US20230208682A1 - Securing a connection from a device to a server - Google Patents

Securing a connection from a device to a server Download PDF

Info

Publication number
US20230208682A1
US20230208682A1 US18/086,127 US202218086127A US2023208682A1 US 20230208682 A1 US20230208682 A1 US 20230208682A1 US 202218086127 A US202218086127 A US 202218086127A US 2023208682 A1 US2023208682 A1 US 2023208682A1
Authority
US
United States
Prior art keywords
connection
server
communication
application
communication processing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
US18/086,127
Inventor
Takeshi Hayashi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NEC Corp
Original Assignee
NEC Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NEC Corp filed Critical NEC Corp
Priority to US18/086,127 priority Critical patent/US20230208682A1/en
Publication of US20230208682A1 publication Critical patent/US20230208682A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/64Routing or path finding of packets in data switching networks using an overlay routing layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Definitions

  • the present invention relates to a communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of the communication processing apparatus and communication managing apparatus.
  • patent literature 1 describes a technique which disconnects an unpermitted device by collation with an apparatus permission whitelist or the like, when a host apparatus having a USB device connection port has received a connection request from a USB device of HID (Human Interface Device: a mouse, keyboard, or the like). Also, non-patent literature 1 describes a technique which implements communication optimization of an IP network connection (a connection using a network address) by flexible communication path control by using an OFC (OpenFlow Controller) and OFS (OpenFlow Switch) controlled by OpenFlow.
  • OFC OpenFlow Controller
  • OFS OpenFlow Switch
  • security measures are provided between a USB device and a host apparatus as a connection destination connected via a USB, and between a network apparatus and a cloud (server) as a connection destination connected across a network, but there is no security measure from the USB device to the cloud (server). Therefore, if, for example, a device having a security (safety) problem is connected, there is nothing to do but disconnect the problematic device from the host apparatus of the network.
  • the present invention enables to provide a technique of solving the above-described problem.
  • One example aspect of the present invention provides a communication processing apparatus comprising:
  • a first connection unit that connects devices
  • a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted
  • connection controller that controls said switching unit in accordance with a determination result from said determiner.
  • Another example aspect of the present invention provides a method of controlling a communication processing apparatus, the method comprising:
  • a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • Still other example aspect of the present invention provides a program of controlling a communication processing apparatus, that causes a computer to execute a method, comprising:
  • a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • Still other example aspect of the present invention provides a communication managing apparatus comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • connection controller that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • Still other example aspect of the present invention provides a method of controlling a communication managing apparatus, the method comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection controller obtaining connection states by the connection controller based on the connection information
  • Still other example aspect of the present invention provides a program of controlling a communication managing apparatus, that causes a computer to execute a method, comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection controller obtaining connection states by the connection controller based on the connection information
  • Still other example aspect of the present invention provides a communication processing system comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information
  • connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
  • Still other example aspect of the present invention provides a communication processing method comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers
  • a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection information determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information
  • FIG. 1 is a block diagram showing the arrangement of a communication processing apparatus according to the first example embodiment of the present invention
  • FIG. 2 is a block diagram showing the configuration of a communication processing system including a communication processing apparatus according to the second example embodiment of the present invention
  • FIG. 3 A is a block diagram showing the functional configuration of a communication processor according to the second example embodiment of the present invention.
  • FIG. 3 B is a view showing the arrangement of a communication processing table according to the second example embodiment of the present invention.
  • FIG. 4 A is a block diagram showing the functional configuration of a device processing controller according to the second example embodiment of the present invention.
  • FIG. 4 B is a view showing the arrangement of a device processing table according to the second example embodiment of the present invention.
  • FIG. 5 A is a block diagram showing the functional configuration of a switching unit according to the second example embodiment of the present invention.
  • FIG. 5 B is a view showing the arrangement of a connection table according to the second example embodiment of the present invention.
  • FIG. 6 A is a flowchart showing the procedure of the communication processor according to the second example embodiment of the present invention.
  • FIG. 6 B is a flowchart showing the procedure of a filtering process according to the second example embodiment of the present invention.
  • FIG. 7 A is a view showing the connection state of the communication processing system with respect to an unpermitted device according to the second example embodiment of the present invention.
  • FIG. 7 B is a view showing the connection state of the communication processing system upon resumption after disconnection according to the second example embodiment of the present invention.
  • FIG. 8 A is a view showing the connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention.
  • FIG. 8 B is a view showing another connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention.
  • FIG. 9 A is a block diagram showing the functional configuration of a management server according to the second example embodiment of the present invention.
  • FIG. 9 B is a view showing the arrangement of a gateway management database according to the second example embodiment of the present invention.
  • FIG. 10 A is a view showing the concept of a visualized management monitor according to the second example embodiment of the present invention.
  • FIG. 10 B is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
  • FIG. 10 C is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
  • FIG. 10 D is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
  • non-IP connection indicates a connection complying with a communication protocol such as a USB or Bluetooth® based on a device ID or device address
  • IP connection indicates a connection complying with an Internet protocol based on a network address such as an Internet address
  • the communication processing apparatus 110 is an apparatus which connects a non-IP device to an IP system.
  • the communication processing apparatus 110 includes a first connection unit 111 , a second connection unit 112 , a switching unit 113 , a determiner 114 , and a connection controller 115 .
  • the first connection unit 111 connects a device 120 .
  • the second connection unit 112 connects to a server 130 .
  • the switching unit 113 switches the connections of the device 120 and server 130 between the first connection unit 111 and the second connection unit 112 .
  • the determiner 114 determines whether the connection of the device 120 to the first connection unit 111 is permitted.
  • the connection controller 115 controls the switching unit 113 in accordance with the determination result from the determiner 114 .
  • a safe connection from a non-IP-connection device to an IP-connection cloud can be secured by switching the connections from the device to the server in accordance with the determination result indicating whether the connection of the device is permitted.
  • the communication processing apparatus controls a connection between a device and server as follows, when determining that the connection of the device is not permitted, or when determining that the connection of the device is permitted.
  • the communication processing apparatus When determining that the connection of the device is not permitted, the communication processing apparatus disconnects all devices and servers connected to the apparatus. Also, even when determining that the connection of the device is permitted, the communication processing apparatus performs control so as to limit the connection between the device and server. For example, the communication processing apparatus performs control so as to limit application processing to be provided for the connected device.
  • control operations are executed in accordance with the settings by an external communication managing apparatus which manages communication, and this external communication managing apparatus is notified of the connection state of a device and server.
  • the external communication managing apparatus is emergently notified of the disconnection of all devices and servers when the connection of the device is found to be unpermitted.
  • FIG. 2 is a block diagram showing the configuration of a communication processing system 200 including a communication processing apparatus 210 according to this example embodiment.
  • each communication processing apparatus 210 performs determination on a connected device and performs processing such as server disconnection based on settings from a management server 240
  • the management server 240 may also collectively manage a plurality of communication processing apparatuses 210 , perform determination on a connected device, and perform processing such as server disconnection.
  • the communication processing system 200 includes the communication processing apparatus 210 such as a gateway, devices 220 , servers 230 including a cloud, and the management server 240 .
  • the communication processing apparatus 210 includes a communication processor 211 for controlling the communication processing apparatus 210 , a device control processor 212 , an application group 213 (to be abbreviated as an application hereinafter), a switching unit 214 using an SDN (Software-Defined Network), and a communicator 215 for connecting to the servers 230 .
  • the communication processor 211 processes the whole communication processing apparatus 210 in accordance with a setting instruction from the management server 240 , and presents the processing state of the communication processing apparatus 210 to the management server 240 .
  • the device control processor 212 controls connections to the non-IP devices 220 by a USB (Universal Serial Bus), Bluetooth®, or the like. Then, the device control processor 212 determines whether the device is permitted or unpermitted, and disconnects the device if the device is unpermitted. After that, the device control processor 212 notifies the communication processor 211 that the unpermitted device is connected.
  • USB Universal Serial Bus
  • the application 213 is an application which obtains data from each of connected devices 220 , and transmits data to the servers 230 across the network.
  • the switching unit 214 includes an SDN formed by an openflow controller and openflow switch, and controls switching for determining the servers 230 to which data from a device processed by the application 213 is to be transferred.
  • the communicator 215 transfers the data from the device to the servers 230 by Wi-Fi, Ethernet®, Cellular, or the like.
  • the devices 220 are devices such as sensors which perform non-IP connection to the device control processor 212 by a USB or Bluetooth®, and detects data to be collected by the servers 230 .
  • the servers 230 collect the data detected by the devices 220 while maintaining the security (safety) via the communication processing apparatus 210 , analyzes the collected data, and provides the service.
  • the management server 240 is a server for managing data transfer from the devices 220 to the servers 230 in the communication processing apparatus 210 .
  • the management server 240 has a visualized GUI 241 .
  • the user can visually observe, e.g., the states of the function of data transfer to the communication processing apparatus 210 , the procedure when a device is unpermitted, and other settings such as data transfer conditions, or the result of data transfer in the communication processing apparatus 210 , notification when a device is unpermitted, and other settings such as data transfer conditions. Accordingly, an administrator who manages data transfer from the devices 220 to the servers 230 can easily monitor the data transfer state and can change the settings by a simple operation by using the management server 240 .
  • USB device determination is performed by determining whether to permit connection, based on information notified to udev (user space device management) when the USB device is connected. If a USB device whose connection is unpermitted is connected, it is determined that the device is an unpermitted device. Permitted USB devices are registered in a permission rule (permission list) beforehand.
  • the host OS is Linux
  • Bluetooth® device determination is performed by periodically checking connections by “hcitool con”. If there is an unpermitted connection, it is determined that the device is an unpermitted device. Permitted Bluetooth® connections are registered in a permission whitelist (permission list) beforehand.
  • FIG. 3 A is a block diagram showing the functional configuration of the communication processor 211 of the communication processing apparatus 210 according to this example embodiment.
  • the communication processor 211 includes a communication controller 301 , a communication process information obtainer 302 , a communication process information storing unit 303 , and a communication processing table 304 .
