middleware and application software, and data. Note that the terminal device 100 may include other types of storage devices such as flash memory and HDD, or may include multiple non-volatile storage devices.

The camera 104 is an imaging device that reads image information including code images. A code image is an example of identification information displayed by the terminal device 200 . For example, the camera 104 has an imaging device, and captures a code image displayed on the display of the terminal device 200 to read the code image. The code image may be, for example, a two-dimensional code such as a QR (Quick Response) code (registered trademark). Various codes such as DataMatrix (registered trademark) and PDF (Portable Data File) 417 can be used as the two-dimensional code in addition to the QR code. For example, a plurality of images or moving images may be used as the code image.

A display 105 outputs an image according to a command from the CPU 101 . As the display 105, any type of display such as a liquid crystal display (LCD) or an organic EL (OEL) display can be used.

The input device 106 acquires an input signal input by the user and outputs it to the CPU 101 . A touch panel, a button switch, or the like can be used as the input device 106 . The input device 106 can also be a pointing device such as a mouse, touch pad, or trackball, a keyboard, a remote controller, or the like. Also, multiple types of input devices may be connected to the terminal device 100 .

The medium reader 107 is a reading device that reads programs and data recorded on the recording medium 109 . As the recording medium 109, for example, a magnetic disk, an optical disk, a magneto-optical disk (MO), a semiconductor memory, or the like can be used. Magnetic disks include flexible disks (FDs) and HDDs. Optical discs include CDs (Compact Discs) and DVDs (Digital Versatile Discs).

The medium reader 107 copies, for example, programs and data read from the recording medium 109 to other recording media such as the RAM 102 and the SSD 103 . The read program is executed by the CPU 101, for example. Note that the recording medium 109 may be a portable recording medium, and may be used for distribution of programs and data. Also, the recording medium 109 and SSD 103 may be referred to as a computer-readable recording medium.

The wireless communication IF 108 is an interface that is wirelessly connected to the access point 50 and communicates with other computers such as the server device 300 via the network 60 . IEEE802.11 is used as the wireless communication standard used in the wireless communication IF 108 . IEEE802.11 standards include, for example, IEEE802.11n/ac/ax. Wireless LAN devices conforming to the IEEE802.11 standard include, for example, Wi-Fi (registered trademark) certified devices.

The access point 50 broadcasts the SSID. The terminal device 100 recognizes that the access point 50 exists near the terminal device 100 by detecting the SSID through the wireless communication IF 108 .

Terminal device 200 and server device 300 are implemented by hardware similar to terminal device 100 . However, the server device 300 may include a wired communication IF, and may communicate with the terminal devices 100, 200 and the like via the wired communication IF.

Note that the CPU 101 is an example of the processing unit 12 of the first embodiment. The RAM 102 or SSD 103 is an example of the storage section 11 of the first embodiment. Camera 104 is an example of reading unit 14 of the first embodiment. The wireless communication IF 108 is an example of the communication section 13 of the first embodiment. The display of the terminal device 200 is an example of the display section 24 of the first embodiment.

FIG. 4 is a diagram illustrating an example (part 1) of functions of a terminal device.
The terminal device 100 has a storage unit 110 , a code image processing unit 120 and a NW (Network) connection control unit 130 . A storage area of the RAM 102 or the SSD 103 is used for the storage unit 110 . Code image processing unit 120 and NW connection control unit 130 are implemented by CPU 101 executing a program stored in RAM 102 .

The storage unit 110 stores information used for processing by the NW connection control unit 130 .
The code image processing unit 120 decodes the code image read by the camera 104 from the display of the terminal device 200, thereby acquiring the setting information indicated by the code image. The setting information includes SSID and password information for communicating with the access point 50 to which the terminal device 200 connects. The code image processing unit 120 saves the acquired setting information in the storage unit 110 .

NW connection control section 130 starts communication with access point 50 based on the setting information stored in storage section 110 . For example, the NW connection control unit 130 sets setting information in the OS of the terminal device 100 and establishes a wireless link between the wireless communication IF 108 and the access point 50 based on the setting information. As a result, the terminal device 100 connects to the access point 50 using the same setting information as the terminal device 200 , and connects to the network 60 via the access point 50 . By connecting to the access point 50 , the terminal device 100 is connected to the network 60 via the access point 50 . Therefore, the connection to the access point 50 can also be said to be the connection to the network 60 .

