US20230208682A1 - Securing a connection from a device to a server - Google Patents
Securing a connection from a device to a server Download PDFInfo
- Publication number
- US20230208682A1 US20230208682A1 US18/086,127 US202218086127A US2023208682A1 US 20230208682 A1 US20230208682 A1 US 20230208682A1 US 202218086127 A US202218086127 A US 202218086127A US 2023208682 A1 US2023208682 A1 US 2023208682A1
- Authority
- US
- United States
- Prior art keywords
- connection
- server
- communication
- application
- communication processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000006854 communication Effects 0.000 claims abstract description 250
- 238000004891 communication Methods 0.000 claims abstract description 234
- 238000000034 method Methods 0.000 claims description 57
- 238000012545 processing Methods 0.000 abstract description 168
- 238000012546 transfer Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 11
- 238000001914 filtration Methods 0.000 description 8
- 239000000470 constituent Substances 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 230000002159 abnormal effect Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000003672 processing method Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 2
- 230000003252 repetitive effect Effects 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/64—Routing or path finding of packets in data switching networks using an overlay routing layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Definitions
- the present invention relates to a communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of the communication processing apparatus and communication managing apparatus.
- patent literature 1 describes a technique which disconnects an unpermitted device by collation with an apparatus permission whitelist or the like, when a host apparatus having a USB device connection port has received a connection request from a USB device of HID (Human Interface Device: a mouse, keyboard, or the like). Also, non-patent literature 1 describes a technique which implements communication optimization of an IP network connection (a connection using a network address) by flexible communication path control by using an OFC (OpenFlow Controller) and OFS (OpenFlow Switch) controlled by OpenFlow.
- OFC OpenFlow Controller
- OFS OpenFlow Switch
- security measures are provided between a USB device and a host apparatus as a connection destination connected via a USB, and between a network apparatus and a cloud (server) as a connection destination connected across a network, but there is no security measure from the USB device to the cloud (server). Therefore, if, for example, a device having a security (safety) problem is connected, there is nothing to do but disconnect the problematic device from the host apparatus of the network.
- the present invention enables to provide a technique of solving the above-described problem.
- One example aspect of the present invention provides a communication processing apparatus comprising:
- a first connection unit that connects devices
- a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted
- connection controller that controls said switching unit in accordance with a determination result from said determiner.
- Another example aspect of the present invention provides a method of controlling a communication processing apparatus, the method comprising:
- a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- Still other example aspect of the present invention provides a program of controlling a communication processing apparatus, that causes a computer to execute a method, comprising:
- a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- Still other example aspect of the present invention provides a communication managing apparatus comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- connection controller that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- Still other example aspect of the present invention provides a method of controlling a communication managing apparatus, the method comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection controller obtaining connection states by the connection controller based on the connection information
- Still other example aspect of the present invention provides a program of controlling a communication managing apparatus, that causes a computer to execute a method, comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection controller obtaining connection states by the connection controller based on the connection information
- Still other example aspect of the present invention provides a communication processing system comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information
- connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
- Still other example aspect of the present invention provides a communication processing method comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers
- a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection information determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information
- FIG. 1 is a block diagram showing the arrangement of a communication processing apparatus according to the first example embodiment of the present invention
- FIG. 2 is a block diagram showing the configuration of a communication processing system including a communication processing apparatus according to the second example embodiment of the present invention
- FIG. 3 A is a block diagram showing the functional configuration of a communication processor according to the second example embodiment of the present invention.
- FIG. 3 B is a view showing the arrangement of a communication processing table according to the second example embodiment of the present invention.
- FIG. 4 A is a block diagram showing the functional configuration of a device processing controller according to the second example embodiment of the present invention.
- FIG. 4 B is a view showing the arrangement of a device processing table according to the second example embodiment of the present invention.
- FIG. 5 A is a block diagram showing the functional configuration of a switching unit according to the second example embodiment of the present invention.
- FIG. 5 B is a view showing the arrangement of a connection table according to the second example embodiment of the present invention.
- FIG. 6 A is a flowchart showing the procedure of the communication processor according to the second example embodiment of the present invention.
- FIG. 6 B is a flowchart showing the procedure of a filtering process according to the second example embodiment of the present invention.
- FIG. 7 A is a view showing the connection state of the communication processing system with respect to an unpermitted device according to the second example embodiment of the present invention.
- FIG. 7 B is a view showing the connection state of the communication processing system upon resumption after disconnection according to the second example embodiment of the present invention.
- FIG. 8 A is a view showing the connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention.
- FIG. 8 B is a view showing another connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention.
- FIG. 9 A is a block diagram showing the functional configuration of a management server according to the second example embodiment of the present invention.
- FIG. 9 B is a view showing the arrangement of a gateway management database according to the second example embodiment of the present invention.
- FIG. 10 A is a view showing the concept of a visualized management monitor according to the second example embodiment of the present invention.
- FIG. 10 B is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
- FIG. 10 C is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
- FIG. 10 D is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention.
- non-IP connection indicates a connection complying with a communication protocol such as a USB or Bluetooth® based on a device ID or device address
- IP connection indicates a connection complying with an Internet protocol based on a network address such as an Internet address
- the communication processing apparatus 110 is an apparatus which connects a non-IP device to an IP system.
- the communication processing apparatus 110 includes a first connection unit 111 , a second connection unit 112 , a switching unit 113 , a determiner 114 , and a connection controller 115 .
- the first connection unit 111 connects a device 120 .
- the second connection unit 112 connects to a server 130 .
- the switching unit 113 switches the connections of the device 120 and server 130 between the first connection unit 111 and the second connection unit 112 .
- the determiner 114 determines whether the connection of the device 120 to the first connection unit 111 is permitted.
- the connection controller 115 controls the switching unit 113 in accordance with the determination result from the determiner 114 .
- a safe connection from a non-IP-connection device to an IP-connection cloud can be secured by switching the connections from the device to the server in accordance with the determination result indicating whether the connection of the device is permitted.
- the communication processing apparatus controls a connection between a device and server as follows, when determining that the connection of the device is not permitted, or when determining that the connection of the device is permitted.
- the communication processing apparatus When determining that the connection of the device is not permitted, the communication processing apparatus disconnects all devices and servers connected to the apparatus. Also, even when determining that the connection of the device is permitted, the communication processing apparatus performs control so as to limit the connection between the device and server. For example, the communication processing apparatus performs control so as to limit application processing to be provided for the connected device.
- control operations are executed in accordance with the settings by an external communication managing apparatus which manages communication, and this external communication managing apparatus is notified of the connection state of a device and server.
- the external communication managing apparatus is emergently notified of the disconnection of all devices and servers when the connection of the device is found to be unpermitted.
- FIG. 2 is a block diagram showing the configuration of a communication processing system 200 including a communication processing apparatus 210 according to this example embodiment.
- each communication processing apparatus 210 performs determination on a connected device and performs processing such as server disconnection based on settings from a management server 240
- the management server 240 may also collectively manage a plurality of communication processing apparatuses 210 , perform determination on a connected device, and perform processing such as server disconnection.
- the communication processing system 200 includes the communication processing apparatus 210 such as a gateway, devices 220 , servers 230 including a cloud, and the management server 240 .
- the communication processing apparatus 210 includes a communication processor 211 for controlling the communication processing apparatus 210 , a device control processor 212 , an application group 213 (to be abbreviated as an application hereinafter), a switching unit 214 using an SDN (Software-Defined Network), and a communicator 215 for connecting to the servers 230 .
- the communication processor 211 processes the whole communication processing apparatus 210 in accordance with a setting instruction from the management server 240 , and presents the processing state of the communication processing apparatus 210 to the management server 240 .
- the device control processor 212 controls connections to the non-IP devices 220 by a USB (Universal Serial Bus), Bluetooth®, or the like. Then, the device control processor 212 determines whether the device is permitted or unpermitted, and disconnects the device if the device is unpermitted. After that, the device control processor 212 notifies the communication processor 211 that the unpermitted device is connected.
- USB Universal Serial Bus
- the application 213 is an application which obtains data from each of connected devices 220 , and transmits data to the servers 230 across the network.
- the switching unit 214 includes an SDN formed by an openflow controller and openflow switch, and controls switching for determining the servers 230 to which data from a device processed by the application 213 is to be transferred.
- the communicator 215 transfers the data from the device to the servers 230 by Wi-Fi, Ethernet®, Cellular, or the like.
- the devices 220 are devices such as sensors which perform non-IP connection to the device control processor 212 by a USB or Bluetooth®, and detects data to be collected by the servers 230 .
- the servers 230 collect the data detected by the devices 220 while maintaining the security (safety) via the communication processing apparatus 210 , analyzes the collected data, and provides the service.
- the management server 240 is a server for managing data transfer from the devices 220 to the servers 230 in the communication processing apparatus 210 .
- the management server 240 has a visualized GUI 241 .
- the user can visually observe, e.g., the states of the function of data transfer to the communication processing apparatus 210 , the procedure when a device is unpermitted, and other settings such as data transfer conditions, or the result of data transfer in the communication processing apparatus 210 , notification when a device is unpermitted, and other settings such as data transfer conditions. Accordingly, an administrator who manages data transfer from the devices 220 to the servers 230 can easily monitor the data transfer state and can change the settings by a simple operation by using the management server 240 .
- USB device determination is performed by determining whether to permit connection, based on information notified to udev (user space device management) when the USB device is connected. If a USB device whose connection is unpermitted is connected, it is determined that the device is an unpermitted device. Permitted USB devices are registered in a permission rule (permission list) beforehand.
- the host OS is Linux
- Bluetooth® device determination is performed by periodically checking connections by “hcitool con”. If there is an unpermitted connection, it is determined that the device is an unpermitted device. Permitted Bluetooth® connections are registered in a permission whitelist (permission list) beforehand.
- FIG. 3 A is a block diagram showing the functional configuration of the communication processor 211 of the communication processing apparatus 210 according to this example embodiment.
- the communication processor 211 includes a communication controller 301 , a communication process information obtainer 302 , a communication process information storing unit 303 , and a communication processing table 304 .