  • the communication processor 211 further includes a switching information setter 305 , a device control information setter 306 , an unpermitted device connection receiver 307 , and a server disconnection notifier 308 .
  • the communication controller 301 controls communication between the management server 240 and the device control processor 212 and switching unit (SDN) 214 in the communication processing apparatus 210 . Note that the communication controller 301 also controls communication with the application 213 and communicator 215 if necessary.
  • the communication process information obtainer 302 obtains communication process information indicating a communication process in the communication processing apparatus 210 from the management server 240 .
  • the communication process information storing unit 303 stores the communication process information obtained by the communication process information obtainer 302 in the communication processing table 304 .
  • the communication processing table 304 stores the communication process information obtained from the management server 240 , and constructs the communication process in the communication processing apparatus 210 .
  • the switching information setter 305 sets switching information in the openflow controller of the switching unit 214 . Note that when the unpermitted device connection receiver 307 receives a notification of the connection of an unpermitted device from the device control processor 212 , the switching information setter 305 sets connection information indicating unpermitted device connection, instead of normal switching information, in the openflow controller of the switching unit 214 , thereby implementing the process of disconnecting the servers 230 .
  • the device control information setter 306 sets information such as determination of the connection of an unpermitted device, or the connection of a connected device to the application 213 , in the device control processor 212 .
  • the unpermitted device connection receiver 307 receives the unpermitted device connection notification, which is determined by using the communication process information for determining the connection of an unpermitted device, from the device control processor 212 .
  • the server disconnection notifier 308 Upon receiving the notification of the connection of an unpermitted device, the server disconnection notifier 308 emergently notifies the management server 240 of complete disconnection to the servers 230 , and requests the management server 240 to rapidly recover the communication processing apparatus 210 while ensuring the security (safety) even if it is partial.
  • FIG. 3 B is a view showing the arrangement of the communication processing table 304 according to this example embodiment.
  • the communication processing table 304 is a table holding data for controlling the processing of data transfer from a device to a server, in the communication processing apparatus 210 .
  • the communication processing table 304 includes a device registration table 341 , an application/server setting table 342 , an application registration table 343 , and a device connection control table 344 .
  • the device registration table 341 stores the interface type of a device and a registration ID as a registered device ID in association with each other, and is used to determine whether a connected device is registered.
  • the application/server setting table 342 stores an application for performing a communication process on data from a registered device, a server as a transfer destination, and a port number for connecting to the server in association with each other, and is used to set data processing from a device and a transfer destination.
  • the application registration table 343 stores an application name and an application ID in association with each other, and is used for data processing and a communication process in the communication processing apparatus 210 .
  • the device connection control table 344 defines connection control set from various management servers 240 in accordance with whether a connected device is an unpermitted device or permitted device. In this example embodiment, if an unpermitted device is connected, connection to the servers 230 except the management server 240 of the communication processing apparatus 210 is disconnected, and connections of other permitted devices to the servers 230 are also disconnected. On the other hand, when a permitted device is connected, various connection control operations set from the management server 240 are performed based on the types of device, application, server, and the like.
  • FIG. 4 A is a block diagram showing the functional configuration of the device control processor 212 of the communication processing apparatus 210 according to this example embodiment.
  • the device control processor 212 includes a permission/unpermission determiner 401 , a device disconnector 402 , an unpermission notifier 403 , a device processing table 404 , a connection application determiner 405 , and a device-application connector 406 .
  • the permission/unpermission determiner 401 determines whether a connected device is permitted/unpermitted, based on device registration information set in the device processing table 404 .
  • the device disconnector 402 disconnects the connected device if the permission/unpermission determiner 401 determines that the device is unpermitted.
  • the unpermission notifier 403 notifies the management server 240 of this information via the communication processor 211 .
  • the connection application determiner 405 determines the application 213 to which the connected devices 220 are connectable, based on information set in the device processing table 404 and indicating the relationship between the devices 220 and application 213 .
  • the device-application connector 406 connects the devices 220 to the application 213 which is found to be connectable by the connection application determiner 405 .
  • an application to which the devices 220 are connectable is not limited to one, so it is possible to set a plurality of applications or all applications as connectable applications.
  • FIG. 4 B is a view showing the arrangement of the device processing table 404 according to this example embodiment.
  • the device processing table 404 is used by the device control processor 212 to manage determination of authorization/unpermission of a connected device, and manage connection to the application 213 .
  • the same reference numerals as in FIG. 3 B denote the same constituent elements in FIG. 4 B , and a repetitive explanation thereof will be omitted.
  • the device processing table 404 has a device-application connection table 442 .
  • the device-application connection table 442 is a part of the application/server setting table 342 shown in FIG. 3 B , and stores the relation between a device and application.
  • FIG. 5 A is a block diagram showing the functional configuration of the switching unit 214 of the communication processing apparatus 210 according to this example embodiment.
  • the switching unit 214 is an openflow SDN (Software Defined Network), and includes an openflow controller 501 and an openflow switch 502 .
  • the openflow controller 501 has a connection table 511 , and, in accordance with the connection table 511 , generates a flow table to be set in each switch through which data passes.
  • the openflow switch 502 controls the routing of a transmission source and transmission destination in accordance with the flow table set by the openflow controller 501 .
  • communication disconnection to all servers caused by the connection of an unpermitted device is implemented by, e.g., processing which does not route transmission data from the application 213 to any port connecting to the communicator 215 .
  • FIG. 5 B is a view showing the arrangement of the connection table 511 according to this example embodiment.
  • the connection table 511 is used by the openflow controller 501 to generate the flow table.
  • the connection table 511 includes an application-port connection table 542 and a port connection control table 544 .
  • the application-port connection table 542 is a part of the application/server setting table 342 shown in FIG. 3 B , and stores the relation between an application and a port to the communicator 215 .
  • the port connection control table 544 further stores, in the device connection control table 344 shown in FIG. 3 B , an input port from the application 213 and an output port to the communicator 215 for the openflow controller 501 .
  • FIG. 6 A is a flowchart showing the procedure of the communication processor 211 of the communication processing apparatus 210 according to this example embodiment.
  • a CPU Central Processing Unit
  • a CPU Central Processing Unit
  • the individual constituent elements of the communication processing apparatus 210 desirably have their own CPUs and implement the functions by communicating with each other. To avoid complication, however, the procedure will be explained by assuming that not the individual constituent elements but the communication processing apparatus 210 performs the procedure.
  • step S 601 the communication processing apparatus 210 monitors device connection by the device control processor 212 .
  • step S 603 the communication processing apparatus 210 receives a connection request from a USB device or Bluetooth® (BT in FIG. 6 A ) device.
  • step S 605 the communication processing apparatus 210 collates the connected device with a permitted device list (corresponding to the device registration table 341 ) to determine whether the device is permitted or unpermitted.
  • step S 607 the communication processing apparatus 210 determines whether the device is an unpermitted (unpermitted) device.
  • step S 609 the process advances to step S 609 , and the communication processing apparatus 210 disconnects communication to all the servers 230 except determination communication to the management server 240 , or disconnects communication by the application 213 .
  • step S 611 the communication processing apparatus 210 notifies the management server 240 of this abnormal state in which communication to all the servers 230 is disconnected. Note that the management server 240 may also monitor the state of the communication processing apparatus 210 at all times and receive information of the abnormal state.
  • step S 613 the communication processing apparatus 210 disconnects the unpermitted device by the device control processor 212 .
  • the communication processing apparatus 210 determines that an obstacle such as an attack does not influence the communication processing system 200 , because the unpermitted device is disconnected. In step S 615 , therefore, the communication processing apparatus 210 stops the strengthened communication filtering (disconnecting) process of disconnecting communication to all the servers 230 .
  • the application 213 which processes data of a permitted device, or a process of selectively enabling a connectable server 230 .
  • step S 617 the process advances to step S 617 , and the communication processing apparatus 210 performs a filtering process on network communication by a policy table specified for each permitted device.
  • step S 619 the communication processing apparatus 210 notifies the management server 240 of an abnormal status if an unexpected access occurs. Note that the management server 240 may also monitor the state of the communication processing apparatus 210 at all times and receive information of the abnormal status in this processing as well.
  • FIG. 6 B is a flowchart showing the procedure of the filtering process (step S 617 ) according to this example embodiment. Note that FIG. 6 B shows examples of two filtering processes (step S 617 ), but it is also possible to use other combinations, other filtering processes, or a combination with another filtering process.
  • step S 621 the communication processing apparatus 210 refers to a communication policy setting table of permitted device (equivalent to the application/server setting table 342 shown in FIG. 3 B ).
  • step S 623 the communication processing apparatus 210 limits servers accessible from, e.g., a specific USB/Bluetooth® device.
  • the communication processing apparatus 210 refers to a communication policy setting table of permitted devices and used communication applications (equivalent to the application/server setting table 342 shown in FIG. 3 B ).
  • the communication processing apparatus 210 limits communication by an application to be used by a specific USB/Bluetooth® device.
  • connection states based on the communication policy of the communication processing apparatus 210 of this example embodiment will be explained below with reference to FIGS. 7 A to 8 B .
  • FIG. 7 A is a view showing the connection state of the communication processing system 200 with respect to an unpermitted device according to this example embodiment.
  • FIG. 7 A shows a connecting process when an unpermitted device 723 is connected.
  • the device control processor 212 determines that the unpermitted device 723 is connected, communications to all the servers 230 except the management server 240 are disconnected in accordance with the communication policy of this example embodiment. In addition, the unpermitted device 723 is disconnected. Then, the connected management server 240 is emergently notified that communications to all the servers 230 are disconnected. This processing based on the communication policy of this example embodiment disconnects data transmissions from permitted devices 221 and 222 to the servers 230 as well, but can prevent damage from being inflicted on the servers 230 by an attack from the unpermitted device 723 .
  • FIG. 7 B is a view showing the connection state of the communication processing system 200 when the operation is resumed after disconnection according to this example embodiment.
  • FIG. 7 B shows a reconnecting process after the unpermitted device 723 is disconnected.
  • the use of communication applications (a) and (z) having low confidentiality is limited.
  • the management server 240 determines that no obstacle is inflicted on it because the unpermitted device 723 is disconnected as shown in FIG. 7 A , and rapidly restores data transmissions from the permitted devices 221 and 222 to the servers 230 .
  • the management server 240 performs setting so as to prevent the use of the lowly confidential communication applications (a) and (z) in accordance with the communication policy of this example embodiment.
  • FIG. 8 A is a view showing the connection state of the communication processing system 200 with respect to a permitted device according to this example embodiment.
  • FIG. 8 A shows a connection state when a connected device 823 is a permitted device.