FIG. 5 is a diagram illustrating an example (part 2) of functions of the terminal device.
Terminal device 200 has storage unit 210 , permission list generation unit 220 and display control unit 230 . The memory area of the RAM or SSD of the terminal device 200 is used for the memory unit 210 . Permission list generation unit 220 and display control unit 230 are implemented by the CPU of terminal device 200 executing a program stored in the RAM of terminal device 200 .

Storage unit 210 stores setting information for communicating with access point 50 in advance.
The permission list generation unit 220 generates information indicating a list of authentication permitted terminals. An authentication-permitted terminal indicates a terminal device permitted to connect to the access point 50 .

For example, the terminal device 100 generates an authentication code image by encoding the terminal information of the terminal device 100 and displays it on the display 105 . The terminal information is, for example, a MAC (Media Access Control) address, a terminal-specific identification number such as a manufacturing number or a serial number, and the like. The permission list generating unit 220 obtains terminal information of the terminal device 100 by reading the authentication code image displayed by the terminal device 100 and decoding the authentication code image. The permission list generating unit 220 includes the terminal information in the list of authentication permitted terminals. A two-dimensional code such as a QR code can be used for the authentication code image in the same manner as the code image described above.

The list is used in terminal device 100 to determine whether or not connection with access point 50 is possible. It should be noted that the list of authentication-permitted terminals need not be generated when the terminal device 100 is not subject to the connection propriety determination.

The display control unit 230 encodes the setting information stored in the storage unit 210 to generate a code image and display it on the display of the terminal device 200 . When imposing a connection propriety determination on the terminal device 100, a code image is generated by encoding the setting information stored in the storage unit 210 and the list of authentication-permitted terminals generated by the permission list generation unit 220. 200 displays. It is set in advance for the terminal device 200 whether the terminal device 100 is to be judged whether or not the connection is possible. The student B may input to the terminal device 200 an instruction as to whether or not the terminal device 100 is to be judged as to whether or not the connection is possible.

FIG. 6 is a diagram showing an example of a NW connection setting table.
A NW connection setting table 211 is stored in the storage unit 210 . The NW connection setting table 211 includes items of network name, SSID and SSID password.

A network name is registered in the network name item. The SSID field contains the SSID of the access point. An SSID password is registered in the SSID password item. The SSID password is information used for encryption processing of communication contents, and is key information used for generating a key for encryption processing, for example.

For example, in the NW connection setting table 211, a record of network name "School LAN", SSID "SCHOOL-000001", and SSID password "PASSWORD0" is registered. This record indicates that the SSID used to connect to the network with the network name "School LAN" is "SCHOOL-000001" and the SSID password is "PASSWORD0".

Also, in the NW connection setting table 211, a record of the network name “student B home LAN”, SSID “HOME-0251E31A”, and SSID password “PASSWORD1” is registered. This record indicates that the SSID used to connect to the network with the network name "Student B Home LAN" is "HOME-0251E31A" and the SSID password is "PASSWORD1".

FIG. 7 is a diagram illustrating an example of sharing NW connection settings.
Student B performs an input to the terminal device 200 to start displaying a code image corresponding to network connection settings. For example, the input to start displaying the code image is performed by the student B touching a predetermined application icon displayed on the display 205 of the terminal device 200 . Terminal device 200 generates code image 240 based on the setting information currently used for connection with access point 50 stored in storage unit 210 , and displays code image 240 on display 205 of terminal device 200 .

Student A operates the terminal device 100 to capture the code image 240 with the camera 104 . Thereby, the terminal device 100 reads the code image 240 displayed on the screen of the display 205 (step S1).

The terminal device 100 acquires the setting information by decoding the read code image 240, and changes the NW connection setting (step S2). That is, the terminal device 100 sets the setting information in the OS, stores it in the storage unit 110, and enables communication with the access point 50 using the setting information. Then, the terminal device 100 starts communication with the access point 50 using the setting information. Thereby, the terminal device 100 is connected to the access point 50 and connected to the network 60 via the access point 50 .

The terminal device 200 may generate the code image 240 by including, in the setting information of the network connection, information on the effective time for which the use of the setting information is permitted. In this case, for example, communication with the access point 50 by the terminal device 100 is permitted only within the effective time specified by the student B. FIG.

Note that the setting information of the terminal device 200 can also be shared by a plurality of terminal devices. For example, terminal devices 400 and 500 having the same hardware and functions as the terminal device 100 can be connected to the network 60 from the offline state in the same manner as the terminal device 100 .