- the communication processor 211 further includes a switching information setter 305 , a device control information setter 306 , an unpermitted device connection receiver 307 , and a server disconnection notifier 308 .
- the communication controller 301 controls communication between the management server 240 and the device control processor 212 and switching unit (SDN) 214 in the communication processing apparatus 210 . Note that the communication controller 301 also controls communication with the application 213 and communicator 215 if necessary.
- the communication process information obtainer 302 obtains communication process information indicating a communication process in the communication processing apparatus 210 from the management server 240 .
- the communication process information storing unit 303 stores the communication process information obtained by the communication process information obtainer 302 in the communication processing table 304 .
- the communication processing table 304 stores the communication process information obtained from the management server 240 , and constructs the communication process in the communication processing apparatus 210 .
- the switching information setter 305 sets switching information in the openflow controller of the switching unit 214 . Note that when the unpermitted device connection receiver 307 receives a notification of the connection of an unpermitted device from the device control processor 212 , the switching information setter 305 sets connection information indicating unpermitted device connection, instead of normal switching information, in the openflow controller of the switching unit 214 , thereby implementing the process of disconnecting the servers 230 .
- the device control information setter 306 sets information such as determination of the connection of an unpermitted device, or the connection of a connected device to the application 213 , in the device control processor 212 .
- the unpermitted device connection receiver 307 receives the unpermitted device connection notification, which is determined by using the communication process information for determining the connection of an unpermitted device, from the device control processor 212 .
- the server disconnection notifier 308 Upon receiving the notification of the connection of an unpermitted device, the server disconnection notifier 308 emergently notifies the management server 240 of complete disconnection to the servers 230 , and requests the management server 240 to rapidly recover the communication processing apparatus 210 while ensuring the security (safety) even if it is partial.
- FIG. 3 B is a view showing the arrangement of the communication processing table 304 according to this example embodiment.
- the communication processing table 304 is a table holding data for controlling the processing of data transfer from a device to a server, in the communication processing apparatus 210 .
- the communication processing table 304 includes a device registration table 341 , an application/server setting table 342 , an application registration table 343 , and a device connection control table 344 .
- the device registration table 341 stores the interface type of a device and a registration ID as a registered device ID in association with each other, and is used to determine whether a connected device is registered.
- the application/server setting table 342 stores an application for performing a communication process on data from a registered device, a server as a transfer destination, and a port number for connecting to the server in association with each other, and is used to set data processing from a device and a transfer destination.
- the application registration table 343 stores an application name and an application ID in association with each other, and is used for data processing and a communication process in the communication processing apparatus 210 .
- the device connection control table 344 defines connection control set from various management servers 240 in accordance with whether a connected device is an unpermitted device or permitted device. In this example embodiment, if an unpermitted device is connected, connection to the servers 230 except the management server 240 of the communication processing apparatus 210 is disconnected, and connections of other permitted devices to the servers 230 are also disconnected. On the other hand, when a permitted device is connected, various connection control operations set from the management server 240 are performed based on the types of device, application, server, and the like.
- FIG. 4 A is a block diagram showing the functional configuration of the device control processor 212 of the communication processing apparatus 210 according to this example embodiment.
- the device control processor 212 includes a permission/unpermission determiner 401 , a device disconnector 402 , an unpermission notifier 403 , a device processing table 404 , a connection application determiner 405 , and a device-application connector 406 .
- the permission/unpermission determiner 401 determines whether a connected device is permitted/unpermitted, based on device registration information set in the device processing table 404 .
- the device disconnector 402 disconnects the connected device if the permission/unpermission determiner 401 determines that the device is unpermitted.
- the unpermission notifier 403 notifies the management server 240 of this information via the communication processor 211 .
- the connection application determiner 405 determines the application 213 to which the connected devices 220 are connectable, based on information set in the device processing table 404 and indicating the relationship between the devices 220 and application 213 .
- the device-application connector 406 connects the devices 220 to the application 213 which is found to be connectable by the connection application determiner 405 .
- an application to which the devices 220 are connectable is not limited to one, so it is possible to set a plurality of applications or all applications as connectable applications.
- FIG. 4 B is a view showing the arrangement of the device processing table 404 according to this example embodiment.
- the device processing table 404 is used by the device control processor 212 to manage determination of authorization/unpermission of a connected device, and manage connection to the application 213 .
- the same reference numerals as in FIG. 3 B denote the same constituent elements in FIG. 4 B , and a repetitive explanation thereof will be omitted.
- the device processing table 404 has a device-application connection table 442 .
- the device-application connection table 442 is a part of the application/server setting table 342 shown in FIG. 3 B , and stores the relation between a device and application.
- FIG. 5 A is a block diagram showing the functional configuration of the switching unit 214 of the communication processing apparatus 210 according to this example embodiment.
- the switching unit 214 is an openflow SDN (Software Defined Network), and includes an openflow controller 501 and an openflow switch 502 .
- the openflow controller 501 has a connection table 511 , and, in accordance with the connection table 511 , generates a flow table to be set in each switch through which data passes.
- the openflow switch 502 controls the routing of a transmission source and transmission destination in accordance with the flow table set by the openflow controller 501 .
- communication disconnection to all servers caused by the connection of an unpermitted device is implemented by, e.g., processing which does not route transmission data from the application 213 to any port connecting to the communicator 215 .
- FIG. 5 B is a view showing the arrangement of the connection table 511 according to this example embodiment.
- the connection table 511 is used by the openflow controller 501 to generate the flow table.
- the connection table 511 includes an application-port connection table 542 and a port connection control table 544 .
- the application-port connection table 542 is a part of the application/server setting table 342 shown in FIG. 3 B , and stores the relation between an application and a port to the communicator 215 .
- the port connection control table 544 further stores, in the device connection control table 344 shown in FIG. 3 B , an input port from the application 213 and an output port to the communicator 215 for the openflow controller 501 .
- FIG. 6 A is a flowchart showing the procedure of the communication processor 211 of the communication processing apparatus 210 according to this example embodiment.
- a CPU Central Processing Unit
- a CPU Central Processing Unit
- the individual constituent elements of the communication processing apparatus 210 desirably have their own CPUs and implement the functions by communicating with each other. To avoid complication, however, the procedure will be explained by assuming that not the individual constituent elements but the communication processing apparatus 210 performs the procedure.
- step S 601 the communication processing apparatus 210 monitors device connection by the device control processor 212 .
- step S 603 the communication processing apparatus 210 receives a connection request from a USB device or Bluetooth® (BT in FIG. 6 A ) device.
- step S 605 the communication processing apparatus 210 collates the connected device with a permitted device list (corresponding to the device registration table 341 ) to determine whether the device is permitted or unpermitted.
- step S 607 the communication processing apparatus 210 determines whether the device is an unpermitted (unpermitted) device.
- step S 609 the process advances to step S 609 , and the communication processing apparatus 210 disconnects communication to all the servers 230 except determination communication to the management server 240 , or disconnects communication by the application 213 .
- step S 611 the communication processing apparatus 210 notifies the management server 240 of this abnormal state in which communication to all the servers 230 is disconnected. Note that the management server 240 may also monitor the state of the communication processing apparatus 210 at all times and receive information of the abnormal state.
- step S 613 the communication processing apparatus 210 disconnects the unpermitted device by the device control processor 212 .
- the communication processing apparatus 210 determines that an obstacle such as an attack does not influence the communication processing system 200 , because the unpermitted device is disconnected. In step S 615 , therefore, the communication processing apparatus 210 stops the strengthened communication filtering (disconnecting) process of disconnecting communication to all the servers 230 .
- the application 213 which processes data of a permitted device, or a process of selectively enabling a connectable server 230 .
- step S 617 the process advances to step S 617 , and the communication processing apparatus 210 performs a filtering process on network communication by a policy table specified for each permitted device.
- step S 619 the communication processing apparatus 210 notifies the management server 240 of an abnormal status if an unexpected access occurs. Note that the management server 240 may also monitor the state of the communication processing apparatus 210 at all times and receive information of the abnormal status in this processing as well.
- FIG. 6 B is a flowchart showing the procedure of the filtering process (step S 617 ) according to this example embodiment. Note that FIG. 6 B shows examples of two filtering processes (step S 617 ), but it is also possible to use other combinations, other filtering processes, or a combination with another filtering process.
- step S 621 the communication processing apparatus 210 refers to a communication policy setting table of permitted device (equivalent to the application/server setting table 342 shown in FIG. 3 B ).
- step S 623 the communication processing apparatus 210 limits servers accessible from, e.g., a specific USB/Bluetooth® device.
- the communication processing apparatus 210 refers to a communication policy setting table of permitted devices and used communication applications (equivalent to the application/server setting table 342 shown in FIG. 3 B ).
- the communication processing apparatus 210 limits communication by an application to be used by a specific USB/Bluetooth® device.
- connection states based on the communication policy of the communication processing apparatus 210 of this example embodiment will be explained below with reference to FIGS. 7 A to 8 B .
- FIG. 7 A is a view showing the connection state of the communication processing system 200 with respect to an unpermitted device according to this example embodiment.
- FIG. 7 A shows a connecting process when an unpermitted device 723 is connected.
- the device control processor 212 determines that the unpermitted device 723 is connected, communications to all the servers 230 except the management server 240 are disconnected in accordance with the communication policy of this example embodiment. In addition, the unpermitted device 723 is disconnected. Then, the connected management server 240 is emergently notified that communications to all the servers 230 are disconnected. This processing based on the communication policy of this example embodiment disconnects data transmissions from permitted devices 221 and 222 to the servers 230 as well, but can prevent damage from being inflicted on the servers 230 by an attack from the unpermitted device 723 .
- FIG. 7 B is a view showing the connection state of the communication processing system 200 when the operation is resumed after disconnection according to this example embodiment.
- FIG. 7 B shows a reconnecting process after the unpermitted device 723 is disconnected.
- the use of communication applications (a) and (z) having low confidentiality is limited.
- the management server 240 determines that no obstacle is inflicted on it because the unpermitted device 723 is disconnected as shown in FIG. 7 A , and rapidly restores data transmissions from the permitted devices 221 and 222 to the servers 230 .
