WO2014068632A1 - 設備管理装置、設備管理システム及びプログラム - Google Patents
設備管理装置、設備管理システム及びプログラム Download PDFInfo
- Publication number
- WO2014068632A1 WO2014068632A1 PCT/JP2012/077840 JP2012077840W WO2014068632A1 WO 2014068632 A1 WO2014068632 A1 WO 2014068632A1 JP 2012077840 W JP2012077840 W JP 2012077840W WO 2014068632 A1 WO2014068632 A1 WO 2014068632A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- facility
- equipment
- authentication
- unit
- authentication code
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/41—User authentication where a single sign-on provides access to a plurality of computers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0246—Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
- H04L41/0253—Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols using browsers or web-pages for accessing management information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04Q—SELECTING
- H04Q9/00—Arrangements in telecontrol or telemetry systems for selectively calling a substation from a main station, in which substation desired apparatus is selected for applying a control signal thereto or for obtaining measured values therefrom
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/24—Key scheduling, i.e. generating round keys or sub-keys for block encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/22—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
Definitions
- the present invention relates to an equipment management apparatus, equipment management system, and program.
- equipment management devices that manage equipment such as air conditioning equipment and lighting equipment are generally installed. Some of these equipment management devices can monitor the operating status of equipment via the LAN (Local Area Network) in the building or the Internet if accessed from the web browser of the building manager's personal computer (user terminal). There is something.
- LAN Local Area Network
- a login screen is displayed on the Web browser of the user terminal.
- the login screen is a user ID and password input screen.
- user authentication is performed by the facility management apparatus using the user ID and password.
- the user authentication is normally completed, the contents of the monitoring device web page transmitted from the facility management apparatus are displayed on the Web browser, and the status of the facility device can be monitored.
- an equipment management device is installed for each building entrance (that is, a plurality of equipment management devices are installed).
- a plurality of login screens corresponding to each facility management device are individually displayed on the Web browser, It is necessary to input the user ID and password one by one on the login screen. That is, in order to simultaneously monitor the state of a plurality of facility devices managed across a plurality of facility management devices, it is necessary to log in for the number of target facility management devices. Therefore, as the number of facility management devices increases, the number of logins increases, and management becomes troublesome.
- a single sign-on technology using a SAML (Security Association Markup Language) method is generally used as a technology that enables access to a plurality of Web servers by only one authentication.
- SAML Security Association Markup Language
- the authentication server when an authentication server is accessed from a Web browser of a user terminal, the authentication server performs user authentication. Then, authentication information is issued from the authentication server to the user terminal.
- the Web site inquires the authentication server for the authentication information. If the authentication information is correctly issued, the contents of the website are transmitted to the user terminal.
- an authentication agent device that realizes a single sign-on function without using the SAML method is disclosed (for example, see Patent Document 1).
- This authentication agent device issues a cookie in which registration information for each business operator is embedded to the user device.
- each resource management device accesses the user device only when the registration information in the cookie matches the registration information held by the business operator. Allow.
- VPN Virtual Private Network
- the authentication agent device of Patent Document 1 issues a cookie in which identification information of each business operator is embedded to the user device.
- the resource management device performs authentication by comparing the identification information embedded in the cookie transmitted from the user device with the identification information of the own device.
- the present invention has been made to solve the above-described problems, and an object of the present invention is to provide an equipment management apparatus, equipment management system, and program capable of safely monitoring a plurality of equipment management apparatuses at a low cost.
- the facility management apparatus of the present invention provides: An equipment management device for managing equipment, An equipment management unit for managing the operating state of the equipment;
- the device itself is a representative facility management device among multiple facility management devices, user authentication is performed according to a request from the monitoring terminal, and if user authentication is successful, a digital signature is added with the private key of the device itself
- a user authentication processing unit that generates an authentication code obtained by encrypting the authentication data using the public key of each facility management device for each facility management device, and transmits the generated authentication code to the monitoring terminal;
- the authentication code generated for the equipment management device of the local device is received from the monitoring terminal, the received authentication code is decrypted with the private key of the local device, and the digital signature is verified with the public key of the representative equipment management device
- Authentication code analysis unit for performing authentication When the user authentication processing unit or the authentication code analysis unit succeeds in the authentication, a Web server unit that enables monitoring and operation of data indicating an operation state of each facility device managed by the facility device management unit; Is provided
- the authentication code obtained by encrypting the authentication data added with the digital signature with the secret key of the representative facility management device using the public key of each facility management device Is generated for each equipment management device and transmitted to the monitoring terminal. Since this authentication code performs a digital signature using the secret key of the representative facility management apparatus, a malicious user cannot generate a digital signature of forged authentication data. Moreover, since this authentication code is encrypted using the public key of a specific facility management apparatus, it can be decrypted only with the private key possessed by that facility management apparatus. That is, this authentication code is a code that can be generated only by a representative facility management apparatus that has performed user authentication and can only be decrypted by a specific facility management apparatus.
- this authentication code it is possible to safely verify with each facility management device that it has been authenticated by the representative facility management device, and access to a plurality of facility management devices can be performed only once. At the same time, it is possible to prevent unauthorized access such as forgery of authentication code or impersonation. As a result, a plurality of facility management devices can be monitored safely at low cost.
- FIG. 1 It is a figure which shows an example of the abnormal unit screen displayed on a monitoring terminal. It is a flowchart of the process performed with an equipment management apparatus, when there exists a change in the state of equipment. It is a flowchart of the process of the monitoring terminal performed when state change information is received from an equipment management apparatus.
- FIG. 1 shows the configuration of an equipment management system 1 according to the embodiment of the present invention.
- the facility management system 1 includes a facility device 2, a facility management device 3, and a monitoring terminal 4.
- a plurality of equipment 2 and equipment management devices 3 are provided.
- the equipment 2 and the equipment management device 3 are communicably connected via a dedicated communication line 5. Further, the facility management device 3 and the monitoring terminal 4 are communicably connected via a communication line 6.
- the communication line 6 can be a LAN connected within the same site. Further, the communication line 6 may be an Internet line or the like that connects the monitoring terminal 4 and the facility management apparatus 3 via a VPN router.
- various equipment installed in the building is assumed.
- Examples of such equipment 2 include air conditioning equipment, lighting equipment, and hot water supply equipment.
- a plurality of equipment 2 are installed at designated locations in the building. Each facility device 2 operates under the management of the facility management device 3. The operating state of the equipment 2 is notified to the equipment management device 3 via the dedicated communication line 5. A plurality of equipment 2 connected to the same equipment management device 3 is also referred to as equipment equipment group 7 below.
- the facility management device 3 manages the facility device group 7 including the plurality of facility devices 2 in an integrated manner.
- the facility management apparatus 3 includes a display unit 10, an input unit 20, a control unit 30, a data management unit 40, a facility device communication management unit 50, and a monitoring terminal communication management unit 60.
- the display unit 10 displays various screens for managing (monitoring and controlling) the equipment group 7 under the control of the control unit 30.
- the input unit 20 is an input device such as a mouse, a keyboard, or a touch panel.
- the input unit 20 is installed on the display unit 10.
- the administrator operates the input unit 20, screen switching, operation of equipment, and the like can be performed according to the operation content.
- the control unit 30 is a computer including a CPU (Central Processing Unit) and a memory.
- the function of the control unit 30 is realized by the CPU executing the program stored in the memory.
- the control unit 30 holds (manages) the operating state of the equipment 2 and performs processing for transmitting and receiving necessary data on the monitoring screen displayed on the monitoring terminal 4.