Also, the terminal device 200 may encode control information other than setting information related to network connection to generate the code image 240 . The control information includes, for example, information for standardizing display brightness and icon arrangement in the terminal devices 100, 400, and 500, download reservation information used for automatically downloading applications used in the learning support service, and the like. can be considered.

Next, processing procedures of the terminal devices 100 and 200 will be described. First, the processing of the terminal device 200 that shares the setting information will be described.
FIG. 8 is a flowchart showing an example of NW setting sharing control.

(S10) The display control unit 230 accepts the start of code image display. For example, student B can input to the terminal device 200 to start displaying the code image by performing an operation such as touching a predetermined icon displayed on the display 205 of the terminal device 200 .

(S11) The display control unit 230 accepts selection of information to be shared. Here, the shared information includes setting information for connection to the access point 50 to which the terminal device 200 is currently connected. The setting information includes the network name, SSID and SSID password in the NW connection setting table 211. FIG. Further, the display control section 230 may accept selection by the student B of control information other than the network connection setting information. For example, setting information for connection with the access point 50 is selected as information to be shared. Note that the display control unit 230 selectably displays a plurality of network names included in the NW connection setting table 211 on the display 205, and accepts a selection by the student B as to which network name the setting information is to be shared. good.

(S12) The display control unit 230 accepts the setting of the effective time. For example, the display control unit 230 may cause the display 205 to display an input form for accepting input of the valid time, and accept the setting of the valid time by the student B. FIG. The valid time is the valid period of the network connection setting information. The validity period may be specified as the time from the start of connection, or may be specified by time. The display control unit 230 may accept a setting that the valid time is indefinite.

(S13) The display control unit 230 determines whether or not there is an authentication mode setting. If there is an authentication mode setting, the display control unit 230 advances the process to step S15. If there is no authentication mode setting, the display control unit 230 advances the process to step S14. The authentication mode is control in which connection permission is determined by the sharing destination terminal device 100 based on the list of authentication-permitted terminals. The case where the authentication mode is set includes, for example, the case where information for turning on the authentication mode is stored in advance in the storage unit 210, or the case where the student B inputs to turn on the authentication mode. . The case where the authentication mode is not set includes, for example, the case where the information for turning on the authentication mode is not held in the storage unit 210, or the case where the student B does not input to turn on the authentication mode.

(S14) The display control unit 230 causes the display 205 to display a code image 240 indicating NW connection settings. That is, the display control unit 230 encodes the information selected in step S11 and the valid time information received in step S12 to generate the code image 240 and causes the display 205 to display it. Then, the NW setting sharing control ends.

( S<b>15 ) The permission list generator 220 uses the camera of the terminal device 200 to read the authentication code image displayed on the display 105 of the terminal device 100 .
(S16) The permission list generation unit 220 acquires the terminal information of the terminal device 100 by decoding the authentication code image read in step S15, and generates a list of authentication permitted terminals including the terminal information. Here, the permission list generation unit 220 can read authentication code images from a plurality of terminal devices including the terminal device 100 and generate one list including a plurality of pieces of terminal information corresponding to the plurality of terminal devices.

(S17) The display control unit 230 causes the display 205 to display the code image 240 indicating the NW connection settings and the list of authentication-permitted terminals. That is, display control unit 230 encodes the information selected in step S11, the valid time information received in step S12, and the list of authentication-permitted terminals to generate code image 240, which is displayed on display 205. FIG. Then, the NW setting sharing control ends.

The setting information for NW connection includes key types such as WEP (Wired Equivalent Privacy) keys and WPA (Wi-Fi Protected Access) keys, TKIP (Temporal Key Integrity Protocol) in WPA, and AES (Advanced Encryption Standard) may include information indicating an encryption algorithm.

Next, the processing of the terminal device 100 that shares the setting information will be described.
FIG. 9 is a flowchart showing an example of authentication code image display control.
The following procedure is executed while the terminal device 100 is not connected to the access point 50 .

(S20) The code image processing unit 120 receives an input to start displaying the authentication code image. For example, the student A can input to the terminal device 100 to start displaying the authentication code image by performing an operation such as touching a predetermined icon displayed on the display 105 of the terminal device 100 .

(S21) The code image processing unit 120 generates an authentication code image by encoding the terminal information of the terminal device 100, and causes the display 105 to display the authentication code image. As the terminal information, for example, the MAC address of the terminal device 100, a terminal-specific identification number, and the like are used. The code image processing unit 120 terminates the display of the authentication code image when receiving an input to end the display of the authentication code image or to switch to another screen. Then, the authentication code image display control ends.

