JP4775154B2 - COMMUNICATION SYSTEM, TERMINAL DEVICE, PROGRAM, AND COMMUNICATION METHOD - Google Patents

Description

The present invention relates to a communication system, terminal device, program, and relates to a communication method and, more particularly, a communication system including the terminal apparatus and the server apparatus, and the terminal apparatus, the program in such a communication system and, It relates to a communication method.

  VPN (Virtual Private Network) is a technique for connecting a plurality of LANs using other communication paths to virtually operate as one LAN. For example, consider a case where a device belonging to a certain LAN is taken outside and the device is connected to another device in the LAN. In this case, the device is first connected to a VPN server installed in the LAN. Thereafter, communication is performed between a device in the LAN and a device connected to the VPN server using a communication path established between the VPN server and the VPN server.

  Regarding VPN technology, there is a VPN automatic connection system as a system for automatically connecting a VPN to a LAN to which the device belongs when a device taken outside is connected to an external network. An example of a conventional VPN automatic connection system is described in Patent Document 1. In Patent Document 1, when a device is connected to a network, the address system of the connected network is detected, and when the detected address system is different from the LAN address system to which the device belongs, it is determined that it has been taken outside. VPN connection is automatically made to the affiliated LAN.

By the way, since the device connected to the affiliated LAN by VPN connection is connected to the affiliated LAN through a communication path other than the affiliated LAN, in addition to being able to communicate directly with the device in the affiliated LAN, the VPN is connected. Therefore, it is possible to communicate directly with an external device other than the belonging LAN through the communication path used for this purpose. In such a state, there is a risk that information stored in the belonging LAN leaks out from the device connected to the VPN. Therefore, Patent Document 1 uses a mechanism that prevents information leakage by prohibiting the use of communication paths other than VPN for applications during VPN connection.
JP 2006-20089 A

  Here, in the prior art including Patent Document 1, it is determined by using a network address whether or not the connected LAN is a belonging LAN. However, the network address can be easily changed by a network administrator, and it is easy to set the same network address as the belonging LAN. For this reason, when the network to which the terminal is connected is misrepresented as if it belongs to the affiliated LAN, the terminal can communicate with any device connected to the network. There is a problem that information may be leaked to devices other than the LAN.

  Also, in the prior art, whether or not the network to which the terminal is connected is an affiliated network is determined only by the network address, so when there are multiple networks to be determined and there are networks with the same network address It is difficult to determine where the connected network is. Furthermore, when a new network is constructed, it is necessary to set the information in all terminals, and there is a problem that setting is troublesome.

The present invention solves the above-mentioned problems of the prior art, and even when the terminal is taken outside, the communication system and method capable of preventing the information in the network to which the terminal belongs from leaking to the outside, and such a terminal apparatus used in a communication system,及 beauty, and to provide a program.

Further, the present invention relates to a communication system and method COMMUNICATION filtering in accordance with the connected network can perform, as well, and to provide a terminal equipment used in such communication systems.

In order to achieve the above object, a communication system of the present invention is a communication system using a terminal device and a VPN server that provides a VPN (Virtual Private Network) function to the terminal device. There authenticate with the VPN server was found on the connected network, the VPN server was the discovery, the server authentication unit that determines whether the normal VPN server, regular VPN by the server authentication unit If it is determined that the server is a server, the terminal device is allowed to communicate with the connected network. If the server authentication unit determines that the terminal device is not a regular VPN server, the terminal device On the other hand, a firewall means for prohibiting all communication with the connected network is provided.

  In the communication system of the present invention, the network to which the terminal device is connected is determined based on whether or not the server authentication unit determines that the VPN server found on the connected network is a normal VPN server. If it is determined that the network is connected, it is determined that the connected network is a network to which the terminal device is to be connected, and communication with the connected network is permitted by the firewall unit. In this way, when it is confirmed that the network to which the terminal device is connected is the network to be connected, the terminal device is allowed to communicate with other devices in the connected network. It is possible to prevent a situation in which information leaks from the terminal device outside the network to be connected.

In the communication system of the present invention, the server authentication means requests the discovered VPN server for authentication, receives an authentication response from the VPN server in response to the authentication request, and based on the received authentication response, A configuration for determining whether or not the discovered VPN server is a regular VPN server can be employed. In this case, the authentication response includes information obtained by encrypting predetermined information using information that only a legitimate VPN server can know, and the VPN server authentication means includes an encryption response included in the authentication response. When the converted information can be correctly solved using information that only a legitimate VPN server can know, a configuration can be adopted in which the discovered VPN server is determined to be a legitimate VPN server. As information that only the legitimate VPN server can know, the network ID of the internal network to which the VPN server is connected, the ID common to the system, and the like can be used. Further, for example, a random numerical value generated on the terminal device side can be used as the predetermined information.

  In the communication system of the present invention, the VPN server is connected to an external network and an internal network, and communication between a terminal device connected to the external network and a device connected to the internal network is performed. It is possible to employ a configuration that provides a VPN function that enables the above.

The communication system of the present invention further comprises server search means for searching for a VPN server existing on the network to which the terminal device is connected, and the server authentication means is a VPN server in which the VPN server discovered by the server search means is a regular VPN server. The firewall means determines only the communication used for searching for the VPN server before the server authentication means determines that the discovered VPN server is a legitimate VPN server. On the other hand, it is possible to adopt a configuration that prohibits all communication different from the communication used for searching the VPN server . In this case, the server search means transmits a server search message to the connected network and receives a search response message for the server search message. It is possible to adopt a configuration for discovering as a VPN server existing on the network. By doing in this way, the terminal device can find the VPN server which exists on the connected network.

  In the communication system according to the present invention, when the VPN server receives the server search message via the internal network, the VPN server includes a search response unit that transmits the search response message to a terminal device that is a transmission source of the server search message. Configuration can be adopted.

In the communication system according to the present invention, when the server search means determines that a VPN server cannot be found on the connected network, a virtual communication path is established between the server and a VPN server existing on a different network from the connected network. It is possible to adopt a configuration that further includes a VPN connection unit that generates and uses the generated virtual communication path to connect to the internal network to which the VPN server is connected. When there is no VPN server on the network to which the terminal device is connected, it means that the connected network is a network different from the network to be connected. In this case, the terminal device communicates with other devices in the network to be connected by connecting to the VPN server and connecting to the network to which the terminal device is connected, which is the internal network of the VPN server. It can be performed.

  In the communication system of the present invention, when the VPN connection unit determines that the server authentication unit is not a regular VPN server, the VPN connection unit accesses a VPN server existing on a network different from the connected network, and the VPN server It is possible to adopt a configuration in which a virtual communication path is generated between the server and the internal network to which the VPN server is connected using the generated virtual communication path. That the VPN server on the connected network is not a regular VPN server means that the terminal device is connected to a network different from the network to be connected. In this case, the terminal device communicates with other devices in the network to be connected by connecting to the VPN server and connecting to the network to which the terminal device is connected, which is the internal network of the VPN server. It can be performed.

  In the communication system according to the present invention, when the VPN connection unit determines that the server authentication unit is a regular VPN server, the regular VPN server exists on an affiliated network set in advance for the terminal device. If it is determined whether it is a VPN server, and if it is not a VPN server existing on the affiliated network, a virtual communication path is generated with the VPN server existing on the connected network, and the affiliated network A VPN server on the network is accessed, a virtual communication path is generated between the VPN server on the affiliated network and the VPN server existing on the connected network, and both the generated virtual communication paths are used. A configuration of connecting to the affiliated network can be employed. If the VPN server on the connected network is a regular VPN server but not the VPN server of the affiliated network, the VPN server on the affiliated network is connected to the VPN server on the affiliated network via the VPN server on the connected network. Connect to. In this way, the terminal device can communicate with other devices in the belonging network.