- the control unit 30 includes an equipment device management unit 31, a user authentication processing unit 32, an authentication code analysis unit 33, and a Web server unit 34.
- the equipment device management unit 31 manages (monitors and controls) the operating state of the equipment device 2.
- the user authentication processing unit 32 performs user authentication and generation of an authentication code. Specifically, the user authentication processing unit 32 performs user authentication according to a request from the monitoring terminal 4 when the own device is a representative facility management device 3 among the plurality of facility management devices 3. When the user authentication is successful, the user authentication processing unit 32 adds a digital signature to the authentication data with the private key of the own device, and further encrypts the authentication code encrypted with the public key of each facility management device 3 Cookie is generated, and a cookie for all equipment management devices 3 minutes is issued to the monitoring terminal 4.
- the user authentication processing unit 32 includes a user authentication unit 35 and an authentication code generation unit 36.
- the user authentication unit 35 performs authentication with the user using a user ID, a password, and the like.
- the authentication code generation unit 36 generates an authentication code to be issued to the monitoring terminal 4 when authentication is successful.
- the authentication code analysis unit 33 analyzes the authentication code included in the cookie given when accessing from the monitoring terminal 4. Upon receiving the cookie transmitted from the monitoring terminal 4, the authentication code analysis unit 33 decrypts the authentication code in the cookie with the private key of its own device, and further uses the public key of the representative facility management device (parent device) 3. Authentication is performed by verifying the digital signature.
- the web server unit 34 transmits and receives web content 80 or monitor commands, operation commands, and the like. If the user authentication processing unit 32 or the authentication code analysis unit 33 succeeds in authentication, the Web server unit 34 is designated by the monitoring terminal 4 to enable monitoring and operation of data indicating the operation state of each facility device 2. The monitor command and the setting command are processed, and the processing result is returned to the monitoring terminal 4.
- the Web server unit 34 includes an equipment data communication unit 37 and a system connection data communication unit 38.
- the equipment device data communication unit 37 performs an operation state monitor response of the equipment device 2 and an operation process in accordance with the monitor command and the operation command specified from the monitoring terminal 4.
- the system connection data communication unit 38 sets and monitors the facility management device address list 91 in which the address information of the connected facility management device 3 is held.
- the data management unit 40 includes various data necessary for the control unit 30 to monitor the equipment group 7, various data necessary to generate authentication codes for the plurality of equipment management devices 3, and the monitoring terminal 4. Manages various data for displaying the monitoring screen.
- the data managed by the data management unit 40 is roughly classified into equipment device data 70, Web content 80, system configuration data 90, user registration information 100, and encryption processing data 110.
- the equipment data 70 includes connection information 71 of each equipment 2, operation state data 72, equipment management device 3, and display position data 73 on a plan view of icons of the equipment 2 and the like.
- connection information 71 is data necessary for controlling the equipment device group 7 such as an address number, an operation group number, and model identification information of each equipment device 2 managed by the equipment management apparatus 3.
- the operation state data 72 is data indicating the current operation state of each equipment device 2 (for example, in the case of an air conditioner, the operation / stop state, the operation mode such as cooling or heating, the set temperature, the room temperature, etc.).
- the operation state data 72 is updated to the latest state as needed by data transmission / reception with each facility device 2.
- the display position data 73 is data indicating position information such as the latitude and longitude of the building managed by the facility management apparatus 3, the floor number where each facility device 2 in the building is installed, and the X and Y coordinates on the plan view. It is.
- the display position data 73 is used when the icon of the equipment management device 3 or the icon of the equipment 2 is arranged on the monitoring screen of the monitoring terminal 4.
- the X coordinate and Y coordinate that are the display position of the equipment icon can be specified by absolute values.
- the icon display position may be indicated by a ratio (0 to 100%) with respect to the vertical and horizontal sizes of the plan view. In this case, the display position of the icon of the facility device 2 changes following the enlargement or reduction of the plan view.
- the Web content 80 includes a screen configuration file 81, a monitoring program 82, and plan view data 83.
- the screen configuration file 81 is a file in which the layout configuration of the screen displayed on the monitoring terminal 4 is described.
- the monitoring program 82 is a program that is executed on a Web browser and performs various communication processes and screen display processes.
- the plan view data 83 is data of a plan view of the floor or the like that is the background of the monitoring screen.
- the screen configuration file 81, the monitoring program 82, and the plan view data 83 will be described in more detail.
- the screen configuration file 81 is a screen layout configuration file and various image files to be displayed on the monitoring terminal 4.
- the screen configuration file 81 includes an HTML (HyperText Markup Language) file that describes the frame configuration.
- the screen configuration file 81 also includes various image files described in GIF (Graphics Interchange Format) format, JPEG (Joint Photographic Experts Group) format, BMP (Bitmap) format, and the like.
- the monitoring program 82 is a program that is sent to the monitoring terminal 4 by the Web server unit 34 and executed by the Web browser of the monitoring terminal 4.
- the monitoring program 82 is a program for communicating with each facility management apparatus 3 and displaying a monitoring screen.
- the monitoring program 82 is a program described in a language such as JavaScript (registered trademark).
- the monitoring program 82 acquires the operation state data of each of the plurality of facility management devices 3 from the facility device management unit 31, and mixes the operation states of the facility devices 2 managed by the plurality of facility management devices 3. This program is displayed on the browser.
- the plan view data 83 is an image to be displayed as the background of the monitoring screen so that the position of the building and the installation position of the equipment 2 in the building are clear.
- the floor plan data 83 stores a map, an aerial photograph, a floor plan image of a floor in a building, and the like.
- the data management unit 40 corresponds to a plan view holding unit that holds a plan view image of a floor on which a plurality of facility devices 2 are installed. Further, the data management unit 40 corresponds to a display position data holding unit that holds display position data indicating the display positions of the plurality of facility devices 2 on the plan view.
- the monitoring program 82 is a program that is executed by a Web browser and acquires a plan view image held by the data management unit 40 and display position data held by the data management unit 40 from each facility management device 3. Furthermore, the monitoring program 82 is a program that displays on the Web browser of the monitoring terminal 4 by superimposing icons indicating the operation states of the plurality of equipment devices 2 at positions indicated by the display position data 73 on the plan view image. .
- the system configuration data 90 is held in a representative facility management apparatus (master unit) 3.
- the system configuration data 90 includes an equipment management device address list 91 in which contents that can identify connection destinations on the network, such as IP addresses or domain names and host names of the equipment management devices 3 are described.
- User registration information 100 is used when user authentication is performed.
- the user registration information 100 is stored as a list of a plurality of user IDs and passwords permitted to be connected in the representative facility management apparatus (master unit) 3.
- the user registration information 100 is not limited to the user ID and password, and may be data for using other means that can uniquely identify the user, such as fingerprint authentication data or a digital certificate.
- the cryptographic processing data 110 includes a private key 111 of the own device used in the authentication sequence and a facility management device public key list 112 corresponding to the facility management device address list 91.
- the own device's private key 111 is one of key pairs (public key, private key) generated by a public key cryptosystem mechanism. Data encrypted using the public key of the own device can be decrypted only with the private key 111 of the own device.
- the facility management apparatus public key list 112 stores public keys of a plurality of facility management apparatuses 3.
- the representative facility management apparatus (master unit) 3 holds the public key of the own apparatus and the public keys of a plurality of facility management apparatuses 3 corresponding to the facility management apparatus address list 91.