- the management server 240 performs setting so as to prevent the use of the lowly confidential communication applications (a) and (z) in accordance with the communication policy of this example embodiment.
- FIG. 8 A is a view showing the connection state of the communication processing system 200 with respect to a permitted device according to this example embodiment.
- FIG. 8 A shows a connection state when a connected device 823 is a permitted device.
- the device control processor 212 determines that the permitted device 823 is connected, all the applications 213 are usable, but a server to which the device 823 can connect and transmit data is selected, in accordance with the communication policy associated with the device 823 .
- the permitted device 823 is not connected to a server which does not require data of the device 823 , and is not connected to a specific server if, for example, the data reliability of the permitted device 823 is low.
- the openflow controller of the switching unit (SDN) 214 performs setting so as to connect the input ports from all the applications to only the output port to the selected server.
- FIG. 8 B is a view showing another connection state of the communication processing system 200 with respect to a permitted device according to this example embodiment.
- FIG. 8 B shows a case in which applications to be used by a permitted device 824 are limited.
- the application (b) is usable but the application (a) is not usable, and a server to which the device 824 can connect and transfer data is also selected.
- the usable application and connectable server can independently be set, but the communication policies are combined if the application and server are related. For example, if the processing of an application is not confidential, transmission to a server having important data is limited.
- the arrangement and operation of the management server 240 will be explained below with reference to FIGS. 9 A to 10 D .
- FIG. 9 A is a block diagram showing the functional configuration of the management server 240 according to this example embodiment.
- the management server 240 includes a communication controller 901 , a gateway processing table setter 902 , a gateway management database 903 , a gateway processing obtainer 904 , and a gateway status obtainer 905 .
- the management server 240 also includes an operation unit 906 and a display 907 .
- the communication controller 901 controls communication to the communication processing apparatus 210 .
- the gateway processing table setter 902 sets, in the communication processing apparatus 210 , a gateway processing table corresponding to communication control of each gateway stored in the gateway management database 903 .
- This gateway processing table is equivalent to the communication processing table 304 shown in FIG. 3 A .
- the gateway management database 903 stores the gateway processing table of each gateway to be managed by the management server 240 , in association with the gateway ID.
- the gateway management database 903 also stores processing information and status information transmitted from the communication processing apparatus 210 , in association with the gateway ID.
- the gateway processing obtainer 904 obtains the log of the communication process from the communication processing apparatus 210 .
- the gateway status obtainer 905 obtains the status of the communication processing apparatus 210 .
- the gateway status obtainer 905 can also obtain the emergent notification of all server disconnection caused by the connection of an unpermitted device, which is transmitted from the communication processing apparatus 210 to the management server 240 . Note that this emergent notification of all server disconnection may also be an interrupt different from a normal status notification.
- the user performs an operation of setting data to be stored in the gateway management database 903 so as to be set in the communication processing apparatus 210 , or a changing operation, deleting operation, and the like.
- the user also sets a permitted device and permitted application while monitoring a menu displayed on the display 907 .
- the display 907 displays data to be stored in the gateway management database 903 so as to be set in the communication processing apparatus 210 , displays already stored data, and displays the emergent notification of all server disconnection.
- an operation PC may also replace the operation unit 906 and display 907 .
- the management server 240 controls communication connection in the communication processing apparatus 210 as a gateway
- the management server 240 includes a functional constituent unit equivalent to the communication processor 211 shown in FIG. 2 , and controls each of functional constituent units of the communication processing apparatus 210 , or the management server 240 may be included in the communication processing apparatus 210 .
- FIG. 9 B is a view showing the arrangement of the gateway management database 903 according to this example embodiment. Note that the same reference numerals as in FIG. 3 B denote the same constituent elements in FIG. 9 B , and an explanation thereof will be omitted.
- a gateway management table 910 stores the tables 341 to 344 shown in FIG. 3 B in association with the gateway IDs.
- the tables 341 to 344 have been described above with reference to FIG. 3 B , so a repetitive explanation thereof will be omitted.
- a gateway log table 920 stores a device connection log, application connection log, and server connection log in association with each gateway ID.
- FIG. 10 A is a view showing the concept of a visualized management monitor according to this example embodiment.
- the display 907 displays events having occurred in time series as abnormality display.
- the display screen 1010 also displays the types of gateway management tables to be stored in the gateway management database 903 as setting menus. By selecting these setting menus, present setting information is linked and displayed. This setting information can be added, changed, and deleted by input instructions from the operation unit 906 .
- FIGS. 10 B to 10 D are views showing display screen examples of a visualized monitor according to this example embodiment.
- the application settings shown in FIGS. 10 B to 10 D are examples showing the way the visualized management monitor increases the speed and efficiency of processing. Therefore, it is obviously possible to increase the speed and efficiency of processing by other settings and changes, or monitoring and prevention.
- FIG. 10 B is a view showing a display screen 1020 of various settings/check menus.
- a display screen 1030 of a communication unpermitted application list shown in FIG. 10 C is displayed.
- a popup window 1041 appears as indicated on a display screen 1040 shown in FIG. 10 D .
- the user can permit specific communication by selecting specific communication 1042 as a permission target and selecting communication permission 1043 on the popup display 1041 shown in FIG. 10 D .
- the connection between the device and server can variously be controlled in accordance with the status. This makes it possible to flexibly secure a safe connection from the device to the server (cloud).
- connection of an application for controlling the device can variously be controlled in accordance with the status. Consequently, a safe connection can be secured from the device to the server (cloud) by more appropriate control.
- GUI Graphic User Interface
- a safe connection can be secured from the device to the cloud by controlling the device and network communication. Also, the presence/absence of a permitted device is determined by collation with the device permission list. Furthermore, the security of the device and network is improved by a fine communication filtering process performed by a network communication control process (terminal openflow) on the host side.
- the present invention is applicable to a system including a plurality of devices or a single apparatus.
- the present invention is also applicable even when an information processing program for implementing the functions of the example embodiments is supplied to the system or apparatus directly or from a remote site.
- the present invention also incorporates the program installed in a computer to implement the functions of the present invention by the computer, a medium storing the program, and a WWW (World Wide Web) server that causes a user to download the program.
- the present invention incorporates at least a non-transitory computer readable medium storing a program that causes a computer to execute processing steps included in the above-described example embodiments.
- a communication processing apparatus comprising:
- a first connection unit that connects devices
- a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted
- connection controller that controls said switching unit in accordance with a determination result from said determiner.
- connection controller controls said switching unit to disconnect between said servers and all devices connected to said first connection unit, if said determiner determines that connection of the device is unpermitted.
- connection controller controls said switching unit to restore connections of said servers and all devices connected to said first connection unit except the device, when said first connection unit disconnects the device whose connection is unpermitted.
- connection controller controls said switching unit to limit connections of the device and said servers, even if said determiner determines that connection of the device is permitted.
- the communication processing apparatus according to any one of supplementary notes 1 to 4, further comprising a provider that provides application processing for said devices connected to said first connection unit,
- connection controller controls said switching unit to limit application processing to be provided for said devices.
- connection controller controls said switching unit in accordance with setting by an external communication managing apparatus that manages communication
- connection controller notifies said external communication managing apparatus of at least connection states of said devices and said servers.
- connection controller emergently notifies said external communication managing apparatus of disconnection between all devices and said servers by said second connection unit.
- a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- a program of controlling a communication processing apparatus that causes a computer to execute a method, comprising:
- a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- a communication managing apparatus comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- connection controller that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection controller obtaining connection states by the connection controller based on the connection information
- a program of controlling a communication managing apparatus that causes a computer to execute a method, comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection controller obtaining connection states by the connection controller based on the connection information
- a communication processing system comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers
- a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information
- connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
- a communication processing method comprising:
- connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers
- a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- connection information determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information
- a switching unit that switches connections of the device and the server between the first connector and the second connector
- a determiner that determines whether connection of the device to the first connector is permitted
- connection controller that controls the switching unit in accordance with a determination result from the determiner.
- connection controller controls the switching unit to disconnect the server from all devices connected to the first connector.
- connection controller controls the switching unit to restore connections of the server and all devices connected to the first connector except the device.
- connection controller controls the switching unit to limit connection of the device and the server.
- a communication processing apparatus according to any one of supplementary notes 1 to 4, further comprising a provider that provides application processing for the device connected to the first connector,
- connection controller controls the switching unit to limit application processing to be provided for the device.
- a communication processing apparatus according to any one of supplementary notes 1 to 5, wherein the switching unit is a software-controlled virtual network.
- connection controller controls the switching unit in accordance with setting by an external communication managing apparatus that manages communication
- connection controller notifies the external communication managing apparatus of at least a connection state of the device and the server.
- connection controller emergently notifies the external communication managing apparatus of disconnection of all devices from the server by the second connector.
- a communication processing apparatus control method comprising:
- a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
- a communication processing apparatus control program that causes a computer to execute a method, comprising:
- a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
- a communication managing apparatus comprising:
- connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
- connection controller that sets the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
- an obtainer that obtains a connection state obtained by the connection controller based on the connection information
- a communication managing apparatus control method comprising:
- connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
- connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
- connection controller based on the connection information
- a communication managing apparatus control program that causes a computer to execute a method, comprising:
- connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
- connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
- connection controller based on the connection information
- a communication processing system comprising:
- connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
- a switching unit that switches connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
- a determiner that determines whether connection of the device to the first connector is permitted, in accordance with the connection information
- connection controller that controls the switching unit based on the connection information, in accordance with a determination result from the determiner.
- a communication processing method comprising:
- connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server
- a switching unit to switch connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
- connection information determining whether connection of the device to the first connector is permitted, in accordance with the connection information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
This invention is directed to a communication processing apparatus that secures a safe connection from a non-IP-connection device to an IP-connection cloud (server). This communication processing apparatus includes a first connection unit that connects devices, a second connection unit that connects to servers, a switching unit that switches connections of the devices and the servers between the first connection unit and the second connection unit, a determiner that determines whether connection of a device to the first connection unit is permitted or unpermitted, and a connection controller that controls the switching unit in accordance with a determination result from the determiner.