  In the communication system according to the present invention, the firewall means adopts a configuration in which only the communication using the virtual communication path generated with the VPN server is allowed to the terminal device, and other communication is prohibited. it can. In this case, by prohibiting communication with the connected network, it is possible to prevent the terminal device from leaking information in the network connected via the VPN server.

  In the communication system of the present invention, the firewall unit may adopt a configuration that prohibits all communication to the terminal device when the server authentication unit determines that the server is not a regular VPN server. Although a VPN server exists on the connected network, but the VPN server is not a regular VPN server, it is considered that the connected network is spoofed as a network to which the terminal device should be connected. In this case, by prohibiting all communication by the firewall means, it is possible to prevent a situation in which information in the terminal device leaks to the connected network.

The terminal device of the present invention is a terminal device used in a communication system including a VPN server that provides a VPN (Virtual Private Network) function to the terminal device, and is a VPN discovered on the network to which the terminal device is connected. authenticate with the server, VPN server that has the found, the server authentication means for determining whether legitimate VPN server, if it is determined that an authorized VPN server by the server authentication unit, said terminal When the device authenticates all communication with the connected network and the server authentication means determines that the device is not a legitimate VPN server, the device communicates with the connected network. And firewall means for prohibiting all communications .

  In the terminal device of the present invention, the connected network is determined based on whether or not the server authentication unit determines that the VPN server found on the connected network is a regular VPN server, and is a regular VPN server. If it judges, it will judge that the connected network is a network which a terminal device should connect, and communication with the connected network is permitted by a firewall means. By doing in this way, when it is confirmed that the network to which the terminal device is connected is the network to be connected, communication with other devices in the connected network can be started. Therefore, it is possible to prevent information from leaking outside the network to be connected.

In the terminal device according to the present invention, when the server authentication means requests the VPN server found on the connected network to authenticate and receives an authentication response from the VPN server in response to the authentication request, the received authentication Based on the response, it is possible to adopt a configuration for determining whether or not the discovered VPN server is a regular VPN server. In this case, the authentication response includes information obtained by encrypting predetermined information using information that only a legitimate VPN server can know, and the VPN server authentication means includes an encryption response included in the authentication response. When the converted information can be correctly solved using information that only a legitimate VPN server can know, a configuration can be adopted in which the discovered VPN server is determined to be a legitimate VPN server. As information that only the legitimate VPN server can know, the network ID of the internal network to which the VPN server is connected, the ID common to the system, and the like can be used. Further, for example, a random numerical value generated on the terminal device side can be used as the predetermined information.

The terminal device according to the present invention further includes server search means for searching for a VPN server existing on a network to which the terminal device is connected, and the server authentication means is configured such that the VPN server discovered by the server search means is a regular VPN server. The firewall means determines only the communication used for searching for the VPN server before the server authentication means determines that the discovered VPN server is a legitimate VPN server. On the other hand, it is possible to adopt a configuration that prohibits all communication different from the communication used for searching the VPN server .

When the server search means determines that there is no VPN server on the connected network, the terminal device of the present invention establishes a virtual communication path with a VPN server existing on a network different from the connected network. It is possible to employ a configuration that further includes a VPN connection unit that generates and performs VPN communication with the VPN server using the generated virtual communication path. When there is no VPN server on the network to which the terminal device is connected, it means that the connected network is a network different from the network to be connected. In this case, by connecting to the VPN server and connecting to the network to which the terminal device is to be connected, which is the internal network of the VPN server, the terminal device is connected to other devices in the network to be connected. Can communicate.

  In the terminal device according to the present invention, when the VPN connection unit determines that the server authentication means is a regular VPN server, the regular VPN server exists on a network to which the terminal device is set in advance. If it is determined whether it is a VPN server, and if it is not a VPN server existing on the affiliated network, a virtual communication path is generated with the VPN server existing on the connected network, and the affiliated network A VPN server on the network is accessed, a virtual communication path is generated between the VPN server on the affiliated network and the VPN server existing on the connected network, and both the generated virtual communication paths are used. A configuration of connecting to the affiliated network can be employed. If the VPN server on the connected network is a regular VPN server but not the VPN server of the affiliated network, the VPN server on the affiliated network is connected to the VPN server on the affiliated network via the VPN server on the connected network. Connect to. In this way, the terminal device can communicate with other devices in the belonging network.

  In the terminal device according to the present invention, the firewall unit may adopt a configuration in which only the communication using the generated virtual communication path is permitted to the terminal device and other communication is prohibited. In this case, by prohibiting communication with the connected network, it is possible to prevent the terminal device from leaking information in the network connected via the VPN server.

  In the terminal device of the present invention, the firewall unit may adopt a configuration that prohibits all communication to the terminal device when the server authentication unit determines that it is not a regular VPN server. Although a VPN server exists on the connected network, but the VPN server is not a regular VPN server, it is considered that the connected network is spoofed as a network to which the terminal device should be connected. In this case, by prohibiting all communication by the firewall means, it is possible to prevent a situation in which information in the terminal device leaks to the connected network.

  The VPN server of the present invention is connected to an external network and an internal network, and allows a terminal device connected to the external network to communicate with a device connected to the internal network. A VPN server providing a private network function, and upon receiving an authentication request transmitted by a terminal device via the internal network, transmits an authentication response to the authentication request to the terminal device of the received authentication request An authentication response unit is provided.

  The VPN server of the present invention transmits an authentication response to the authentication request from the terminal device connected to the internal network side, and the internal network to which the terminal device is connected is connected to the terminal device by the regular VPN server. To ensure that the network is secure. In this way, the terminal device side can confirm that the connected network is a network in which a regular VPN server exists, that is, a network to be connected, and then starts communication with the connected network. Thus, communication can be performed with other devices in the network that have been confirmed to be connected.

  In the VPN server of the present invention, the authentication response unit can employ a configuration in which information encrypted using information that only a legitimate VPN server can know is included in the authentication response and transmitted. In this case, the VPN server is a regular VPN server depending on whether or not the encrypted information included in the authentication response can be solved using information that only the regular VPN server can know. It can be determined whether or not.

  When the VPN server of the present invention receives a server search message transmitted by the terminal device via the internal network, the VPN server sends a response to the server search message to the terminal device that is the transmission source of the server search message. A configuration further including a search response unit that transmits a search response message can be employed. In this case, the terminal device side can find a VPN server existing on the connected network by receiving a response from the search response unit.

The communication method of the present invention is a communication method using a server device and a terminal device having firewall means, wherein the terminal device requests authentication from a server device found in a connected network; The server device returns a response to the authentication request, and the terminal device returns the response based on the response from the server device, whether or not the server device is a legitimate server device. And when the terminal device determines that the server device that has returned the response is a legitimate server device, the firewall device is connected between the terminal device and the network to which the terminal device is connected. all the steps of instructing to allow communication, the terminal apparatus, server apparatus legitimate server device that returned the response of If it is determined that it does not, to the firewall device, and having the steps of: instructing to prohibit all communications between the network to which the terminal device and the terminal device is connected.

