JPH07202885A - Maintenance management method for ordering service offering terminal equipment - Google Patents

Abstract

PURPOSE:To implement registration and release of access permission user for an ordering service server terminal equipment and to set and release the service locking by using an ordering terminal equipment management procedure from a maintenance management center or the like. CONSTITUTION:Whether or not an illegal access preventing password included in a service ordering request procedure from an ordering service server terminal equipment is unmatched with a specified number of times is discriminated. When the password is dissident for a specified number of times, a caller having an illegal password is specified based on caller terminal equipment identification information included in a caller number served from a communication network or an inter terminal equipment communication procedure protocol element. The service ordering request procedure of the caller is not allowed to lock the ordering service.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a maintenance management method for an ordering service providing terminal, which performs unauthorized access from an ordering service providing terminal connected to a communication network and subscription registration / unregistration of the service.

[0002]

2. Description of the Related Art As an ordering service providing terminal connected to a communication network, there is, for example, a communication terminal such as a facsimile mail server FMS connected to an ISDN network.

That is, as the ordering service, there is a facsimile mail service FMS typified by the F network service, and this FMS is a system of a considerably large scale. In order to prevent unauthorized access to this ordering service, the service operator registers the subscriber data by a service subscription contract or the like. In this way, the system configuration is designed to protect unauthorized access by limiting the users.

On the other hand, in recent years, with the spread of FAX terminals, a simple FMS-like ordering service has been realized with a relatively small terminal. For example, in G3 FAX that can provide the ordering service, PB is set on the receiving side.
By receiving the ordering procedure composed of a combination of signals, the service request is analyzed and the relay service, the mail withdrawal service, etc. are executed.

FIG. 10 is an explanatory diagram of a communication network including an ordering service providing terminal. G4 + G3 for ISDN
Is connected to the PSTN, and the G3 terminal is connected to the PSTN. And PSTN is connected to ISDN and PS
The ISDN service can be received from the TN terminal G3.

A password PWD signal for preventing unauthorized access is set in these ordering procedures, and it is assumed that, for example, a malicious user tries the password PWD several times and the passwords PWD match. When the password PWD disagreement occurs a prescribed number of times, a mechanism for locking the ordering service is set.

[0007]

However, once the ordering service providing terminal is locked, normal users are also prohibited from accessing. In this case, it is necessary for a maintenance person or the like to request the unlocking of the ordering service providing terminal, and the visitor goes to a remote place to perform the unlocking work.

Such a problem occurs when the communication network is the PSTN, so that the caller who is the access user is unspecified.

In recent years, ISDN has become widespread, additional services have begun to be strengthened, and caller ID notification is provided to the called side. PS except for some interworking IW
It is also provided when boarding from TN to ISDN.

An object of the present invention is to introduce an ordering terminal management procedure, and register or cancel an access-allowed user of an ordering service providing terminal, or set or cancel a service lock according to the ordering terminal management procedure from a maintenance management center or the like. And so on.

[0011]

[Means for Solving the Problems] It is determined whether or not the unauthorized access prevention password included in the service ordering request procedure from the ordering service providing terminal does not match the specified number of times, and if the specified number of times does not match, it is provided from the communication network. A caller with an incorrect password is identified based on the calling number, and the ordering service is locked by disallowing the caller's service ordering request procedure.

Further, instead of the caller number from the communication network, the ordering service is locked based on the calling terminal identification information included in the inter-terminal communication procedure protocol element.

On the other hand, the ordering terminal management protocol including the service lock state release, subscription registration, and subscription release command of the ordering service providing terminal is different from the ordering service access protocol, and this ordering terminal management protocol depends on the signal channel of the communication network. Run.