  • the device control processor 212 determines that the permitted device 823 is connected, all the applications 213 are usable, but a server to which the device 823 can connect and transmit data is selected, in accordance with the communication policy associated with the device 823 .
  • the permitted device 823 is not connected to a server which does not require data of the device 823 , and is not connected to a specific server if, for example, the data reliability of the permitted device 823 is low.
  • the openflow controller of the switching unit (SDN) 214 performs setting so as to connect the input ports from all the applications to only the output port to the selected server.
  • FIG. 8 B is a view showing another connection state of the communication processing system 200 with respect to a permitted device according to this example embodiment.
  • FIG. 8 B shows a case in which applications to be used by a permitted device 824 are limited.
  • the application (b) is usable but the application (a) is not usable, and a server to which the device 824 can connect and transfer data is also selected.
  • the usable application and connectable server can independently be set, but the communication policies are combined if the application and server are related. For example, if the processing of an application is not confidential, transmission to a server having important data is limited.
  • the arrangement and operation of the management server 240 will be explained below with reference to FIGS. 9 A to 10 D .
  • FIG. 9 A is a block diagram showing the functional configuration of the management server 240 according to this example embodiment.
  • the management server 240 includes a communication controller 901 , a gateway processing table setter 902 , a gateway management database 903 , a gateway processing obtainer 904 , and a gateway status obtainer 905 .
  • the management server 240 also includes an operation unit 906 and a display 907 .
  • the communication controller 901 controls communication to the communication processing apparatus 210 .
  • the gateway processing table setter 902 sets, in the communication processing apparatus 210 , a gateway processing table corresponding to communication control of each gateway stored in the gateway management database 903 .
  • This gateway processing table is equivalent to the communication processing table 304 shown in FIG. 3 A .
  • the gateway management database 903 stores the gateway processing table of each gateway to be managed by the management server 240 , in association with the gateway ID.
  • the gateway management database 903 also stores processing information and status information transmitted from the communication processing apparatus 210 , in association with the gateway ID.
  • the gateway processing obtainer 904 obtains the log of the communication process from the communication processing apparatus 210 .
  • the gateway status obtainer 905 obtains the status of the communication processing apparatus 210 .
  • the gateway status obtainer 905 can also obtain the emergent notification of all server disconnection caused by the connection of an unpermitted device, which is transmitted from the communication processing apparatus 210 to the management server 240 . Note that this emergent notification of all server disconnection may also be an interrupt different from a normal status notification.
  • the user performs an operation of setting data to be stored in the gateway management database 903 so as to be set in the communication processing apparatus 210 , or a changing operation, deleting operation, and the like.
  • the user also sets a permitted device and permitted application while monitoring a menu displayed on the display 907 .
  • the display 907 displays data to be stored in the gateway management database 903 so as to be set in the communication processing apparatus 210 , displays already stored data, and displays the emergent notification of all server disconnection.
  • an operation PC may also replace the operation unit 906 and display 907 .
  • the management server 240 controls communication connection in the communication processing apparatus 210 as a gateway
  • the management server 240 includes a functional constituent unit equivalent to the communication processor 211 shown in FIG. 2 , and controls each of functional constituent units of the communication processing apparatus 210 , or the management server 240 may be included in the communication processing apparatus 210 .
  • FIG. 9 B is a view showing the arrangement of the gateway management database 903 according to this example embodiment. Note that the same reference numerals as in FIG. 3 B denote the same constituent elements in FIG. 9 B , and an explanation thereof will be omitted.
  • a gateway management table 910 stores the tables 341 to 344 shown in FIG. 3 B in association with the gateway IDs.
  • the tables 341 to 344 have been described above with reference to FIG. 3 B , so a repetitive explanation thereof will be omitted.
  • a gateway log table 920 stores a device connection log, application connection log, and server connection log in association with each gateway ID.
  • FIG. 10 A is a view showing the concept of a visualized management monitor according to this example embodiment.
  • the display 907 displays events having occurred in time series as abnormality display.
  • the display screen 1010 also displays the types of gateway management tables to be stored in the gateway management database 903 as setting menus. By selecting these setting menus, present setting information is linked and displayed. This setting information can be added, changed, and deleted by input instructions from the operation unit 906 .
  • FIGS. 10 B to 10 D are views showing display screen examples of a visualized monitor according to this example embodiment.
  • the application settings shown in FIGS. 10 B to 10 D are examples showing the way the visualized management monitor increases the speed and efficiency of processing. Therefore, it is obviously possible to increase the speed and efficiency of processing by other settings and changes, or monitoring and prevention.
  • FIG. 10 B is a view showing a display screen 1020 of various settings/check menus.
  • a display screen 1030 of a communication unpermitted application list shown in FIG. 10 C is displayed.
  • a popup window 1041 appears as indicated on a display screen 1040 shown in FIG. 10 D .
  • the user can permit specific communication by selecting specific communication 1042 as a permission target and selecting communication permission 1043 on the popup display 1041 shown in FIG. 10 D .
  • the connection between the device and server can variously be controlled in accordance with the status. This makes it possible to flexibly secure a safe connection from the device to the server (cloud).
  • connection of an application for controlling the device can variously be controlled in accordance with the status. Consequently, a safe connection can be secured from the device to the server (cloud) by more appropriate control.
  • GUI Graphic User Interface
  • a safe connection can be secured from the device to the cloud by controlling the device and network communication. Also, the presence/absence of a permitted device is determined by collation with the device permission list. Furthermore, the security of the device and network is improved by a fine communication filtering process performed by a network communication control process (terminal openflow) on the host side.
  • the present invention is applicable to a system including a plurality of devices or a single apparatus.
  • the present invention is also applicable even when an information processing program for implementing the functions of the example embodiments is supplied to the system or apparatus directly or from a remote site.
  • the present invention also incorporates the program installed in a computer to implement the functions of the present invention by the computer, a medium storing the program, and a WWW (World Wide Web) server that causes a user to download the program.
  • the present invention incorporates at least a non-transitory computer readable medium storing a program that causes a computer to execute processing steps included in the above-described example embodiments.
  • a communication processing apparatus comprising:
  • a first connection unit that connects devices
  • a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted
  • connection controller that controls said switching unit in accordance with a determination result from said determiner.
  • connection controller controls said switching unit to disconnect between said servers and all devices connected to said first connection unit, if said determiner determines that connection of the device is unpermitted.
  • connection controller controls said switching unit to restore connections of said servers and all devices connected to said first connection unit except the device, when said first connection unit disconnects the device whose connection is unpermitted.
  • connection controller controls said switching unit to limit connections of the device and said servers, even if said determiner determines that connection of the device is permitted.
  • the communication processing apparatus according to any one of supplementary notes 1 to 4, further comprising a provider that provides application processing for said devices connected to said first connection unit,
  • connection controller controls said switching unit to limit application processing to be provided for said devices.
  • connection controller controls said switching unit in accordance with setting by an external communication managing apparatus that manages communication
  • connection controller notifies said external communication managing apparatus of at least connection states of said devices and said servers.
  • connection controller emergently notifies said external communication managing apparatus of disconnection between all devices and said servers by said second connection unit.
  • a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • a program of controlling a communication processing apparatus that causes a computer to execute a method, comprising:
  • a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • a communication managing apparatus comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • connection controller that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection controller obtaining connection states by the connection controller based on the connection information
  • a program of controlling a communication managing apparatus that causes a computer to execute a method, comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection controller obtaining connection states by the connection controller based on the connection information
  • a communication processing system comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
  • a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information
  • connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
  • a communication processing method comprising:
  • connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers
  • a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • connection information determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information
  • a switching unit that switches connections of the device and the server between the first connector and the second connector
  • a determiner that determines whether connection of the device to the first connector is permitted
  • connection controller that controls the switching unit in accordance with a determination result from the determiner.
  • connection controller controls the switching unit to disconnect the server from all devices connected to the first connector.
  • connection controller controls the switching unit to restore connections of the server and all devices connected to the first connector except the device.
  • connection controller controls the switching unit to limit connection of the device and the server.
  • a communication processing apparatus according to any one of supplementary notes 1 to 4, further comprising a provider that provides application processing for the device connected to the first connector,
  • connection controller controls the switching unit to limit application processing to be provided for the device.
  • a communication processing apparatus according to any one of supplementary notes 1 to 5, wherein the switching unit is a software-controlled virtual network.
  • connection controller controls the switching unit in accordance with setting by an external communication managing apparatus that manages communication
  • connection controller notifies the external communication managing apparatus of at least a connection state of the device and the server.
  • connection controller emergently notifies the external communication managing apparatus of disconnection of all devices from the server by the second connector.
  • a communication processing apparatus control method comprising:
  • a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
  • a communication processing apparatus control program that causes a computer to execute a method, comprising:
  • a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
  • a communication managing apparatus comprising:
  • connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
  • connection controller that sets the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
  • an obtainer that obtains a connection state obtained by the connection controller based on the connection information
  • a communication managing apparatus control method comprising:
  • connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
  • connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
  • connection controller based on the connection information
  • a communication managing apparatus control program that causes a computer to execute a method, comprising:
  • connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
  • connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
  • connection controller based on the connection information
  • a communication processing system comprising:
  • connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
  • a switching unit that switches connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
  • a determiner that determines whether connection of the device to the first connector is permitted, in accordance with the connection information
  • connection controller that controls the switching unit based on the connection information, in accordance with a determination result from the determiner.
  • a communication processing method comprising:
  • connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
  • a switching unit to switch connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
  • connection information determining whether connection of the device to the first connector is permitted, in accordance with the connection information