  In the communication system of the present invention, authentication is performed between the terminal device and the server device found on the network, and as a result of the authentication, whether or not the found server device is determined to be a legitimate server device, The network to which the terminal device is connected is determined. When it is determined that the server is a legitimate server device, it is determined that the connected network is a network to which the terminal device is to be connected, and communication with the connected network is permitted by the firewall unit. In this way, when it is confirmed that the network to which the terminal device is connected is the network to be connected, the terminal device is allowed to communicate with other devices in the connected network. It is possible to prevent a situation in which information leaks from the terminal device outside the network to be connected.

  In the communication method of the present invention, the server device is connected to an external network and an internal network, and a terminal device connected to the external network can communicate with a device connected to the internal network. It is possible to adopt a configuration that is a VPN server that provides a VPN (Virtual Private Network) function.

Communication method of the present invention, prior to the step of requesting the authentication, the step of the terminal apparatus further have a step of searching for a server device present in the connected network, requesting the authentication, the server In the step of requesting authentication for the server device discovered in the step of searching for a device, and in the step of determining whether or not it is the regular server device, the discovered VPN server is a regular VPN server Before determining that the firewall server is instructed to permit only the communication used for the search for the VPN server, while all the communication different from the communication used for the search for the VPN server is performed. It can be adopted a configuration in which further have a step of instructing to prohibit. In this case, the terminal device can find a VPN server existing on the connected network.

  In the communication method of the present invention, when the server device is not found in the connected network, the terminal device generates a virtual communication path with a server device existing on a network different from the connected network, The step of connecting to the internal network to which the server device is connected using the generated virtual communication path, and the terminal device only allows the firewall means to communicate via the generated virtual communication path. And a step of instructing to do so can be adopted. When there is no VPN server on the network to which the terminal device is connected, it means that the connected network is a network different from the network to be connected. In this case, the terminal device is connected to a VPN server outside the connected network, and is connected to the network to which the terminal device is connected, which is the internal network of the VPN server. Communication with other devices can be made possible. Further, at that time, by permitting only communication with the virtual communication path and prohibiting other communication with the connected network by the firewall means, information in the network connected through the VPN server is leaked from the terminal device. The situation can be prevented.

  In the communication method according to the present invention, when the terminal device determines that the discovered server device is not a legitimate server device, all communication between the terminal device and the network to which the terminal device is connected is performed with respect to the firewall unit. It is possible to employ a configuration having a step of instructing to prohibit the communication. Although a VPN server exists on the connected network, but the VPN server is not a regular VPN server, it is considered that the connected network is spoofed as a network to which the terminal device should be connected. In this case, by prohibiting all communication by the firewall means, it is possible to prevent a situation in which information in the terminal device leaks to the connected network.

  When the terminal device determines that the discovered server device is not a legitimate server device, the communication method of the present invention accesses a server device that exists on a network different from the connected network, and communicates with the server device. A virtual communication path between the server device using the generated virtual communication path and connecting to the internal network of the server device, and the terminal device to the firewall means the virtual communication path generated And a step of instructing to permit only communication according to the above. That the VPN server on the connected network is not a regular VPN server means that the terminal device is connected to a network different from the network to be connected. In this case, the terminal device is connected to the VPN server outside the network to which the terminal device is connected, and is connected to the network to which the terminal device is to be connected, which is the internal network of the VPN server. Communication with other devices can be performed. Further, at that time, by permitting only communication with the virtual communication path and prohibiting other communication with the connected network by the firewall means, information in the network connected through the VPN server is leaked from the terminal device. The situation can be prevented.

  In the communication method of the present invention, the terminal device is not a server device in which the discovered server device is a legitimate server device, and the server device is connected to an affiliated network set in advance for the terminal device. Determining a virtual communication path with a server device existing in the connected network, the terminal device accesses a server device existing in the affiliated network, and a server device of the affiliated network A step of generating a virtual communication path with a server device existing in the connected network, a step of connecting the terminal device to the belonging network using the generated virtual communication path, and the terminal device However, it is instructed to allow only the communication through the generated virtual communication path to the firewall means. A structure and a step of can be employed. If the VPN server on the connected network is a regular VPN server but not the VPN server of the affiliated network, the VPN server on the affiliated network is connected to the VPN server on the affiliated network via the VPN server on the connected network. Connect to. In this way, the terminal device can communicate with other devices in the belonging network. Further, at that time, by permitting only communication with the virtual communication path and prohibiting other communication with the connected network by the firewall means, information in the network connected through the VPN server is leaked from the terminal device. The situation can be prevented.

A program according to a first aspect of the present invention is a program used in a communication system including a VPN server that provides a VPN (Virtual Private Network) function to a terminal device, and the terminal device includes: a process of V PN server found on the connected network is determined whether normal VPN server, if the VPN server is determined to be normal VPN server, to the terminal device, and the connection network A process for permitting all communication with the network, and a process for prohibiting all communication with the connected network for the terminal device when it is determined that the VPN server is not a regular VPN server. It is characterized by making it.

  In the program according to the first aspect of the present invention, the authentication process of the VPN server includes a process of requesting authentication to a VPN server existing on the connected network, and an authentication response from the VPN server in response to the authentication request. And a process of determining whether or not the VPN server is a regular VPN server based on the received authentication response.

In a first aspect of the program of the present invention, the prior to the authentication process of the VPN server and the terminal device, further execute a process of the terminal apparatus searches for a VPN server on the network connected, the normal The process of determining whether or not the VPN server is a normal VPN server is a process of determining whether or not the VPN server discovered in the process of searching for the VPN server is a regular VPN server. In this process, before it is determined that the discovered VPN server is a legitimate VPN server, only the communication used for searching the VPN server is permitted to the terminal device, while the VPN server It is possible to adopt a configuration in which a process for prohibiting all communications different from the communications used for the search is further executed .

  When the program of the first aspect of the present invention determines that a VPN server cannot be found on the connected network in the process of searching for the VPN server, the VPN server existing outside the connected network is connected to the terminal device. It is possible to adopt a configuration in which a virtual communication path is generated between and a VPN communication is further executed using the generated virtual communication path.

  The program according to the first aspect of the present invention, when the authentication process of the VPN server determines that the program is a legitimate VPN server, the legitimate VPN server sends the terminal apparatus to the terminal apparatus in advance. When it is determined that it is a VPN server existing on the set affiliated network, and when it is not a VPN server existing on the affiliated network, a VPN server existing on the connected network A virtual communication path between the VPN server on the affiliated network and the VPN server existing on the connected network is generated by accessing the VPN server on the affiliated network. And further executing a process of connecting to the affiliated network using both of the generated virtual communication paths. It can be adopted formed.

  In the program according to the first aspect of the present invention, after the virtual communication path is generated, the computer is allowed only communication using the generated virtual communication path to the terminal device, and other communication is performed. It is possible to adopt a configuration for executing a prohibited process.

  In the program according to the first aspect of the present invention, when the authentication process of the VPN server determines that the VPN server is not a legitimate VPN server, the terminal device is connected between the terminal device and the connected network. A configuration for executing processing for prohibiting all communications can be employed.

  The program according to the second aspect of the present invention is connected to an external network and an internal network, and enables a terminal device connected to the external network to communicate with a device connected to the internal network. A program used in a communication system including a VPN server that provides a VPN (Virtual Private Network) function, wherein a message for server search sent by a terminal device via the internal network is sent to the VPN server. When receiving, when receiving the processing request for transmitting the search response message as a response to the server search message to the terminal device that is the transmission source of the server search message, and the authentication request transmitted by the terminal device via the internal network , The authentication request is received by the terminal device of the received authentication request. Characterized in that to execute the process of transmitting the response.