Description
- This application is a continuation of U.S. patent application Ser. No. 17/246,786 filed on May 3, 2021, which is a continuation of U.S. patent application Ser. No. 16/083,566, filed on Sep. 10, 2018, which issued as U.S. Pat. No. 11,032,109, which is a National Stage of International Application No. PCT/JP2017/005158, filed Feb. 13, 2017, claiming priority based on Japanese patent application No. 2016-060166, filed on Mar. 24, 2016, the disclosures of which are incorporated herein in their entirety by reference.
- The present invention relates to a communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of the communication processing apparatus and communication managing apparatus.
- In the above technical field,
patent literature 1 describes a technique which disconnects an unpermitted device by collation with an apparatus permission whitelist or the like, when a host apparatus having a USB device connection port has received a connection request from a USB device of HID (Human Interface Device: a mouse, keyboard, or the like). Also,non-patent literature 1 describes a technique which implements communication optimization of an IP network connection (a connection using a network address) by flexible communication path control by using an OFC (OpenFlow Controller) and OFS (OpenFlow Switch) controlled by OpenFlow. -
- Patent literature 1: US Patent Application Publication No. 2014/0215637
-
- Non-patent literature 1: Y. Watanabe, et al, STCoS: Software-defined Traffic Control for Smartphones, IEEE, RTAS, 2014
- In the technique disclosed in
patent literature 1, however, communication restriction is limited to a connection between a USB device and a host apparatus as a connection destination via a USB. Especially when the host apparatus is a network apparatus capable of connecting to an external network, there is no cooperation with network communication, so the security (safety) from a USB device to a cloud (server) for connecting to the external network is insufficient. Also, the technique disclosed innon-patent literature 1 is applicable to the region of security, but does not support security (safety) when there is a connection request from a device (Bluetooth®/a USB device) using a non-IP connection (a connection using a device ID or device address). - That is, security measures are provided between a USB device and a host apparatus as a connection destination connected via a USB, and between a network apparatus and a cloud (server) as a connection destination connected across a network, but there is no security measure from the USB device to the cloud (server). Therefore, if, for example, a device having a security (safety) problem is connected, there is nothing to do but disconnect the problematic device from the host apparatus of the network.
- As described above, it has been impossible to secure a safe connection from a non-IP-connection device to an IP-connection cloud (server) by integrating the security (safety) of non-IP connection and the security (safety) of IP connection.
- The present invention enables to provide a technique of solving the above-described problem.
- One example aspect of the present invention provides a communication processing apparatus comprising:
- a first connection unit that connects devices;
- a second connection unit that connects to servers;
- a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted; and
- a connection controller that controls said switching unit in accordance with a determination result from said determiner.
- Another example aspect of the present invention provides a method of controlling a communication processing apparatus, the method comprising:
- causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- determining whether connection of a device to the first connection unit is permitted or unpermitted; and
- controlling the switching unit in accordance with a determination result in the determining step.
- Still other example aspect of the present invention provides a program of controlling a communication processing apparatus, that causes a computer to execute a method, comprising:
- causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- determining whether connection of a device to the first connection unit is permitted or unpermitted; and
- controlling the switching unit in accordance with a determination result in the determining step.
- Still other example aspect of the present invention provides a communication managing apparatus comprising:
- a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- a setter that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- an obtainer that obtains connection states by said connection controller based on the connection information; and
- a presenter that presents the obtained connection states.
- Still other example aspect of the present invention provides a method of controlling a communication managing apparatus, the method comprising:
- causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- obtaining connection states by the connection controller based on the connection information; and
- presenting the obtained connection states.
- Still other example aspect of the present invention provides a program of controlling a communication managing apparatus, that causes a computer to execute a method, comprising:
- causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- obtaining connection states by the connection controller based on the connection information; and
- presenting the obtained connection states.
- Still other example aspect of the present invention provides a communication processing system comprising:
- a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information; and
- a connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
- Still other example aspect of the present invention provides a communication processing method comprising:
- causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers;
- causing a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information; and
- controlling the switching unit based on the connection information, in accordance with a determination result in the determining step.
- According to the present invention, it is possible to secure a safe connection from a non-IP-connection device to an IP-connection cloud (server).
-
FIG. 1 is a block diagram showing the arrangement of a communication processing apparatus according to the first example embodiment of the present invention; -
FIG. 2 is a block diagram showing the configuration of a communication processing system including a communication processing apparatus according to the second example embodiment of the present invention; -
FIG. 3A is a block diagram showing the functional configuration of a communication processor according to the second example embodiment of the present invention; -
FIG. 3B is a view showing the arrangement of a communication processing table according to the second example embodiment of the present invention; -
FIG. 4A is a block diagram showing the functional configuration of a device processing controller according to the second example embodiment of the present invention; -
FIG. 4B is a view showing the arrangement of a device processing table according to the second example embodiment of the present invention; -
FIG. 5A is a block diagram showing the functional configuration of a switching unit according to the second example embodiment of the present invention; -
FIG. 5B is a view showing the arrangement of a connection table according to the second example embodiment of the present invention; -
FIG. 6A is a flowchart showing the procedure of the communication processor according to the second example embodiment of the present invention; -
FIG. 6B is a flowchart showing the procedure of a filtering process according to the second example embodiment of the present invention; -
FIG. 7A is a view showing the connection state of the communication processing system with respect to an unpermitted device according to the second example embodiment of the present invention; -
FIG. 7B is a view showing the connection state of the communication processing system upon resumption after disconnection according to the second example embodiment of the present invention; -
FIG. 8A is a view showing the connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention; -
FIG. 8B is a view showing another connection state of the communication processing system with respect to a permitted device according to the second example embodiment of the present invention; -
FIG. 9A is a block diagram showing the functional configuration of a management server according to the second example embodiment of the present invention; -
FIG. 9B is a view showing the arrangement of a gateway management database according to the second example embodiment of the present invention; -
FIG. 10A is a view showing the concept of a visualized management monitor according to the second example embodiment of the present invention; -
FIG. 10B is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention; -
FIG. 10C is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention; and -
FIG. 10D is a view showing a display screen example of the visualized management monitor according to the second example embodiment of the present invention. - Example embodiments of the present invention will now be described in detail with reference to the drawings. It should be noted that the relative arrangement of the components, the numerical expressions and numerical values set forth in these example embodiments do not limit the scope of the present invention unless it is specifically stated otherwise.
- Note that a term “non-IP connection” used in this specification indicates a connection complying with a communication protocol such as a USB or Bluetooth® based on a device ID or device address, and a term “IP connection” indicates a connection complying with an Internet protocol based on a network address such as an Internet address.
- A
communication processing apparatus 110 as the first example embodiment of the present invention will be explained below with reference toFIG. 1 . Thecommunication processing apparatus 110 is an apparatus which connects a non-IP device to an IP system. - As shown in
FIG. 1 , thecommunication processing apparatus 110 includes afirst connection unit 111, asecond connection unit 112, aswitching unit 113, adeterminer 114, and aconnection controller 115. Thefirst connection unit 111 connects adevice 120. Thesecond connection unit 112 connects to aserver 130. Theswitching unit 113 switches the connections of thedevice 120 andserver 130 between thefirst connection unit 111 and thesecond connection unit 112. Thedeterminer 114 determines whether the connection of thedevice 120 to thefirst connection unit 111 is permitted. Theconnection controller 115 controls theswitching unit 113 in accordance with the determination result from thedeterminer 114. - According to this example embodiment, a safe connection from a non-IP-connection device to an IP-connection cloud (server) can be secured by switching the connections from the device to the server in accordance with the determination result indicating whether the connection of the device is permitted.
- Next, a communication processing apparatus according to the second example embodiment of the present invention will be explained. The communication processing apparatus according to this example embodiment controls a connection between a device and server as follows, when determining that the connection of the device is not permitted, or when determining that the connection of the device is permitted.
- When determining that the connection of the device is not permitted, the communication processing apparatus disconnects all devices and servers connected to the apparatus. Also, even when determining that the connection of the device is permitted, the communication processing apparatus performs control so as to limit the connection between the device and server. For example, the communication processing apparatus performs control so as to limit application processing to be provided for the connected device.
- These control operations are executed in accordance with the settings by an external communication managing apparatus which manages communication, and this external communication managing apparatus is notified of the connection state of a device and server. In particular, the external communication managing apparatus is emergently notified of the disconnection of all devices and servers when the connection of the device is found to be unpermitted.