Further, the ordering terminal management protocol is realized by the UUI signal of the D channel of ISDN, and the ordering service providing terminal validates the ordering terminal management protocol when receiving the notification of the caller number indicating the specific management node. And

[0015]

As a result, when the password PWD mismatches occur the specified number of times, the caller having the incorrect password PWD is identified from the caller number ID provided from the network,
By locking only the ordering procedure from the calling party as disallowed, the ordering service can be continuously provided to the access users having other normal PWDs. In this case, when the ordering service providing terminal is set to the user access unrestricted, it is possible to solve a problem that can occur particularly. When the registration registration for the ordering service is executed, that is, when the access users are limited, the level 1 restriction can be applied by the calling number ID, so that the malicious access by the unauthorized PWD is considerably small. is expected.

Further, when the calling party number ID of ISDN is provided by the calling side exchange to the called side exchange and is served to the called side terminal, it is not possible to provide the calling side number ID to the calling side exchange. Alternatively, when the calling terminal uses the caller number ID notification restriction CLIR function, the calling terminal identification information included in the EE terminal protocol is regarded as the above calling number ID, and Malicious access is prohibited by locking only the ordering procedure from the caller as disallowed.

Further, an ordering terminal management protocol of a different system is used for the ordering access protocol of the service request, and the maintenance management center terminal instructs the ordering service providing terminal to release the service lock and register or cancel the access-allowed user. As a result, when the service ordering terminal locks the service,
This can be operated remotely. In addition, in a specific ordering service providing terminal, the access-allowed user can be remotely registered and released.

[0018]

FIG. 6 is a block diagram of an ISDN facsimile apparatus to which the ordering service maintenance management method of the present invention is applied.

In FIG. 6, the control unit 1 controls the respective parts of the ISDN facsimile machine and the FAX of the higher layer.
The (G4, G3) functional processing is performed, and the system memory 2 stores the control processing program executed by the control section 1 and various data necessary for executing the processing program, and It constitutes a work area.

The area of the system memory 2 is
Database D of access-allowed (subscription) users in the access user-only mode of the ordering service
B, and also includes a database DB of users whose services are locked due to unauthorized access.

The parameter memory 3 is for storing various kinds of information unique to this ISDN facsimile system, and includes identification data of the maintenance management node. The clock circuit 4 is for obtaining the current time, and the scanner 5 is for reading the original image at a predetermined resolution.

The plotter 6 is for recording and outputting an image at a predetermined resolution, and the operation display section 7 is for operating this facsimile apparatus, and comprises various keys and various display devices.

The coding / decoding section 8 is for coding and compressing the image signal and for decoding the coded and compressed image information into the original image signal.

The storage device 9 is for storing a large number of coded and compressed image information. This image storage device stores images related to the provision of ordering services. For example, it is used for storing relay images received by a relay broadcast service request.

The Bch transmission control units 10 and 11 are ISDN
FAX (G4 / G3) transmission control processing using the B (information) channel is performed. This Bch transmission control unit 10, 1
1 executes the EE end-to-end protocol. This protocol relates to claim 2 and FAX (G3) recommends T. 30 TSI (Transmitting St)
ation Identification), G4
In fax, Recommendation T. 62 TID (Termin
al ID) related to the calling terminal identification information. The FAX (G3) is also used for the ordering access protocol used by the service requesting user using the PB tone. Next, Dch
The transmission controller 12 uses the D (signal) channel for ISD.
Transmission control processing such as N call control processing is performed.

In the ordering service, the UUI information carried by the Dch transmission control unit 12 is related, and the ordering access protocol used by the service requesting user and the ordering terminal management protocol executed with the maintenance management node of the ordering service providing terminal. Used in.

The layer 1 control unit 13 controls the ISDN layer 1
It also has a signal processing function of DCH signal and a multiplexing / demultiplexing function of a Dch signal and two Bch signals, and also has a layer 1 signal control function of a network terminating device (NT) of ISDN.

The ISDN interface section 14 is an IS
It is for physically connecting to the DN.

These control units 1 to Dch transmission control unit 1
Reference numeral 2 is connected to a system bus, and data is exchanged between these respective elements mainly via this system bus.

FIG. 7 (a) shows the format of a message at the time of ISDN call setup. The protocol identifier is for identifying the protocol specification that defines the layer 3 call control message. The call number identifies which call the message is for. The message type is for identifying the type of message.