  In the program of the second aspect of the present invention, in the process of transmitting the authentication response, the predetermined information is encrypted using information that only a legitimate VPN server can know, and the encrypted information is included in the authentication response. Configuration can be adopted.

  In the communication system, the terminal device, the program, and the communication method of the present invention, the network to which the terminal device is connected is determined based on whether or not the VPN server (server device) is determined to be a regular server. When it is determined that it is a server, it is determined that the connected network is a network to which the terminal device is to be connected, and communication with the connected network is permitted by the firewall means. In this way, when it is confirmed that the network to which the terminal device is connected is the network to be connected, the terminal device is allowed to communicate with other devices in the connected network. It is possible to prevent a situation in which information leaks from the terminal device outside the network to be connected.

  The VPN server and the program of the present invention transmit an authentication response to an authentication request from a terminal device connected to the internal network side, and the internal network to which the terminal device is connected is authorized to the terminal device. Ensure that the VPN server is connected to the network. In this way, the terminal device side can confirm that the connected network is a network in which a regular VPN server exists, that is, a network to be connected, and then starts communication with the connected network. Thus, communication can be performed with other devices in the network that have been confirmed to be connected.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. FIG. 1 shows the configuration of a VPN automatic connection system according to the first embodiment of the present invention. The VPN automatic connection system 10 includes a VPN server 100 that realizes VPN communication and a mobile terminal 200. The VPN server 100 is configured as a computer system such as a workstation or a personal computer, and the mobile terminal 200 is configured as a notebook PC or a portable terminal device, for example. The VPN server 100 is connected to an internal network 400 to be managed by the system and an external network 401. An internal network is a network managed by a certain organization, for example, a company, and isolated from the outside. The external network is, for example, the Internet. In addition to the VPN server 100, an internal device 300 such as a printer, a DHCP server, other various servers, and a PC is connected to the internal network 400.

  The mobile terminal 200 includes a VPN server search unit 201, a VPN server authentication unit 202, a VPN connection unit 203, a firewall function 204, a communication unit 205, and a communication concealment unit 206. Further, it has a function of operating the application 207. The firewall function 204 has a function of restricting whether communication is possible by a destination address or a port number. The communication unit 205 has a function of connecting to a network and actually communicating with other devices connected to the network, such as the VPN server 100 and the internal device 300. The communication hiding unit 206 has a function of providing an interface for the application 207 to use a communication function. For example, taking a PC as an example, the communication unit 205 corresponds to an Ethernet card or the like, and the communication concealment unit 206 corresponds to a communication function of the OS. The application 207 is an application that operates using a function on the mobile terminal 200, and communicates with a device connected to the network through the communication concealment unit 206.

  The VPN server searching unit 201 searches for whether the VPN server 100 is connected to the network (LAN) to which the mobile terminal 200 is connected. For example, the VPN server searching unit 201 transmits a server search message in the LAN, and determines whether the VPN server 100 exists in the LAN based on the presence / absence of a response from the VPN server 100 to the message. The VPN server authentication unit 202 transmits an authentication request message to the VPN server 100 discovered by the VPN server search unit 201. When the VPN server authenticating unit 202 receives a response to the transmitted message, the VPN server authenticating unit 202 checks the content of the message and confirms that the response is made from a normal VPN server and that the VPN server information included in the response is normal. Check.

  The VPN connection unit 203 has a function of connecting to the internal network 400 via the VPN server 100 when the mobile terminal 200 is taken out and connected to the external network 401. Specifically, the VPN connection unit 203 connects to the VPN server 100, generates a tunnel that relays communication between the mobile terminal 200 and the internal network 400, and registers the generated tunnel in the communication concealment unit 206. The application 207 can be used in place of the normal communication unit 205.

  The VPN server 100 includes an authentication response unit 101, a communication relay unit 102, a search response unit 103, an external connection unit 104, and an internal connection unit 105. When the search response unit 103 receives a server search message issued by the VPN server search unit 201 of the mobile terminal 200, the search response unit 103 has a function of transmitting a response message including information indicating that it is a VPN server to the mobile terminal 200. The authentication response unit 101 provides the mobile terminal 200 with a function that ensures the identity of the VPN server 100. Specifically, when the authentication response unit 101 receives an authentication request message from the VPN server authentication unit 202 of the mobile terminal 200, the authentication response unit 101 preliminarily encrypts the VPN server 100 encrypted in a format that cannot be created by the VPN server 100. A response message including the set VPN server information is returned to the VPN server authentication unit 202. The communication relay unit 102 relays between the external connection unit 104 and the internal connection unit 105, and communicates between the mobile terminal 200 connected to the external network 401 and the mobile terminal 200 or the internal device 300 connected to the internal network 400. It has a function to relay.

  FIG. 2 shows an operation procedure of the VPN automatic connection system. The mobile terminal 200 checks the state of the communication unit 205 and checks whether it is connected to the network (step A01). When not connected to the network, the state of the communication unit 205 is continuously investigated. When connected to the network, preparation for communication with the network is performed by acquiring an IP address from the network by DHCP or the like. The firewall function 204 prohibits communication other than the communication for searching for the VPN server after connecting to the network (step A02).

  The VPN server search unit 201 transmits a VPN server search message to the network through the communication unit 205, and waits for a response message from the VPN server 100 (step A03). When the VPN server 100 exists in the same network, the search response unit 103 of the VPN server returns a response message. The VPN server searching unit 201 determines whether the VPN server 100 exists in the same network based on the presence / absence of a response message from the VPN server 100 (step A04). In step A04, when receiving the response message from the VPN server 100, the VPN server searching unit 201 determines that the VPN server 100 is installed in the same network. If a response message from the VPN server 100 cannot be received within a predetermined time, it is determined that the VPN server 100 is not installed in the same network.

  If it is determined in step A04 that the VPN server 100 exists in the same network, the VPN server authentication unit 202 transmits an authentication message to the VPN server 100 that has transmitted the response message (step A05). When the authentication response unit 101 of the VPN server 100 receives the authentication message from the mobile terminal 200, the authentication response unit 101 encrypts its own information based on the received message and the key of the VPN server itself, and stores the encrypted information. An authentication response message is transmitted to the VPN server authenticating unit 202. When receiving the authentication response message, the VPN server authenticating unit 202 decrypts the encrypted information included in the received authentication response message, and determines whether the VPN server 100 that has transmitted the authentication response message is a regular VPN server. Is determined (step A06).

  In step A06, if the encrypted information can be correctly decrypted and the content correctly matches the encryption method, it is determined that the VPN server 100 that has transmitted the authentication response message is a legitimate VPN server. . If the VPN server authenticating unit 202 determines that the VPN server is a legitimate VPN server, it refers to the content of the message and determines whether the installation location of the VPN server 100 matches the affiliated network set for the mobile terminal 200 in advance. Is determined (step A07). If it is determined in step A06 that the VPN server is a legitimate VPN server and it is determined in step A07 that the installation location of the VPN server 100 matches the network to which it belongs, the firewall function 204 permits all communications. (Step A08). If it is determined in step A06 that it is not a regular VPN server, or if it is determined in step A07 that the network does not match, the firewall function 204 prohibits all communications (step A14).