The authentication code image is read by the terminal device 200 in step S15. However, if the authentication mode is not set in the terminal device 200, the authentication code image display control shown in FIG. 9 need not be executed. For example, when the authentication mode is set, student B or school staff may request student A to display an authentication code image. When the request is received, the student A causes the terminal device 100 to display the authentication code image.

Subsequently, student A causes the terminal device 100 to start reading the code image 240 displayed on the terminal device 200 . Next, NW connection control processing of the terminal device 100 based on the code image 240 displayed on the terminal device 200 will be described.

FIG. 10 is a flowchart showing an example of NW connection control.
The following procedure is executed while the terminal device 100 is not connected to the access point 50 .

( S<b>30 ) The code image processing section 120 reads the code image 240 displayed on the display 205 of the terminal device 200 . For example, student A can cause the camera 104 to capture the code image 240 by performing an operation such as touching a predetermined icon displayed on the display 105 . The code image processing unit 120 acquires information provided from the terminal device 200 by decoding the read code image 240 .

(S31) The NW connection control unit 130 determines whether or not authentication is required based on the information acquired in step S30. If authentication is required, the NW connection control unit 130 advances the process to step S32. If authentication is unnecessary, the NW connection control unit 130 advances the process to step S33. For example, the NW connection control unit 130 determines that authentication is required when the list of authentication-permitted terminals is included in the information acquired in step S30, and determines that authentication is not required when the list is not included. can be considered.

(S32) The NW connection control unit 130 determines whether or not the own terminal is authenticated. If the own terminal is authenticated and permitted, the NW connection control unit 130 advances the process to step S33. If the own terminal is not authenticated, the NW connection control ends. For example, the NW connection control unit 130 determines that authentication of the own terminal (terminal device 100) is permitted when the terminal information of the own terminal (terminal device 100) is included in the list of authentication-permitted terminals, and the terminal information of the own terminal is included. If not, it is determined that the own terminal is not authenticated.

(S33) The NW connection control unit 130 changes the NW connection settings based on the setting information acquired in step S30. Note that the NW connection control unit 130 saves the NW connection settings before change in a predetermined storage area of the storage unit 110 . This is so that the NW connection settings before change can be restored later.

(S34) The NW connection control unit 130 connects with the access point 50 using the changed setting information. Thereby, the terminal device 100 is connected to the network 60 via the access point 50 .

(S35) The NW connection control unit 130 determines whether or not there is a valid time limit for the current setting information. If there is a valid time limit, the NW connection control unit 130 advances the process to step S36. If there is no valid time limit, NW connection control ends. For example, the NW connection control unit 130 determines that the valid time is limited when the information acquired in step S30 includes information regarding the valid time limit. Further, if the information acquired in step S30 does not contain information regarding the limitation of the valid time, or if the information that the valid time is unlimited is included, the NW connection control unit 130 determines that there is no valid time limit. judge.

(S36) The NW connection control unit 130 starts monitoring the valid time. As described above, the effective time may be determined as the time from the start of the current connection, or may be determined as a specific time.

(S37) The NW connection control unit 130 determines whether or not the valid time has passed. If the valid time has passed, the process proceeds to step S38. If the valid time has not passed, the NW connection control unit 130 repeatedly executes step S37 to continue monitoring the valid time.

(S38) The NW connection control unit 130 undoes the change in the NW connection settings made in step S33. The NW connection control unit 130 erases the connection setting information for the access point 50 . As a result, the terminal device 100 cannot connect to the access point 50, and the connection with the network 60 is cut off. Then, the NW connection control ends.

In this manner, the code image 240 displayed on the display 205 of the terminal device 200 is read from the display 205 by the terminal device 100 while the terminal device 100 is not connected to the network 60 . The terminal device 100 acquires setting information for connecting to the network 60 based on the code image 240 and sets the setting information in the terminal device 100 .

In this way, setting information held by the terminal device 200 is shared with the terminal device 100, and by controlling the terminal device 100 to use the same setting information as the terminal device 200, network setting can be simplified.

If the setting information held by the terminal device 200 is to be shared with the terminal device 100 , the student A may cause the terminal device 100 to read the code image displayed on the display 205 of the terminal device 200 . Therefore, network setting can be simplified without preparing a recording medium for carrying information from the terminal device 200 to the terminal device 100, for example.

In addition, the terminal device 200 displays identification information such as a two-dimensional code that encodes the setting information, thereby preventing other users from recognizing the contents of the SSID and password included in the setting information.