- <<Communication Processing System>>
-
FIG. 2 is a block diagram showing the configuration of acommunication processing system 200 including acommunication processing apparatus 210 according to this example embodiment. Note that in the following explanation, an example in which eachcommunication processing apparatus 210 performs determination on a connected device and performs processing such as server disconnection based on settings from amanagement server 240 will be described. However, themanagement server 240 may also collectively manage a plurality ofcommunication processing apparatuses 210, perform determination on a connected device, and perform processing such as server disconnection. - The
communication processing system 200 includes thecommunication processing apparatus 210 such as a gateway,devices 220,servers 230 including a cloud, and themanagement server 240. - The
communication processing apparatus 210 includes acommunication processor 211 for controlling thecommunication processing apparatus 210, adevice control processor 212, an application group 213 (to be abbreviated as an application hereinafter), aswitching unit 214 using an SDN (Software-Defined Network), and acommunicator 215 for connecting to theservers 230. Thecommunication processor 211 processes the wholecommunication processing apparatus 210 in accordance with a setting instruction from themanagement server 240, and presents the processing state of thecommunication processing apparatus 210 to themanagement server 240. Thedevice control processor 212 controls connections to thenon-IP devices 220 by a USB (Universal Serial Bus), Bluetooth®, or the like. Then, thedevice control processor 212 determines whether the device is permitted or unpermitted, and disconnects the device if the device is unpermitted. After that, thedevice control processor 212 notifies thecommunication processor 211 that the unpermitted device is connected. - The
application 213 is an application which obtains data from each ofconnected devices 220, and transmits data to theservers 230 across the network. Theswitching unit 214 includes an SDN formed by an openflow controller and openflow switch, and controls switching for determining theservers 230 to which data from a device processed by theapplication 213 is to be transferred. Thecommunicator 215 transfers the data from the device to theservers 230 by Wi-Fi, Ethernet®, Cellular, or the like. - The
devices 220 are devices such as sensors which perform non-IP connection to thedevice control processor 212 by a USB or Bluetooth®, and detects data to be collected by theservers 230. - The
servers 230 collect the data detected by thedevices 220 while maintaining the security (safety) via thecommunication processing apparatus 210, analyzes the collected data, and provides the service. - The
management server 240 is a server for managing data transfer from thedevices 220 to theservers 230 in thecommunication processing apparatus 210. Themanagement server 240 has a visualizedGUI 241. The user can visually observe, e.g., the states of the function of data transfer to thecommunication processing apparatus 210, the procedure when a device is unpermitted, and other settings such as data transfer conditions, or the result of data transfer in thecommunication processing apparatus 210, notification when a device is unpermitted, and other settings such as data transfer conditions. Accordingly, an administrator who manages data transfer from thedevices 220 to theservers 230 can easily monitor the data transfer state and can change the settings by a simple operation by using themanagement server 240. - Note that details of determination performed on a connected device by the
device control processor 212 are as follows. For example, when the device is a USB device and the OS of a host apparatus is “Linux”, USB device determination is performed by determining whether to permit connection, based on information notified to udev (user space device management) when the USB device is connected. If a USB device whose connection is unpermitted is connected, it is determined that the device is an unpermitted device. Permitted USB devices are registered in a permission rule (permission list) beforehand. On the other hand, when the host OS is Linux, Bluetooth® device determination is performed by periodically checking connections by “hcitool con”. If there is an unpermitted connection, it is determined that the device is an unpermitted device. Permitted Bluetooth® connections are registered in a permission whitelist (permission list) beforehand. - <<Communication Processing Apparatus>>
- The arrangements and operations of constituent elements of the
communication processing apparatus 210 of this example embodiment will be explained below with reference toFIGS. 3A to 6B . - (Communication Processor)
-
FIG. 3A is a block diagram showing the functional configuration of thecommunication processor 211 of thecommunication processing apparatus 210 according to this example embodiment. - The
communication processor 211 includes acommunication controller 301, a communicationprocess information obtainer 302, a communication processinformation storing unit 303, and a communication processing table 304. Thecommunication processor 211 further includes a switchinginformation setter 305, a devicecontrol information setter 306, an unpermitteddevice connection receiver 307, and aserver disconnection notifier 308. - The
communication controller 301 controls communication between themanagement server 240 and thedevice control processor 212 and switching unit (SDN) 214 in thecommunication processing apparatus 210. Note that thecommunication controller 301 also controls communication with theapplication 213 andcommunicator 215 if necessary. The communicationprocess information obtainer 302 obtains communication process information indicating a communication process in thecommunication processing apparatus 210 from themanagement server 240. The communication processinformation storing unit 303 stores the communication process information obtained by the communicationprocess information obtainer 302 in the communication processing table 304. The communication processing table 304 stores the communication process information obtained from themanagement server 240, and constructs the communication process in thecommunication processing apparatus 210. - Of the communication process information stored in the communication processing table 304, the switching
information setter 305 sets switching information in the openflow controller of theswitching unit 214. Note that when the unpermitteddevice connection receiver 307 receives a notification of the connection of an unpermitted device from thedevice control processor 212, the switchinginformation setter 305 sets connection information indicating unpermitted device connection, instead of normal switching information, in the openflow controller of theswitching unit 214, thereby implementing the process of disconnecting theservers 230. - Of the communication process information stored in the communication processing table 304, the device
control information setter 306 sets information such as determination of the connection of an unpermitted device, or the connection of a connected device to theapplication 213, in thedevice control processor 212. The unpermitteddevice connection receiver 307 receives the unpermitted device connection notification, which is determined by using the communication process information for determining the connection of an unpermitted device, from thedevice control processor 212. Upon receiving the notification of the connection of an unpermitted device, theserver disconnection notifier 308 emergently notifies themanagement server 240 of complete disconnection to theservers 230, and requests themanagement server 240 to rapidly recover thecommunication processing apparatus 210 while ensuring the security (safety) even if it is partial. -
FIG. 3B is a view showing the arrangement of the communication processing table 304 according to this example embodiment. The communication processing table 304 is a table holding data for controlling the processing of data transfer from a device to a server, in thecommunication processing apparatus 210. - The communication processing table 304 includes a device registration table 341, an application/server setting table 342, an application registration table 343, and a device connection control table 344. The device registration table 341 stores the interface type of a device and a registration ID as a registered device ID in association with each other, and is used to determine whether a connected device is registered. The application/server setting table 342 stores an application for performing a communication process on data from a registered device, a server as a transfer destination, and a port number for connecting to the server in association with each other, and is used to set data processing from a device and a transfer destination. The application registration table 343 stores an application name and an application ID in association with each other, and is used for data processing and a communication process in the
communication processing apparatus 210. The device connection control table 344 defines connection control set fromvarious management servers 240 in accordance with whether a connected device is an unpermitted device or permitted device. In this example embodiment, if an unpermitted device is connected, connection to theservers 230 except themanagement server 240 of thecommunication processing apparatus 210 is disconnected, and connections of other permitted devices to theservers 230 are also disconnected. On the other hand, when a permitted device is connected, various connection control operations set from themanagement server 240 are performed based on the types of device, application, server, and the like. - (Device Processing Controller)
-
FIG. 4A is a block diagram showing the functional configuration of thedevice control processor 212 of thecommunication processing apparatus 210 according to this example embodiment. - The
device control processor 212 includes a permission/unpermission determiner 401, adevice disconnector 402, anunpermission notifier 403, a device processing table 404, aconnection application determiner 405, and a device-application connector 406. - The permission/
unpermission determiner 401 determines whether a connected device is permitted/unpermitted, based on device registration information set in the device processing table 404. The device disconnector 402 disconnects the connected device if the permission/unpermission determiner 401 determines that the device is unpermitted. When the connected device is disconnected because the device is unpermitted, all connections to theserver 230 are disconnected, so theunpermission notifier 403 notifies themanagement server 240 of this information via thecommunication processor 211. - The
connection application determiner 405 determines theapplication 213 to which the connecteddevices 220 are connectable, based on information set in the device processing table 404 and indicating the relationship between thedevices 220 andapplication 213. The device-application connector 406 connects thedevices 220 to theapplication 213 which is found to be connectable by theconnection application determiner 405. Note that an application to which thedevices 220 are connectable is not limited to one, so it is possible to set a plurality of applications or all applications as connectable applications. -
FIG. 4B is a view showing the arrangement of the device processing table 404 according to this example embodiment. The device processing table 404 is used by thedevice control processor 212 to manage determination of authorization/unpermission of a connected device, and manage connection to theapplication 213. Note that the same reference numerals as inFIG. 3B denote the same constituent elements inFIG. 4B , and a repetitive explanation thereof will be omitted. - The device processing table 404 has a device-application connection table 442. Note that the device-application connection table 442 is a part of the application/server setting table 342 shown in
FIG. 3B , and stores the relation between a device and application. - (Switching Unit)
-
FIG. 5A is a block diagram showing the functional configuration of theswitching unit 214 of thecommunication processing apparatus 210 according to this example embodiment. - In this example embodiment, the
switching unit 214 is an openflow SDN (Software Defined Network), and includes anopenflow controller 501 and anopenflow switch 502. Theopenflow controller 501 has a connection table 511, and, in accordance with the connection table 511, generates a flow table to be set in each switch through which data passes. Theopenflow switch 502 controls the routing of a transmission source and transmission destination in accordance with the flow table set by theopenflow controller 501. Note that in this example embodiment, communication disconnection to all servers caused by the connection of an unpermitted device is implemented by, e.g., processing which does not route transmission data from theapplication 213 to any port connecting to thecommunicator 215. -
FIG. 5B is a view showing the arrangement of the connection table 511 according to this example embodiment. The connection table 511 is used by theopenflow controller 501 to generate the flow table. - The connection table 511 includes an application-port connection table 542 and a port connection control table 544. The application-port connection table 542 is a part of the application/server setting table 342 shown in
FIG. 3B , and stores the relation between an application and a port to thecommunicator 215. The port connection control table 544 further stores, in the device connection control table 344 shown inFIG. 3B , an input port from theapplication 213 and an output port to thecommunicator 215 for theopenflow controller 501. - (Procedure of Communication Processor)
-
FIG. 6A is a flowchart showing the procedure of thecommunication processor 211 of thecommunication processing apparatus 210 according to this example embodiment. A CPU (Central Processing Unit) of thecommunication processing apparatus 210 executes this flowchart by using a memory, and implements the functional configuration of thecommunication processing apparatus 210. Note that the individual constituent elements of thecommunication processing apparatus 210 desirably have their own CPUs and implement the functions by communicating with each other. To avoid complication, however, the procedure will be explained by assuming that not the individual constituent elements but thecommunication processing apparatus 210 performs the procedure. - In step S601, the
