JP2023065498A - Route building system, route building method, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a route building system or the like that allows a user to access a database from outside a local environment using a mobile device, and that has strong security.

SOLUTION: A route building system that builds a network route to access a computer installed in a local environment from an external mobile device includes a DL request receiving unit that receives a download request from the mobile device, an address notification unit that notifies the mobile device of the URL, and an access permission unit that permits access from the mobile device to the computer, and the DL request receiving unit, the address notification unit, and the access permission unit all operate in a background of the computer.

SELECTED DRAWING: Figure 1

COPYRIGHT: (C)2023,JPO&INPIT

Description

The present invention relates to a route building system, a route building method and a program, and more particularly to a route building system for building a network route for accessing a computer installed in a local environment from an external mobile device.

In the conventional sales management software installed in the local environment, it was common to open the database to the outside in order to allow users to view data from outside the local environment using mobile devices. . Further, there is known a communication device or the like that performs setting processing for setting whether to provide only standard functions or to provide standard functions and extended functions to an external device according to the connection history (Patent Document 1). .

JP 2017-085376 A

However, some technical knowledge is required for the operation itself of opening the database to the outside. In addition, if the database is opened to the outside, the security becomes weak, and countermeasures such as encryption are required.

For example, Cybozu's kintone (registered trademark) uses https (port number: 445), which is used on its home page, and has strong security when performing normal database exchanges. However, it is weaker in terms of security than the encryption used in Azure, which is a collection of cloud services provided by Microsoft (registered trademark). In the end, there was still room for development in terms of maintaining security while allowing access from the outside.

SUMMARY OF THE INVENTION Accordingly, it is an object of the present invention to provide a route construction system or the like that allows a user to access a computer installed in the local environment from outside the local environment using a mobile device and that has strong security.

A first aspect of the present invention is a route building system for building a network route for accessing a computer installed in a local environment from an external mobile device, comprising: a DL request receiving unit that receives a download request from the mobile device; , an address notification unit that notifies the mobile device of a URL, and an access permission unit that permits access from the mobile device to the computer, the DL request reception unit, the address notification unit, and the access permission unit. is a route building system that all runs in the background of the computer.

A second aspect of the present invention is the route construction system according to the first aspect, further comprising a two-dimensional barcode display unit for displaying a two-dimensional barcode on the mobile device, wherein the access permission unit Access is permitted from the mobile device that has accessed by reading the dimensional barcode.

A third aspect of the present invention is the path construction system according to the second aspect, wherein the address notification unit notifies an address from which the application is downloaded as the URL, and the access permission unit causes the application to download the Access is permitted from the mobile device that has accessed by reading the two-dimensional barcode.

A fourth aspect of the present invention is a route building method using a route building system for building a network route for accessing a computer installed in a local environment from an external mobile device, wherein the route building system comprises the mobile a DL request receiving unit that receives a download request from a device; an address notification unit that notifies the mobile device of a URL; and an access permission unit that permits access from the mobile device to the computer, wherein the DL request receiving unit and the address notification unit and the access permission unit all operate in the background of the computer, and the DL request reception unit receives a download request from the mobile device in the background of the computer. a request receiving step, an address notification step in which the address notification unit notifies the mobile device of a URL in the background of the computer, and an access permission unit in the background of the computer, from the mobile device to the computer and an access permitting step of permitting access.

A fifth aspect of the present invention is a program for causing a computer to execute the route construction method of the fourth aspect.

According to each aspect of the present invention, the user can access the database from the outside using a mobile device such as a smartphone or a tablet device without setting a router, etc., and a route building system that is strong in terms of security. etc., can be provided. General sales management software and core systems realize a strong security environment. According to the present invention, the user can access the customer database from the outside and view the customer information and sales information without changing the environment.

Moreover, according to the second and third aspects of the present invention, it becomes easier to permit access only to specific mobile devices and to construct a route while maintaining security.

1 is a block diagram showing an example of an outline of a route building system according to the present invention; FIG. It is a figure which shows an example of the communication route of the route building system based on this invention. It is a flow figure showing an example of the course construction method concerning the present invention.

Hereinafter, embodiments of the present invention will be described in detail. In addition, embodiment of this invention is not limited to the following examples.

First, an overview of the configuration of HYCAS (Hybrid Connection API System), which is a route construction system 1 (an example of the "route construction system" in the claims of the present application) according to the present invention, will be described.

By using HYCAS, the SQL (registered trademark) database of the core system can be accessed safely and securely from the outside from a mobile device. HYCAS communicates with Windows Service installed in the local environment. In addition, it is a mechanism that can be easily set without the need for conventional complicated settings.

FIG. 1 is a block diagram showing an overview of the configuration of HYCAS. Referring to FIG. 1, HYCAS includes a DL request receiving unit 3 (an example of a "DL request receiving unit" in the claims of the present application), an address notification unit 5 (an example of the "address notification unit" in the claims of the present application), It includes a two-dimensional barcode display section 7 (an example of a "two-dimensional barcode display section" in the claims of the present application) and an access permission section 9 (an example of the "access permission section" in the claims of the present application).