The functions of the terminal device 100 are particularly useful when the terminal device 100 is an easily portable device. For example, student A scans a code image displayed on student B's terminal device 200 with the terminal device 100 at school and at student B's home, etc., to make settings for connecting to a network available at that location. This can be easily performed on the terminal device 100 .

Using the terminal device 100 , the student A and the student B can start using the learning support service provided by the server device 300 . In this way, by supporting relatively low-age users such as elementary and junior high school users so that they can easily perform network settings, an environment in which they can easily receive services such as learning support is provided. be able to.

Incidentally, it can be said that it is not preferable to disclose the setting information of the network of each home to people other than the family members. In this embodiment, setting information is transmitted using identification information such as a two-dimensional code in which the setting information is encoded. As a result, it is possible to prevent the setting information from being readable by the students when transmitting the information, so there is an effect that the setting information is prevented from leaking out more than necessary.

Further, by providing the terminal device 100 with the expiration date of the setting information from the terminal device 200, for example, the student B can limit the time during which the student B's home LAN can be used by the terminal device 100 of the student A. Unauthorized use beyond the expiration date can be suppressed.

Furthermore, the terminal device 200 provides the terminal device 100 with a list of authentication-permitted terminals, and the terminal device 100 determines whether or not connection is possible based on the list. network connections are prevented.

[Third embodiment]
Next, a third embodiment will be described. Differences from the above-described second embodiment will be mainly described, and descriptions of common items will be omitted.

In the third embodiment, the server device 300 provides a function of determining authentication permission using a list of authentication-permitted terminals. The information processing system of the third embodiment is similar to the information processing system of the second embodiment illustrated in FIG. The information processing system of the third embodiment is also realized by hardware similar to that of the second embodiment. The terminal devices 100 and 200 of the third embodiment have the same functions as the functions illustrated in FIGS. Processing that differs from the second embodiment is described below.

The server device 300 of the third embodiment has the following functions.
FIG. 11 is a diagram illustrating an example of functions of a server device according to the third embodiment.
The server device 300 has a storage unit 310 , a permission list acquisition unit 320 and an authentication processing unit 330 . A storage area of the RAM or HDD of the server device 300 is used for the storage unit 310 . Permission list acquisition unit 320 and authentication processing unit 330 are realized by executing a program stored in RAM of server device 300 by CPU of server device 300 .

Storage unit 310 stores an authentication permitted terminal list. The authentication permitted terminal list is acquired from the terminal device 200 .
The permission list acquisition unit 320 receives the authentication permission terminal list from the terminal device 200 and stores it in the storage unit 310 . The authentication-permitted terminal list indicates terminal information of terminal devices that are authenticated and permitted for network identification information such as network names. Although the network name given by the user is exemplified below as the network identification information, the network identification information may be other information such as SSID. The terminal information is, for example, the MAC address of the terminal device 100, a terminal-specific identification number, and the like.

The authentication processing unit 330 receives an authentication request from the terminal device 100 and performs authentication processing of the terminal device 100 based on the authentication permitted terminal list stored in the storage unit 310 . The authentication request from the terminal device 100 includes network identification information of the connected network and terminal information of the terminal device 100 . If the terminal information of the terminal device 100 is included in the authentication-permitted terminal list, the authentication processing unit 330 determines that the terminal device 100 is authenticated. It is determined that authentication is not permitted. If the terminal device 100 permits authentication, the authentication processing unit 330 responds to the terminal device 100 to permit authentication. If the terminal device 100 does not permit authentication, the authentication processing unit 330 responds to the terminal device 100 that the authentication is not permitted.

FIG. 12 is a diagram showing an example of an authentication permitted terminal list.
The authentication permitted terminal list 311 includes items of network name and permitted MAC address. A network name is registered in the network name item. In the permitted MAC address item, the MAC address of a terminal device that has been authenticated and permitted for the network indicated by the network identification information is registered.

For example, in the authentication-permitted terminal list 311, a record with a network name of "school LAN" and a permitted MAC address of "MAC1" is registered. This record indicates that the terminal device with the permitted MAC address "MAC1" is authenticated and permitted for the network name "School LAN".

Multiple authorized MAC addresses can be registered for one network name. The authentication-permitted terminal list has the same data structure as the authentication-permitted terminal list 311 for networks other than the "school LAN" (for example, "student B's home LAN").

Next, processing procedures of the terminal devices 100 and 200 and the server device 300 will be described. First, the processing of the terminal device 200 that shares setting information for connection to the access point 50 will be described.