- the other equipment management device (slave device) 3 holds the public key of the representative equipment management device (parent device) 3.
- the data management unit 40 corresponds to a public key list holding unit that holds a list of public keys of each of a plurality of facility management devices 3 including the device itself and other facility management devices 3.
- a normal public key is just a list of numerical values.
- the public key can be a specific character string such as a production number.
- the device-specific manufacturing number of each facility management device 3 including its own device and another facility management device 3 is used as a public key.
- the equipment communication management unit 50 is an interface of the dedicated communication line 5. Data is transmitted to and received from the equipment 2 via the equipment communication management unit 50.
- the dedicated communication line 5 is not necessarily a dedicated communication line, and a general-purpose communication line such as a LAN or an RS-485 interface may be used.
- the monitoring terminal communication management unit 60 is an interface of the communication line 6. Data transmission / reception with the monitoring terminal 4 is performed via the monitoring terminal communication management unit 60.
- the communication line 6 can be a LAN or a wireless LAN. As the communication line 6, it is also possible to use an internet line or the like that connects the monitoring terminal 4 and the facility management apparatus 3 via a VPN router.
- the monitoring terminal 4 is a general-purpose computer that can operate a Web browser.
- the monitoring terminal 4 displays a monitoring screen according to the Web content 80 received from the facility management apparatus 3. More specifically, the monitoring terminal 4 accesses each facility management device 3 using a Web browser, and acquires the operating state of each facility device 2 from each facility management device 3 that manages a plurality of facility devices 2. And display.
- the monitoring terminal 4 includes a display device 120, an input device 130, a web content display control unit 140, a database unit 150, and a communication management unit 160.
- the display device 120 displays the web content 80 acquired from the facility management device 3 under the control of the web content display control unit 140.
- the input device 130 is an input device such as a mouse, a keyboard, or a touch panel.
- the input device 130 is installed on the display device 120.
- the administrator operates the input device 130 such as a mouse, screen switching, operation of the equipment 2 and the like are performed according to the operation content.
- the Web content display control unit 140 communicates with the connection destination facility management device 3 input from the input device 130 to acquire the Web content 80, and displays the monitoring screen of the facility device group 7 on the display device 120. Process.
- the Web content display control unit 140 includes a screen configuration file analysis unit 141 and a monitoring program execution unit 142.
- the screen configuration file analysis unit 141 analyzes the acquired screen configuration file 81.
- the monitoring program execution unit 142 executes the monitoring program downloaded from the facility management apparatus 3.
- the monitoring program execution unit 142 includes a data communication management unit 143 and an equipment data management unit 144.
- the data communication management unit 143 performs communication processing with the facility management apparatus 3.
- the equipment data management unit 144 manages the equipment data 70.
- the database unit 150 manages various data used by the monitoring program execution unit 142.
- the database unit 150 includes system configuration data 151 and facility equipment data 154.
- the system configuration data 151 includes an equipment management device address list 152.
- the facility management apparatus address list 152 includes an IP address, a domain name, a host name, and the like that are specific information of the facility management apparatus 3 that is a communication destination.
- the equipment data 154 includes equipment equipment connection information 155, operating state data 156, and display position data 157.
- the equipment data 153 is kept up-to-date by the equipment data management unit 144.
- the communication management unit 160 is an interface of the communication line 6. Data is transmitted to and received from the equipment management apparatus 3 via the communication management unit 160.
- FIG. 4 shows a user authentication process executed by the facility management apparatus 3.
- the web content display control unit 140 sends an HTTP protocol (for the equipment management device 3 to the equipment management device 3 via the communication management unit 160. Connection is started according to Hypertext Transfer Protocol).
- the control unit 30 (Web server unit 34) of the facility management apparatus 3 transmits the login screen display Web content 80 (login screen information) to the monitoring terminal 4 via the monitoring terminal communication management unit 60 (step S1a). . As a result, a login screen is displayed on the display device 120 of the monitoring terminal 4.
- the monitoring terminal 4 When the user operates the input device 130 of the monitoring terminal 4 and inputs a user ID and password on the login screen, the monitoring terminal 4 (Web content display control unit 140) passes the communication management unit 160 to the facility management device 3. The user ID and password are transmitted.
- the control unit 30 Web server unit 34 of the facility management apparatus 3 receives the user ID and password (step S1b).
- the user authentication unit 35 of the facility management apparatus 3 compares the received user ID and password with the data in the user registration information 100, and determines whether or not the authentication is successful (step S1c). If the authentication fails (step S1c; No), the facility management apparatus 3 (user authentication unit 35) returns an authentication error to the monitoring terminal 4 (step S1d), and the process is terminated. On the other hand, if there is matching data and the authentication is successful (step S1c; Yes), the facility management apparatus 3 (control unit 30) executes the following procedure as the completion of authentication.
- the facility management device 3 determines whether or not the generation of the authentication code for all the facility management devices 3 has been completed (step S1e). Here, since it is still the first unit, the determination is negative (step S1e; No), and the facility management apparatus 3 (control unit 30) proceeds to step S1f.
- the authentication code generation unit 36 generates an authentication code using the private key 111 of the own device and the equipment management device public key list 112 in the encryption processing data 110.
- the authentication code generation unit 36 adds a digital signature to authentication data as data indicating that the user authentication of the own device has been successful using the private key 111 of the own device (step S1f).
- This authentication data includes the issue date and time of the authentication code and the IP address of the connection source.
- the authentication code generation unit 36 encrypts the data with the digital signature added with the public key (manufacturing number) of each equipment management device 3 (step S1g).
- the authentication code has, for example, the format shown in FIG.
- the authentication code generation unit 36 repeats step S1f and step S1g until generation of authentication codes for all the facility management apparatuses 3 is completed.
- step S1e When the generation of the authentication codes of all the facility management devices (master device and slave device) 3 registered in the facility management device public key list 112 is completed (step S1e; Yes), the facility management device 3 (control unit 30) Cookies for the IP addresses in the equipment management device address list 91 in the system configuration data 90 including the generated authentication code are generated for all equipment management devices 3 and returned to the monitoring terminal 4 (step S1h).
- the user authentication processing unit 32 digitally signs the authentication data using the private key 111 of its own device to prevent tampering of the authentication data, and the user authentication processing unit 32 adds the digital signature.
- the authentication data is encrypted with the public key (manufacturing number) of each facility management device 3 to generate an authentication code that cannot be decrypted by other than the designated facility management device 3.
- the monitoring terminal 4 acquires an authentication code accessible to each facility management device 3 as a cookie for each facility management device 3.
- the monitoring terminal 4 holds the acquired address in the system configuration data 151 as the equipment management device address list 152.
- the cookie including the authentication code issued by the facility management apparatus 3 is held by a Web browser executed on the monitoring terminal 4. Thereafter, when accessing each facility management apparatus 3, the Web browser of the monitoring terminal 4 determines the cookie to be added based on the IP address (or domain name) of the connection destination facility management apparatus 3, and the connection-target cookie is included in the HTTP header. In addition, a monitor or a setting command is transmitted to the equipment management apparatus 3.
- the authentication code included in the cookie is digitally signed using the private key of the equipment management device (master unit) 3, equipment management even if a malicious user attempts to tamper with the authentication data or forge the authentication code Since the private key of the device (parent device) 3 is not known, a correct signature cannot be added. Therefore, it is guaranteed that the data in the issued authentication code has not been falsified and is definitely issued by the facility management apparatus (master unit) 3.
- the encryption is performed with the public key (manufacturing number) of the equipment management device (parent device or slave device) 3, the authentication code can be decrypted only with the private key of the target equipment management device 3, and eavesdropping or the like. Even if the authentication code is acquired, the contents are not read out. In addition, the contents cannot be analyzed to forge the authentication code. As a result, unauthorized access can be prevented.
- the above-described authentication code format is an example. If the data is digitally signed using the private key 111 of its own device and further encrypted with the public key of the target facility management device 3, the data element in the authentication code is further changed, added, or deleted. You may use the authentication code which performed.
- FIG. 6 shows an authentication code verification process executed by the facility management apparatus 3 when connecting to each facility management apparatus 3 from the Web browser of the monitoring terminal 4 after the authentication is completed.
- the monitoring terminal 4 When a monitor or setting command is transmitted from the monitoring terminal 4 to the equipment management device 3 after the user authentication is successful, the monitoring terminal 4 adds a cookie including an authentication code to the HTTP header of the request command, and the equipment management device 3 Send to.
- the facility management device 3 determines whether or not an authentication code is added to the received command (step S2a). When not added (step S2a; No), the equipment management apparatus 3 returns an authentication error to the monitoring terminal 4 and disconnects the connection (step S2h). On the other hand, if it is determined that an authentication code is added to the command (step S2a; Yes), verification of the authentication code is started.
- the authentication code analysis unit 33 of the facility management device 3 decrypts the authentication code with the private key 111 of the own device (step S2b). Subsequently, the authentication code analysis unit 33 determines whether or not the decryption is successful (step S2c). When the decryption is not performed normally and an abnormality occurs (step S2c; No), the facility management device 3 returns an authentication error to the monitoring terminal 4 and disconnects the connection (step S2h). If decrypted normally (step S2c; Yes), the following digital signature verification process is continued.
- the authentication code analysis unit 33 verifies whether or not the digital signature in the authentication code decrypted in step S2b is correct by using the public key (manufacturing number) of the representative facility management device (master unit) 3. (Step S2d). If the digital signature is normal (step S2e; No), the authentication code analysis unit 33 returns an authentication error to the monitoring terminal 4 and disconnects the connection (step S2h). If the digital signature is correct (step S2e; Yes), the authentication code analysis unit 33 continues the verification process of the authentication code.
- step S2f it is determined whether the issuance date and time of the authentication code decrypted in step S2b and the IP address of the connection source are normal (step S2f).
- the determination of the issue date and time it is confirmed whether or not a certain period of time has passed since the issue. This determination prevents an authentication code used in the past from being illegally reused (replay attack countermeasure).
- the determination of the IP address of the connection source it is confirmed whether or not the currently connected monitoring terminal 4 is the same as the IP address described in the authentication code. By this determination, an authentication code that has been wiretapped is prevented from being used illegally by other terminals (impersonation attack countermeasures).
- step S2f If the issuance date and time or the IP address of the connection source is not normal and abnormal (step S2f; No), the authentication code analysis unit 33 returns an authentication error to the monitoring terminal 4 and disconnects the connection (step S2h). ). That is, the authentication code analysis unit 33 performs authentication based on the issue date and time updated every time authentication is performed and the IP address of the connection source. If the issuance date and time and the IP address of the connection source are normal (step S2f; Yes), the authentication code analysis unit 33 returns a normal response assuming that the authentication code is correct (step S2g).
- the authentication code verification process for the request command received from the monitoring terminal 4 is completed, and the monitoring terminal 4 logs in to the other facility management apparatus 3 only by logging into the representative facility management apparatus (master unit) 3 only once. Will also be accessible.
- the monitoring terminal 4 After the login authentication is performed by the facility management apparatus (parent device) 3 according to the procedure described above, the monitoring terminal 4 acquires the Web content 80 acquired from the facility management device (parent device) 3 (step S3a). Subsequently, the monitoring terminal 4 (screen configuration file analysis unit 141) analyzes the Web content 80, displays a screen according to the acquired HTML file (step S3b), and monitors the monitoring program (JavaScript (Script) (HTML) embedded in the HTML file. Registered trademark)) is executed (step S3c).
- the monitoring program JavaScript (Script) (HTML) embedded in the HTML file. Registered trademark
- the monitoring program execution unit 142 adds an authentication code to the facility management apparatus 3 that has acquired the Web content 80 and connects to the facility management apparatus 3 using the WebSocket method (step S3d).
- the WebSocket method is a technical standard for bidirectional communication between a Web server and a Web client. Unlike the HTTP protocol, if the WebSocket method is used for connection, it is possible to always connect. Therefore, it is possible to start transmission from either the Web server or the Web client when communication is necessary. As a result, information can be transmitted only when there is some change in the device, such as a change in operation or state.
- the data communication management unit 143 includes a system configuration including an equipment management device address list 91 in which address information such as an IP address and a host name of the equipment management device 3 connected in the equipment management system 1 is input. Data 90 is acquired (step S3e).
- the data communication management unit 143 holds the acquired system configuration data 90 as the system configuration data 151 in the database unit 150 (step S3f).
- the facility management device 3 determines whether or not all the facility management devices 3 have been completed (step S3g). Here, since it is still the first unit, the determination is negative (step S3g; No), and the equipment management apparatus 3 (control unit 30) proceeds to step S3h.
- the facility equipment data management unit 144 connects to the facility management device 3 by the WebSocket method for each IP address or host name of the facility management device 3 included in the system configuration data 151 in the database unit 150 (Step S1). S3h). Subsequently, the facility device data management unit 144 acquires and holds the connection information 155 of the facility device 2 (step S3i). The equipment device data management unit 144 acquires and holds the operation state data 156 of the equipment device 2 (step S3j). The equipment device data management unit 144 acquires and holds the display position data 157 (step S3k). In this way, the facility device data management unit 144 holds the facility device data 154 in the database unit 150.
- the authentication code generation unit 36 repeats Steps S3g to S3k until acquisition of the equipment data 154 from all equipment management devices 3 is completed.
- the equipment device data management unit 144 in the monitoring program execution unit 142 is a plane on the Web screen.
- the equipment icon indicating the operation state is displayed according to the display position data 156 of each equipment 2 (step S3m).
- the equipment management device 3 transmits data indicating the change of the state to the monitoring terminal 4.
- the monitoring terminal 4 holds the data as the equipment device data 154.
- the facility device data management unit 144 changes the display state of the facility device icon.
- the monitoring screen display process is completed on the monitoring terminal 4. Thereby, it becomes possible to monitor the operation state of the equipment group 7 managed by the plurality of equipment management apparatuses 3 on the same Web page.
- FIG. 8 shows a communication sequence performed by the processes shown in FIG. 4, FIG. 6, and FIG.
- S1 login authentication
- S2 a list of addresses and authentication codes of each equipment management apparatus 3 is acquired
- S3 Web content request and acquisition
- S4 WebSocket connection (authentication) Code addition)
- S5, S7, S9 WebSocket connection (authentication) Code addition)
- FIG. 9 shows an example of a floor monitoring screen displayed on the monitoring terminal 4.
- this monitoring screen is a monitoring drawing of the equipment group 7 (see FIG. 1) in the same floor by a plurality of equipment management apparatuses 3 (3a, 3b, 3c).
- the display position data 157 (see FIG. 3) acquired from each equipment management device 3
- a plurality of equipment managements are displayed on the plan view of one web page displayed on the web browser. Icons in accordance with the operation state data 156 (see FIG. 3) of each equipment 2 acquired from the device 3 are arranged.