The DL request receiving unit 3 receives download requests from mobile devices. The address notification unit 5 notifies the mobile device of the URL. The two-dimensional barcode display unit 7 displays the two-dimensional barcode on the mobile device. An access permitting unit 9 permits access from a mobile device that has accessed by reading a two-dimensional barcode.

Next, an example of a HYCAS communication path will be described. Referring to FIG. 2, a mobile device 11 such as a smartphone or a tablet device (an example of a “mobile device” in the claims of the present application) communicates with a cloud service 13 such as WINDOWS AZURE (registered trademark). The cloud service 13 communicates with a background process unit 17 such as Windows Service, which is a group of programs that operate in the background in a local environment 15 (an example of the "local environment" in the claims of the present application). Furthermore, the background process unit 17 communicates with various programs 19 existing in the local environment. Here, the DL request receiving unit 3, the address notification unit 5, the two-dimensional barcode display unit 7, and the access permission unit 9 in FIG. 1 are all specific examples of the background processing unit 17. FIG.

Next, a route building method using the route building system 1 will be described. FIG. 3 is a flow diagram showing an example of a route construction method according to the present invention.

Referring to FIG. 3, first, a computer in the local environment (an example of a "computer" in the claims of the present application) has SQL installed, and installs the Windows SDK used to connect the Azure and on-premise environments ( step ST001). A user of the mobile device purchases, for example, an inventory application (an example of an "application" in the claims of the present application) at a store and downloads it to the mobile device (step ST002). Subsequently, the user causes the mobile device to issue a request to upgrade the inventory application to a paid version or the like (step ST003). At this time, the address notification unit issues a URL for downloading the program to the mobile device by e-mail (step ST004). The mobile device upgrades the program (step ST005).

Next, set up a gateway connection on the Azure Portal. Specifically, the two-dimensional barcode display unit displays the two-dimensional barcode on the mobile device (step ST006). The user opens the inventory application and reads the displayed two-dimensional barcode (step ST007). The access permission unit determines whether the access is based on the two-dimensional barcode issued by the two-dimensional barcode display unit and read from the inventory application (step ST008).

Here, as a specific determination method, the connection information embedded in the two-dimensional barcode is compared with the information processed in step ST001 and created by the computer in which Windows SDK is installed, and all of these information are compared. match. Examples of connection information embedded in a 2D barcode include SQL database access IP address, access user name, access password, and a unique ID that encrypts these information, but a part of these is also acceptable. However, it may be other than these.

If the access satisfies the conditions of step ST008, the access permitting unit permits access from the mobile device, thereby enabling communication between the local device and the mobile device (step ST009), and the flow ends. If the access does not satisfy the condition of step ST008, the access permitting section denies the access and the flow ends.

By using HYCAS, tens or even hundreds of mobile devices can be connected without complicated settings such as routers. Also, it is possible to allow the user to use only a specific program without giving the user computer authority in the local environment.

1; route construction system, 3; DL request reception unit, 5; address notification unit, 7; two-dimensional barcode display unit, 9; access permission unit, 11; mobile device, 13; ; background process unit 19; various programs

Claims (9)

A route building system for building a network route for accessing a second computer different from the first computer via a first computer that provides a cloud service from an external mobile device,
a two-dimensional barcode display unit for displaying a two-dimensional barcode;
an access permission unit that permits access to the second computer from the mobile device accessed by reading the two-dimensional barcode;
The route building system, wherein the two-dimensional barcode display section and the access permission section operate in the background of the second computer. 2. The path construction system according to claim 1, further comprising a setting unit for setting a gateway connection between said first computer and said second computer. 3. The route building system according to claim 2, wherein said access permitting unit compares connection information embedded in the two-dimensional bar code with information created by said second computer, and determines whether the information matches. 4. The route construction system according to claim 3, wherein said connection information includes an access IP address to a database of said second computer. A route building method using a route building system for building a network route for accessing a second computer different from the first computer via a first computer that provides a cloud service from an external mobile device,
The second computer is
a two-dimensional barcode display unit for displaying a two-dimensional barcode;
an access permission unit that permits access to the second computer from the mobile device accessed by reading the two-dimensional barcode;
The two-dimensional barcode display unit and the access permission unit operate in the background of the second computer,
The access permission unit, in the background of the second computer, determines whether the mobile device accessed by reading the two-dimensional barcode accesses the second computer, and permits the access that satisfies the conditions. A route building method, including a step of granting access to 6. The route construction method according to claim 5, further comprising a setting step of setting a gateway connection between said first computer and said second computer before said access permitting step. Between said setting step and said access granting step,
7. The access permitting unit according to claim 6, further comprising a determination step of comparing the connection information embedded in the two-dimensional barcode with the information created by the second computer, and determining whether the information matches. route building method. 8. The route building method according to claim 7, wherein said connection information includes an access IP address to a database of said second computer. A program for causing a computer to execute the route construction method according to any one of claims 5 to 8.

Images