FIG. 13 is a flowchart showing an example of NW setting sharing control.
Here, in the third embodiment, the procedure differs from the procedure in FIG. 8 in that the terminal device 200 executes step S18 instead of step S17. Therefore, in the following, step S18 will be explained, and the explanation of steps S10 to S16 will be omitted. Step S18 is executed after step S16.

(S18) The permission list generating unit 220 transmits to the server device 300 the list of authentication permitted terminals generated in step S16. Here, an authentication-permitted terminal list 311 is exemplified as the list of authentication-permitted terminals. The permission list generating unit 220 may add the validity period set in step S<b>12 to the authentication permission terminal list 311 and transmit the result to the server device 300 . Then, permission list generation unit 220 advances the process to step S14.

Note that in step S16, an authentication-permitted terminal list 311 is generated for the network name in the setting information to be shared. Further, in the third embodiment, when steps S15 to S18 are passed through, the display control unit 230 sends notification information indicating that authentication by the server device 300 is required to the terminal device 100 in step S14. It is conceivable to encode it and include it in the code image.

Next, processing of the server device 300 will be described.
FIG. 14 is a flow chart showing an example of authentication control by the server device.
( S<b>40 ) The permission list obtaining unit 320 receives the authentication-permitted terminal list 311 from the terminal device 200 that is the sharing source, and stores the authentication-permitted terminal list 311 in the storage unit 310 .

(S41) The authentication processing unit 330 receives the network name of the connection destination and the terminal information from the terminal device 100 of the sharing destination. Assume that the network name of the connection destination is, for example, "School LAN". The terminal information includes the MAC address of the terminal device 100, for example. The terminal information is included in the authentication request to server device 300 . The authentication request is transmitted from the terminal device 100 to the server device 300 and received by the server device 300 immediately after the terminal device 100 starts connecting to the network.

(S42) The authentication processing unit 330 determines whether or not the received terminal information is in the authentication permitted terminal list 311 for the network name received in step S41. If the terminal information is in the authentication-permitted terminal list 311, the authentication processing unit 330 advances the process to step S43. If the terminal information is not in the authentication-permitted terminal list 311, the authentication processing unit 330 advances the process to step S44.

(S43) The authentication processing unit 330 responds to the sharing destination terminal device 100 with authentication permission. Then, the authentication control by the server device 300 ends.
(S44) The authentication processing unit 330 responds that the authentication is not permitted to the terminal device 100 of the sharing destination. Then, the authentication control by the server device 300 ends.

Next, processing of the terminal device 100 will be described. The authentication code image display control of the terminal device 100 is the same as the procedure in FIG.
FIG. 15 is a flowchart showing an example of NW connection control.

The following procedure is executed while the terminal device 100 is not connected to the access point 50 .
( S<b>50 ) The code image processing section 120 reads the code image 240 displayed on the display 205 of the terminal device 200 . The code image processing unit 120 acquires information provided from the terminal device 200 by decoding the read code image 240 .

(S51) The NW connection control unit 130 changes the NW connection settings based on the setting information acquired in step S50. Note that the NW connection control unit 130 saves the NW connection settings before change in a predetermined storage area of the storage unit 110 .

(S52) The NW connection control unit 130 connects with the access point 50 using the changed setting information. Thereby, the terminal device 100 is connected to the network 60 via the access point 50 .

(S53) Based on the information acquired in step S50, the NW connection control unit 130 determines whether or not server authentication is required. If server authentication is required, the NW connection control unit 130 advances the process to step S54. If server authentication is unnecessary, the NW connection control unit 130 advances the process to step S55. For example, the NW connection control unit 130 determines that server authentication is required when notification information indicating that server authentication is required is included in the information acquired in step S50, and determines that server authentication is required when the notification information is not included. It is conceivable to determine that authentication is unnecessary.

(S54) The NW connection control unit 130 transmits an authentication request including the network name of the current connection destination and the terminal information of the terminal device 100 to the server device 300, and performs server authentication based on the response from the server device 300 to the authentication request. It is determined whether or not it is permitted. In the case of server authentication permission, the NW connection control unit 130 advances the process to step S55. If the server authentication is not permitted, the NW connection control unit 130 advances the process to step S58. Here, if an authentication permission response is received from the server device 300 in step S43, server authentication is permitted, and if an authentication disapproval response is received from the server device 300 in step S44, server authentication is not permitted.

(S55) The NW connection control unit 130 determines whether or not there is a valid time limit for the current setting information. If there is a valid time limit, the NW connection control unit 130 advances the process to step S56. If there is no valid time limit, NW connection control ends. The determination method of step S55 is the same as that of step S35.