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

This invention is directed to a communication processing apparatus that secures a safe connection from a non-IP-connection device to an IP-connection cloud (server). This communication processing apparatus includes a first connection unit that connects devices, a second connection unit that connects to servers, a switching unit that switches connections of the devices and the servers between the first connection unit and the second connection unit, a determiner that determines whether connection of a device to the first connection unit is permitted or unpermitted, and a connection controller that controls the switching unit in accordance with a determination result from the determiner.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of U.S. patent application Ser. No. 17/246,786 filed on May 3, 2021, which is a continuation of U.S. patent application Ser. No. 16/083,566, filed on Sep. 10, 2018, which issued as U.S. Pat. No. 11,032,109, which is a National Stage of International Application No. PCT/JP2017/005158, filed Feb. 13, 2017, claiming priority based on Japanese patent application No. 2016-060166, filed on Mar. 24, 2016, the disclosures of which are incorporated herein in their entirety by reference.
    • TECHNICAL FIELD
  • The present invention relates to a communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of the communication processing apparatus and communication managing apparatus.
    • BACKGROUND ART
  • In the above technical field, patent literature 1 describes a technique which disconnects an unpermitted device by collation with an apparatus permission whitelist or the like, when a host apparatus having a USB device connection port has received a connection request from a USB device of HID (Human Interface Device: a mouse, keyboard, or the like). Also, non-patent literature 1 describes a technique which implements communication optimization of an IP network connection (a connection using a network address) by flexible communication path control by using an OFC (OpenFlow Controller) and OFS (OpenFlow Switch) controlled by OpenFlow.
    • CITATION LIST Patent Literature
    • Patent literature 1: US Patent Application Publication No. 2014/0215637
    Non-Patent Literature
    • Non-patent literature 1: Y. Watanabe, et al, STCoS: Software-defined Traffic Control for Smartphones, IEEE, RTAS, 2014
    SUMMARY OF THE INVENTION Technical Problem
  • In the technique disclosed in patent literature 1, however, communication restriction is limited to a connection between a USB device and a host apparatus as a connection destination via a USB. Especially when the host apparatus is a network apparatus capable of connecting to an external network, there is no cooperation with network communication, so the security (safety) from a USB device to a cloud (server) for connecting to the external network is insufficient. Also, the technique disclosed in non-patent literature 1 is applicable to the region of security, but does not support security (safety) when there is a connection request from a device (Bluetooth®/a USB device) using a non-IP connection (a connection using a device ID or device address).
  • That is, security measures are provided between a USB device and a host apparatus as a connection destination connected via a USB, and between a network apparatus and a cloud (server) as a connection destination connected across a network, but there is no security measure from the USB device to the cloud (server). Therefore, if, for example, a device having a security (safety) problem is connected, there is nothing to do but disconnect the problematic device from the host apparatus of the network.
  • As described above, it has been impossible to secure a safe connection from a non-IP-connection device to an IP-connection cloud (server) by integrating the security (safety) of non-IP connection and the security (safety) of IP connection.
  • The present invention enables to provide a technique of solving the above-described problem.
    • Solution to Problem
  • One example aspect of the present invention provides a communication processing apparatus comprising:
  • a first connection unit that connects devices;
  • a second connection unit that connects to servers;
  • a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted; and
  • a connection controller that controls said switching unit in accordance with a determination result from said determiner.
  • Another example aspect of the present invention provides a method of controlling a communication processing apparatus, the method comprising:
  • causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • determining whether connection of a device to the first connection unit is permitted or unpermitted; and
  • controlling the switching unit in accordance with a determination result in the determining step.
  • Still other example aspect of the present invention provides a program of controlling a communication processing apparatus, that causes a computer to execute a method, comprising:
  • causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • determining whether connection of a device to the first connection unit is permitted or unpermitted; and
  • controlling the switching unit in accordance with a determination result in the determining step.
  • Still other example aspect of the present invention provides a communication managing apparatus comprising:
  • a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • a setter that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • an obtainer that obtains connection states by said connection controller based on the connection information; and
  • a presenter that presents the obtained connection states.
  • Still other example aspect of the present invention provides a method of controlling a communication managing apparatus, the method comprising:
  • causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • obtaining connection states by the connection controller based on the connection information; and
  • presenting the obtained connection states.
  • Still other example aspect of the present invention provides a program of controlling a communication managing apparatus, that causes a computer to execute a method, comprising:
  • causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • obtaining connection states by the connection controller based on the connection information; and
  • presenting the obtained connection states.
  • Still other example aspect of the present invention provides a communication processing system comprising:
  • a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information; and
  • a connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
  • Still other example aspect of the present invention provides a communication processing method comprising:
  • causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers;
  • causing a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information; and
  • controlling the switching unit based on the connection information, in accordance with a determination result in the determining step.
    • Advantageous Effects of Invention
  • According to the present invention, it is possible to secure a safe connection from a non-IP-connection device to an IP-connection cloud (server).
    • BRIEF DESCRIPTION OF DRAWINGS
  • FIG. 1 is a block diagram showing the arrangement of a communication processing apparatus according to the first example embodiment of the present invention;
  • FIG. 2 is a block diagram showing the configuration of a communication processing system including a communication processing apparatus according to the second example embodiment of the present invention;
  • FIG. 3A is a block diagram showing the functional configuration of a communication processor according to the second example embodiment of the present invention;
  • FIG. 3B is a view showing the arrangement of a communication processing table according to the second example embodiment of the present invention;
  • FIG. 4A is a block diagram showing the functional configuration of a device processing controller according to the second example embodiment of the present invention;
  • FIG. 4B is a view showing the arrangement of a device processing table according to the second example embodiment of the present invention;
  • FIG. 5A is a block diagram showing the functional configuration of a switching unit according to the second example embodiment of the present invention;
  • FIG. 5B is a view showing the arrangement of a connection table according to the second example embodiment of the present invention;
  • FIG. 6A is a flowchart showing the procedure of the communication processor according to the second example embodiment of the present invention;
  • FIG. 6B is a flowchart showing the procedure of a filtering process according to the second example embodiment of the present invention;
  • FIG. 7A is a view showing the connection state of the communication processing system with respect to an unpermitted device according to the second example embodiment of the present invention;
  • FIG. 7B is a view showing the connection state of the communication processing system upon resumption after disconnection according to the second example embodiment of the present invention;
  • FIG. 8A is a view showing the connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention;
  • FIG. 8B is a view showing another connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention;
  • FIG. 9A is a block diagram showing the functional configuration of a management server according to the second example embodiment of the present invention;
  • FIG. 9B is a view showing the arrangement of a gateway management database according to the second example embodiment of the present invention;
  • FIG. 10A is a view showing the concept of a visualized management monitor according to the second example embodiment of the present invention;
  • FIG. 10B is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention;
  • FIG. 10C is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention; and
  • FIG. 10D is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
    •  DESCRIPTION OF EXAMPLE EMBODIMENTS
  • Example embodiments of the present invention will now be described in detail with reference to the drawings. It should be noted that the relative arrangement of the components, the numerical expressions and numerical values set forth in these example embodiments do not limit the scope of the present invention unless it is specifically stated otherwise.
  • Note that a term “non-IP connection” used in this specification indicates a connection complying with a communication protocol such as a USB or Bluetooth® based on a device ID or device address, and a term “IP connection” indicates a connection complying with an Internet protocol based on a network address such as an Internet address.
    • First Example Embodiment
  • A communication processing apparatus 110 as the first example embodiment of the present invention will be explained below with reference to FIG. 1 . The communication processing apparatus 110 is an apparatus which connects a non-IP device to an IP system.
  • As shown in FIG. 1 , the communication processing apparatus 110 includes a first connection unit 111, a second connection unit 112, a switching unit 113, a determiner 114, and a connection controller 115. The first connection unit 111 connects a device 120. The second connection unit 112 connects to a server 130. The switching unit 113 switches the connections of the device 120 and server 130 between the first connection unit 111 and the second connection unit 112. The determiner 114 determines whether the connection of the device 120 to the first connection unit 111 is permitted. The connection controller 115 controls the switching unit 113 in accordance with the determination result from the determiner 114.
  • According to this example embodiment, a safe connection from a non-IP-connection device to an IP-connection cloud (server) can be secured by switching the connections from the device to the server in accordance with the determination result indicating whether the connection of the device is permitted.
    • Second Example Embodiment
  • Next, a communication processing apparatus according to the second example embodiment of the present invention will be explained. The communication processing apparatus according to this example embodiment controls a connection between a device and server as follows, when determining that the connection of the device is not permitted, or when determining that the connection of the device is permitted.
  • When determining that the connection of the device is not permitted, the communication processing apparatus disconnects all devices and servers connected to the apparatus. Also, even when determining that the connection of the device is permitted, the communication processing apparatus performs control so as to limit the connection between the device and server. For example, the communication processing apparatus performs control so as to limit application processing to be provided for the connected device.
  • These control operations are executed in accordance with the settings by an external communication managing apparatus which manages communication, and this external communication managing apparatus is notified of the connection state of a device and server. In particular, the external communication managing apparatus is emergently notified of the disconnection of all devices and servers when the connection of the device is found to be unpermitted.
  • <<Communication Processing System>>
  • FIG. 2 is a block diagram showing the configuration of a communication processing system 200 including a communication processing apparatus 210 according to this example embodiment. Note that in the following explanation, an example in which each communication processing apparatus 210 performs determination on a connected device and performs processing such as server disconnection based on settings from a management server 240 will be described. However, the management server 240 may also collectively manage a plurality of communication processing apparatuses 210, perform determination on a connected device, and perform processing such as server disconnection.