communication processing apparatus 210 monitors device connection by thedevice control processor 212. In step S603, thecommunication processing apparatus 210 receives a connection request from a USB device or Bluetooth® (BT inFIG. 6A ) device. In step S605, thecommunication processing apparatus 210 collates the connected device with a permitted device list (corresponding to the device registration table 341) to determine whether the device is permitted or unpermitted. In step S607, thecommunication processing apparatus 210 determines whether the device is an unpermitted (unpermitted) device. - If the device is an unpermitted device, the process advances to step S609, and the
communication processing apparatus 210 disconnects communication to all theservers 230 except determination communication to themanagement server 240, or disconnects communication by theapplication 213. In step S611, thecommunication processing apparatus 210 notifies themanagement server 240 of this abnormal state in which communication to all theservers 230 is disconnected. Note that themanagement server 240 may also monitor the state of thecommunication processing apparatus 210 at all times and receive information of the abnormal state. In step S613, thecommunication processing apparatus 210 disconnects the unpermitted device by thedevice control processor 212. - After that, the
communication processing apparatus 210 determines that an obstacle such as an attack does not influence thecommunication processing system 200, because the unpermitted device is disconnected. In step S615, therefore, thecommunication processing apparatus 210 stops the strengthened communication filtering (disconnecting) process of disconnecting communication to all theservers 230. In this case, it is also possible to perform theapplication 213 which processes data of a permitted device, or a process of selectively enabling aconnectable server 230. For example, it is possible by simple setting to implement a process of enabling activation of only theapplication 213 which performs highly confidential processing, or a process of delaying connection to a highly important server in accordance with the importance of data collected by the server. - On the other hand, if the connected device is a permitted device, the process advances to step S617, and the
communication processing apparatus 210 performs a filtering process on network communication by a policy table specified for each permitted device. In step S619, thecommunication processing apparatus 210 notifies themanagement server 240 of an abnormal status if an unexpected access occurs. Note that themanagement server 240 may also monitor the state of thecommunication processing apparatus 210 at all times and receive information of the abnormal status in this processing as well. -
FIG. 6B is a flowchart showing the procedure of the filtering process (step S617) according to this example embodiment. Note thatFIG. 6B shows examples of two filtering processes (step S617), but it is also possible to use other combinations, other filtering processes, or a combination with another filtering process. - In step S621, the
communication processing apparatus 210 refers to a communication policy setting table of permitted device (equivalent to the application/server setting table 342 shown inFIG. 3B ). In step S623, thecommunication processing apparatus 210 limits servers accessible from, e.g., a specific USB/Bluetooth® device. - Also, in step S631, the
communication processing apparatus 210 refers to a communication policy setting table of permitted devices and used communication applications (equivalent to the application/server setting table 342 shown inFIG. 3B ). In step S623, thecommunication processing apparatus 210 limits communication by an application to be used by a specific USB/Bluetooth® device. - <<Connection State of Communication Processing System>>
- Various connection states based on the communication policy of the
communication processing apparatus 210 of this example embodiment will be explained below with reference toFIGS. 7A to 8B . - (Unpermitted Device)
-
FIG. 7A is a view showing the connection state of thecommunication processing system 200 with respect to an unpermitted device according to this example embodiment.FIG. 7A shows a connecting process when anunpermitted device 723 is connected. - When the
device control processor 212 determines that theunpermitted device 723 is connected, communications to all theservers 230 except themanagement server 240 are disconnected in accordance with the communication policy of this example embodiment. In addition, theunpermitted device 723 is disconnected. Then, theconnected management server 240 is emergently notified that communications to all theservers 230 are disconnected. This processing based on the communication policy of this example embodiment disconnects data transmissions from permitteddevices servers 230 as well, but can prevent damage from being inflicted on theservers 230 by an attack from theunpermitted device 723. -
FIG. 7B is a view showing the connection state of thecommunication processing system 200 when the operation is resumed after disconnection according to this example embodiment.FIG. 7B shows a reconnecting process after theunpermitted device 723 is disconnected. Referring toFIG. 7B , the use of communication applications (a) and (z) having low confidentiality is limited. - The
management server 240 determines that no obstacle is inflicted on it because theunpermitted device 723 is disconnected as shown inFIG. 7A , and rapidly restores data transmissions from the permitteddevices servers 230. However, the possibility that a problem arises if the communication application (a) or (z) having low confidentiality is used still remains. Therefore, themanagement server 240 performs setting so as to prevent the use of the lowly confidential communication applications (a) and (z) in accordance with the communication policy of this example embodiment. - Note that as described above, it is possible to limit the use of an application, and it is also possible to limit connection to the
server 230 which is heavily damaged if an obstacle is inflicted on it. - (Permitted Device)
-
FIG. 8A is a view showing the connection state of thecommunication processing system 200 with respect to a permitted device according to this example embodiment.FIG. 8A shows a connection state when aconnected device 823 is a permitted device. - When the
device control processor 212 determines that the permitteddevice 823 is connected, all theapplications 213 are usable, but a server to which thedevice 823 can connect and transmit data is selected, in accordance with the communication policy associated with thedevice 823. For example, the permitteddevice 823 is not connected to a server which does not require data of thedevice 823, and is not connected to a specific server if, for example, the data reliability of the permitteddevice 823 is low. In this case, the openflow controller of the switching unit (SDN) 214 performs setting so as to connect the input ports from all the applications to only the output port to the selected server. -
FIG. 8B is a view showing another connection state of thecommunication processing system 200 with respect to a permitted device according to this example embodiment.FIG. 8B shows a case in which applications to be used by a permitteddevice 824 are limited. - According to the communication policy associated with the permitted
device 824, the application (b) is usable but the application (a) is not usable, and a server to which thedevice 824 can connect and transfer data is also selected. In this case, the usable application and connectable server can independently be set, but the communication policies are combined if the application and server are related. For example, if the processing of an application is not confidential, transmission to a server having important data is limited. - Note that the communication policies shown in
FIGS. 7A to 8B are merely portions of this example embodiment, and various policies and their combinations can be set. - <<Management Server>>
- The arrangement and operation of the
management server 240 will be explained below with reference toFIGS. 9A to 10D . - (Functional Configuration of Management Server)
-
FIG. 9A is a block diagram showing the functional configuration of themanagement server 240 according to this example embodiment. - The
management server 240 includes acommunication controller 901, a gatewayprocessing table setter 902, agateway management database 903, agateway processing obtainer 904, and agateway status obtainer 905. Themanagement server 240 also includes anoperation unit 906 and adisplay 907. - The
communication controller 901 controls communication to thecommunication processing apparatus 210. When themanagement server 240 is connected to an operation PC and remotely operated, thecommunication controller 901 controls communication to this operation PC. The gatewayprocessing table setter 902 sets, in thecommunication processing apparatus 210, a gateway processing table corresponding to communication control of each gateway stored in thegateway management database 903. This gateway processing table is equivalent to the communication processing table 304 shown inFIG. 3A . Thegateway management database 903 stores the gateway processing table of each gateway to be managed by themanagement server 240, in association with the gateway ID. Thegateway management database 903 also stores processing information and status information transmitted from thecommunication processing apparatus 210, in association with the gateway ID. - The
gateway processing obtainer 904 obtains the log of the communication process from thecommunication processing apparatus 210. Thegateway status obtainer 905 obtains the status of thecommunication processing apparatus 210. Note that thegateway status obtainer 905 can also obtain the emergent notification of all server disconnection caused by the connection of an unpermitted device, which is transmitted from thecommunication processing apparatus 210 to themanagement server 240. Note that this emergent notification of all server disconnection may also be an interrupt different from a normal status notification. - On the
operation unit 906, the user performs an operation of setting data to be stored in thegateway management database 903 so as to be set in thecommunication processing apparatus 210, or a changing operation, deleting operation, and the like. On theoperation unit 906, the user also sets a permitted device and permitted application while monitoring a menu displayed on thedisplay 907. Thedisplay 907 displays data to be stored in thegateway management database 903 so as to be set in thecommunication processing apparatus 210, displays already stored data, and displays the emergent notification of all server disconnection. Note that an operation PC may also replace theoperation unit 906 anddisplay 907. - Note also that when the
management server 240 controls communication connection in thecommunication processing apparatus 210 as a gateway, themanagement server 240 includes a functional constituent unit equivalent to thecommunication processor 211 shown inFIG. 2 , and controls each of functional constituent units of thecommunication processing apparatus 210, or themanagement server 240 may be included in thecommunication processing apparatus 210. -
FIG. 9B is a view showing the arrangement of thegateway management database 903 according to this example embodiment. Note that the same reference numerals as inFIG. 3B denote the same constituent elements inFIG. 9B , and an explanation thereof will be omitted. - Referring to
FIG. 9B , a gateway management table 910 stores the tables 341 to 344 shown inFIG. 3B in association with the gateway IDs. The tables 341 to 344 have been described above with reference toFIG. 3B , so a repetitive explanation thereof will be omitted. Also, a gateway log table 920 stores a device connection log, application connection log, and server connection log in association with each gateway ID. - <<Visualized Management Monitor>>
-
FIG. 10A is a view showing the concept of a visualized management monitor according to this example embodiment. - On a
display screen 1010 shown inFIG. 10A , thedisplay 907 displays events having occurred in time series as abnormality display. Thedisplay screen 1010 also displays the types of gateway management tables to be stored in thegateway management database 903 as setting menus. By selecting these setting menus, present setting information is linked and displayed. This setting information can be added, changed, and deleted by input instructions from theoperation unit 906. - (Settings of Applications)
-
FIGS. 10B to 10D are views showing display screen examples of a visualized monitor according to this example embodiment. Note that the application settings shown inFIGS. 10B to 10D are examples showing the way the visualized management monitor increases the speed and efficiency of processing. Therefore, it is obviously possible to increase the speed and efficiency of processing by other settings and changes, or monitoring and prevention. -
FIG. 10B is a view showing adisplay screen 1020 of various settings/check menus. When the user selects a communication unpermittedapplication list menu 1021 on thedisplay screen 1020 shown inFIG. 10B , adisplay screen 1030 of a communication unpermitted application list shown inFIG. 10C is displayed. - When the user clicks a
target row 1031 for permitting communication on thedisplay screen 1030 of a communication unpermitted application list shown inFIG. 10C , apopup window 1041 appears as indicated on adisplay screen 1040 shown inFIG. 10D . - The user can permit specific communication by selecting
specific communication 1042 as a permission target and selectingcommunication permission 1043 on thepopup display 1041 shown inFIG. 10D . - In this example embodiment, when it is determined that device connection is not permitted, or when it is determined that device connection is permitted, the connection between the device and server can variously be controlled in accordance with the status. This makes it possible to flexibly secure a safe connection from the device to the server (cloud).
- In addition, the connection of an application for controlling the device can variously be controlled in accordance with the status. Consequently, a safe connection can be secured from the device to the server (cloud) by more appropriate control.
- Furthermore, a GUI (Graphical User Interface) of the management server visualizes communication from the device to the network. This makes it possible to deal with a network threat and increase the speed and efficiency of management. When disconnecting all network connections to the server, a delay of management can be prevented by performing emergent notification to the management server.