(S56) The NW connection control unit 130 starts monitoring the valid time. As described above, the effective time may be determined as the time from the start of the current connection, or may be determined as a specific time.

(S57) The NW connection control unit 130 determines whether or not the valid time has passed. If the valid time has passed, the process proceeds to step S58. If the valid time has not passed, the NW connection control unit 130 repeatedly executes step S57 to continue monitoring the valid time.

(S58) The NW connection control unit 130 undoes the change in the NW connection settings made in step S51. The NW connection control unit 130 erases the connection setting information for the access point 50 . As a result, the terminal device 100 cannot connect to the access point 50, and the connection with the network 60 is cut off. Then, the NW connection control ends.

In this manner, the authentication processing based on the authentication-permitted terminal list 311 may be performed by the server device 300 .
The terminal device 200 provides the authentication permitted terminal list to the server device 300, and the server device 300 determines whether or not the connection is permitted based on the list, thereby allowing other terminal devices around the terminal device 200 to illegally connect to the network. is prevented from occurring. For example, the server device 300 can record a history of authentication permission and authentication refusal together with the time, network name, and terminal information, and the recorded history can be viewed from a terminal device, etc., improving security against unauthorized network connections. can be made

In addition, in the second and third embodiments, a system for supporting learning is exemplified, but the functions of the terminal devices 100 and 200 and the server device 300 may be used in a system that provides other services.

As exemplified in the second and third embodiments, the terminal devices 100 and 200 execute the following processes, for example.
The terminal device 100 reads the identification information displayed on the display 205 of the terminal device 200 from the display 205 while the terminal device 100 is not connected to the network 60 . The identification information indicates setting information used by the terminal device 200 to connect to the network 60 . The terminal device 100 acquires setting information based on the identification information, and sets the setting information to its own device. Thus, the terminal device 100 becomes connectable to the network 60 using the setting information. This simplifies network settings for offline devices. The terminal device 100 is an example of the first device 10 . The terminal device 200 is an example of the second device 20 . The display 205 is an example of the display section 24 of the second device 20 .

Further, the terminal device 100 may acquire the validity period of the setting information based on the read identification information, and may prohibit the use of the setting information by the terminal device 100 when the validity period expires. As a result, unauthorized access to the network after the expiration date can be prevented, and security can be improved.

Further, the terminal device 100 acquires information indicating a list of devices for which authentication is permitted based on the identification information, determines whether or not the terminal device 100 is authenticated based on the list, and determines whether the authentication is permitted for the terminal device 100. If not, setting of setting information to the terminal device 100 may be restricted. As a result, the setting information provided by the terminal device 200 can be prevented from being illegally used by other terminal devices existing in the vicinity, and security can be improved. Note that the information on the device for which authentication has been permitted may be provided from the terminal device 100 to the terminal device 200 as an authentication code image, as described above. This makes it possible to easily improve security.

Terminal device 100 connects to network 60 using the setting information, and transmits an authentication request including information indicating network 60 and terminal device 100 to server device 300 via network 60 . The terminal device 100 determines whether the terminal device 100 is authenticated based on the response from the server device 300 . The terminal device 100 maintains the connection of the terminal device 100 to the network 60 when the authentication is permitted, and blocks the connection of the terminal device 100 to the network 60 when the authentication is not permitted. As a result, the setting information provided by the terminal device 200 can be prevented from being illegally used by other terminal devices existing in the vicinity, and security can be improved. Note that the information on the device subject to authentication permission may be provided from the terminal device 100 to the terminal device 200 as an authentication code image, as described above. This makes it possible to easily improve security. Note that the server device 300 can also be called a third device.

The identification information may be a two-dimensional code image generated by encoding the setting information by the terminal device 200 . As a result, it is possible to prevent surrounding users from recognizing the setting information held by the terminal device 200, thereby improving security.

The setting information includes the SSID of the access point 50 of the network 60 and the password corresponding to the SSID. As a result, it is possible to simplify the connection setting to the network 60 via the access point 50 for the terminal device 100 .