- FIG. 10 shows an example of a screen displaying the unit in which an abnormality has occurred, which is displayed on the monitoring terminal 4 (see FIG. 3).
- the equipment 2 in which an abnormality has occurred is displayed in accordance with the operation state data 155 (see FIG. 3) of each equipment 2 (see FIG. 1) acquired from the equipment management devices 3a, 3b, 3c.
- the equipment management devices 3a, 3b, 3c are displayed in one Web page in the order of occurrence date and time.
- FIG. 11 shows the processing of the facility management apparatus 3 when the operation state of the facility device 2 changes.
- the facility management device 3 waits until information is received from the facility device 2 (step S4a; No).
- the facility management device 3 is configured such that when the operation state of the facility device 2 is operated by a remote controller (not shown) connected to the facility device 2 or the facility management device 3, the facility device 2
- the equipment device management unit 31 in the equipment management device 3 detects a change in state by the transmission from, and updates the operation state data 72 (step S4b).
- the facility management apparatus 3 determines whether or not there is a connection with the monitoring terminal 4 (whether or not there is a WebSocket connection) (step S4c). If the connection is being made (step S4c; Yes), the facility management is performed. The device 3 transmits the change information of the operation state of the equipment device 2 to the monitoring terminal 4 to which the WebSocket is connected (step S4d).
- FIG. 12 shows processing of the monitoring terminal 4 that is executed when the change information of the operation state data 72 of the equipment 2 is received from the equipment management device 3.
- the monitoring terminal 4 waits until it receives the change information of the operating state of the equipment 2 from the equipment management device 3 (step S5a; No), and if received (step S5a; Yes), the monitoring terminal 4 (facility equipment data management unit 144). ) Updates the operating state data 156 in the equipment data 154 (step 5b).
- the monitoring terminal 4 (equipment equipment data management unit 144) updates the equipment operation state on the currently displayed monitoring screen to the latest state (step S5c).
- the processing when the operating state of the equipment device 2 is changed is completed, and the latest operating state data of the equipment device group 7 managed by the plurality of equipment management devices 3 can be constantly monitored.
- the facility device data management unit 144 transmits data indicating the updated operation state to the monitoring terminal 4.
- the Web content 80, system configuration data 90, user registration information 100, and encryption processing data 110 held by the equipment management apparatus 3 are set in the equipment management apparatus 3 in advance. Shall be kept. Such setting may be performed from the input unit 20 of the facility management apparatus 3 or may be performed from the Web browser of the monitoring terminal 4.
- each equipment device 2 may be set from the input unit 20 of the equipment management apparatus 3 or may be set while checking the display position with the Web browser of the monitoring terminal 4. Good.
- the equipment management apparatus 3 includes the display unit 10 and the input unit 20, but the display unit 10 and the input unit 20 are not necessarily required. For example, various settings and operations may be performed via the communication line 6 without providing the display unit 10 and the input unit 20.
- the monitoring terminal 4 uses a Web browser on a personal computer.
- the Web browser is started on the equipment management apparatus 3 to read the Web content 80, and the same processing procedure as in FIG.
- a terminal that can also monitor the equipment group 7 connected to the other equipment management apparatus 3 on the display unit 10 of the own apparatus may be used as the monitoring terminal 4.
- the monitoring terminal 4 is a personal computer, but it is not always necessary to use a personal computer.
- a dedicated terminal or a tablet terminal capable of executing the monitoring program 82 may be used.
- all commands can be communicated after authentication, but information indicating the authority level and user name is added in the authentication code to limit the commands accessible by the logged-in user. Also good.
- the replay attack is prevented by verifying the issue date and time and the IP address of the connection source described in the authentication code.
- a counter value or the like may be described in the authentication code to prevent a replay attack.
- the authentication data is digitally signed using the secret key of the representative facility management apparatus 3, but the authentication data is replaced with the secret key of the representative facility management apparatus 3 instead of the digital signature.
- a method of encrypting a part may be used.
- the production number of the equipment management device 3 is used as the public key.
- a number unique to the equipment management device 3 other than the production number may be used, or a random value that is normally used is used.
- a public key may be used.
- the communication format between the monitoring terminal 4 and the equipment management apparatus 3 may use a text format using XML (Extensible Markup Language) or other formats such as a binary format to reduce the communication size. It may be used. Moreover, you may encrypt communication so that the information to communicate may be concealed.
- XML Extensible Markup Language
- a WebSocket that can be always connected is used as a communication method.
- communication may be performed using an HTTP protocol or a unique protocol.
- the present invention can also be applied to a system in which the facility management device 3 is present at each geographically distant base and the VPN connection is made from the monitoring terminal 4 via the Internet.
- the authentication information can be shared between the bases, and an icon indicating the equipment management apparatus 3 can be displayed on a map across a plurality of bases on the Web screen, for example.
- the authentication code is issued when the monitoring terminal 4 logs in to the representative facility management device (parent device) 3.
- the monitoring terminal 4 tries to connect to another equipment management apparatus 3 by adding the authentication code.
- it is possible to access a plurality of facility management apparatuses with one login authentication and it is possible to eliminate communication between the authentication server (master unit) and the target site (slave unit).
- each facility management device 3 is VPN-connected in a one-to-one relationship, it is possible to access another facility management device 3 with a single login.
- the equipment management apparatus 3 and the monitoring terminal 4 since the digital signature is performed using the secret key held only in the equipment management apparatus (parent device) 3 in the authentication code, It is possible to prevent falsification and forgery of the authentication code by a malicious user.
- the authentication code is obtained by putting the IP address of the connection source in the authentication code and verifying that the actually connected terminal matches the IP address in the authentication code. It is possible to prevent unauthorized duplication and unauthorized access from other terminals.
- the authentication code is encrypted with the (manufacturing number) of the facility management device 3 to be connected, and the authentication code is only used with a secret key held only by the target facility management device 3. Cannot decrypt. For this reason, even if the authentication code is wiretapped and obtained illegally, the contents of the authentication code cannot be analyzed, and the authentication code can be prevented from being counterfeited.
- the public key of each equipment management device 3 is made easy to see and understand by a person such as a production number by using ID-based encryption technology. Setting of the facility management apparatus public key list 112 registered in advance is facilitated.
- the monitoring program (monitoring program execution unit 142) executed in the Web page is connected to the plurality of facility management apparatuses 3 and acquires the operation state data 72. If it does in this way, it will become possible to display in a mixed manner the state of the equipment 2 managed by a plurality of equipment management devices 3 in the same Web page. In this way, the oversight of abnormal equipment, forgetting to turn off the lighting, and the all equipment management apparatus 3 that have occurred because the operation state and the abnormal state could only be confirmed on the web page of each equipment management apparatus 3 conventionally. Therefore, it is possible to eliminate the complexity of management such that all the equipment devices 2 cannot be managed unless the connection destinations (URLs) are switched.
- URLs connection destinations
- the program to be executed is a computer-readable recording such as a flexible disk, a CD-ROM (Compact Disc-Read-Only Memory), a DVD (Digital Versatile Disc), and an MO (Magneto-Optical Disc).
- a system that executes the above-described program may be configured by storing and distributing the program in a medium and installing the program.
- the program may be stored in a disk device or the like included in a predetermined server device on a communication network such as the Internet, and may be downloaded, for example, superimposed on a carrier wave.
- the present invention is suitable for a case where facility equipment managed by a plurality of facility management devices installed in a house such as a building is managed by a single monitoring terminal.
- 1 equipment management system 2 equipment, 3 equipment management equipment, 4 monitoring terminal, 5 dedicated communication line, 6 communication line, 7 equipment equipment group, 10 display section, 20 input section, 30 control section, 31 equipment equipment management section, 32 user authentication processing unit, 33 authentication code analysis unit, 34 Web server unit, 35 user authentication unit, 36 authentication code generation unit, 37 facility device data communication unit, 38 system connection data communication unit, 40 data management unit, 50 facility device Communication management unit, 60 monitoring terminal communication management unit, 70 equipment data, 71 connection information, 72 operation status data, 73 display position data, 80 Web content, 81 screen configuration file, 82 monitoring program, 83 plan view data, 90 system Configuration data, 91 Equipment management device address list, 100 units
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
- Selective Calling Equipment (AREA)
Abstract
Description
設備機器を管理する設備管理装置であって、
前記設備機器の運転状態を管理する設備機器管理部と、
自装置が複数の設備管理装置のうちの代表の設備管理装置である場合に、監視端末からの要求に従ってユーザ認証を行い、ユーザ認証が成功した場合に、自装置の秘密鍵でディジタル署名を付加した認証データを前記各設備管理装置の公開鍵を用いて暗号化した認証コードを前記設備管理装置ごとに生成し、前記監視端末に送信するユーザ認証処理部と、
自装置の設備管理装置用に生成された認証コードを前記監視端末から受信すると、受信した認証コードを、自装置の秘密鍵で復号し、前記代表の設備管理装置の公開鍵でディジタル署名を検証することにより、認証を行う認証コード解析部と、
前記ユーザ認証処理部又は前記認証コード解析部で認証に成功すると、前記設備機器管理部で管理される前記各設備機器の運転状態を示すデータの監視、操作を可能とするWebサーバ部と、
を備える。
Claims (11)
- 設備機器を管理する設備管理装置であって、
前記設備機器の運転状態を管理する設備機器管理部と、
自装置が複数の設備管理装置のうちの代表の設備管理装置である場合に、監視端末からの要求に従ってユーザ認証を行い、ユーザ認証が成功した場合に、自装置の秘密鍵でディジタル署名を付加した認証データを前記各設備管理装置の公開鍵を用いて暗号化した認証コードを前記設備管理装置ごとに生成し、前記監視端末に送信するユーザ認証処理部と、
自装置の設備管理装置用に生成された認証コードを前記監視端末から受信すると、受信した認証コードを、自装置の秘密鍵で復号し、前記代表の設備管理装置の公開鍵でディジタル署名を検証することにより、認証を行う認証コード解析部と、
前記ユーザ認証処理部又は前記認証コード解析部で認証に成功すると、前記設備機器管理部で管理される前記各設備機器の運転状態を示すデータの監視、操作を可能とするWebサーバ部と、
を備える設備管理装置。 - 自装置と他の設備管理装置とを含む前記複数の設備管理装置各々の公開鍵のリストを保持する公開鍵リスト保持部をさらに備え、
前記ユーザ認証処理部は、
自装置のユーザ認証に成功したことを示すデータとしての前記認証データに、自装置の秘密鍵を用いてディジタル署名を付加し、
ディジタル署名を付加したデータを前記各設備管理装置の公開鍵で暗号化したデータを、前記各設備管理装置の認証コードとして生成する、
請求項1に記載の設備管理装置。 - 前記ユーザ認証処理部は、
前記認証コード内に、認証の度に更新される発行日時を付加し、
前記認証コード解析部は、
前記発行日時に基づいて、認証を行う、
請求項1又は2に記載の設備管理装置。 - 前記ユーザ認証処理部は、
前記認証コード内に、ユーザ認証を行った端末のIPアドレスを付加し、
前記認証コード解析部は、
前記IPアドレスに基づいて、認証を行う、
請求項1乃至3のいずれか一項に記載の設備管理装置。 - 前記各設備管理装置の公開鍵を、前記各設備管理装置固有の製造番号とする、
請求項1乃至4のいずれか一項に記載の設備管理装置。 - 前記Webサーバ部は、
前記監視端末と常時接続可能である、
請求項1乃至5のいずれか一項に記載の設備管理装置。 - 前記Webサーバ部は、
前記監視端末のWebブラウザ上で実行される監視プログラムを前記監視端末に送信し、
前記監視プログラムは、
前記設備機器管理部から複数の設備管理装置各々の運転状態データを取得し、前記複数の設備管理装置が管理する設備機器の運転状態を混在して前記監視端末のWebブラウザ上に表示するプログラムである、
請求項1乃至6のいずれか一項に記載の設備管理装置。 - 複数の設備機器が設置されたフロアの平面図画像を保持する平面図保持部と、
平面図上の前記複数の設備機器の表示位置を示す表示位置データを保持する表示位置データ保持部と、
を備え、
前記監視プログラムは、
前記各設備管理装置から前記平面図保持部で保持された平面図画像と、前記表示位置データ保持部で保持された表示位置データと、を取得し、
前記平面図画像上に前記表示位置データが示す位置に、前記複数の設備機器の運転状態を示すアイコンを重ね合わせて、前記監視端末のWebブラウザ上に表示する、
請求項7に記載の設備管理装置。 - 前記設備機器管理部で管理される前記設備機器の運転状態が更新された場合に、更新された運転状態を示すデータを、前記監視端末に送信する設備機器データ管理部をさらに備える、
請求項6に記載の設備管理装置。 - 請求項1乃至9のいずれか一項に記載の複数の設備管理装置と、
Webブラウザを用いて前記各設備管理装置にアクセスして、複数の設備機器を管理する前記各設備管理装置から、前記各設備機器の運転状態を取得して表示する監視端末と、
を備える設備管理システム。 - 設備機器を管理する設備管理装置を制御するコンピュータを、
前記設備機器の運転状態を管理する設備機器管理部、
自装置が複数の設備管理装置のうちの代表の設備管理装置である場合に、監視端末からの要求に従ってユーザ認証を行い、ユーザ認証が成功した場合に、自装置の秘密鍵でディジタル署名を付加した認証データを前記各設備管理装置の公開鍵を用いて暗号化した認証コードを前記設備管理装置ごとに生成し、前記監視端末に送信するユーザ認証処理部、
自装置の設備管理装置用に生成された認証コードを前記監視端末から受信すると、受信した認証コードを、自装置の秘密鍵で復号し、前記代表の設備管理装置の公開鍵でディジタル署名を検証することにより、認証を行う認証コード解析部、
前記ユーザ認証処理部又は前記認証コード解析部で認証に成功すると、前記設備機器管理部で管理される前記各設備機器の運転状態を示すデータの監視、操作を可能とするWebサーバ部、
として機能させるプログラム。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2012/077840 WO2014068632A1 (ja) | 2012-10-29 | 2012-10-29 | 設備管理装置、設備管理システム及びプログラム |
CN201280076719.2A CN104756126B (zh) | 2012-10-29 | 2012-10-29 | 设备管理装置、设备管理系统以及设备管理方法 |
JP2014544064A JP6016936B2 (ja) | 2012-10-29 | 2012-10-29 | 設備管理システム及び設備管理方法 |
EP12887613.3A EP2913776B1 (en) | 2012-10-29 | 2012-10-29 | Facility management device, facility management system and program |
US14/436,915 US9544145B2 (en) | 2012-10-29 | 2012-10-29 | Device, method, and medium for facility management verification |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2012/077840 WO2014068632A1 (ja) | 2012-10-29 | 2012-10-29 | 設備管理装置、設備管理システム及びプログラム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014068632A1 true WO2014068632A1 (ja) | 2014-05-08 |
Family
ID=50626613
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2012/077840 WO2014068632A1 (ja) | 2012-10-29 | 2012-10-29 | 設備管理装置、設備管理システム及びプログラム |
Country Status (5)
Country | Link |
---|---|
US (1) | US9544145B2 (ja) |
EP (1) | EP2913776B1 (ja) |
JP (1) | JP6016936B2 (ja) |
CN (1) | CN104756126B (ja) |
WO (1) | WO2014068632A1 (ja) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2014174748A (ja) * | 2013-03-08 | 2014-09-22 | Mitsubishi Electric Corp | 設備管理システムおよび監視プログラム |
JP2016066165A (ja) * | 2014-09-24 | 2016-04-28 | 富士ゼロックス株式会社 | 情報処理装置、システム及びプログラム |
WO2016151798A1 (ja) * | 2015-03-25 | 2016-09-29 | 三菱電機株式会社 | 通信システム、設備管理装置、通信方法及びプログラム |
CN106464690A (zh) * | 2015-08-24 | 2017-02-22 | 华为技术有限公司 | 一种安全认证方法、配置方法以及相关设备 |
JP2018148463A (ja) * | 2017-03-07 | 2018-09-20 | 株式会社Nttドコモ | 認証システム、認証情報生成装置、被認証装置及び認証装置 |
JP2019506662A (ja) * | 2015-12-23 | 2019-03-07 | コンプテル オーユー | ネットワーク管理 |
WO2020195350A1 (ja) * | 2019-03-27 | 2020-10-01 | オムロン株式会社 | 制御システム、および制御方法 |
JP2020184115A (ja) * | 2019-04-26 | 2020-11-12 | パナソニックIpマネジメント株式会社 | 認証方法、表示方法、プログラム、認証システム、及び表示システム |
JP2020194293A (ja) * | 2019-05-27 | 2020-12-03 | 三菱電機株式会社 | 遠隔サーバ、管理装置、通信システム、認証方法、被認証方法及びプログラム |
WO2024100843A1 (ja) * | 2022-11-10 | 2024-05-16 | 三菱電機株式会社 | 通信システム、サーバ、および通信方法 |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI566564B (zh) * | 2012-04-25 | 2017-01-11 | Samton International Development Technology Co Ltd | Virtual reality authentication circuit, system and electronic consumption method |
US9992028B2 (en) * | 2015-11-26 | 2018-06-05 | International Business Machines Corporation | System, method, and computer program product for privacy-preserving transaction validation mechanisms for smart contracts that are included in a ledger |
JP6173500B1 (ja) * | 2016-02-05 | 2017-08-02 | 三菱電機ビルテクノサービス株式会社 | ビル設備管理システム |
JP6570741B2 (ja) * | 2016-05-16 | 2019-09-04 | 三菱電機株式会社 | 空調管理装置及びプログラム |
CN108122401B (zh) * | 2016-11-29 | 2021-10-15 | 英飞凌科技股份有限公司 | 信号发生器、解码器、用于生成传输信号的方法以及用于确定速度数据的方法 |
JP6882080B2 (ja) * | 2017-05-31 | 2021-06-02 | キヤノン株式会社 | 画像処理装置、方法、プログラム及びシステム |
CN109039990B (zh) * | 2017-06-08 | 2020-07-07 | 腾讯科技(深圳)有限公司 | 基于验证码进行行为验证的方法及装置 |
US11138016B2 (en) * | 2018-03-14 | 2021-10-05 | Mitsubishi Electric Corporation | System construction support device, system construction support method, and non-transitory storage medium |
CN109451054A (zh) * | 2018-12-19 | 2019-03-08 | 京信通信系统(中国)有限公司 | 一种设备管理方法及设备 |
CN110417789B (zh) * | 2019-08-01 | 2021-12-03 | 深圳市网心科技有限公司 | 服务器连接方法、电子设备、系统及介质 |
CN110745660B (zh) * | 2019-10-25 | 2021-12-07 | 上海三菱电梯有限公司 | 电梯监视系统以及电梯监视方法 |
US11409865B1 (en) * | 2021-08-16 | 2022-08-09 | Cyberark Software Ltd. | Verification code injection at build time |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH1098778A (ja) * | 1996-07-30 | 1998-04-14 | Mitsubishi Electric Corp | ビル管理装置 |
JPH10302000A (ja) * | 1997-04-23 | 1998-11-13 | Matsushita Electric Works Ltd | ビル管理システム |
JP2001111704A (ja) * | 1999-10-08 | 2001-04-20 | Yamatake Building Systems Co Ltd | ビル群管理システム |
JP2002269272A (ja) | 2001-03-13 | 2002-09-20 | Nippon Telegr & Teleph Corp <Ntt> | 認証代行方法及び装置、認証代行プログラム並びにそのプログラムを記録した記録媒体 |
JP2003323409A (ja) * | 2002-05-07 | 2003-11-14 | Seiko Epson Corp | シングルサインオンシステム、そのプログラム及びその方法 |
JP2005348164A (ja) * | 2004-06-03 | 2005-12-15 | Nippon Telegr & Teleph Corp <Ntt> | クライアント端末、ゲートウエイ装置、及びこれらを備えたネットワークシステム |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH07245605A (ja) | 1994-03-03 | 1995-09-19 | Fujitsu Ltd | 暗号化情報中継装置とそれに接続される加入者端末装置ならびに暗号通信方法 |
KR20020014364A (ko) * | 2000-08-17 | 2002-02-25 | 윤종용 | 장치 드라이버의 자동 진단 장치 및 그 방법 |
KR100636318B1 (ko) * | 2004-09-07 | 2006-10-18 | 삼성전자주식회사 | CoA 바인딩 프로토콜을 이용한 어드레스 오너쉽인증방법 및 그 시스템 |
JP4616352B2 (ja) * | 2006-03-29 | 2011-01-19 | 株式会社三菱東京Ufj銀行 | ユーザ確認装置、方法及びプログラム |
US7949110B2 (en) * | 2006-12-12 | 2011-05-24 | United States Cellular Corporation | Distributed architecture for IP-based telemetry services |
FR2919974B1 (fr) * | 2007-08-08 | 2010-02-26 | Fidalis | Systeme d'information et procede d'identification par un serveur d'application d'un utilisateur |
TWI389536B (zh) | 2008-11-07 | 2013-03-11 | Ind Tech Res Inst | 階層式金鑰為基礎之存取控制系統與方法,以及其認證金鑰交換方法 |
EP2339492A1 (en) * | 2009-12-10 | 2011-06-29 | Schneider Electric Buildings AB | Authentication in a building control system |
US8813167B2 (en) * | 2010-12-30 | 2014-08-19 | Apple Inc. | Dynamic device configuration using predicates |
US9332140B2 (en) * | 2011-05-19 | 2016-05-03 | Toshiba America Business Solutions, Inc. | Multi-purpose document equipment management system and method of use |
US20130191887A1 (en) * | 2011-10-13 | 2013-07-25 | Marc E. Davis | Social network based trust verification Schema |
US8959604B2 (en) * | 2011-11-25 | 2015-02-17 | Synchronoss Technologies, Inc. | System and method of verifying a number of a mobile terminal |
-
2012
- 2012-10-29 WO PCT/JP2012/077840 patent/WO2014068632A1/ja active Application Filing
- 2012-10-29 CN CN201280076719.2A patent/CN104756126B/zh active Active
- 2012-10-29 US US14/436,915 patent/US9544145B2/en active Active
- 2012-10-29 JP JP2014544064A patent/JP6016936B2/ja active Active