- That is, even when a non-IP USB/Bluetooth® device is connected, a safe connection can be secured from the device to the cloud by controlling the device and network communication. Also, the presence/absence of a permitted device is determined by collation with the device permission list. Furthermore, the security of the device and network is improved by a fine communication filtering process performed by a network communication control process (terminal openflow) on the host side.
- While the invention has been particularly shown and described with reference to example embodiments thereof, the invention is not limited to these example embodiments. It will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the claims.
- The present invention is applicable to a system including a plurality of devices or a single apparatus. The present invention is also applicable even when an information processing program for implementing the functions of the example embodiments is supplied to the system or apparatus directly or from a remote site. Hence, the present invention also incorporates the program installed in a computer to implement the functions of the present invention by the computer, a medium storing the program, and a WWW (World Wide Web) server that causes a user to download the program. Especially, the present invention incorporates at least a non-transitory computer readable medium storing a program that causes a computer to execute processing steps included in the above-described example embodiments.
- Some or all of the above-described example embodiments can also be described as in the following supplementary notes but are not limited to the followings.
- (Supplementary Note 1)
- There is provided a communication processing apparatus comprising:
- a first connection unit that connects devices;
- a second connection unit that connects to servers;
- a switching unit that switches connections of said devices and said servers between said first connection unit and said second connection unit;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted; and
- a connection controller that controls said switching unit in accordance with a determination result from said determiner.
- (Supplementary Note 2)
- There is provided the communication processing apparatus according to
supplementary note 1, wherein said connection controller controls said switching unit to disconnect between said servers and all devices connected to said first connection unit, if said determiner determines that connection of the device is unpermitted. - (Supplementary Note 3)
- There is provided the communication processing apparatus according to
supplementary note - (Supplementary Note 4)
- There is provided the communication processing apparatus according to any one of
supplementary notes 1 to 3, wherein said connection controller controls said switching unit to limit connections of the device and said servers, even if said determiner determines that connection of the device is permitted. - (Supplementary Note 5)
- There is provided the communication processing apparatus according to any one of
supplementary notes 1 to 4, further comprising a provider that provides application processing for said devices connected to said first connection unit, - wherein said connection controller controls said switching unit to limit application processing to be provided for said devices.
- (Supplementary Note 6)
- There is provided the communication processing apparatus according to any one of
supplementary notes 1 to 5, wherein said switching unit is a software-controlled virtual network. - (Supplementary Note 7)
- There is provided the communication processing apparatus according to any one of
supplementary notes 1 to 6, wherein - said connection controller controls said switching unit in accordance with setting by an external communication managing apparatus that manages communication, and
- said connection controller notifies said external communication managing apparatus of at least connection states of said devices and said servers.
- (Supplementary Note 8)
- There is provided the communication processing apparatus according to supplementary note 7, wherein said connection controller emergently notifies said external communication managing apparatus of disconnection between all devices and said servers by said second connection unit.
- (Supplementary Note 9)
- There is provided a method of controlling a communication processing apparatus, the method comprising:
- causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- determining whether connection of a device to the first connection unit is permitted or unpermitted; and
- controlling the switching unit in accordance with a determination result in the determining step.
- (Supplementary Note 10)
- There is provided a program of controlling a communication processing apparatus, that causes a computer to execute a method, comprising:
- causing a switching unit to switch connections of devices and servers, between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- determining whether connection of a device to the first connection unit is permitted or unpermitted; and
- controlling the switching unit in accordance with a determination result in the determining step.
- (Supplementary Note 11)
- There is provided a communication managing apparatus comprising:
- a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- a setter that sets the connection information in a connection controller of a communication processing apparatus, said connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- an obtainer that obtains connection states by said connection controller based on the connection information; and
- a presenter that presents the obtained connection states.
- (Supplementary Note 12)
- There is provided a method of controlling a communication managing apparatus, the method comprising:
- causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- obtaining connection states by the connection controller based on the connection information; and
- presenting the obtained connection states.
- (Supplementary Note 13)
- There is provided a program of controlling a communication managing apparatus, that causes a computer to execute a method, comprising:
- causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- obtaining connection states by the connection controller based on the connection information; and
- presenting the obtained connection states.
- (Supplementary Note 14)
- There is provided a communication processing system comprising:
- a holder that holds connection information containing a condition for determining whether each of connections of devices is permitted or unpermitted and connections of the devices to servers;
- a switching unit that switches the connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- a determiner that determines whether connection of a device to said first connection unit is permitted or unpermitted, in accordance with the connection information; and
- a connection controller that controls said switching unit based on the connection information, in accordance with a determination result from said determiner.
- (Supplementary Note 15)
- There is provided a communication processing method comprising:
- causing a holder to hold connection information containing a condition for determining whether each of connections of devices is permitted and connections of the devices to servers;
- causing a switching unit to switch connections of the devices and the servers between a first connection unit that connects the devices and a second connection unit that connects to the servers;
- determining whether connection of a device to the first connection unit is permitted or unpermitted, in accordance with the connection information; and
- controlling the switching unit based on the connection information, in accordance with a determination result in the determining step.
- a first connector that connects a device;
- a second connector that connects to a server;
- a switching unit that switches connections of the device and the server between the first connector and the second connector;
- a determiner that determines whether connection of the device to the first connector is permitted; and
- a connection controller that controls the switching unit in accordance with a determination result from the determiner.
- (Supplementary Note 2)
- There is provided the communication processing apparatus according to
supplementary note 1, wherein if the determiner determines that connection of the device is not permitted, the connection controller controls the switching unit to disconnect the server from all devices connected to the first connector. - (Supplementary Note 3)
- There is provided the communication processing apparatus according to
supplementary note - (Supplementary Note 4)
- There is provided a communication processing apparatus according to any one of
supplementary notes 1 to 3, wherein even if the determiner determines that connection of the device is permitted, the connection controller controls the switching unit to limit connection of the device and the server. - (Supplementary Note 5)
- There is provided a communication processing apparatus according to any one of
supplementary notes 1 to 4, further comprising a provider that provides application processing for the device connected to the first connector, - wherein the connection controller controls the switching unit to limit application processing to be provided for the device.
- (Supplementary Note 6)
- There is provided a communication processing apparatus according to any one of
supplementary notes 1 to 5, wherein the switching unit is a software-controlled virtual network. - (Supplementary Note 7)
- There is provided a communication processing apparatus according to any one of
supplementary notes 1 to 6, wherein - the connection controller controls the switching unit in accordance with setting by an external communication managing apparatus that manages communication, and
- the connection controller notifies the external communication managing apparatus of at least a connection state of the device and the server.
- (Supplementary Note 8)
- There is provided the communication processing apparatus according to supplementary note 7, wherein the connection controller emergently notifies the external communication managing apparatus of disconnection of all devices from the server by the second connector.
- (Supplementary Note 9)
- There is provided a communication processing apparatus control method comprising:
- causing a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
- determining whether connection of the device to the first connector is permitted; and
- controlling the switching unit in accordance with a determination result in the determining.
- (Supplementary Note 10)
- There is provided a communication processing apparatus control program that causes a computer to execute a method, comprising:
- causing a switching unit to switch connections of a device and a server, between a first connector that connects the device and a second connector that connects to the server;
- determining whether connection of the device to the first connector is permitted; and
- controlling the switching unit in accordance with a determination result in the determining.
- (Supplementary Note 11)
- There is provided a communication managing apparatus comprising:
- a holder that holds connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
- a setter that sets the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
- an obtainer that obtains a connection state obtained by the connection controller based on the connection information; and
- a presenter that presents the obtained connection state.
- (Supplementary Note 12)
- There is provided a communication managing apparatus control method comprising:
- causing a holder to hold connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
- setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
- obtaining a connection state obtained by the connection controller based on the connection information; and
- presenting the obtained connection state.
- (Supplementary Note 13)
- There is provided a communication managing apparatus control program that causes a computer to execute a method, comprising:
- causing a holder to hold connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
- setting the connection information in a connection controller of a communication processing apparatus, the connection controller controlling connection between a first connector that connects the device and a second connector that connects to the server;
- obtaining a connection state obtained by the connection controller based on the connection information; and
- presenting the obtained connection state.
- (Supplementary Note 14)
- There is provided a communication processing system comprising:
- a holder that holds connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
- a switching unit that switches connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
- a determiner that determines whether connection of the device to the first connector is permitted, in accordance with the connection information; and
- a connection controller that controls the switching unit based on the connection information, in accordance with a determination result from the determiner.
- (Supplementary Note 15)
- There is provided a communication processing method comprising:
- causing a holder to hold connection information containing a condition for determining whether connection of a device is permitted and a connection of the device to a server;
- causing a switching unit to switch connections of the device and the server between a first connector that connects the device and a second connector that connects to the server;
- determining whether connection of the device to the first connector is permitted, in accordance with the connection information; and
- controlling the switching unit based on the connection information, in accordance with a determination result in the determining.
Claims (17)
1-15. (canceled)
16. A communication apparatus comprising:
a processor; and
a memory,
wherein the processor is connected to a non-IP device by a non-IP connection and to a server by an IP connection;
the processor executes an application to connect the non-IP device to the server;
the memory stores an association among the non-IP device, the application and the server; and
the processor controls the application to connect the non-IP device to the server based on the stored association.
17. The communication apparatus according to claim 1, wherein the memory stores connection availability information indicating whether or not the non-IP device is permitted to connect to the processor, and an association between the application and the server to which the application connects.
18. The communication apparatus according to claim 1, wherein the processor sets or selects the non-IP device in the memory based on an input of an operator.
19. The communication apparatus according to claim 1, wherein the processor sets or selects the application in the memory based on an input of an operator.
20. The communication apparatus according to claim 1, wherein the processor sets or selects the server in the memory based on an input of an operator.
21. The communication apparatus according to claim 1, wherein the Memory further stores a port number to be connected to the server, and
the processor sets or selects the port number in the memory based on an input of an operator.