  If it is determined in step A04 that the VPN server 100 does not exist in the connected network, a remote connection is attempted to the VPN server 100 in the affiliated network set in advance. In this process, first, the firewall function 204 permits only the VPN connection unit 203 to communicate with the external connection unit 104 of the VPN server 100 connected to the affiliated network, and prohibits other communication (step A09). Next, the VPN connection unit 203 attempts to communicate with the VPN server 100 through a public network such as the Internet (external network 401 in FIG. 1) (step A10). It is assumed that information for connecting to the VPN server 100 connected to the affiliated network, for example, information such as an IP address in the case of the Internet, is set in the mobile terminal 200 in advance.

  The mobile terminal 200 determines whether or not it can connect to the VPN server 100 of the network to which it belongs (step A11). If the connection is successful, authentication is performed, and if the authentication is successful, a virtual communication path (relay tunnel communication path) is generated between the VPN connection unit 203 and the communication relay unit 102 of the VPN server 100, The communication concealment unit 206 can be used (step A12). Thereafter, the firewall function 204 enables communication only through the virtual communication path (step A13). The application 207 communicates with other mobile terminals 200 and internal devices 300 connected to the affiliated network (internal network 400 in FIG. 1) through a virtual communication path. If it is determined in step A11 that connection to the VPN server 100 of the affiliated network cannot be established, the process proceeds to step A14, where all communications are prohibited by the firewall function 204.

  In the present embodiment, the mobile terminal 200 performs authentication with the VPN server 100 to determine whether the connected network matches the belonging network, and the connected network is the belonging network (internal network 400). ), The firewall function 204 permits the application 207 to communicate with the network. When the connected network is not an affiliated network, it connects to the VPN server 100 installed on the affiliated network through the external network 401 and tries to connect to the affiliated network using a virtual communication path. When this connection is successful, only communication with the virtual communication path is permitted by the firewall function 204, and when communication fails, all communication is prohibited by the firewall function 204. As described above, by executing communication filtering according to the connected network by the firewall function 204, it is possible to realize a state in which only communication with the device in the affiliated network is permitted for the mobile terminal 200, Information leakage can be prevented by communicating with devices outside the network.

  Further, in the present embodiment, when the VPN server 100 exists in the network to which the mobile terminal 200 is connected, the VPN server 100 is legitimate and the installation location is determined using an encryption technique. After confirming that the network is an affiliated network and confirming that the connected network is an affiliated network, the application 207 is permitted to communicate. By doing so, it is possible to prevent a network other than the affiliated network from being misrepresented as an affiliated network, and information leakage can be prevented.

  Hereinafter, description will be made using examples. FIG. 3 shows the configuration of the VPN automatic connection system of the first embodiment. The notebook PC 510, VPN server 530, server 540, and printer 550 are connected to the switch 560. The switch 560 implements a network A corresponding to the internal network 400 in FIG. The notebook PC 510 corresponds to the mobile terminal 200 in FIG. 1, and the VPN server 530 corresponds to the VPN server 100 in FIG. The server 540 and the printer 550 correspond to the internal device 300 in FIG.

  On the VPN server 530, VPN server software 531 is operating. The VPN server software 531 implements an authentication response function, a search response function, and a communication relay function corresponding to the authentication response unit 101, the communication relay unit 102, and the search response unit 103 in FIG. The VPN server 530 has two Ethernet terminals, one of which (corresponding to the internal connection unit 105 in FIG. 1) is connected to the network A, which is an internal network, and the other (corresponding to the external connection unit 104) is an external network. Is connected to the Internet 570. The VPN server software 531 opens a port for providing a search response function on the Ether terminal side connected to the internal network.

  A plurality of notebook PCs exist in the system as mobile terminals. The notebook PC 510 is a notebook PC connected to the network A that is an internal network. The notebook PC 520 is a notebook PC that is taken outside and directly connected to the Internet 570. The notebook PCs 510 and 520 include VPN client software 511 and 521, applications A 512 and 522, and applications B 513 and 523. The notebook PCs 510 and 520 do not have a fixed address as an IP address assigned to them, but automatically obtain them from a DHCP server installed in the connected network.

  The VPN client software 511, 521 includes a VPN server search function, VPN server authentication function, VPN connection function corresponding to the VPN server search unit 201, VPN server authentication unit 202, VPN connection unit 203, and firewall function 204 of FIG. And has a firewall function. The firewall function of the VPN client software 511, 521 permits only DHCP communication at the time of network initialization. After acquiring the IP address by DHCP, DHCP communication is also prohibited, and only communication used by the VPN server search function is permitted.

  When the network becomes available, the VPN client software 511 and 521 transmits a VPN server search message to all devices connected to the network using broadcast. Even if a device other than the VPN server 530 in the network receives the VPN server search message, it ignores this message and does nothing in particular. When the VPN server 530 receives the VPN server search message from the internal network side, the VPN server 530 transmits the search response message to the issuer of the received message by the search response function of the VPN server software 531.

  Since the notebook PC 510 is connected to the network A, it receives a search response message from the VPN server 530 in response to the transmitted VPN server search message. Upon receiving the search response message, the VPN client software 511 of the notebook PC 510 transmits an authentication message to the response message issuer by the VPN server authentication function. This authentication message includes a randomly generated numerical value. When the VPN server software 531 receives the authentication message, the VPN server software 531 encrypts the numerical value included in the received authentication message using the unique ID of the network to which the VPN server software 531 belongs, and converts the encrypted information into an authentication response. The VPN client software 511 is notified as a message.

  The VPN client software 511 decrypts the encrypted information included in the authentication response message using the unique ID of the network to which the VPN client software 511 belongs. If the decrypted numerical value matches the numerical value transmitted as the authentication message, it can be determined that the VPN server 530 that transmitted the authentication response message is genuine and connected to the network to which the notebook PC belongs. This means that the network to which the notebook PC is connected is the network to which the notebook PC belongs, that is, the internal network. In this case, there is no need for VPN connection, and the firewall function of the VPN client software 511 permits all communications. As a result, the application A 512 and the application B 513 operating on the notebook PC 510 can communicate with other devices connected to the network, that is, the server 540 and the printer 550 in FIG.

  On the other hand, since the VPN server 530 cannot receive the search request message, the notebook PC 520 connected to the Internet 570 does not receive the search response message. If the search response message cannot be received, the notebook PC is connected to an external network outside the affiliated network where the VPN server does not exist, so the VPN server of the affiliated network is accessed, and via the VPN server, You need to connect to your network. The VPN client software 521 of the notebook PC 520 attempts to connect directly to the VPN server 530 of the affiliated network using information such as a preset address. Specifically, the VPN connection function of the VPN client software 521 communicates with the address “252.32.10.100” of the VPN server 530 set in advance through the NAT server.

  When there is a response from the VPN server 530, the VPN client software 521 authenticates the VPN server in the same manner as described above. That is, a random numerical value is sent, and the response to that is decrypted with the unique ID of the belonging network, and it is confirmed that it matches the sent numerical value. After confirming that they match, the VPN client software 521 creates a virtual communication path with the VPN server 530 by the VPN connection function. The VPN connection function registers the created virtual communication path as a network communication device with respect to the OS.

  When the virtual communication path is created / registered, the firewall permits communication only on the virtual communication path. As a result, the application A 522 and the application B 523 that operate on the notebook PC 520 can only communicate using the virtual communication path, access a server existing on the Internet 570 through the NAT, and other devices connected to the Internet 570. Data cannot be exchanged with devices connected in the LAN. In this way, it is possible to prevent information leakage from occurring when the notebook PC 520 connected to the Internet 570 communicates with a device outside the affiliated network.