  • The communication processing system 200 includes the communication processing apparatus 210 such as a gateway, devices 220, servers 230 including a cloud, and the management server 240.
  • The communication processing apparatus 210 includes a communication processor 211 for controlling the communication processing apparatus 210, a device control processor 212, an application group 213 (to be abbreviated as an application hereinafter), a switching unit 214 using an SDN (Software-Defined Network), and a communicator 215 for connecting to the servers 230. The communication processor 211 processes the whole communication processing apparatus 210 in accordance with a setting instruction from the management server 240, and presents the processing state of the communication processing apparatus 210 to the management server 240. The device control processor 212 controls connections to the non-IP devices 220 by a USB (Universal Serial Bus), Bluetooth®, or the like. Then, the device control processor 212 determines whether the device is permitted or unpermitted, and disconnects the device if the device is unpermitted. After that, the device control processor 212 notifies the communication processor 211 that the unpermitted device is connected.
  • The application 213 is an application which obtains data from each of connected devices 220, and transmits data to the servers 230 across the network. The switching unit 214 includes an SDN formed by an openflow controller and openflow switch, and controls switching for determining the servers 230 to which data from a device processed by the application 213 is to be transferred. The communicator 215 transfers the data from the device to the servers 230 by Wi-Fi, Ethernet®, Cellular, or the like.
  • The devices 220 are devices such as sensors which perform non-IP connection to the device control processor 212 by a USB or Bluetooth®, and detects data to be collected by the servers 230.
  • The servers 230 collect the data detected by the devices 220 while maintaining the security (safety) via the communication processing apparatus 210, analyzes the collected data, and provides the service.
  • The management server 240 is a server for managing data transfer from the devices 220 to the servers 230 in the communication processing apparatus 210. The management server 240 has a visualized GUI 241. The user can visually observe, e.g., the states of the function of data transfer to the communication processing apparatus 210, the procedure when a device is unpermitted, and other settings such as data transfer conditions, or the result of data transfer in the communication processing apparatus 210, notification when a device is unpermitted, and other settings such as data transfer conditions. Accordingly, an administrator who manages data transfer from the devices 220 to the servers 230 can easily monitor the data transfer state and can change the settings by a simple operation by using the management server 240.
  • Note that details of determination performed on a connected device by the device control processor 212 are as follows. For example, when the device is a USB device and the OS of a host apparatus is “Linux”, USB device determination is performed by determining whether to permit connection, based on information notified to udev (user space device management) when the USB device is connected. If a USB device whose connection is unpermitted is connected, it is determined that the device is an unpermitted device. Permitted USB devices are registered in a permission rule (permission list) beforehand. On the other hand, when the host OS is Linux, Bluetooth® device determination is performed by periodically checking connections by “hcitool con”. If there is an unpermitted connection, it is determined that the device is an unpermitted device. Permitted Bluetooth® connections are registered in a permission whitelist (permission list) beforehand.
  • <<Communication Processing Apparatus>>
  • The arrangements and operations of constituent elements of the communication processing apparatus 210 of this example embodiment will be explained below with reference to FIGS. 3A to 6B.
  • (Communication Processor)
  • FIG. 3A is a block diagram showing the functional configuration of the communication processor 211 of the communication processing apparatus 210 according to this example embodiment.
  • The communication processor 211 includes a communication controller 301, a communication process information obtainer 302, a communication process information storing unit 303, and a communication processing table 304. The communication processor 211 further includes a switching information setter 305, a device control information setter 306, an unpermitted device connection receiver 307, and a server disconnection notifier 308.
  • The communication controller 301 controls communication between the management server 240 and the device control processor 212 and switching unit (SDN) 214 in the communication processing apparatus 210. Note that the communication controller 301 also controls communication with the application 213 and communicator 215 if necessary. The communication process information obtainer 302 obtains communication process information indicating a communication process in the communication processing apparatus 210 from the management server 240. The communication process information storing unit 303 stores the communication process information obtained by the communication process information obtainer 302 in the communication processing table 304. The communication processing table 304 stores the communication process information obtained from the management server 240, and constructs the communication process in the communication processing apparatus 210.
  • Of the communication process information stored in the communication processing table 304, the switching information setter 305 sets switching information in the openflow controller of the switching unit 214. Note that when the unpermitted device connection receiver 307 receives a notification of the connection of an unpermitted device from the device control processor 212, the switching information setter 305 sets connection information indicating unpermitted device connection, instead of normal switching information, in the openflow controller of the switching unit 214, thereby implementing the process of disconnecting the servers 230.
  • Of the communication process information stored in the communication processing table 304, the device control information setter 306 sets information such as determination of the connection of an unpermitted device, or the connection of a connected device to the application 213, in the device control processor 212. The unpermitted device connection receiver 307 receives the unpermitted device connection notification, which is determined by using the communication process information for determining the connection of an unpermitted device, from the device control processor 212. Upon receiving the notification of the connection of an unpermitted device, the server disconnection notifier 308 emergently notifies the management server 240 of complete disconnection to the servers 230, and requests the management server 240 to rapidly recover the communication processing apparatus 210 while ensuring the security (safety) even if it is partial.
  • FIG. 3B is a view showing the arrangement of the communication processing table 304 according to this example embodiment. The communication processing table 304 is a table holding data for controlling the processing of data transfer from a device to a server, in the communication processing apparatus 210.
  • The communication processing table 304 includes a device registration table 341, an application/server setting table 342, an application registration table 343, and a device connection control table 344. The device registration table 341 stores the interface type of a device and a registration ID as a registered device ID in association with each other, and is used to determine whether a connected device is registered. The application/server setting table 342 stores an application for performing a communication process on data from a registered device, a server as a transfer destination, and a port number for connecting to the server in association with each other, and is used to set data processing from a device and a transfer destination. The application registration table 343 stores an application name and an application ID in association with each other, and is used for data processing and a communication process in the communication processing apparatus 210. The device connection control table 344 defines connection control set from various management servers 240 in accordance with whether a connected device is an unpermitted device or permitted device. In this example embodiment, if an unpermitted device is connected, connection to the servers 230 except the management server 240 of the communication processing apparatus 210 is disconnected, and connections of other permitted devices to the servers 230 are also disconnected. On the other hand, when a permitted device is connected, various connection control operations set from the management server 240 are performed based on the types of device, application, server, and the like.
  • (Device Processing Controller)
  • FIG. 4A is a block diagram showing the functional configuration of the device control processor 212 of the communication processing apparatus 210 according to this example embodiment.
  • The device control processor 212 includes a permission/unpermission determiner 401, a device disconnector 402, an unpermission notifier 403, a device processing table 404, a connection application determiner 405, and a device-application connector 406.
  • The permission/unpermission determiner 401 determines whether a connected device is permitted/unpermitted, based on device registration information set in the device processing table 404. The device disconnector 402 disconnects the connected device if the permission/unpermission determiner 401 determines that the device is unpermitted. When the connected device is disconnected because the device is unpermitted, all connections to the server 230 are disconnected, so the unpermission notifier 403 notifies the management server 240 of this information via the communication processor 211.
  • The connection application determiner 405 determines the application 213 to which the connected devices 220 are connectable, based on information set in the device processing table 404 and indicating the relationship between the devices 220 and application 213. The device-application connector 406 connects the devices 220 to the application 213 which is found to be connectable by the connection application determiner 405. Note that an application to which the devices 220 are connectable is not limited to one, so it is possible to set a plurality of applications or all applications as connectable applications.
  • FIG. 4B is a view showing the arrangement of the device processing table 404 according to this example embodiment. The device processing table 404 is used by the device control processor 212 to manage determination of authorization/unpermission of a connected device, and manage connection to the application 213. Note that the same reference numerals as in FIG. 3B denote the same constituent elements in FIG. 4B, and a repetitive explanation thereof will be omitted.
  • The device processing table 404 has a device-application connection table 442. Note that the device-application connection table 442 is a part of the application/server setting table 342 shown in FIG. 3B, and stores the relation between a device and application.
  • (Switching Unit)
  • FIG. 5A is a block diagram showing the functional configuration of the switching unit 214 of the communication processing apparatus 210 according to this example embodiment.
  • In this example embodiment, the switching unit 214 is an openflow SDN (Software Defined Network), and includes an openflow controller 501 and an openflow switch 502. The openflow controller 501 has a connection table 511, and, in accordance with the connection table 511, generates a flow table to be set in each switch through which data passes. The openflow switch 502 controls the routing of a transmission source and transmission destination in accordance with the flow table set by the openflow controller 501. Note that in this example embodiment, communication disconnection to all servers caused by the connection of an unpermitted device is implemented by, e.g., processing which does not route transmission data from the application 213 to any port connecting to the communicator 215.
  • FIG. 5B is a view showing the arrangement of the connection table 511 according to this example embodiment. The connection table 511 is used by the openflow controller 501 to generate the flow table.
  • The connection table 511 includes an application-port connection table 542 and a port connection control table 544. The application-port connection table 542 is a part of the application/server setting table 342 shown in FIG. 3B, and stores the relation between an application and a port to the communicator 215. The port connection control table 544 further stores, in the device connection control table 344 shown in FIG. 3B, an input port from the application 213 and an output port to the communicator 215 for the openflow controller 501.
  • (Procedure of Communication Processor)
  • FIG. 6A is a flowchart showing the procedure of the communication processor 211 of the communication processing apparatus 210 according to this example embodiment. A CPU (Central Processing Unit) of the communication processing apparatus 210 executes this flowchart by using a memory, and implements the functional configuration of the communication processing apparatus 210. Note that the individual constituent elements of the communication processing apparatus 210 desirably have their own CPUs and implement the functions by communicating with each other. To avoid complication, however, the procedure will be explained by assuming that not the individual constituent elements but the communication processing apparatus 210 performs the procedure.
  • In step S601, the communication processing apparatus 210 monitors device connection by the device control processor 212. In step S603, the communication processing apparatus 210 receives a connection request from a USB device or Bluetooth® (BT in FIG. 6A) device. In step S605, the communication processing apparatus 210 collates the connected device with a permitted device list (corresponding to the device registration table 341) to determine whether the device is permitted or unpermitted. In step S607, the communication processing apparatus 210 determines whether the device is an unpermitted (unpermitted) device.
  • If the device is an unpermitted device, the process advances to step S609, and the communication processing apparatus 210 disconnects communication to all the servers 230 except determination communication to the management server 240, or disconnects communication by the application 213. In step S611, the communication processing apparatus 210 notifies the management server 240 of this abnormal state in which communication to all the servers 230 is disconnected. Note that the management server 240 may also monitor the state of the communication processing apparatus 210 at all times and receive information of the abnormal state. In step S613, the communication processing apparatus 210 disconnects the unpermitted device by the device control processor 212.
  • After that, the communication processing apparatus 210 determines that an obstacle such as an attack does not influence the communication processing system 200, because the unpermitted device is disconnected. In step S615, therefore, the communication processing apparatus 210 stops the strengthened communication filtering (disconnecting) process of disconnecting communication to all the servers 230. In this case, it is also possible to perform the application 213 which processes data of a permitted device, or a process of selectively enabling a connectable server 230. For example, it is possible by simple setting to implement a process of enabling activation of only the application 213 which performs highly confidential processing, or a process of delaying connection to a highly important server in accordance with the importance of data collected by the server.
  • On the other hand, if the connected device is a permitted device, the process advances to step S617, and the communication processing apparatus 210 performs a filtering process on network communication by a policy table specified for each permitted device. In step S619, the communication processing apparatus 210 notifies the management server 240 of an abnormal status if an unexpected access occurs. Note that the management server 240 may also monitor the state of the communication processing apparatus 210 at all times and receive information of the abnormal status in this processing as well.
  • FIG. 6B is a flowchart showing the procedure of the filtering process (step S617) according to this example embodiment. Note that FIG. 6B shows examples of two filtering processes (step S617), but it is also possible to use other combinations, other filtering processes, or a combination with another filtering process.
  • In step S621, the communication processing apparatus 210 refers to a communication policy setting table of permitted device (equivalent to the application/server setting table 342 shown in FIG. 3B). In step S623, the communication processing apparatus 210 limits servers accessible from, e.g., a specific USB/Bluetooth® device.
  • Also, in step S631, the communication processing apparatus 210 refers to a communication policy setting table of permitted devices and used communication applications (equivalent to the application/server setting table 342 shown in FIG. 3B). In step S623, the communication processing apparatus 210 limits communication by an application to be used by a specific USB/Bluetooth® device.
  • <<Connection State of Communication Processing System>>
  • Various connection states based on the communication policy of the communication processing apparatus 210 of this example embodiment will be explained below with reference to FIGS. 7A to 8B.
  • (Unpermitted Device)
  • FIG. 7A is a view showing the connection state of the communication processing system 200 with respect to an unpermitted device according to this example embodiment. FIG. 7A shows a connecting process when an unpermitted device 723 is connected.
  • When the device control processor 212 determines that the unpermitted device 723 is connected, communications to all the servers 230 except the management server 240 are disconnected in accordance with the communication policy of this example embodiment. In addition, the unpermitted device 723 is disconnected. Then, the connected management server 240 is emergently notified that communications to all the servers 230 are disconnected. This processing based on the communication policy of this example embodiment disconnects data transmissions from permitted devices 221 and 222 to the servers 230 as well, but can prevent damage from being inflicted on the servers 230 by an attack from the unpermitted device 723.
  • FIG. 7B is a view showing the connection state of the communication processing system 200 when the operation is resumed after disconnection according to this example embodiment. FIG. 7B shows a reconnecting process after the unpermitted device 723 is disconnected. Referring to FIG. 7B, the use of communication applications (a) and (z) having low confidentiality is limited.
  • The management server 240 determines that no obstacle is inflicted on it because the unpermitted device 723 is disconnected as shown in FIG. 7A, and rapidly restores data transmissions from the permitted devices 221 and 222 to the servers 230. However, the possibility that a problem arises if the communication application (a) or (z) having low confidentiality is used still remains. Therefore, the management server 240 performs setting so as to prevent the use of the lowly confidential communication applications (a) and (z) in accordance with the communication policy of this example embodiment.
  • Note that as described above, it is possible to limit the use of an application, and it is also possible to limit connection to the server 230 which is heavily damaged if an obstacle is inflicted on it.
  • (Permitted Device)
  • FIG. 8A is a view showing the connection state of the communication processing system 200 with respect to a permitted device according to this example embodiment. FIG. 8A shows a connection state when a connected device 823 is a permitted device.
  • When the device control processor 212 determines that the permitted device 823 is connected, all the applications 213 are usable, but a server to which the device 823 can connect and transmit data is selected, in accordance with the communication policy associated with the device 823. For example, the permitted device 823 is not connected to a server which does not require data of the device 823, and is not connected to a specific server if, for example, the data reliability of the permitted device 823 is low. In this case, the openflow controller of the switching unit (SDN) 214 performs setting so as to connect the input ports from all the applications to only the output port to the selected server.
  • FIG. 8B is a view showing another connection state of the communication processing system 200 with respect to a permitted device according to this example embodiment. FIG. 8B shows a case in which applications to be used by a permitted device 824 are limited.
  • According to the communication policy associated with the permitted device 824, the application (b) is usable but the application (a) is not usable, and a server to which the device 824 can connect and transfer data is also selected. In this case, the usable application and connectable server can independently be set, but the communication policies are combined if the application and server are related. For example, if the processing of an application is not confidential, transmission to a server having important data is limited.
  • Note that the communication policies shown in FIGS. 7A to 8B are merely portions of this example embodiment, and various policies and their combinations can be set.
  • <<Management Server>>
  • The arrangement and operation of the management server 240 will be explained below with reference to FIGS. 9A to 10D.
  • (Functional Configuration of Management Server)
  • FIG. 9A is a block diagram showing the functional configuration of the management server 240 according to this example embodiment.
  • The management server 240 includes a communication controller 901, a gateway processing table setter 902, a gateway management database 903, a gateway processing obtainer 904, and a gateway status obtainer 905. The management server 240 also includes an operation unit 906 and a display 907.
  • The communication controller 901 controls communication to the communication processing apparatus 210. When the management server 240 is connected to an operation PC and remotely operated, the communication controller 901 controls communication to this operation PC. The gateway processing table setter 902 sets, in the communication processing apparatus 210, a gateway processing table corresponding to communication control of each gateway stored in the gateway management database 903. This gateway processing table is equivalent to the communication processing table 304 shown in FIG. 3A. The gateway management database 903 stores the gateway processing table of each gateway to be managed by the management server 240, in association with the gateway ID. The gateway management database 903 also stores processing information and status information transmitted from the communication processing apparatus 210, in association with the gateway ID.
  • The gateway processing obtainer 904 obtains the log of the communication process from the communication processing apparatus 210. The gateway status obtainer 905 obtains the status of the communication processing apparatus 210. Note that the gateway status obtainer 905 can also obtain the emergent notification of all server disconnection caused by the connection of an unpermitted device, which is transmitted from the communication processing apparatus 210 to the management server 240. Note that this emergent notification of all server disconnection may also be an interrupt different from a normal status notification.
  • On the operation unit 906, the user performs an operation of setting data to be stored in the gateway management database 903 so as to be set in the communication processing apparatus 210, or a changing operation, deleting operation, and the like. On the operation unit 906, the user also sets a permitted device and permitted application while monitoring a menu displayed on the display 907. The display 907 displays data to be stored in the gateway management database 903 so as to be set in the communication processing apparatus 210, displays already stored data, and displays the emergent notification of all server disconnection. Note that an operation PC may also replace the operation unit 906 and display 907.
  • Note also that when the management server 240 controls communication connection in the communication processing apparatus 210 as a gateway, the management server 240 includes a functional constituent unit equivalent to the communication processor 211 shown in FIG. 2 , and controls each of functional constituent units of the communication processing apparatus 210, or the management server 240 may be included in the communication processing apparatus 210.
  • FIG. 9B is a view showing the arrangement of the gateway management database 903 according to this example embodiment. Note that the same reference numerals as in FIG. 3B denote the same constituent elements in FIG. 9B, and an explanation thereof will be omitted.
  • Referring to FIG. 9B, a gateway management table 910 stores the tables 341 to 344 shown in FIG. 3B in association with the gateway IDs. The tables 341 to 344 have been described above with reference to FIG. 3B, so a repetitive explanation thereof will be omitted. Also, a gateway log table 920 stores a device connection log, application connection log, and server connection log in association with each gateway ID.
  • <<Visualized Management Monitor>>
  • FIG. 10A is a view showing the concept of a visualized management monitor according to this example embodiment.
  • On a display screen 1010 shown in FIG. 10A, the display 907 displays events having occurred in time series as abnormality display. The display screen 1010 also displays the types of gateway management tables to be stored in the gateway management database 903 as setting menus. By selecting these setting menus, present setting information is linked and displayed. This setting information can be added, changed, and deleted by input instructions from the operation unit 906.
  • (Settings of Applications)
  • FIGS. 10B to 10D are views showing display screen examples of a visualized monitor according to this example embodiment. Note that the application settings shown in FIGS. 10B to 10D are examples showing the way the visualized management monitor increases the speed and efficiency of processing. Therefore, it is obviously possible to increase the speed and efficiency of processing by other settings and changes, or monitoring and prevention.
  • FIG. 10B is a view showing a display screen 1020 of various settings/check menus. When the user selects a communication unpermitted application list menu 1021 on the display screen 1020 shown in FIG. 10B, a display screen 1030 of a communication unpermitted application list shown in FIG. 10C is displayed.
  • When the user clicks a target row 1031 for permitting communication on the display screen 1030 of a communication unpermitted application list shown in FIG. 10C, a popup window 1041 appears as indicated on a display screen 1040 shown in FIG. 10D.
  • The user can permit specific communication by selecting specific communication 1042 as a permission target and selecting communication permission 1043 on the popup display 1041 shown in FIG. 10D.