- 2012-10-29 EP EP12887613.3A patent/EP2913776B1/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH1098778A (ja) * | 1996-07-30 | 1998-04-14 | Mitsubishi Electric Corp | ビル管理装置 |
JPH10302000A (ja) * | 1997-04-23 | 1998-11-13 | Matsushita Electric Works Ltd | ビル管理システム |
JP2001111704A (ja) * | 1999-10-08 | 2001-04-20 | Yamatake Building Systems Co Ltd | ビル群管理システム |
JP2002269272A (ja) | 2001-03-13 | 2002-09-20 | Nippon Telegr & Teleph Corp <Ntt> | 認証代行方法及び装置、認証代行プログラム並びにそのプログラムを記録した記録媒体 |
JP2003323409A (ja) * | 2002-05-07 | 2003-11-14 | Seiko Epson Corp | シングルサインオンシステム、そのプログラム及びその方法 |
JP2005348164A (ja) * | 2004-06-03 | 2005-12-15 | Nippon Telegr & Teleph Corp <Ntt> | クライアント端末、ゲートウエイ装置、及びこれらを備えたネットワークシステム |
Non-Patent Citations (2)
Title |
---|
See also references of EP2913776A4 |
TAKAHIRO KATAYAMA: "Notes/Domino & WebSphere Notes/Domino no Solution o Kakudai suru Atarashii Hybrid Platform no Kochikuho", NOTES/ DOMINO MAGAZINE, vol. 6, no. 6, 1 June 2001 (2001-06-01), pages 102 - 106, XP008179501 * |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2014174748A (ja) * | 2013-03-08 | 2014-09-22 | Mitsubishi Electric Corp | 設備管理システムおよび監視プログラム |
JP2016066165A (ja) * | 2014-09-24 | 2016-04-28 | 富士ゼロックス株式会社 | 情報処理装置、システム及びプログラム |
WO2016151798A1 (ja) * | 2015-03-25 | 2016-09-29 | 三菱電機株式会社 | 通信システム、設備管理装置、通信方法及びプログラム |
CN106464690A (zh) * | 2015-08-24 | 2017-02-22 | 华为技术有限公司 | 一种安全认证方法、配置方法以及相关设备 |
CN106464690B (zh) * | 2015-08-24 | 2020-04-10 | 华为技术有限公司 | 一种安全认证方法、配置方法以及相关设备 |
US11343104B2 (en) | 2015-08-24 | 2022-05-24 | Huawei Technologies Co., Ltd. | Method for establishing secured connection, and related device |
US11122039B2 (en) | 2015-12-23 | 2021-09-14 | Comptel Oy | Network management |
JP2019506662A (ja) * | 2015-12-23 | 2019-03-07 | コンプテル オーユー | ネットワーク管理 |
JP2018148463A (ja) * | 2017-03-07 | 2018-09-20 | 株式会社Nttドコモ | 認証システム、認証情報生成装置、被認証装置及び認証装置 |
JP2020160934A (ja) * | 2019-03-27 | 2020-10-01 | オムロン株式会社 | 制御システム、および制御方法 |
WO2020195350A1 (ja) * | 2019-03-27 | 2020-10-01 | オムロン株式会社 | 制御システム、および制御方法 |
JP7088104B2 (ja) | 2019-03-27 | 2022-06-21 | オムロン株式会社 | 制御システム、および制御方法 |
US12008094B2 (en) | 2019-03-27 | 2024-06-11 | Omron Corporation | Control system and control method |
JP2020184115A (ja) * | 2019-04-26 | 2020-11-12 | パナソニックIpマネジメント株式会社 | 認証方法、表示方法、プログラム、認証システム、及び表示システム |
JP2020194293A (ja) * | 2019-05-27 | 2020-12-03 | 三菱電機株式会社 | 遠隔サーバ、管理装置、通信システム、認証方法、被認証方法及びプログラム |
JP7236933B2 (ja) | 2019-05-27 | 2023-03-10 | 三菱電機株式会社 | 遠隔サーバ、管理装置、通信システム、認証方法、被認証方法及びプログラム |
WO2024100843A1 (ja) * | 2022-11-10 | 2024-05-16 | 三菱電機株式会社 | 通信システム、サーバ、および通信方法 |
Also Published As
Publication number | Publication date |
---|---|
EP2913776B1 (en) | 2020-11-25 |
CN104756126A (zh) | 2015-07-01 |
JP6016936B2 (ja) | 2016-10-26 |
JPWO2014068632A1 (ja) | 2016-09-08 |
US9544145B2 (en) | 2017-01-10 |
US20150270969A1 (en) | 2015-09-24 |
EP2913776A4 (en) | 2016-05-18 |
CN104756126B (zh) | 2018-09-07 |
EP2913776A1 (en) | 2015-09-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6016936B2 (ja) | 設備管理システム及び設備管理方法 | |
CN106537871B (zh) | 用于在网络中提供设备的登记的系统、方法和装置 | |
JP4016019B2 (ja) | 許可されたリモート・アクセスをターゲット・システムに対して行うための装置、システム、および方法 | |
JP2023103358A (ja) | 機器の安全なプロビジョニングと管理 | |
US8838965B2 (en) | Secure remote support automation process | |
CN106257861B (zh) | 通过控制设备来和汽车通信的认证方法及其系统 | |
US20180146369A1 (en) | Secure access authorization method | |
EP3308516B1 (en) | Authorization apparatus and method for an authorized issuing of an authentication token for a device | |
WO2018204471A1 (en) | Automated certificate enrollment for devices in industrial control systems or other systems | |
US11373762B2 (en) | Information communication device, authentication program for information communication device, and authentication method | |
CN105392134A (zh) | 在至少一个第二单元上认证至少一个第一单元的方法 | |
JP4758095B2 (ja) | 証明書無効化装置、通信装置、証明書無効化システム、プログラム及び記録媒体 | |
GB2530028A (en) | Registry apparatus, agent device, application providing apparatus and corresponding methods | |
CN104508713A (zh) | 用于借助移动终端控制锁机构的方法和设备 | |
CN101816140A (zh) | 用于pki个性化过程的基于令牌的管理系统 | |
CN1992722A (zh) | 用于控制远程网络供电设备的安全性的系统和方法 | |
JP2019050485A (ja) | 通信制御システム、及び通信制御装置 | |
CN105075219A (zh) | 包括安全性管理服务器和家庭网络的网络系统、以及用于在网络系统中包括设备的方法 | |
KR20130111807A (ko) | 모바일 단말을 이용한 원격 피엘시 관리 시스템 | |
CN101938465B (zh) | 基于webservice认证的方法及系统 | |
CN109891852B (zh) | 用于提供用户配置的信任域的设备和方法 | |
JP2009277024A (ja) | 接続制御方法、通信システムおよび端末 | |
CN109428725B (zh) | 信息处理设备、控制方法和存储介质 | |
JP6150719B2 (ja) | 設備管理装置、通信制御方法、および、プログラム | |
JP2018011191A (ja) | 機器リスト作成システムおよび機器リスト作成方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12887613 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2014544064 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14436915 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2012887613 Country of ref document: EP |