  As a result of authentication of the VPN server, when it is determined that the VPN server is not a regular VPN server, or when it is determined that the LAN to which the VPN server belongs is different from the LAN to which the notebook PC belongs, the VPN client software 521 All communication is prohibited by the firewall function. In this case, the application A 522 and the application B 523 that operate on the notebook PC 520 cannot communicate with the outside, thereby preventing information leakage.

  FIG. 4 shows the configuration of a VPN automatic connection system according to the second embodiment of the present invention. The VPN automatic connection system 10a of this embodiment includes a plurality of VPN servers 100. Each VPN server 100 is connected to the respective internal networks 400 and 402. In this embodiment, the mobile terminal 200 communicates with the VPN server 100 connected to the affiliated network via the VPN server 100 connected to a network different from the affiliated network. Communication with the internal device 300 is realized.

  In this embodiment, the authentication response unit 101 of the VPN server encrypts information included in the authentication request message with an encryption key common to the system and includes the information in the authentication response message. In addition, information for specifying the installation location of the VPN server 100 is included in the authentication response message. Whether the VPN server authenticating unit 202 is a legitimate VPN server depending on whether or not the encrypted information of the authentication response message received from the authentication responding unit 101 is solved using a common encryption key in the system and correctly Judge whether or not. The VPN server authentication unit 202 stores information for specifying the network to which the mobile terminal 200 belongs, and compares the information with the installation location of the VPN server 100 included in the authentication response message. Then, it is determined whether or not the network to which the VPN server 100 is connected matches the network to which the mobile terminal 200 belongs.

  For example, when the VPN server authentication unit 202 can resolve the encrypted information included in the authentication response message using the encryption key common to the system, the VPN server 100 that has transmitted the authentication response message Judged to be a regular VPN server. If it cannot be solved correctly, it is determined that it is not a regular VPN server. Also, when it is determined that the VPN server is a legitimate VPN server, the information specifying the location of the VPN server included in the authentication response message is compared with the information specifying the network to which the mobile terminal 200 belongs. Determines that the VPN server is a legitimate and belonging network VPN server. When the information specifying the location of the VPN server and the information specifying the network to which the mobile terminal 200 belongs do not match, it is determined that the VPN server is not a VPN server of the belonging network.

  FIG. 5 shows an operation procedure of the VPN automatic connection system 10a of this embodiment. The procedure from network connection to VPN server search is the same as the procedure from steps A01 to A04 shown in FIG. 2 (steps B01 to B04). The operation after determining that the VPN server has been found in step B04 is the same as the operation procedure from step A09 to step A13 in FIG. 2 (steps B09 to B13). If it is determined in step B04 that the VPN server 100 has been found, an authentication request message is issued to the discovered VPN server 100 and the VPN server for the authentication request message is issued, as in steps A05 and A06 in FIG. 100 response messages are received, and it is determined whether or not the VPN server 100 that transmitted the response message is a legitimate VPN server (steps B05 and B06).

  In this embodiment, the authentication response unit 101 of the VPN server 100 encrypts information included in the authentication request message from the mobile terminal 200 using an encryption key common to the system, and the encrypted information and the VPN server 100. An authentication response message including information for specifying the network to which is connected is transmitted to the mobile terminal 200. In step B06, the VPN server authenticating unit 202 of the mobile terminal 200 decrypts the received response message using an encryption key common to the system, and determines whether or not the information transmitted as the authentication request message has been correctly decrypted. . If the decryption fails, it is determined that the VPN server is not a legitimate VPN server, and all communications are prohibited by the firewall function 204 (step B14).

  When it is determined in step B06 that the VPN server is a legitimate VPN server, the VPN server authenticating unit 202 refers to the information for specifying the network to which the VPN server is connected included in the authentication response message, and the connected network is the network to which the affiliated network belongs. It is determined whether or not (step B07). If it is determined that the connected network is a belonging network, the firewall function 204 permits all communication (step B08), and the application 207 in the mobile terminal 200 is connected to the network. Communication with the device 300 is permitted.

  If it is determined in step B07 that the VPN server 100 is not installed in the network to which the mobile terminal 200 belongs, first, the mobile terminal 200 is connected by the VPN connection unit 203 by the firewall function 204. Only communication with the internal connection unit 105 of the VPN server 100 existing on the network is permitted, and other communication is prohibited (step B15). Next, the VPN connection unit 203 connects to the VPN server 100 existing on the connected network and determines whether or not the connection has been made correctly (steps B16 and B17). If the connection is successful, a virtual communication path is generated between the VPN connection unit 203 and the communication relay unit 102 of the VPN server 100 (step B18), and this virtual communication path is used from the communication concealment unit 206. Make it possible. If the connection fails, the process proceeds to step B14 and all communication is prohibited by the firewall function 204.

  When the mobile terminal 200 generates a virtual communication path with the VPN server 100 on the connected network, the mobile terminal 200 communicates with the VPN server 100 on the connected network by the communication relay unit 102 and the VPN server 100 on the affiliated network. An instruction to generate a virtual communication path is given to the communication relay unit 102 (step B19). When a virtual communication path is generated between the VPN server 100 on the connection network and the VPN server 100 on the affiliated network, the firewall function 204 generates the virtual communication generated with the VPN server on the connection network. Only communication with the road is permitted (step B20). Thereby, an application operating on the mobile terminal 200 can communicate with the internal device 300 in the affiliated network via the VPN server 100 on the connected network and the VPN server 100 on the affiliated network. it can.

  In this embodiment, the determination of the installation location of the VPN server 100, that is, the determination of which network the mobile terminal 200 is connected to is performed through authentication of the VPN server 100. In this way, even when there are a plurality of networks to which the mobile terminal 200 is connected, it is possible to correctly identify the plurality of networks. By appropriately setting the firewall function 204 according to the connected networks, Only communication with devices in the network can be permitted, and information leakage can be prevented. Other effects are the same as those of the first embodiment.

  Hereinafter, description will be made using examples. FIG. 6 shows the configuration of the VPN automatic connection system of the second embodiment. In the present embodiment, there are two independent networks connected to the Internet 570 via a VPN server. That is, the network A in which the notebook PC 510, the VPN server 530, the server 540, and the printer 550 are connected by the switch 560, and the network B in which the notebook PC 520, the VPN server 630, the server 640, and the printer 650 are connected by the switch 660. And exist.

  The notebook PC corresponds to the mobile terminal 200 in FIG. 4 and is connected to any network or the Internet 570 directly or via NAT or the like. The notebook PC uses any one of the networks having the VPN server as a belonging network. In this embodiment, it is assumed that the networks to which the notebook PCs 510 and 520 belong are both the network A. The notebook PCs 510 and 520 have a network ID “ida” unique to the network A, which is the belonging network, as belonging network information.

  Consider a case where the notebook PC 510 is connected to the network A. The operation in this case is the same as that in the first embodiment when the notebook PC 510 is connected to the network A, which is the network to which it belongs. In other words, the VPN client software 511 of the notebook PC 510 sends a VPN server search message to the connected network, receives the search message for the search message, and discovers the VPN server 530 existing on the connected network A. To do. Thereafter, the notebook PC 510 transmits an authentication request message including a randomly generated numerical value to the discovered VPN server 530.

  The VPN server 530 encrypts information including a numerical value included in the authentication request message and an ID “ida” indicating its installation location using an encryption key common to the system, and the encrypted information is an authentication response message. And transmitted to the notebook PC 510. The notebook PC 510 decrypts the authentication response message using an encryption key common to the system, confirms that the numerical value included in the authentication response message matches the numerical value included in the authentication request message, and the VPN server 530. Is a legitimate VPN server.

  When the notebook PC 510 confirms that it is a legitimate VPN server, it refers to the location ID of the VPN server 530 included in the authentication response message, and whether the network to which the VPN server 530 is connected matches the network to which it belongs. Judge whether or not. The location ID of the VPN server 530 included in the authentication response message is “ida”, which matches the ID “ida” of the network to which the notebook PC 510 belongs, so that the notebook PC 510 has the VPN server 530 on the network to which it belongs. It is determined that it is a VPN server existing in.

  The VPN server 530 existing on the network to which the notebook PC 510 is connected is a regular VPN server, and the network to which the VPN server 530 is connected is a network to which the notebook PC 510 is connected. It means that it is an affiliated network. Since there is no need to prohibit communication within the network A, the firewall permits all communication. Therefore, the applications 512 and 513 operating on the notebook PC 510 can communicate with internal devices in the network A such as the printer 530 and the server 550. The operation when the notebook PC 510 is connected to the network without the VPN server is the same as the operation when the notebook PC 520 is directly connected to the Internet 570 in the first embodiment.

  Consider a case where a notebook PC 520 whose network is the network A is connected to the network B. In this case, after the network connection, the VPN server 630 is discovered as a VPN server existing on the connection network. When the authentication request message is transmitted to the VPN server 630, the VPN server 630 uses the encryption key common to the system as the information including the numerical value included in the authentication request message and the ID “idb” indicating its installation location. The encrypted information is included in the authentication response message and transmitted to the notebook PC 520.

  The notebook PC 520 first decrypts the authentication response message using a common encryption key for the system, and confirms that the numerical value included in the authentication response message matches the numerical value included in the authentication request message. Confirm that the server 630 is a legitimate VPN server. Next, referring to the installation location ID of the VPN server 630 included in the authentication response message, the installation location ID is “idb”, which does not match the ID “ida” of the network to which the notebook PC 520 belongs. The VPN server 630 determines that it is a VPN server that exists on a network other than the network to which it belongs.

  The notebook PC 520 makes a VPN connection to the network A via the VPN server 630 on the network B when the VPN server 630 is a regular VPN server but the installation location does not match the network to which the notebook PC 520 belongs. In this process, the notebook PC 520 first issues a VPN connection request to the discovered VPN server 630 on the network B, and creates a virtual communication path with the VPN server 630. Thereafter, the VPN server 630 is requested to connect to the belonging server, that is, the VPN server 530 on the network A. The VPN server 630 generates a virtual communication path with the VPN server 530 on the network A according to this request.

  When a virtual communication path is generated between the notebook PC 520 and the VPN server 630 and a virtual communication path is generated between the VPN server 630 and the VPN server 530 on the network A, the VPN client software 521 of the notebook PC 520 is generated. Configures the firewall to allow only communication from the notebook PC 520 to the VPN server 630 on the network B. Communication packets issued by the applications 522 and 523 are sent to internal devices such as the server 540 and the printer 550 in the network A through the VPN server 630 on the network B and the VPN server 530 on the network A. At this time, since the notebook PC 520 is allowed to communicate only with the virtual communication path with the VPN server 630, communication with devices other than the VPN server 630, such as the server 640 and the printer 650 installed in the network B, It is forbidden.

  As mentioned above, although this invention was demonstrated based on the suitable embodiment, the communication system of this invention, a terminal device, a VPN server, a program, and a communication method are not limited only to the said embodiment, The above-mentioned What changed and changed variously from the structure of embodiment is also contained in the scope of the present invention.

  INDUSTRIAL APPLICABILITY The present invention can be applied to uses such as an information leakage prevention system that prevents leakage of information through a network from a terminal such as a notebook PC taken outside in a company or organization. Moreover, even when the mobile terminal is taken out to the home or brought into a partner company, it can be applied to an environment portability system for working in the same environment as in the office.

The block diagram which shows the structure of the VPN automatic connection system of 1st Embodiment of this invention. The flowchart which shows the operation | movement procedure of a VPN automatic connection system. The block diagram which shows the structure of the VPN automatic connection system of 1st Example. The block diagram which shows the structure of the VPN automatic connection system of 2nd Embodiment of this invention. The flowchart which shows the operation | movement procedure of the VPN automatic connection system of 2nd Embodiment. The block diagram which shows the structure of the VPN automatic connection system of 2nd Example.

Explanation of symbols

10: VPN automatic connection system 100: VPN server 101: authentication response unit 102: communication relay unit 103: search response unit 104: external connection unit 105: internal connection unit 200: mobile terminal 201: VPN server search unit 202: VPN server authentication Unit 203: VPN connection unit 204: firewall function 205: communication unit 206: communication concealment unit 207: application 300: internal device 400, 402: internal network 401: external network

Claims (30)

A communication system using a terminal device and a VPN server that provides a VPN (Virtual Private Network) function to the terminal device,
Server authentication means for performing authentication with a VPN server discovered on the network to which the terminal device is connected, and determining whether the discovered VPN server is a legitimate VPN server;
If the server authentication unit determines that the server is a legitimate VPN server, the terminal device is allowed to communicate with the connected network, and the server authentication unit determines that the server is not a legitimate VPN server. And a firewall means for prohibiting all communication between the terminal device and the connected network . Server search means for searching for a VPN server existing on the network to which the terminal device is connected ;
The server authentication means determines whether the VPN server discovered by the server search means is a regular VPN server,
The firewall means permits only communication used for searching for a VPN server before the server authentication means determines that the discovered VPN server is a legitimate VPN server, while the VPN server 2. The communication system according to claim 1 , wherein communication different from communication used for searching is prohibited . The server authentication means requests the discovered VPN server for authentication and receives an authentication response from the VPN server in response to the authentication request. Based on the received authentication response, the discovered VPN server communication system of the node 100 determines whether the VPN server, according to claim 1 or 2. The authentication response includes information obtained by encrypting predetermined information using information that only a legitimate VPN server can know, and the VPN server authentication means includes an encrypted response included in the authentication response. The communication system according to claim 3 , wherein when the information can be correctly solved by using information that only a legitimate VPN server can know, the discovered VPN server is judged to be a legitimate VPN server. The VPN server is connected to an external network and an internal network, and has a VPN function that enables a terminal device connected to the external network to communicate with a device connected to the internal network. provided, the communication system according to any one of claims 1-4. When the server search means transmits a server search message to the connected network and receives a search response message for the server search message, the server search means sends the search response message VPN server on the connected network. The communication system according to claim 2 , wherein the communication system is discovered as a VPN server existing in the network.   When the VPN server receives the server search message via the internal network, the VPN server includes a search response unit that transmits the search response message to a terminal device that is a transmission source of the server search message. The communication system described. If the server search means determines that a VPN server cannot be found on the connected network, a virtual communication path is generated with a VPN server existing on a network different from the connected network, and the generated virtual The communication system according to any one of claims 2, 6, and 7 , further comprising a VPN connection unit connected to an internal network to which the VPN server is connected using a communication path.   When the VPN connection unit determines that the server authentication unit is not a regular VPN server, the VPN connection unit accesses a VPN server existing on a network different from the connected network, and establishes a virtual communication path with the VPN server. The communication system according to claim 8, wherein the communication network is connected to the internal network to which the VPN server is connected using the generated virtual communication path.   If the VPN connection unit determines that the server authentication means is a regular VPN server, whether or not the regular VPN server is a VPN server existing on a network to which the terminal device is set in advance. If it is not a VPN server existing on the affiliated network, a virtual communication path is generated with the VPN server existing on the connected network, and the VPN server on the affiliated network is accessed. Then, a virtual communication path is generated between the VPN server on the affiliated network and the VPN server existing on the connected network, and the both created virtual communication paths are used to connect to the affiliated network. The communication system according to claim 8.   The said firewall means permits only communication using the virtual communication path generated between the VPN server and the terminal device, and prohibits other communications. The communication system according to 1. A terminal device used in a communication system including a VPN server that provides a VPN (Virtual Private Network) function to a terminal device,
Server authentication means for performing authentication with a VPN server discovered on the network to which the terminal device is connected, and determining whether the discovered VPN server is a legitimate VPN server;
If the server authentication unit determines that the server is a legitimate VPN server, the terminal device is allowed to communicate with the connected network, and the server authentication unit determines that the server is not a legitimate VPN server. Then, the terminal device comprises firewall means for prohibiting all communication between the terminal device and the connected network . Server search means for searching for a VPN server existing on the network to which the terminal device is connected ;
The server authentication means determines whether the VPN server discovered by the server search means is a regular VPN server,
The firewall means permits only communication used for searching for a VPN server before the server authentication means determines that the discovered VPN server is a legitimate VPN server, while the VPN server The terminal device according to claim 12 , wherein all communication different from the communication used for searching for the terminal is prohibited . The server authentication means requests the VPN server found on the connected network to be authenticated, and receives an authentication response from the VPN server in response to the authentication request. Based on the received authentication response, the server authentication means The terminal device according to claim 12 or 13, wherein the determined VPN server determines whether or not it is a regular VPN server. The authentication response includes information obtained by encrypting predetermined information using information that only a legitimate VPN server can know, and the VPN server authentication means includes an encrypted response included in the authentication response. The terminal device according to claim 14, wherein when the information can be correctly solved using information that only a legitimate VPN server knows, the discovered VPN server is determined to be a legitimate VPN server. When the server search means determines that there is no VPN server on the connected network, it generates a virtual communication path with a VPN server that exists on a different network from the connected network, and the generated virtual The terminal device according to claim 13 , further comprising a VPN connection unit that performs VPN communication with the VPN server using a communication path. If the VPN connection unit determines that the server authentication means is a regular VPN server, whether or not the regular VPN server is a VPN server existing on a network to which the terminal device is set in advance. If it is not a VPN server existing on the affiliated network, a virtual communication path is generated with the VPN server existing on the connected network, and the VPN server on the affiliated network is accessed. Then, a virtual communication path is generated between the VPN server on the affiliated network and the VPN server existing on the connected network, and the both created virtual communication paths are used to connect to the affiliated network. The terminal device according to claim 16 . The terminal device according to claim 16 or 17 , wherein the firewall means permits the terminal device only to communicate using the generated virtual communication path and prohibits other communication. A communication method using a server device and a terminal device having firewall means,
The terminal device requesting authentication to a server device discovered in a connected network;
The server device returning a response to the authentication request;
A step of determining whether or not the server device that has returned the response is a legitimate server device based on a response from the server device;
When the terminal device determines that the server device that has returned the response is a legitimate server device, the firewall means permits all communication between the terminal device and the network to which the terminal device is connected. the method comprising the steps of: instructed to,
If the terminal device determines that the server device that has returned the response is not a legitimate server device, the firewall means prohibits all communication between the terminal device and the network to which the terminal device is connected. And a step of instructing the communication method. Prior to requesting the authentication, the terminal device further have a step of searching for a server device present in the connected network,
The step of requesting authentication is a step of requesting authentication for the server device discovered in the step of searching for the server device,
In the step of determining whether or not the server is a legitimate server device, before determining that the discovered VPN server is a legitimate VPN server, the firewall means is used to search for a VPN server. while instructing to allow communication only for further have a step of instructing to prohibit all different communication from the communication used for the search of the VPN server,
The communication method according to claim 19 . The server device is connected to an external network and an internal network, and a VPN (Virtual Private Network) that enables a terminal device connected to the external network to communicate with a device connected to the internal network. The communication method according to claim 19 or 20 , which is a VPN server that provides a function. When the server device is not found in the connected network, the terminal device generates a virtual communication path with a server device that exists on a network different from the connected network, and the generated virtual communication path is Using to connect to the internal network to which the server device is connected;
The communication method according to claim 21 , further comprising: a step of instructing the firewall unit to permit only communication through the generated virtual communication path to the firewall unit. If the terminal device determines that the discovered server device is not a legitimate server device, the terminal device accesses a server device that exists on a network different from the connected network and generates a virtual communication path with the server device. Connecting to the internal network of the server device using the generated virtual communication path;
21. The communication method according to claim 20 , further comprising: a step of instructing the firewall unit to permit only communication using the generated virtual communication path. If the terminal device determines that the discovered server device is a legitimate server device and that the server device is not a server device connected to a network to which the terminal device is set in advance, the connection is established. Creating a virtual communication path with a server device existing in the network;
The terminal device accessing a server device existing in the affiliated network, and generating a virtual communication path between the server device of the affiliated network and the server device existing in the connected network;
The terminal device uses the generated virtual communication path to connect to the belonging network,
The communication method according to claim 20 , further comprising: a step of instructing the firewall unit to permit only communication using the generated virtual communication path. A program used in a communication system including a VPN server that provides a VPN (Virtual Private Network) function to a terminal device, the terminal device including:
A process of V PN server found on network to which the terminal device is connected to determine whether normal VPN server,
When it is determined that the VPN server is a regular VPN server, the terminal device is allowed to allow all communication with the connected network ;
When determining that the VPN server is not a regular VPN server, the program causes the terminal device to execute a process for prohibiting all communication with the connected network . Prior to the authentication process of the VPN server, the terminal device further executes a process of searching for a VPN server existing on the network to which the terminal device is connected ,
The process of determining whether or not the regular VPN server is a process of determining whether or not the VPN server discovered in the process of searching for the VPN server is a regular VPN server,
Before determining that the discovered VPN server is a legitimate VPN server in the process of judging whether or not it is a legitimate VPN server, communication used for searching the VPN server to the terminal device. while allowing only Ru is further executes a process of prohibiting all different communication from the communication used for the search of the VPN server,
26. The program according to claim 25 . The authentication process of the VPN server is
Processing for requesting authentication from a VPN server existing on the connected network;
Receiving an authentication response from the VPN server for the authentication request based on the authentication response thus received, the VPN server and a process of determining whether a legitimate VPN server, according to claim 25 or 26 The program described in. If it is determined in the process of searching for the VPN server that a VPN server cannot be found on the connected network, a virtual communication path is generated between the terminal device and a VPN server existing outside the connected network, 27. The program according to claim 26 , further executing a process of performing VPN communication with the VPN server using the generated virtual communication path. In the authentication process of the VPN server, if it is determined that the VPN server is a regular VPN server,
A process for determining whether or not the regular VPN server is a VPN server existing on a network belonging to the terminal device set in advance;
When it is determined that it is not a VPN server existing on the affiliated network, a virtual communication path is generated with the VPN server existing on the connected network, and the VPN server on the affiliated network is accessed, A process of generating a virtual communication path between a VPN server on the affiliated network and a VPN server existing on the connected network, and connecting to the affiliated network using both of the created virtual communication paths; The program according to any one of claims 25 to 27, which is executed. After generation of the virtual communication path, the computer, to the terminal device, and only allow communication using a virtual channel the generated, to execute a process of prohibiting the other communication, claim 28 or 29. The program according to 29 .

Images