Also, as illustrated in the third embodiment, the server device 300 may determine whether or not to permit authentication.
For example, the terminal device 100 reads the identification information displayed on the display 205 of the terminal device 200 from the display 205 while the terminal device 100 is not connected to the network 60 . The terminal device 100 acquires setting information based on the identification information, and sets the setting information to its own device. Then, the terminal device 100 connects to the network 60 using the setting information. The server device 300 then authenticates the terminal device 100 connected to the network 60 . For example, the server device 300 performs the authentication in response to an authentication request from the terminal device 100 . The terminal device 100 acquires the result of authentication by the server device 300, and determines whether or not the terminal device 100 is authenticated based on the result of the authentication. The terminal device 100 maintains the connection of the terminal device 100 to the network 60 when the authentication is permitted, and blocks the connection of the terminal device 100 to the network 60 when the authentication is not permitted.

As a result, the setting information provided by the terminal device 200 can be prevented from being illegally used by other terminal devices existing in the surroundings, thereby improving security. Note that the information on the device subject to authentication permission may be provided from the terminal device 100 to the terminal device 200 as an authentication code image, as described above. This makes it possible to easily improve security.

The terminal device 200 also includes a processing unit that displays, on the display 205 of the terminal device 200, identification information indicating setting information that the terminal device 200 uses to connect to the network. The CPU included in the terminal device 200 is an example of the processing unit. When the identification information is read by the other device such as the terminal device 100 when it is not connected to the network, the network setting is performed on the other device using the setting information based on the identification information.

This makes it possible to simplify network settings in other devices such as the terminal device 100 that is not connected to the network.
The information processing according to the first embodiment can be realized by causing the processing unit 12 to execute a program. Information processing according to the second embodiment can be realized by causing the CPU 101 to execute a program. The program can be recorded on a computer-readable recording medium 109 .

For example, the program can be distributed by distributing the recording medium 113 recording the program. Alternatively, the program may be stored in another computer and distributed via a network. The computer, for example, stores (installs) a program recorded on the recording medium 113 or a program received from another computer in a storage device such as the RAM 102 or HDD 103, reads the program from the storage device, and executes it. good.

10 first device 20 second device 11, 21 storage unit 12, 22 processing unit 13, 23 communication unit 14 reading unit 24 display unit 30 access point 40 network D1 setting information D2 identification information

Claims (10)

The computer used as the first device,
identification information displayed on a display unit of a second device while the first device is not connected to the network, the identification information indicating setting information used by the second device to connect to the network; reading from the display of the second device;
obtaining the setting information based on the identification information;
setting the setting information in the first device;
A setting support program that executes processing. obtaining a validity period of the setting information based on the identification information;
Disabling use of the setting information by the first device when the valid period expires;
2. The setting support program according to claim 1, causing the computer to execute the processing. Obtaining information indicating a list of devices authorized for authentication based on the identification information;
determining whether or not the first device is authenticated based on the list, and restricting setting of the setting information to the first device if the authentication is not permitted;
2. The setting support program according to claim 1, causing the computer to execute the processing. connecting to the network using the setting information, and transmitting an authentication request including information indicating the network and the first device to a third device via the network;
determining whether the first device is authenticated based on the response from the third device; if authenticated, maintaining connection of the first device to the network; if not, disconnect the first device from the network;
2. The setting support program according to claim 1, causing the computer to execute the processing. 2. The setting support program according to claim 1, wherein the identification information is a two-dimensional code image generated by encoding the setting information by the second device. The setting information includes an SSID (Service Set Identifier) in the access point of the network and a password corresponding to the SSID.
The setting support program according to claim 1. The identification information displayed on the display unit of the other device while the own device is not connected to the network, the identification information indicating the setting information used by the other device to connect to the network, is transmitted to the other device. a reading unit that reads from the display unit;
a processing unit that acquires the setting information based on the identification information and sets the setting information to the own device;
Information processing device having A first device, in a state in which the first device is not connected to a network, is identification information displayed on a display unit of a second device, and is setting information used by the second device to connect to the network. read the identification information shown from the display unit of the second device, acquire the setting information based on the identification information, set the setting information in the first device, and use the setting information to connect to the network connection,
a third device authenticating the first device connected to the network;
If the first device obtains a result of authentication by the third device, and if the first device is authenticated, maintains connection of the first device to the network, and if authentication is not granted , disconnecting the first device from the network;
Information processing methods. to the computer,
executing a process of displaying identification information indicating setting information used by the computer to connect to a network on a display unit of the computer;
When the identification information is read by another device while not connected to the network, network settings are performed on the other device using the setting information based on the identification information.
A setting support program characterized by: An information processing device,
a processing unit for displaying, on a display unit of the information processing device, identification information indicating setting information used by the information processing device for connection to a network;
When the identification information is read by another device while not connected to the network, network settings are performed on the other device using the setting information based on the identification information.
An information processing device characterized by:

Images