FIG. 7B shows the content of the information element IE.
Here, the information elements of the call setup message SETUP are shown. The transfer capability is composed of attributes of information to be transmitted, exchange functions to be used, information transfer speed, information indicating an information transfer mode, and information such as a protocol type portion of user information.

Channel identification is B1ch or B2c
It is for identifying h. The calling party number ID is the SDN address that is serviced by the exchange. The called number represents the ISDN address of the called terminal.

HLC is the higher layer consistency information,
G4 or G3 FAX is set. The user-user is used for transmitting the user-to-user information UUI, and the content of this information is transparently transmitted to the partner terminal without being interpreted by the network. The protocol related to the ordering service on Dch of the present invention is carried by UUI.

FIG. 8 shows a basic transmission procedure performed by the ISDN terminal during communication. The calling terminal sends a call setup message SE
TUP is sent to ISDN to request call setup with the destination terminal, ISDN accepts the call setup request, and sends out a call setup acceptance message (CALL PROC).

The ISDN sends a call setup message SETUP to the designated called terminal to notify the called party. When the called terminal detects the incoming call by receiving the call setup message SETUP, it judges whether the incoming call is to the own terminal and the mutual communication, and if the judgment result = yes, the response message CON.
Send N. If necessary, the call message ALE
In some cases, RT is sent out.

The elements of the ordering access protocol and the ordering terminal management protocol are carried by the inter-user information UUI of the call setup message SETUP. In addition, the ordering service providing terminal may add the inter-user information UUI to the response message CONN or the calling message ALERT and send a message (eg, collating) related to the ordering service to the calling access user.

When the ISDN receives the response message CONN, the ISDN sends a response confirmation message (CON A
At the same time as sending CK), a response message CONN is sent to the calling terminal to notify that the path of the line has been established with the called terminal. As a result, on the B channel, E- between the calling terminal and the called terminal (ordering service providing terminal)
The G4 or G3 image information transmission / reception and the ordering service are executed by the protocol between the E terminals. Bch
After the transfer of the EE user information above is completed, the line disconnection procedure is executed.

FIG. 8 shows a case where the calling terminal side sends a disconnection message DISC to the ISDN to request the B channel release. ISDN is a disconnect message DIS
When C is received, a disconnection message DISC is sent to the destination terminal to notify the restoration of the B channel. Subsequent disconnection recovery procedures are processed locally in the originating exchange and the terminating exchange independently.

The destination terminal receives the disconnection message DISC and notifies the disconnection completion REL with the release message REL.
Respond to N. The ISDN sends a release complete message (REL COMP) confirming this.

The originating exchange responds to the originating terminal with a release message REL notifying that the disconnection has been completed by receiving the disconnection message DISC from the originating terminal. The calling terminal sends a release completion message (REL COMP) confirming this.

The ordering service providing terminal is
Call setup message S of the ordering access protocol
When a service request is received in the inter-user information UUI of ETUP and this request is unacceptable for some reason, the disconnection recovery related message (“DIS
The user information UUI can be added to "C", "REL", and "REL COMP") to notify the reason for refusal.

Further, the ordering service providing terminal is
In the ordering terminal management protocol (“UUI” of “SETUP”) from the management node, even in the disconnection recovery procedure after the execution of the management service instructed, the related message (“DISC”,
"REL" and "REL COMP")
UI can be added. FIG. 9 shows the sequence of these cases.

Next, FIGS. 1 to 5 show flowcharts of the maintenance management method of the ordering service providing terminal according to the present invention. FIG. 1 is a flow chart of the process of the ordering service providing terminal. The ordering service providing terminal TE operates as follows.

First, an incoming call is detected by receiving the call setup message SETUP of (S1). It is determined whether or not the incoming call is an incoming call to the own ordering service providing terminal TE (S2). If yes, the ordering system "UUI" supported by the own ordering providing terminal.
The presence of is determined (S3). If yes, it is determined whether the ordering protocol type carried by "UUI" is a terminal management protocol (S4).