  • In this example embodiment, when it is determined that device connection is not permitted, or when it is determined that device connection is permitted, the connection between the device and server can variously be controlled in accordance with the status. This makes it possible to flexibly secure a safe connection from the device to the server (cloud).
  • In addition, the connection of an application for controlling the device can variously be controlled in accordance with the status. Consequently, a safe connection can be secured from the device to the server (cloud) by more appropriate control.
  • Furthermore, a GUI (Graphical User Interface) of the management server visualizes communication from the device to the network. This makes it possible to deal with a network threat and increase the speed and efficiency of management. When disconnecting all network connections to the server, a delay of management can be prevented by performing emergent notification to the management server.
  • That is, even when a non-IP USB/Bluetooth® device is connected, a safe connection can be secured from the device to the cloud by controlling the device and network communication. Also, the presence/absence of a permitted device is determined by collation with the device permission list. Furthermore, the security of the device and network is improved by a fine communication filtering process performed by a network communication control process (terminal openflow) on the host side.
    • OTHER EXAMPLE EMBODIMENTS
  • While the invention has been particularly shown and described with reference to example embodiments thereof, the invention is not limited to these example embodiments. It will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the claims.
  • The present invention is applicable to a system including a plurality of devices or a single apparatus. The present invention is also applicable even when an information processing program for implementing the functions of the example embodiments is supplied to the system or apparatus directly or from a remote site. Hence, the present invention also incorporates the program installed in a computer to implement the functions of the present invention by the computer, a medium storing the program, and a WWW (World Wide Web) server that causes a user to download the program. Especially, the present invention incorporates at least a non-transitory computer readable medium storing a program that causes a computer to execute processing steps included in the above-described example embodiments.
    • OTHER EXPRESSIONS OF EXAMPLE EMBODIMENTS
  • Some or all of the above-described example embodiments can also be described as in the following supplementary notes but are not limited to the followings.
  • (Supplementary Note 1)
  • There is provided a communication processing apparatus comprising:
  • a first connection unit that connects devices;
  • a second connection unit that connects to servers;
  • a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted; and
  • a connection controller that controls said switching unit in accordance with a determination result from said determiner.
  • (Supplementary Note 2)
  • There is provided the communication processing apparatus according to supplementary note 1, wherein said connection controller controls said switching unit to disconnect between said servers and all devices connected to said first connection unit, if said determiner determines that connection of the device is unpermitted.
  • (Supplementary Note 3)
  • There is provided the communication processing apparatus according to supplementary note 1 or 2, wherein said connection controller controls said switching unit to restore connections of said servers and all devices connected to said first connection unit except the device, when said first connection unit disconnects the device whose connection is unpermitted.
  • (Supplementary Note 4)
  • There is provided the communication processing apparatus according to any one of supplementary notes 1 to 3, wherein said connection controller controls said switching unit to limit connections of the device and said servers, even if said determiner determines that connection of the device is permitted.
  • (Supplementary Note 5)
  • There is provided the communication processing apparatus according to any one of supplementary notes 1 to 4, further comprising a provider that provides application processing for said devices connected to said first connection unit,
  • wherein said connection controller controls said switching unit to limit application processing to be provided for said devices.
  • (Supplementary Note 6)
  • There is provided the communication processing apparatus according to any one of supplementary notes 1 to 5, wherein said switching unit is a software-controlled virtual network.
  • (Supplementary Note 7)
  • There is provided the communication processing apparatus according to any one of supplementary notes 1 to 6, wherein
  • said connection controller controls said switching unit in accordance with setting by an external communication managing apparatus that manages communication, and
  • said connection controller notifies said external communication managing apparatus of at least connection states of said devices and said servers.
  • (Supplementary Note 8)
  • There is provided the communication processing apparatus according to supplementary note 7, wherein said connection controller emergently notifies said external communication managing apparatus of disconnection between all devices and said servers by said second connection unit.
  • (Supplementary Note 9)
  • There is provided a method of controlling a communication processing apparatus, the method comprising:
  • causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • determining whether connection of a device to the first connection unit is permitted or unpermitted; and
  • controlling the switching unit in accordance with a determination result in the determining step.
  • (Supplementary Note 10)
  • There is provided a program of controlling a communication processing apparatus, that causes a computer to execute a method, comprising:
  • causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • determining whether connection of a device to the first connection unit is permitted or unpermitted; and
  • controlling the switching unit in accordance with a determination result in the determining step.
  • (Supplementary Note 11)
  • There is provided a communication managing apparatus comprising:
  • a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • a setter that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • an obtainer that obtains connection states by said connection controller based on the connection information; and
  • a presenter that presents the obtained connection states.
  • (Supplementary Note 12)
  • There is provided a method of controlling a communication managing apparatus, the method comprising:
  • causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • obtaining connection states by the connection controller based on the connection information; and
  • presenting the obtained connection states.
  • (Supplementary Note 13)
  • There is provided a program of controlling a communication managing apparatus, that causes a computer to execute a method, comprising:
  • causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • obtaining connection states by the connection controller based on the connection information; and
  • presenting the obtained connection states.
  • (Supplementary Note 14)
  • There is provided a communication processing system comprising:
  • a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
  • a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information; and
  • a connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
  • (Supplementary Note 15)
  • There is provided a communication processing method comprising:
  • causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers;
  • causing a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
  • determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information; and
  • controlling the switching unit based on the connection information, in accordance with a determination result in the determining step.
  • a first connector that connects a device;
  • a second connector that connects to a server;
  • a switching unit that switches connections of the device and the server between the first connector and the second connector;
  • a determiner that determines whether connection of the device to the first connector is permitted; and
  • a connection controller that controls the switching unit in accordance with a determination result from the determiner.
  • (Supplementary Note 2)
  • There is provided the communication processing apparatus according to supplementary note 1, wherein if the determiner determines that connection of the device is not permitted, the connection controller controls the switching unit to disconnect the server from all devices connected to the first connector.
  • (Supplementary Note 3)
  • There is provided the communication processing apparatus according to supplementary note 1 or 2, wherein when the first connector is disconnected from a device whose connection is found to be unpermitted, the connection controller controls the switching unit to restore connections of the server and all devices connected to the first connector except the device.
  • (Supplementary Note 4)
  • There is provided a communication processing apparatus according to any one of supplementary notes 1 to 3, wherein even if the determiner determines that connection of the device is permitted, the connection controller controls the switching unit to limit connection of the device and the server.
  • (Supplementary Note 5)
  • There is provided a communication processing apparatus according to any one of supplementary notes 1 to 4, further comprising a provider that provides application processing for the device connected to the first connector,
  • wherein the connection controller controls the switching unit to limit application processing to be provided for the device.
  • (Supplementary Note 6)
  • There is provided a communication processing apparatus according to any one of supplementary notes 1 to 5, wherein the switching unit is a software-controlled virtual network.
  • (Supplementary Note 7)
  • There is provided a communication processing apparatus according to any one of supplementary notes 1 to 6, wherein
  • the connection controller controls the switching unit in accordance with setting by an external communication managing apparatus that manages communication, and
  • the connection controller notifies the external communication managing apparatus of at least a connection state of the device and the server.
  • (Supplementary Note 8)
  • There is provided the communication processing apparatus according to supplementary note 7, wherein the connection controller emergently notifies the external communication managing apparatus of disconnection of all devices from the server by the second connector.
  • (Supplementary Note 9)
  • There is provided a communication processing apparatus control method comprising:
  • causing a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
  • determining whether connection of the device to the first connector is permitted; and
  • controlling the switching unit in accordance with a determination result in the determining.
  • (Supplementary Note 10)
  • There is provided a communication processing apparatus control program that causes a computer to execute a method, comprising:
  • causing a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
  • determining whether connection of the device to the first connector is permitted; and
  • controlling the switching unit in accordance with a determination result in the determining.
  • (Supplementary Note 11)
  • There is provided a communication managing apparatus comprising:
  • a holder that holds connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
  • a setter that sets the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
  • an obtainer that obtains a connection state obtained by the connection controller based on the connection information; and
  • a presenter that presents the obtained connection state.
  • (Supplementary Note 12)
  • There is provided a communication managing apparatus control method comprising:
  • causing a holder to hold connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
  • setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
  • obtaining a connection state obtained by the connection controller based on the connection information; and
  • presenting the obtained connection state.
  • (Supplementary Note 13)
  • There is provided a communication managing apparatus control program that causes a computer to execute a method, comprising:
  • causing a holder to hold connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
  • setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
  • obtaining a connection state obtained by the connection controller based on the connection information; and
  • presenting the obtained connection state.
  • (Supplementary Note 14)
  • There is provided a communication processing system comprising:
  • a holder that holds connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
  • a switching unit that switches connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
  • a determiner that determines whether connection of the device to the first connector is permitted, in accordance with the connection information; and
  • a connection controller that controls the switching unit based on the connection information, in accordance with a determination result from the determiner.
  • (Supplementary Note 15)
  • There is provided a communication processing method comprising:
  • causing a holder to hold connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
  • causing a switching unit to switch connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
  • determining whether connection of the device to the first connector is permitted, in accordance with the connection information; and
  • controlling the switching unit based on the connection information, in accordance with a determination result in the determining.

Claims (17)

What is claimed is:
1-15. (canceled)
16. A communication apparatus comprising:
a processor; and
a memory,
wherein the processor is connected to a non-IP device by a non-IP connection and to a server by an IP connection;
the processor executes an application to connect the non-IP device to the server;
the memory stores an association among the non-IP device, the application and the server; and
the processor controls the application to connect the non-IP device to the server based on the stored association.
17. The communication apparatus according to claim 1, wherein the memory stores connection availability information indicating whether or not the non-IP device is permitted to connect to the processor, and an association between the application and the server to which the application connects.
18. The communication apparatus according to claim 1, wherein the processor sets or selects the non-IP device in the memory based on an input of an operator.
19. The communication apparatus according to claim 1, wherein the processor sets or selects the application in the memory based on an input of an operator.
20. The communication apparatus according to claim 1, wherein the processor sets or selects the server in the memory based on an input of an operator.
21. The communication apparatus according to claim 1, wherein the Memory further stores a port number to be connected to the server, and
the processor sets or selects the port number in the memory based on an input of an operator.
22. The communication apparatus according to claim 1, wherein the application includes a protocol of the IP connection, and
the processor sets or selects the protocol in the memory based on an input of an operator.
23. A method of controlling a communication apparatus comprising:
connecting to a non-IP device by a non-IP connection, and a server by an IP connection; and
executing an application for connecting the non-IP device to the server using an association among the non-IP device, the application and the server stored in a memory to connect the non-IP device to the server.
24. The method according to claim 23, wherein the memory stores connection availability information indicating whether or not the non-IP device is permitted to connect to the processor, and an association between the application and the server to which the application connects.
25. The method according to claim 23, further comprising setting or selecting the non-IP device in the memory based on an input of an operator.
26. The method according to claim 23, further comprising setting or selecting the application in the memory based on an input of an operator.
27. The method according to claim 23, further comprising setting or selecting the server in the memory based on an input of an operator.
28. The method according to claim 23, wherein the memory further stores a port number to be connected to the server, and
further comprising setting or selecting the port number in the memory based on an input of an operator.
29. The communication apparatus according to claim 1, wherein the application includes a protocol of the IP connection, and
further comprising setting or selecting the protocol in the memory based on an input of an operator.
30. A non-transitory computer-readable storage medium storing a program causing a processor to execute a method of controlling a communication apparatus, the method comprising:
connecting to a non-IP device by a non-IP connection, and a server by an IP connection; and
executing an application for connecting the non-IP device to the server using an association among the non-IP device, the application and the server stored in a memory to connect the non-IP device to the server.
31. The non-transitory computer-readable storage medium according to claim 30, wherein the memory stores connection availability information indicating whether or not the non-IP device is permitted to connect to the processor, and an association between the application and the server to which the application connects.
US18/086,127 2016-03-24 2022-12-21 Securing a connection from a device to a server Pending US20230208682A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US18/086,127 US20230208682A1 (en) 2016-03-24 2022-12-21 Securing a connection from a device to a server

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
JP2016060166A JP6693210B2 (en) 2016-03-24 2016-03-24 Communication processing system, communication processing method, communication processing device, communication management device, and their control method and control program
JP2016-060166 2016-03-24
PCT/JP2017/005158 WO2017163665A1 (en) 2016-03-24 2017-02-13 Communication processing system, communication processing method, communication processing device, communication management device, and control methods and control programs therefor
US201816083566A 2018-09-10 2018-09-10
US17/246,786 US11563604B2 (en) 2016-03-24 2021-05-03 Securing a connection from a device to a server
US18/086,127 US20230208682A1 (en) 2016-03-24 2022-12-21 Securing a connection from a device to a server

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US17/246,786 Continuation US11563604B2 (en) 2016-03-24 2021-05-03 Securing a connection from a device to a server

Publications (1)

Publication Number Publication Date
US20230208682A1 true US20230208682A1 (en) 2023-06-29

Family

ID=59901054

Family Applications (3)

Application Number Title Priority Date Filing Date
US16/083,566 Active 2038-01-14 US11032109B2 (en) 2016-03-24 2017-02-13 Communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of communication processing apparatus and communication managing apparatus
US17/246,786 Active 2037-05-05 US11563604B2 (en) 2016-03-24 2021-05-03 Securing a connection from a device to a server
US18/086,127 Pending US20230208682A1 (en) 2016-03-24 2022-12-21 Securing a connection from a device to a server

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US16/083,566 Active 2038-01-14 US11032109B2 (en) 2016-03-24 2017-02-13 Communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of communication processing apparatus and communication managing apparatus
US17/246,786 Active 2037-05-05 US11563604B2 (en) 2016-03-24 2021-05-03 Securing a connection from a device to a server

Country Status (3)

Country Link
US (3) US11032109B2 (en)
JP (1) JP6693210B2 (en)
WO (1) WO2017163665A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7262964B2 (en) * 2018-10-12 2023-04-24 株式会社東芝 Information processing device and information processing system
JP2023061309A (en) * 2021-10-19 2023-05-01 コニカミノルタ株式会社 Image processing device

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7111079B2 (en) * 2000-02-23 2006-09-19 Koninklijke Philips Electronics, N.V. Architecture of a bridge between a non-IP network and the web
US7320071B1 (en) * 2001-05-22 2008-01-15 National Semiconductor Corporation Secure universal serial bus
JP2003030138A (en) 2001-07-11 2003-01-31 Mitsubishi Electric Corp Internet connection system, managing sever device, internet connecting method, and program making computer implement the method
US20080117918A1 (en) 2004-10-22 2008-05-22 Satoshi Kobayashi Relaying Apparatus and Network System
US7912987B2 (en) * 2005-01-14 2011-03-22 Microsoft Corporation USB devices in application server environments
US20080005426A1 (en) * 2006-05-31 2008-01-03 Bacastow Steven V Apparatus and method for securing portable USB storage devices
US9367484B2 (en) * 2007-06-01 2016-06-14 Linda R. Stilwell System and apparatus for controlling use of mass storage devices
US7783794B2 (en) * 2007-11-27 2010-08-24 Aten International Co., Ltd. Remote USB access method
JP4482044B2 (en) * 2008-03-18 2010-06-16 株式会社東芝 Information processing apparatus and device controller drive control method
CN102104555B (en) * 2009-12-22 2012-12-12 华为终端有限公司 Method for accessing USB equipment of home gateway, home gateway and terminal
JP2014509421A (en) 2011-02-01 2014-04-17 エムシーシーアイ コーポレイション Security measures for extended USB protocol stack of USB host system
US9081911B2 (en) * 2011-05-31 2015-07-14 Architecture Technology Corporation Mediating communication of a universal serial bus device
US8555409B2 (en) 2011-11-02 2013-10-08 Wyse Technolgoy Inc. System and method for providing private session-based access to a redirected USB device or local device
EP2813945A1 (en) 2013-06-14 2014-12-17 Tocario GmbH Method and system for enabling access of a client device to a remote desktop
JP6193147B2 (en) 2014-02-17 2017-09-06 Kddi株式会社 Firewall device control device and program
JP2016034116A (en) 2014-07-31 2016-03-10 Kddi株式会社 Path setting device, path setting method, path setting program, and communication system
CN104168203A (en) * 2014-09-03 2014-11-26 上海斐讯数据通信技术有限公司 Processing method and system based on flow table
KR102441737B1 (en) * 2014-10-15 2022-09-13 삼성전자 주식회사 Method for authentication and electronic device supporting the same
US10331599B2 (en) * 2016-03-11 2019-06-25 Dell Products L.P. Employing session level restrictions to limit access to a redirected interface of a composite device
US10182126B2 (en) * 2016-05-02 2019-01-15 Dell Products L.P. Multilevel redirection in a virtual desktop infrastructure environment

Also Published As

Publication number Publication date
US20200304341A1 (en) 2020-09-24
JP6693210B2 (en) 2020-05-13
JP2017175421A (en) 2017-09-28
US20210359880A1 (en) 2021-11-18
US11563604B2 (en) 2023-01-24
WO2017163665A1 (en) 2017-09-28
US11032109B2 (en) 2021-06-08

Similar Documents

Publication Publication Date Title
US20230208682A1 (en) Securing a connection from a device to a server
US10659345B2 (en) Service path protection method, controller, device and system
CN108965123B (en) Link switching method and network communication system
RU2562760C2 (en) Control system of communication route, and route control method
CN104243205A (en) Message processing method and device used during virtual switch fault
CN103975331A (en) Data center infrastructure management system incorporating security for managed infrastructure devices
US20140010233A1 (en) Communication device, method for controlling the communication device, and communication system
CN104301449A (en) Method and device for modifying IP address
US20080285469A1 (en) Computer replacing redundant communication routes, and programs and method for the same
US7895300B1 (en) Systems and methods for testing device ports in a storage area network
US8971176B2 (en) Fibre channel over Ethernet switch implicit logout
US20180183709A1 (en) Communication node, communication system, communication method, and program
US10587677B2 (en) Control apparatus, computer readable medium, and equipment control system
US9819691B2 (en) Network monitoring system and method
JP7491348B2 (en) COMMUNICATION PROCESSING METHOD, COMMUNICATION PROCESSING DEVICE, AND COMMUNICATION PROCESSING PROGRAM
US10491544B2 (en) Consistency control of a logical path passing through a relay device
EP4123976A1 (en) Logical network constructing system, gateway apparatus, controller, and logical network constructing method
JP2014026353A (en) Server management system, load distribution device, and server management method
JP6601198B2 (en) Relay device, setting method, setting program, and information processing system
KR101628089B1 (en) Network apparatus and method for ensuring failover thereof
KR20120107564A (en) Apparatus for sending sms when ups fails
WO2014203363A1 (en) Network device and method for controlling same
JP2015035678A (en) Network system, monitoring method for route, and relay device
JP5629911B2 (en) Radio base station monitoring control system and radio base station monitoring control method
WO2018034233A1 (en) Contact center system, contact center control method, contact center management apparatus, contact center management method, and contact center management program

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED