JP6330445B2 - Communications system - Google Patents

Description

  The present invention relates to a wireless connection at an event such as a disaster.

  When a disaster occurs, a large-scale communication failure may occur. In such a case, a public communication network such as the Internet is effective as a means for collecting and transmitting information in the disaster area. However, the access point installed at the user's home is often set with a password to ensure security, and many people cannot use it as it is. Therefore, a method is known in which an access point belonging to a home LAN functions as a public wireless LAN access point during a disaster (for example, Patent Document 1).

JP 2013-106236 A

  The problem to be solved by the present invention is to secure the security in the network while releasing the connection to the public communication network by radio in the event of a disaster. This network is a network to which an access point that realizes a public wireless LAN at the time of disaster belongs, and is, for example, a home LAN or an in-house LAN. In the case of the above-mentioned prior art documents, there is a possibility that an unspecified user can access information in the network when the Internet connection is opened, which causes a problem in security. The above problem is not limited to when a disaster occurs, but is common to other events that may cause similar problems. In addition, downsizing of the apparatus, cost reduction, resource saving, ease of manufacture, improvement in usability, and the like have been desired.

  SUMMARY An advantage of some aspects of the invention is to solve at least a part of the problems described above, and the invention can be implemented as the following forms.

(1) According to an aspect of the present invention, a wireless connection device is provided. The wireless connection device includes a limited connection unit that forms a first network that is a wireless network limited by specific security information; and a wireless network for connecting the communication device to a public communication network when an event occurs. And a public connection unit that generates two networks separately from the first network. According to this aspect, the security in the first network can be secured by the specific security information while releasing the connection to the public communication network by radio when an event occurs.

(2) In the above aspect, the specific security information is specific encryption setting information in wireless LAN communication. According to this form, security can be ensured by encryption setting.

(3) In the above embodiment, the public connection unit uses an identifier different from the identifier of the first network as the identifier of the second network. According to this aspect, it is easy for the user who wants to use the second network to know that the connection by the public connection unit is possible.

(4) In the above embodiment, the public connection unit realizes isolation of the second network by a virtual LAN. According to this aspect, the operation of the public connection unit can be realized without using the server device.

(5) In the above aspect, the wireless connection device according to any one of 1 to 3 that communicates with a server device connected to the public communication network; the public connection unit is established with the server device The second network is isolated by the virtual private network. According to this aspect, the operation of the public connection unit can be realized without using a dedicated communication line.

(6) In the above embodiment, an inquiry unit is provided for inquiring of the server device whether or not an event has occurred; and when the reply from the server device indicates that an event has occurred The second network is generated. According to this aspect, it is not necessary for the wireless connection device to determine whether an event has occurred or for the user of the wireless connection device to determine.

(7) In the above aspect, the event is a disaster; the inquiry unit inquires whether or not the second network needs to be generated when a disaster occurs. According to this form, the second network can be generated at the time of a disaster.

(8) In the above aspect, the public connection unit generates the second network when the own device is located in the event occurrence area. According to this aspect, the wireless connection can be appropriately released.

(9) As another embodiment, a communication system including a wireless connection device belonging to a first network that is a wireless network limited by specific security information and a server device connected to a public communication network is provided. In this communication system, the wireless connection device isolates the second network, which is a wireless network for connecting the communication device to the public communication network via the server device, from the first network when an event occurs. Generate. According to this aspect, it is possible to ensure security in the first network while releasing a wireless public network connection when an event occurs.

(10) In the above aspect, the server device includes an instruction unit that instructs the wireless connection device to generate the second network when the event occurs. According to this aspect, it is not necessary for the wireless connection device to determine whether an event has occurred or for the user of the wireless connection device to determine.

(11) In the above embodiment, there are a plurality of the wireless connection devices; each of the plurality of wireless connection devices generates the second network with the same identifier. According to this aspect, a plurality of wireless connection devices can be opened to the public communication network with the same identifier.

(12) In the above aspect, the instruction unit issues the instruction to a predetermined one of the plurality of wireless connection devices. According to this aspect, it is possible to determine in advance a wireless connection device that executes wireless connection when an event occurs.

(13) In the above embodiment, there are a plurality of the server devices; the wireless connection device connects the communication device to the public communication network via any one of the plurality of server devices. According to this embodiment, redundancy can be achieved as compared with the case of one server device.

  The present invention can be realized in various forms other than the above. For example, it can be realized in the form of a wireless connection method, a program for realizing the method, a non-temporary storage medium storing the program, and the like. Alternatively, it can be realized as a server device.

The figure which shows a communication system and another communication apparatus. The block diagram which shows the structure of a server apparatus functionally. The block diagram which shows the structure of an access point functionally. The sequence diagram which shows an initial setting process. The sequence diagram which shows an open | release control process. The figure which shows a mode that the guest apparatus is wirelessly connected at the time of occurrence of an event. The sequence diagram which shows a closing process.

  FIG. 1 shows a communication system 20 and communication devices related to the communication system 20. The communication system 20 includes server devices 30a and 30b and access points 40a, 40b and 40c as wireless connection devices. The communication system 20 includes a communication device that forms a VPN (virtual private network) line (described later with reference to FIG. 4). Hereinafter, when the server devices 30a and 30b are not distinguished from each other, they are referred to as the server device 30. When the access points 40a, 40b and 40c are not distinguished from each other, they are referred to as the access points 40.

  As shown in FIG. 1, the access points 40a and 41, the gateway device 50, and the client devices CLa and CLb constitute a LAN 100. The LAN 100 is an in-house LAN installed in an office or the like. The LAN 100 may include other communication devices.

  Unlike the access point 40, the access point 41 is an access point that does not form a VPN line. However, there is no hardware difference between the access point 40 and the access point 41. The access point 41 is included in the communication system 20 as the access point 40 when a VPN line is formed by an initial setting process described later. The communication system 20 may include an access point (not shown) that does not have a function of forming a VPN line.

  The access points 40 b and 40 c belong to a LAN other than the LAN 100. These LANs are in-house LANs and home LANs. The guest device GS is a mobile communication terminal such as a smartphone. Since the guest device GS does not belong to the LAN 100, it cannot be wirelessly connected to the access points 40 and 41 during normal times. The term “normal” as used herein refers to a state where a phenomenon (hereinafter referred to as “event”) defined as a trigger for generating a public communication network has not occurred. The event in this embodiment is at least one of the occurrence of a disaster and the communication infrastructure setup in the conference hall. The disaster referred to here is a large-scale disaster caused by a natural phenomenon (such as an earthquake) or an artificial cause in an area including the position of the LAN 100. Such a disaster may cause a communication failure. The communication infrastructure setup in the conference hall is an infrastructure setup for providing a wireless LAN infrastructure connected to the Internet separated from the corporate network to participants (outsiders) of the conference using different SSIDs. .

  Access points 40a and 41 are connected to gateway device 50 via a wired cable. The gateway device 50 is a stationary communication device that functions as a router, and is connected to the Internet INT via a wired cable.

  Client devices CLa and CLb wirelessly connected to the access points 40a and 41 can connect to the Internet INT via the gateway device 50, and can transmit and receive data to and from each other.

  The server device 30 is a VPN server connected to the Internet INT. The server devices 30a and 30b are installed at locations separated from each other in order to reduce the probability that they cannot be used at the same time due to a cause such as a disaster.

  FIG. 2 is a block diagram functionally showing the configuration of the server device 30. The server device 30 includes a CPU 310, a RAM 330, a wired communication interface 350, and a hard disk 360. These components are connected to each other by a bus.

  CPU 310 controls server device 30 by executing a program stored in hard disk 360. The CPU 310 functions as an instruction unit 311 (described later together with FIG. 5) by executing an opening control process described later.

  A wired communication interface (I / F) 350 is connected to the Internet INT via a gateway device (not shown). The wired communication interface 350 includes a PHY / MAC controller and adjusts the waveform of the received signal, and extracts a MAC frame from the received signal.

  FIG. 3 is a block diagram functionally showing the configuration of the access point 40. The access point 40 includes a CPU 410, a RAM 430, a wireless communication interface 440, a wired communication interface 450, and a flash ROM 460. These components are connected to each other by a bus.

  The CPU 410 functions as the limited connection unit 411 by developing the program stored in the flash ROM 460 in the RAM 430 and executing it. The limited connection unit 411 uses the SSID for LAN to execute a wireless LAN connection in the LAN 100 regardless of whether it is a normal time or an event occurs. The SSID for LAN requires an encryption type and an encryption key for connection. As a result, the wireless network based on the SSID for LAN is isolated from the wireless network based on the SSID for event occurrence (described later).

  The CPU 410 functions as an inquiry unit 413 and a public connection unit 415 by executing an opening control process (FIG. 5) (described later with FIG. 5).

  The wireless communication interface 440 includes a transmission / reception circuit, and performs demodulation and generation of data received via an antenna, and generation and modulation of a radio wave transmitted via the antenna.

  The wired communication interface 450 is connected to the gateway device 50 through a wired cable. The wired communication interface 450 includes a PHY / MAC controller and adjusts the waveform of the received signal, and extracts a MAC frame from the received signal.

  FIG. 4 is a sequence diagram showing the initial setting process. This process is executed in normal time to form a VPN line. That is, it is a process executed in normal time in order to change the access point 41 to the access point 40 and to function as an access point of the public wireless LAN when an event occurs.

  First, the administrator of the LAN 100 inputs setting information to the access point 41 (step S511). The setting information is the IP address, ID and password of at least one of the server devices 30, and the position information of the access point 41. If the access point 41 registers the IP addresses of the server device 30a and the server device 30b, redundancy can be increased when one of the server devices 30 cannot be connected. For example, when the VPN connection to one side fails, the VPN connection to the other may be controlled autonomously.

  The location information of the access point 41 is at least one piece of information such as an address, a zip code, and latitude / longitude. Since the location information is used to determine whether the access point 40 is located in an area where a public wireless network should be generated due to the event (hereinafter referred to as “event occurrence area”) when the event occurs. Information that can specify a certain range may be used. The above input is executed using a client device (for example, client device CLa) wirelessly connected to the access point 41. The at least one server device 30 is selected by the administrator of the LAN 100 from the plurality of server devices 30. It is preferable that the server device 30 to be selected has a low possibility that the server device 30 and the access point 40 cannot be used at the same time due to a disaster or the like after the VPN line is constructed. To reduce this possibility, it is possible to consider the type of disaster that can be assumed. For example, in the case of an earthquake, it is conceivable to select the server device 30 that is far from the access point 40 or the server device 30 in an area where the earthquake hardly occurs. If it is a tsunami, it is conceivable to select the server device 30 located on a hill.

  The access point 41 to which the setting information is input is preferably selected by the administrator as an access point suitable for a public wireless LAN that functions in a disaster. Access points suitable for public wireless LANs that function in the event of a disaster include, for example, those installed on the first floor, those installed near roads, those installed in public facilities, and a wide range of radio waves Examples include conditions that are easy to reach. The range in which radio waves reach depends on, for example, the shape of the surrounding building.

  When the above information is input, the access point 41 transmits registration information to the server device 30 (step S524). The registration information is the ID, password, and location information of the access point 41. This position information is input in step S511.

  The server device 30 stores the received registration information (step S533). Subsequently, the server device 30 uses the stored registration information to construct a VPN line together with the access point 41 that is the transmission source of the registration information (step S540). When building a VPN line, as is known, exchange of encryption keys and the like are performed.

  L2TP (Layer 2 Tunneling Protocol) is used for forming the VPN line in the present embodiment. According to L2TP, communication by tunneling is executed. On the other hand, L2TP itself does not provide confidentiality or strong authentication by encryption. However, since the VPN line in the present embodiment is for the guest device GS to connect to the Internet, generally, confidentiality by encryption is not required.

  Even after the VPN line is constructed as described above, the access point 40 is connected by a normal line without using the VPN line in the case of a client apparatus (for example, the client apparatus CLa) connected using the SSID for LAN. . As will be described later, the guest device GS that connects to the Internet by VPN connection connects to the SSID for event occurrence without wireless security. As will be described later, the access points 40 and 41 can support multi-SSID, and in addition to the normal SSID for LAN, when an event occurs, an SSID for event occurrence is generated.

  The communication system 20 is constructed by causing each of the plurality of access points 41 to execute the initial setting process.

  FIG. 5 is a sequence diagram showing the opening control process. The opening control process is a process for realizing a public wireless LAN when an event occurs. The opening control process is started by the access point 40 when the VPN line is constructed by the initial setting process.

  First, the inquiry unit 413 of the access point 40 inquires whether an event has occurred (step S614). The reference destination is the server device 30 that is the partner of the VPN line.

  Inquired server device 30 returns information indicating that it is normal time to access point 40 when it is normal time (step S623). Here, normal time means that no event has occurred at the location of the access point 40 as the inquiry source. If the server device 30 does not input information indicating that an event has occurred at the location of the access point 40 as the inquiry source, the server device 30 regards it as normal.

  When the self-device receives information indicating that it is normal, the inquiry unit 413 makes the same inquiry again at a predetermined interval (step S614). Thus, if the information indicating that an event has occurred at the position of the access point 40 has not been input to the server device 30, the above inquiry and reply are repeated.

  When the event occurs, the administrator of the server device 30 inputs the occurrence location information to the server device 30 (step S639). The location information is information that can identify the area where the event occurs. Specifically, it is information for specifying an administrative district such as a postal code or a telephone number. In addition, a range specified by latitude and longitude may be used. Further, position information by GPS acquired by a mobile communication terminal (not shown) held by an administrator or the like is notified to an application operating on the server device 30 via an interface such as a wireless LAN, Bluetooth (registered trademark), or NFC. good. In this case, the area where the public communication network should be generated can be automatically input and specified easily and accurately, without the administrator manually inputting the location information.

  The instruction unit 311 of the server device 30 to which the occurrence location information is input instructs the access point 40 to generate an SSID for event occurrence (step S643). Specifically, the SSID name to be generated is specified, and an instruction to generate the SSID is transmitted. In this case, encryption setting is not necessary. The access point 40 serving as a transmission destination is located in the event occurrence area among the access points 40 in which the VPN line is constructed. That is, the server device 30 identifies the access point 40 located in the event occurrence area by matching the input occurrence location information with the registration information stored in the hard disk 360, and gives the above instruction to the identified access point 40. To do. In addition, when encryption is required for the newly generated SSID, the encryption type and the encryption key may be transmitted in accordance with the generated SSID. If encryption is not required, the encryption type area may be transmitted as Null data.

  The server device 30 converts the position information included in the registration information so that it can be compared with the location information as necessary. For example, the postal code and the telephone number are converted into administrative district names so that the postal code and the telephone number can be compared. This conversion is carried out within a identifiable range (such as □□ city in XX prefecture) for each postal code and telephone number. The event occurrence SSID is the same as that used by any access point 40.

  The access point 40 that has received the SSID for event occurrence activates the received SSID for event occurrence (step S654). That is, the public connection unit 415 newly generates an SSID of the received name for the wireless communication interface 440 and activates the access point process in the infrastructure mode defined in IEEE 802.11 for the corresponding SSID. When the access point process is activated, a beacon with a newly generated SSID is generated.

  The guest device GS located in a range where wireless communication can be performed with the access point 40 that has opened the event occurrence SSID requests the access point 40 to establish a wireless connection using the event occurrence SSID (step S661). ). In this wireless connection, since the SSID is not encrypted, when the wireless communication apparatus associates with the SSID, an encryption type and an encryption key are not required, and connection without encryption is possible. This wireless connection request is executed based on an instruction from the user of the guest device GS. The user of the guest device GS can know through the setting screen of the guest device GS that the wireless connection by the SSID for event occurrence is possible. That is, in the wireless LAN access point connection application of the wireless terminal, since the SSID is displayed as one of the SSIDs as a list of connectable access points, the user must confirm that the event occurrence SSID is valid. I can know. It is assumed in advance that the public wireless LAN can be used according to the event occurrence SSID.

  The public connection unit 415 of the access point 40 establishes a wireless connection with the guest device GS that has requested a wireless connection using the event occurrence SSID (step S674). This establishment is performed using the method of the infrastructure mode station disclosed in the IEEE 802.11 standard connecting to the access point.

  FIG. 6 shows how the guest device GS is wirelessly connected when an event occurs. The access point 40a connects to the Internet INT using a VPN line when wirelessly connecting using the SSID for event occurrence. Therefore, the guest device GS is connected to the Internet INT through the VPN line.

  As described above, in connection using a VPN line, communication by tunneling is executed. Therefore, the guest device GS is virtually isolated from the client devices CLa and CLb. That is, the guest device GS cannot access the client device CLa via the access point 40a, or access the client device CLb via the access point 40a, the gateway device 50, and the access point 41. As a result, information in the LAN 100 is kept secret from the guest device GS.

  As shown in FIG. 5, after the wireless connection is established, the closing process is executed. FIG. 7 is a sequence diagram illustrating the closing process.

  First, the access point 40 inquires of the server device 30 whether or not the event has converged (step S714). If the convergence information corresponding to the position of the inquiry source access point 40 is not input to the inquired server device 30, or if the event continues to occur, the access point 40 indicates that the event has not converged. (Step S723). The convergence information is information indicating the area where the event has converged.

  When the own device receives information indicating that the event has not converged, the public connection unit 415 of the access point 40 continues to release the SSID for event occurrence. In this case, the guest device GS can continue to use the Internet connection (step S731).

  When the access point 40 receives the information indicating that the event has not converged, the access point 40 inquires about the convergence again after a predetermined interval while continuing to release the SSID for event occurrence (step S714). In this way, the access point 40 implements a public wireless LAN until it acquires information that the event has converged at the position of the access point 40.

  When the administrator of the server apparatus 30 determines that the event occurrence SSID should be closed in at least some of the areas, the convergence information indicating the area is input to the server apparatus 30 (step S749). The server device 30 to which the convergence information has been input transmits an SSID name to be closed and an instruction to close the SSID to the access point 40 located in the area indicated by the convergence information (step S753).

  The access point 40 that has received the close instruction closes the SSID for event occurrence. Specifically, the access point 40 stops the wireless LAN access point function using the SSID for event occurrence (step S763) and disconnects the wireless connection with the guest device GS (step S773). In this way, the access point 40 closes the public wireless LAN when the event converges in an area including the position of the own device.

According to the above embodiment, at least the following effects can be obtained.
(A) Since it is only necessary for the administrator of the server device 30 to determine whether or not to implement a public wireless LAN, a person in the event occurrence area does not have to determine.
(B) A new public wireless LAN network can be generated in isolation from information by the already installed LAN 100.
(C) Furthermore, by making the plurality of access points 40 located in the event occurrence area use the same SSID, a public wireless LAN can be provided to an appropriate range required. Further, even when an access point that cannot be operated occurs, a public wireless LAN can be realized by at least some of the access points that can be operated.
(D) The guest device GS can notify the user of the guest device GS that the public wireless LAN can be used by detecting a beacon by the access point 40 and obtaining a list of connectable SSIDs.
(E) The public wireless LAN can be opened according to the actual situation of the event. That is, the public wireless LAN can be opened by designating the area where the event has occurred, and the public wireless LAN can be closed by designating the area where the event has converged.

  The present invention is not limited to the above-described embodiments, examples, and modifications, and can be realized with various configurations without departing from the spirit of the present invention. For example, the technical features in the embodiments, examples, and modifications corresponding to the technical features in each form described in the summary section of the invention are for solving some or all of the above-described problems, or In order to achieve part or all of the effects described above, replacement or combination can be performed as appropriate. Further, if the technical feature is not described as essential in the present specification, it can be deleted as appropriate. For example, the following can be mentioned.

  The protocol for forming the VPN may be other than L2TP. For example, PPTP (Point to Point Tunneling Protocol), IPsec (Security Architecture for Internet Protocol), L2TP / IPsec, or another protocol having an authentication function may be used.

  You may form the wireless network isolated from LAN currently formed at the normal time by methods other than VPN. For example, a VLAN (Virtual Local Area Network) may be used. As a form of using the VLAN, for example, the following can be considered. When a new SSID is generated, a network with a VLAN ID different from other SSIDs is used. Further, a different IP network address may be set for each SSID. When using a VLAN, basically, a network based on the SSID for LAN and a network based on the SSID for event occurrence are assigned different VLAN IDs, and information is provided for each VLAN ID at the access point, the upper switching hub, or the router. Isolate. Further, the DHCP server function possessed by the internal gateway or access point can be operated for each SSID, and the client device and server device connected by the SSID for LAN, and the client device and server device connected by the SSID for event occurrence The IP address of a different network segment may be set. In this case, since not only the VLAN ID but also the IP network is separated, mutual communication between devices connected to different SSIDs is not possible. Specific procedures are exemplified as follows.

  When detecting the occurrence of an event, the LAN administrator instructs the access point to create a VLAN for event occurrence. This instruction is executed through a web setting screen (for example, by checking a check box). The VLAN setting can be automatically performed by receiving only an instruction from the server apparatus without going through the VPN. Upon receiving the instruction, the access point opens the event occurrence VLAN as a public wireless LAN. On the other hand, communication within a LAN having information to be kept secret is managed by assigning another VLAN ID. That is, communication within a LAN having information to be kept secret is executed by another VLAN (limited connection VLAN). The limited connection VLAN may be formed at the same time as the event occurrence VLAN, or may be formed before the occurrence of the event. Separate SSIDs are used for connection between the limited connection VLAN and the event occurrence VLAN, and the communication device connected to the event occurrence VLAN is connected to the Internet without accessing the limited connection VLAN. Thus, when separating by VLAN, since VLAN ID differs, communication is isolated. Further, when the network address is different, communication by IP is isolated. As a result, the security of information to be concealed within the in-house LAN or the home LAN is ensured.

  For both VLAN and VPN, the event occurrence SSID may be generated with the event occurrence as a trigger as described above, or the event occurrence SSID is set in advance at the access point, and is invalid. It may be in a state of being. When the invalid setting is made, when the instruction from the administrator is received, the invalid target SSID is validated, and the access point function by the IEEE 802.11 infrastructure mode by the target SSID is validated. May be. Furthermore, VLAN and VPN connection settings may be set in advance, and may be disabled. In this case, when an instruction from the administrator is received, the invalid VLAN or VPN connection setting is validated, and not only the generation of the SSID for event occurrence based on the trigger, but also the VLAN or VPN associated with the SSID May be configured separately from the existing LAN SSID.

  For both VLAN and VPN, the newly generated SSID is not limited to one. An access point for which an SSID has already been generated may be instructed to generate a different SSID.

  Information in the LAN may be concealed using PPPoE (Point to Point Protocol over Ethernet) (Ethernet is a registered trademark) instead of VPN.

  The server device may instruct the access point to open or close the public wireless LAN regardless of information input by the administrator. In this case, the server apparatus may specify the detection of the occurrence of the disaster, the identification of the disaster area, and the convergence of the disaster using, for example, a disaster message board installed by the communication carrier.

  The access point does not need to make an inquiry to the server device for opening or closing the public wireless LAN. In this case, the server device may voluntarily give an instruction to the access point regardless of whether there is an inquiry. Alternatively, the access point may open or close the public wireless LAN without an instruction from the server device. In this case, the access point may specify the detection of the occurrence of the disaster, the identification of the disaster area, and the convergence of the disaster using, for example, a disaster message board installed by the telecommunications carrier. Alternatively, the LAN administrator may instruct the access point to open or close the public wireless LAN.

  When a disaster occurs in a range where the occurrence of the disaster is monitored (for example, all over Japan), the wireless LAN may be opened to all access points included in the communication system. Thereafter, the wireless LAN may be closed sequentially from areas where it is determined that opening is unnecessary.

  The registration information (access point information stored by the server device) may include information indicating on which floor of the building the access point is installed. For example, the server apparatus may preferentially open an access point close to the ground using this information.

  The access point may store the SSID for event occurrence from normal time. In this case, the administrator may input the event occurrence SSID to the access point as setting information.

The server device that forms the VPN line does not have to be the same device as the server device that serves as a reference for the occurrence of an event or transmits an SSID for event occurrence.
The access point and the server device may form a VPN line when an event occurs.

One or more access points may be included in the communication system.
The number of server devices included in the communication system may be one or more.
The connection destination may not be the Internet, but may be a public communication network such as a wide area LAN prepared by a telecommunications carrier or the government.
The storage medium included in the server device may be another storage medium such as a flash ROM.

DESCRIPTION OF SYMBOLS 20 ... Communication system 30 ... Server apparatus 30a ... Server apparatus 40 ... Access point 40a ... Access point 40b ... Access point 41 ... Access point 50 ... Gateway apparatus 310 ... CPU
311: Instruction unit 350 ... Wired communication interface 360 ... Hard disk 410 ... CPU
411 ... Limited connection unit 413 ... Inquiry unit 415 ... Public connection unit 440 ... Wireless communication interface 450 ... Wired communication interface 460 ... Flash ROM
INT ... Internet CLa ... Client device CLb ... Client device GS ... Guest device

Claims (3)

A communication system including a wireless connection device belonging to a first network that is a wireless network limited by specific security information, and a server device connected to a public communication network,
The wireless connection device generates a second network, which is a wireless network for connecting a communication device to a public communication network via the server device, when the event occurs, separately from the first network ,
The server device includes an instruction unit that instructs generation of the second network to the wireless connection device when the event occurs ,
There are a plurality of the wireless connection devices,
Each of the plurality of wireless connection devices generates the second network with the same identifier. The communication system according to claim 1 , wherein the instruction unit issues the instruction to a predetermined one of the plurality of wireless connection devices. There are a plurality of the server devices,
The communication system according to any one of claims 1 to 2 , wherein the wireless connection device connects the communication device to the public communication network via any one of the plurality of server devices. .

Images