If the result is no, the processing proceeds to ordering service access protocol processing AA. On the other hand, if the result is yes, the presence of the calling party number "calling ID" is checked (S5). This is the terminal management protocol
This is because the calling ID is essential. Then, it is determined whether the received "calling ID" matches the management node number (system parameter) registered in the own ordering provision terminal TE (S6).

Next, it is determined whether the received management PWD mapped to the terminal management protocol "UUI" matches the management PWD (system parameter) registered in the self-ordering providing terminal (S7). Then, the processing according to the management service type instructed by the management node is executed (S8).

For example, release during service lock (calling ID
Alternatively, TSI / ID support), registration (corresponding to a contract) or cancellation (corresponding to contract cancellation) of an access-allowed user in the access-user limited mode are executed.

FIG. 2 is a processing flowchart of the ordering service protocol UUI.

When the content of the received "UUI" is the ordering access protocol, the existence of the "calling ID" is determined (S9). If the "calling ID" is absent in this determination, the calling ID absence flag is set to ON, and the process proceeds to step (S13). That is, the step (S13) is executed and B
Calling terminal identification information (T
Whether or not a service request including SI and TID) is acceptable is determined.

On the other hand, if the "calling ID" exists, it is checked whether or not the calling ID (calling user) is under service lock (S10). If it is locked, the process proceeds to the normal disconnection recovery process A. If the service is not locked, it is determined whether or not the ordering service providing form setting mode of the own ordering providing terminal is access user unrestricted (S11). If the access user is not restricted, the PWD indicated in the received "UUI" is judged to be in agreement with the access user unrestricted PWD system-registered in the own ordering providing terminal (S12), and there is a mismatch. In the case, the process proceeds to the calling ID corresponding PWD mismatch process C.

If the PWDs match, the received "UU
The ordering service type (e.g., relay instruction / mail withdrawal) indicated by "I" is analyzed (S13), the processing mode is set according to the service type, and the process proceeds to the ordering service processing B.

In step (S11), if the ordering service providing form setting mode of the own ordering providing terminal is the subscription contract (access user limited) mode, the received "calling ID" is registered in the own ordering providing terminal (contract).
It is determined whether it has been completed (S14), and if it is not registered, the process proceeds to disconnection recovery processing A. If registered, received "UUI"
The PWD shown in (1) determines whether or not the PWD registered in the own ordering providing terminal is compatible with the received "originating ID" (S15). If the PWD does not match, the process proceeds to the originating ID corresponding PWD mismatch processing C. If the PWDs match, the process proceeds to step 13 (S13).

FIG. 3 is a flow chart showing an incoming call processing of the ordering service. In the ordering service incoming process, first, "CONN" is sent to the network to notify that the incoming call has been accepted (S16). Then, the "CONN ACK" is received from the network, and the process proceeds to the Bch inter-terminal protocol process (S17). In Fig. 3, "CO
MS recovering from disconnection from the network, including "NN ACK" waiting loop
Although not described for G reception, recovery processing is performed in this case.

Next, the protocol between terminals is FAX (G
3, G4) mode is selected and the FAX mode to be activated is selected (S18). If the FAX mode is G3, the TSI frame prescribed in Recommendation T.30 is received and the calling terminal identification information is acquired (S19). On the other hand, the FAX mode is G
If 4, then the CSS frame defined by Recommendation T.62 is received and the calling terminal identification information is acquired (S20). And
It is inspected (flag) whether or not the "calling ID" is present when "SETUP" is received (S21), (S22).

If the "calling ID" exists, the received "UUI" request service is executed (S23). If the "calling ID" is absent, it is determined whether the service is locked for the received TSI / TID (calling terminal identification information), and if it is locked, the disconnection recovery processing A is performed (S).
24). If the service is not locked, it is determined whether or not the ordering service providing form setting mode of the own ordering providing terminal is access user non-restricted (S25). If the access users are not restricted, the received "UU
The PWD indicated by “I” is determined to be in agreement with the PWD for access user non-restriction system-registered in the own ordering providing terminal (S26).
The process proceeds to the TID-compatible PWD mismatch process E. Its PWD
If the two match, the process proceeds to step 23 (S23).

If the determination at step 25 (S25) is that the ordering service providing form setting mode of the own ordering providing terminal is the subscription contract (access user limited) mode, the received TSI / TID is registered in the own ordering providing terminal ( It is determined whether or not the contract has been completed (S27). If you have registered,
The PWD indicated in the received "UUI" is the registered PWD corresponding to "TSI / TID" in the own ordering provision terminal.
(S28), if there is no match, TS
The process proceeds to the I / TID compatible PWD mismatch processing E. That P
If the WDs match, the process proceeds to step (S23).

FIG. 4 is a flowchart of a normal incoming call process. "CONN" is sent to the network to notify that the incoming call has been accepted (S16). From the web "CONN AC
"K" is received, and the process proceeds to Bch inter-terminal protocol processing (S17).

Although FIG. 4 does not show the case of disconnection recovery MSG reception from the network, including the "CONN ACK" waiting loop, in this case, recovery processing is performed.

Then, it is determined whether it is the G3 mode or the G4 mode, and if the FAX mode is G3 according to the FAX mode, the recommendation T.75. 30 protocol processing and transmission / reception of image information are executed. If the FAX mode is G4, the recommendation T.70. The protocol processing of 62 and transmission / reception of image information are executed (S2
9). After the above process is executed, the process proceeds to disconnection recovery process A.

Next, FIG. 5 is a flowchart of the PWD mismatch processing C. First, the entry to the PWD disagreement process C corresponding to the calling ID is a case of access by a calling user having an unauthorized PWD.

The received "calling ID" is stored, and the caller ID ID unauthorized access counter is incremented by 1 (S30). Here, if the unauthorized access is the first time,
Generate an unauthorized access counter for the calling party number ID,
+1. When the result reaches the prescribed number of unauthorized access X, the service lock is set for the calling number ID user (S31), and the normal disconnection recovery process A is performed. As a result, from the next time onward, even if the PWDs match, the service is rejected (S10).

If it is determined in step 30 (S30) that the number of illegal accesses is less than the prescribed number X, the normal disconnection recovery process A
Move to.

On the other hand, the entry to the PWD disagreement process E corresponding to TSI / TID is the TSI / TI having an illegal PWD.
This is a case of access by a D user.

The received [TSI / TID] is stored and the illegal access counter for TSI / TID is set to +
1 (S32). Here, if the unauthorized access is the first time, the unauthorized access counter for TSI / TID is generated and incremented by one. The result is the specified number of unauthorized access X
If it reaches, the service lock is set for the TSI / TID user, and the process proceeds to the normal disconnection recovery process A (S33). As a result, the next time
Even if they match, the service is rejected (A24).

If it is determined in step 32 (S32) that the number of illegal accesses is less than the prescribed number X, the normal disconnection recovery process A is executed.

The entry to the disconnection recovery process D including the management service process result is the case where the ordering terminal management protocol is received (S4).

The processing result executed in step 8 (S8) is mapped to "UUI", and an appropriate disconnection recovery (DISC / R) is performed.
The recovery procedure is executed by adding it to the EL / REL COMP) message (S35). As an example of this processing result,
It looks like this: (A) "The service lock for the specified calling ID has been released." (B) "The service lock for the specified calling ID does not exist." (C) "The designated calling ID + PWD has been registered. "(D)" The designated caller ID + PWD has been released. "

[0068]

As described above, according to the present invention, P
When the WD disagreement occurs a prescribed number of times, the caller with the illegal PWD is sent to the caller number information (calling I) provided from the network.
From D), only the ordering procedure from the caller is locked as disallowed, so other normal PW
The ordering service can be continuously provided to the access (calling) user having D.

The originating ID of the ISDN is provided by the originating exchange to the terminating exchange and serviced to the terminating side terminal.

When the calling exchange does not have the capability of providing the calling ID, or when the calling terminal uses the CLIR (calling ID notification restriction) function, EE is established after the "call" is established.
Calling terminal identification information included in the terminal protocol (eg G3;
Malicious access can be prohibited by regarding TSI, G4; TID) as “calling ID” and locking only the ordering procedure from the caller as disallowed.

According to the present invention, an ordering terminal management protocol having a different system is used for the ordering access protocol of the service request used by the user, and the maintenance management center terminal (system) releases the service lock to the ordering service providing terminal and the access-permitted user Since commands such as registration and cancellation are issued, when the service ordering providing terminal locks the service, it can be operated remotely. In addition, the maintenance personnel can remotely operate the registration and cancellation of the access-allowed user instead of the maintenance person going to a remote place.

Since the ordering access protocol normally used by the user can be accessed from any manufacturer's terminal, the present invention uses the ISDN signal channel (Dc).
The UUI signaling procedure of h) is used. The management protocol also uses the Dch UUI signal in ISDN to simplify the configuration of the ordering service providing terminal. Therefore, it can be realized without complicating the system configuration.

[Brief description of drawings]

FIG. 1 is a processing flowchart of an ordering service providing terminal according to the present invention.

FIG. 2 is a processing flowchart of an ordering service protocol UUI according to the present invention.

FIG. 3 is an incoming call processing flowchart of the ordering service according to the present invention.

FIG. 4 is an ordinary incoming call processing flowchart in the present invention.

FIG. 5 is a disconnection processing flowchart according to the present invention.

FIG. 6 is a block configuration diagram of an ISDN facsimile apparatus to which the present invention is applied.

FIG. 7 is an explanatory view of a message format at the time of ISDN call setup in the present invention.

FIG. 8 is an explanatory diagram of a basic transmission procedure performed by an ISDN terminal according to the present invention during communication.

FIG. 9 is an explanatory diagram of a rejection sequence of an ordering service request in the present invention.

FIG. 10 is an explanatory diagram of a communication network including an ordering service providing terminal.

[Explanation of symbols]

 1 Control Section 2 System Memory 3 Parameter Memory 4 Clock Circuit 5 Scanner 6 Plotter 7 Operation Display Section 8 Encoding / Decoding Section 9 Image Storage Device 10 Bch Transmission Control Section 11 Bch Transmission Control Section 12 Dch Transmission Control Section 13 Layer 1 Signal Control Section 14 ISDN interface section

Claims (5)

[Claims] 1. A method for maintaining and ordering an ordering service providing terminal, which locks a service against unauthorized access from an ordering service providing terminal connected to a communication network and cancels subscription registration to a service. It is determined whether the unauthorized access prevention passwords included in the service ordering request procedure from the terminal do not match the specified number of times, and if they do not match the specified number of times, a call with an unauthorized password is made based on the caller number provided from the communication network. A method of maintenance and management of an ordering service providing terminal, characterized in that a caller is specified, and the ordering service is locked by disallowing the caller's service ordering request procedure. 2. Instead of the caller number from the communication network,
2. The maintenance management method for an ordering service providing terminal according to claim 1, wherein the ordering service is locked based on the calling terminal identification information included in the inter-terminal communication procedure protocol element. 3. An ordering terminal management protocol including a service lock status release, subscription registration, and subscription release command of the ordering service providing terminal is different from the ordering service access protocol, and the ordering terminal management protocol is a signal of the communication network. The maintenance management method for an ordering service providing terminal according to claim 1 or 2, wherein the maintenance management method is performed by a channel. 4. The maintenance management method for an ordering service providing terminal according to claim 3, wherein the ordering terminal management protocol is realized by a UUI signal of an ISDN D channel. 5. The ordering service providing terminal,
4. The maintenance management method for an ordering service providing terminal according to claim 3, wherein the ordering terminal management protocol is validated when a notification of a caller number indicating a specific management node is received.