22. The communication apparatus according to claim 1, wherein the application includes a protocol of the IP connection, and
the processor sets or selects the protocol in the memory based on an input of an operator.
23. A method of controlling a communication apparatus comprising:
connecting to a non-IP device by a non-IP connection, and a server by an IP connection; and
executing an application for connecting the non-IP device to the server using an association among the non-IP device, the application and the server stored in a memory to connect the non-IP device to the server.
24. The method according to claim 23 , wherein the memory stores connection availability information indicating whether or not the non-IP device is permitted to connect to the processor, and an association between the application and the server to which the application connects.
25. The method according to claim 23 , further comprising setting or selecting the non-IP device in the memory based on an input of an operator.
26. The method according to claim 23 , further comprising setting or selecting the application in the memory based on an input of an operator.
27. The method according to claim 23 , further comprising setting or selecting the server in the memory based on an input of an operator.
28. The method according to claim 23 , wherein the memory further stores a port number to be connected to the server, and
further comprising setting or selecting the port number in the memory based on an input of an operator.
29. The communication apparatus according to claim 1, wherein the application includes a protocol of the IP connection, and
further comprising setting or selecting the protocol in the memory based on an input of an operator.
30. A non-transitory computer-readable storage medium storing a program causing a processor to execute a method of controlling a communication apparatus, the method comprising:
connecting to a non-IP device by a non-IP connection, and a server by an IP connection; and
executing an application for connecting the non-IP device to the server using an association among the non-IP device, the application and the server stored in a memory to connect the non-IP device to the server.
31. The non-transitory computer-readable storage medium according to claim 30 , wherein the memory stores connection availability information indicating whether or not the non-IP device is permitted to connect to the processor, and an association between the application and the server to which the application connects.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US18/086,127 US20230208682A1 (en) | 2016-03-24 | 2022-12-21 | Securing a connection from a device to a server |
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2016060166A JP6693210B2 (en) | 2016-03-24 | 2016-03-24 | Communication processing system, communication processing method, communication processing device, communication management device, and their control method and control program |
JP2016-060166 | 2016-03-24 | ||
PCT/JP2017/005158 WO2017163665A1 (en) | 2016-03-24 | 2017-02-13 | Communication processing system, communication processing method, communication processing device, communication management device, and control methods and control programs therefor |
US201816083566A | 2018-09-10 | 2018-09-10 | |
US17/246,786 US11563604B2 (en) | 2016-03-24 | 2021-05-03 | Securing a connection from a device to a server |
US18/086,127 US20230208682A1 (en) | 2016-03-24 | 2022-12-21 | Securing a connection from a device to a server |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/246,786 Continuation US11563604B2 (en) | 2016-03-24 | 2021-05-03 | Securing a connection from a device to a server |
Publications (1)
Publication Number | Publication Date |
---|---|
US20230208682A1 true US20230208682A1 (en) | 2023-06-29 |
Family
ID=59901054
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/083,566 Active 2038-01-14 US11032109B2 (en) | 2016-03-24 | 2017-02-13 | Communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of communication processing apparatus and communication managing apparatus |
US17/246,786 Active 2037-05-05 US11563604B2 (en) | 2016-03-24 | 2021-05-03 | Securing a connection from a device to a server |
US18/086,127 Pending US20230208682A1 (en) | 2016-03-24 | 2022-12-21 | Securing a connection from a device to a server |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/083,566 Active 2038-01-14 US11032109B2 (en) | 2016-03-24 | 2017-02-13 | Communication processing system, communication processing method, communication processing apparatus, communication managing apparatus, and control methods and control programs of communication processing apparatus and communication managing apparatus |
US17/246,786 Active 2037-05-05 US11563604B2 (en) | 2016-03-24 | 2021-05-03 | Securing a connection from a device to a server |
Country Status (3)
Country | Link |
---|---|
US (3) | US11032109B2 (en) |
JP (1) | JP6693210B2 (en) |
WO (1) | WO2017163665A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP7262964B2 (en) * | 2018-10-12 | 2023-04-24 | 株式会社東芝 | Information processing device and information processing system |
JP2023061309A (en) * | 2021-10-19 | 2023-05-01 | コニカミノルタ株式会社 | Image processing device |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7111079B2 (en) * | 2000-02-23 | 2006-09-19 | Koninklijke Philips Electronics, N.V. | Architecture of a bridge between a non-IP network and the web |
US7320071B1 (en) * | 2001-05-22 | 2008-01-15 | National Semiconductor Corporation | Secure universal serial bus |
JP2003030138A (en) | 2001-07-11 | 2003-01-31 | Mitsubishi Electric Corp | Internet connection system, managing sever device, internet connecting method, and program making computer implement the method |
US20080117918A1 (en) | 2004-10-22 | 2008-05-22 | Satoshi Kobayashi | Relaying Apparatus and Network System |
US7912987B2 (en) * | 2005-01-14 | 2011-03-22 | Microsoft Corporation | USB devices in application server environments |
US20080005426A1 (en) * | 2006-05-31 | 2008-01-03 | Bacastow Steven V | Apparatus and method for securing portable USB storage devices |
US9367484B2 (en) * | 2007-06-01 | 2016-06-14 | Linda R. Stilwell | System and apparatus for controlling use of mass storage devices |
US7783794B2 (en) * | 2007-11-27 | 2010-08-24 | Aten International Co., Ltd. | Remote USB access method |
JP4482044B2 (en) * | 2008-03-18 | 2010-06-16 | 株式会社東芝 | Information processing apparatus and device controller drive control method |
CN102104555B (en) * | 2009-12-22 | 2012-12-12 | 华为终端有限公司 | Method for accessing USB equipment of home gateway, home gateway and terminal |
JP2014509421A (en) | 2011-02-01 | 2014-04-17 | エムシーシーアイ コーポレイション | Security measures for extended USB protocol stack of USB host system |
US9081911B2 (en) * | 2011-05-31 | 2015-07-14 | Architecture Technology Corporation | Mediating communication of a universal serial bus device |
US8555409B2 (en) | 2011-11-02 | 2013-10-08 | Wyse Technolgoy Inc. | System and method for providing private session-based access to a redirected USB device or local device |
EP2813945A1 (en) | 2013-06-14 | 2014-12-17 | Tocario GmbH | Method and system for enabling access of a client device to a remote desktop |
JP6193147B2 (en) | 2014-02-17 | 2017-09-06 | Kddi株式会社 | Firewall device control device and program |
JP2016034116A (en) | 2014-07-31 | 2016-03-10 | Kddi株式会社 | Path setting device, path setting method, path setting program, and communication system |
CN104168203A (en) * | 2014-09-03 | 2014-11-26 | 上海斐讯数据通信技术有限公司 | Processing method and system based on flow table |
KR102441737B1 (en) * | 2014-10-15 | 2022-09-13 | 삼성전자 주식회사 | Method for authentication and electronic device supporting the same |
US10331599B2 (en) * | 2016-03-11 | 2019-06-25 | Dell Products L.P. | Employing session level restrictions to limit access to a redirected interface of a composite device |
US10182126B2 (en) * | 2016-05-02 | 2019-01-15 | Dell Products L.P. | Multilevel redirection in a virtual desktop infrastructure environment |
-
2016
- 2016-03-24 JP JP2016060166A patent/JP6693210B2/en active Active
-
2017
- 2017-02-13 US US16/083,566 patent/US11032109B2/en active Active
- 2017-02-13 WO PCT/JP2017/005158 patent/WO2017163665A1/en active Application Filing
-
2021
- 2021-05-03 US US17/246,786 patent/US11563604B2/en active Active
-
2022
- 2022-12-21 US US18/086,127 patent/US20230208682A1/en active Pending
Also Published As
Publication number | Publication date |
---|---|
US20200304341A1 (en) | 2020-09-24 |
JP6693210B2 (en) | 2020-05-13 |
JP2017175421A (en) | 2017-09-28 |
US20210359880A1 (en) | 2021-11-18 |
US11563604B2 (en) | 2023-01-24 |
WO2017163665A1 (en) | 2017-09-28 |
US11032109B2 (en) | 2021-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20230208682A1 (en) | Securing a connection from a device to a server | |
US10659345B2 (en) | Service path protection method, controller, device and system | |
CN108965123B (en) | Link switching method and network communication system | |
RU2562760C2 (en) | Control system of communication route, and route control method | |
CN104243205A (en) | Message processing method and device used during virtual switch fault | |
CN103975331A (en) | Data center infrastructure management system incorporating security for managed infrastructure devices | |
US20140010233A1 (en) | Communication device, method for controlling the communication device, and communication system | |
CN104301449A (en) | Method and device for modifying IP address | |
US20080285469A1 (en) | Computer replacing redundant communication routes, and programs and method for the same | |
US7895300B1 (en) | Systems and methods for testing device ports in a storage area network | |
US8971176B2 (en) | Fibre channel over Ethernet switch implicit logout | |
US20180183709A1 (en) | Communication node, communication system, communication method, and program | |
US10587677B2 (en) | Control apparatus, computer readable medium, and equipment control system | |
US9819691B2 (en) | Network monitoring system and method | |
JP7491348B2 (en) | COMMUNICATION PROCESSING METHOD, COMMUNICATION PROCESSING DEVICE, AND COMMUNICATION PROCESSING PROGRAM | |
US10491544B2 (en) | Consistency control of a logical path passing through a relay device | |
EP4123976A1 (en) | Logical network constructing system, gateway apparatus, controller, and logical network constructing method | |
JP2014026353A (en) | Server management system, load distribution device, and server management method | |
JP6601198B2 (en) | Relay device, setting method, setting program, and information processing system | |
KR101628089B1 (en) | Network apparatus and method for ensuring failover thereof | |
KR20120107564A (en) | Apparatus for sending sms when ups fails | |
WO2014203363A1 (en) | Network device and method for controlling same | |
JP2015035678A (en) | Network system, monitoring method for route, and relay device | |
JP5629911B2 (en) | Radio base station monitoring control system and radio base station monitoring control method | |
WO2018034233A1 (en) | Contact center system, contact center control method, contact center management apparatus, contact center management method, and contact center management program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |