WO2022196439A1 - 通信システム及びコンピュータ可読記憶媒体 - Google Patents
通信システム及びコンピュータ可読記憶媒体 Download PDFInfo
- Publication number
- WO2022196439A1 WO2022196439A1 PCT/JP2022/009983 JP2022009983W WO2022196439A1 WO 2022196439 A1 WO2022196439 A1 WO 2022196439A1 JP 2022009983 W JP2022009983 W JP 2022009983W WO 2022196439 A1 WO2022196439 A1 WO 2022196439A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- communication
- communication control
- control device
- client
- packet
- Prior art date
Links
- 238000004891 communication Methods 0.000 title claims abstract description 902
- 238000012544 monitoring process Methods 0.000 claims description 19
- 238000000034 method Methods 0.000 claims description 16
- 230000005856 abnormality Effects 0.000 claims description 12
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000001514 detection method Methods 0.000 abstract description 4
- 238000007726 management method Methods 0.000 description 109
- 238000012545 processing Methods 0.000 description 36
- 238000003384 imaging method Methods 0.000 description 26
- 230000004044 response Effects 0.000 description 20
- 238000010586 diagram Methods 0.000 description 16
- 230000006870 function Effects 0.000 description 11
- 230000008569 process Effects 0.000 description 11
- 238000012795 verification Methods 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 4
- 238000013500 data storage Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000000903 blocking effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000010248 power generation Methods 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000003449 preventive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 208000008918 voyeurism Diseases 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/40—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/02—Capturing of monitoring data
- H04L43/026—Capturing of monitoring data using flow identification
Definitions
- Embodiments of the present invention relate to communication systems and computer-readable storage media.
- IoT Internet of Things
- IoT technology various things around the world, such as home appliances, automobiles, and factories, are now connected to the Internet.
- AI artificial intelligence
- in order to collect sensor information via the network and utilize the data there is a need to connect what was once operated only with a closed proprietary network to an open network. If a system protected by an independent network is connected to an open network, unauthorized access may occur via the open network.
- the problem to be solved by the present invention is to provide a communication system and a computer-readable storage medium that excel in detecting unauthorized access without changing existing devices.
- a communication system includes a first communication control device connected between a network connection device and a first client device, and a second communication device connected between the network connection device and a second client device. and a communication control management device connected to the network connection device and managing communication by the first communication control device and the second communication control device.
- the communication control management device defines regular communication between the first client device and the second client device as communication using a first packet containing a first virtual tag, and the communication control management device and the first The communication is monitored based on the management information defining the normal communication between the first communication control device or the second communication control device as the communication by the second packet containing the second virtual tag.
- FIG. 1 is a diagram showing a basic configuration example of a communication system according to each embodiment.
- FIG. 2 is a block diagram showing a functional configuration example of a client device and a server device according to each embodiment.
- FIG. 3 is a block diagram showing a functional configuration example of a client-side communication control device and a server-side communication control device according to each embodiment.
- FIG. 4 is a diagram showing a hardware configuration example of an IC card as a configuration example of an authentication unit in the communication control device according to each embodiment.
- FIG. 5 is a block diagram showing a functional configuration example of a C card as a configuration example of an authentication unit in the communication control device according to each embodiment.
- FIG. 6 is a block diagram showing a functional configuration example in the communication control management device according to each embodiment.
- FIG. 1 is a diagram showing a basic configuration example of a communication system according to each embodiment.
- FIG. 2 is a block diagram showing a functional configuration example of a client device and a server device according to each embodiment
- FIG. 7 is a sequence showing an example of processing performed by the communication system shown in FIG.
- FIG. 8 is a diagram illustrating a configuration example of a communication system according to the first embodiment.
- FIG. 9 is a flow chart showing an example of communication monitoring by the communication system according to the first embodiment.
- FIG. 10 is a diagram showing a configuration example of a communication system according to the second embodiment.
- FIG. 11 is a flow chart showing an example of communication monitoring by the communication system according to the second embodiment.
- FIG. 1 is a diagram showing a configuration example of a communication system 1 having a configuration serving as a base of communication systems according to each embodiment.
- the communication system 1 includes client devices 10 (10-1 to 10-N) (N: natural number), server devices 20, and client-side communication control devices 30 (30-1 to 30-N) (N: natural number). (an example of a “first communication control device”), a server-side communication control device 31 (an example of a “first communication control device”), and a communication control management device 50 (an example of a “private certificate authority”) , a network 6 and a network connection device 7 (such as a gateway).
- the network 6 and the network connection device 7 that connects the network 6 and the client device 10 are also collectively referred to as a "network NW”.
- the client device 10 connects to the network NW via the communication control device 30 on the client side.
- the server device 20 is connected to the network NW via a communication control device 31 on the server side. Details of the configurations of the client device 10 and the server device 20 will be described later.
- the client-side communication control device 30 is connected between the client device 10 and the network NW, and mediates communication between the client device 10 and the server device 20 .
- the client-side communication control device 30 acquires data transmitted from the client device 10 to the server device 20 and outputs the acquired data to the server device 20 .
- the communication control device 30 on the client side encrypts the data acquired from the client device 10 and transmits the encrypted data to the server device 20 .
- the communication control device 30 on the client side acquires data transmitted from the server device 20 to the client device 10 and outputs the acquired data to the client device 10 .
- the data acquired by the communication control device 30 on the client side is encrypted data.
- the communication control device 30 on the client side decrypts the data acquired from the server device 20 via the communication control device 31 on the server side, and outputs the decrypted data to the client device 10. do.
- the server-side communication control device 31 is connected between the server device 20 and the network NW, and mediates communication between the client device 10 and the server device 20 .
- the communication control device 31 on the server side acquires data transmitted from the server device 20 to the client device 10 and transmits the acquired data to the client device 10 .
- the communication control device 31 on the server side encrypts the data acquired from the server device 20 and transmits the encrypted data to the client device 10 .
- the server-side communication control device 31 acquires data transmitted from the client device 10 to the server device 20 and outputs the acquired data to the server device 20 .
- the data acquired by the communication control device 31 on the server side is encrypted data.
- the server-side communication control device 31 decrypts data acquired from the client device 10 via the client-side communication control device 30 and outputs the decrypted data to the server device 20 . do.
- encryption is performed using the SSL (Secure Socket Layer)/TLS (Transport Layer Security) protocol.
- the communication control device 30 on the client side and the communication control device 31 on the server side encrypt the data included in HTTP by, for example, combining the SSL/TLS protocol with HTTP. ).
- the data encryption performed by the client-side communication control device 30 and the server-side communication control device 31 is not limited to HTTPS instead of HTTP.
- the communication control device 30 on the client side and the communication control device 31 on the server side may be replaced with a secure communication protocol with improved safety by combining the SSL/TLS protocol with various communication protocols.
- the communication control device 30 on the client side and the communication control device 31 on the server side may replace FTP (File Transfer Protocol) with FTPS (FTP Secure).
- data encrypted by the communication control device 30 on the client side or the communication control device 31 on the server side is output to the network NW.
- the data flowing through the network NW in the communication system 1 is encrypted data, so there is a risk that the data transmitted and received over the network NW will be maliciously accessed from the outside and the data will be tapped. to avoid and improve safety.
- the eavesdropping of data as used herein refers to an act of peeping at data or an act of extracting data.
- the communication control management device 50 connects to the network connection device 7 or connects to the network connection device 7 via the network 6, and manages communication using the communication control device on the client side and the communication control device on the server side.
- communication management server For example, the communication control management device 50 issues a client certificate and a private key to the communication control device 30 on the client side. In the configuration example shown in FIG. 1, the communication control management device 50 issues a client certificate and a private key to be stored in an IC card attached to the communication control device 30 on the client side. In addition, the communication control management device 50 transmits the client certificate to be stored in the IC card and the private key to the communication control device 30 on the client side to which the IC card is attached via the network NW.
- the communication control management device 50 issues a server certificate and a private key to the communication control device 31 on the server side.
- the communication control management device 50 issues a server certificate and a private key to be stored in the IC card.
- the communication control management device 50 transmits the server certificate and the private key to be stored in the IC card to the communication control device 31 on the server side to which the IC card is attached via the network NW.
- the client certificate, server certificate, and private key are used to determine a common key (session key) used when the communication control device 30 on the client side and the communication control device 31 on the server side perform encrypted communication. information necessary for
- the client device 10 and the server device 20 are, for example, components that construct a social infrastructure system.
- Social infrastructure refers to facilities necessary for preparing social infrastructure such as road traffic networks, power generation facilities, power distribution facilities, water treatment facilities, and gas distribution facilities.
- the social infrastructure system is, for example, a mechanism for stably operating the social infrastructure by monitoring the social infrastructure, grasping changes in the situation, and responding to the changes.
- the client device 10 and the server device are components of a monitoring system that monitors roads, public facilities, and the like.
- the client device 10 is a device (network monitoring camera) that transmits image data obtained by capturing road conditions and the like via the network NW.
- the server device 20 is a device that receives imaging data transmitted from the client device 10 via the network NW.
- the client device 10 and the server device 20 are not limited to components of the monitoring system.
- the client device 10 and the server device may be components of a system that monitors the power status of power generation equipment and power distribution equipment, a system that acquires the delivery status of a distribution center, or facilities of a factory or research institute. It may be a component such as a system that acquires the operating status of the
- FIG. 2 is a block diagram showing a functional configuration example of the client device 10 and the server device 20 shown in FIG.
- the client device 10 includes a NW (network) communication section 11 , a client control section 12 and an imaging section 13 .
- the NW communication unit 11 is, for example, an Ethernet (registered trademark) port of the client device 10 .
- the NW communication unit 11 is connected to the communication control device 30 on the client side, and outputs data transmitted from the client device 10 to the server device 20 to the communication control device 30 on the client side.
- the NW communication unit 11 corresponds to a function unit that is connected to the network NW and communicates with the server device 20 via the network NW in a conventional system.
- the client control unit 12 is, for example, a processor including a CPU, etc., and controls the client device 10 in an integrated manner.
- the client control unit 12 causes the image capturing unit 13 to start or stop capturing an image according to the control from the server device 20, or instructs the image capturing unit 13 to set image capturing conditions such as the direction of the camera for capturing an image and the magnification when capturing an image. set.
- the image capturing unit 13 captures an image of a scene at a predetermined location in accordance with an instruction from the client control unit 12 .
- the image pickup unit 13 outputs imaged data (image pickup data) to the client control unit 12 .
- the server device 20 includes a NW (network) communication unit 21, a server control unit 22, and an imaging data storage unit 23.
- the NW communication unit 21 is, for example, an Ethernet (registered trademark) port of the server device 20 .
- the NW communication unit 21 is connected to the communication control device 31 on the server side, and outputs data transmitted from the server device 20 to the client device 10 to the communication control device 31 on the server side.
- the NW communication unit 21 corresponds to a functional unit that is connected to the network NW and communicates with the client device 10 via the network NW in a conventional system.
- the server control unit 22 is, for example, a processor including a CPU, etc., and controls the server device 20 in an integrated manner.
- the server control unit 22 stores image data captured by the client device 10 in the image data storage unit 23, for example.
- the imaging data storage unit 23 stores imaging data according to instructions from the server control unit 22 .
- unencrypted information (so-called plaintext) output to the network NW by the client device 10 or the server device 20 flows through the network NW.
- plaintext unencrypted information
- the client device 10 if the data on the network NW is acquired maliciously from the outside, there is a risk that the captured data may be easily intercepted or tampered with.
- the client control unit 12 of the client device 10 encrypts the imaging data and outputs the encrypted imaging data to the network NW.
- the processor such as a CPU provided in the surveillance camera is generally used for the purpose of compressing and encoding the imaging data, further processing for encryption is performed. often do not have enough resources. In such a case, the original CPU of the client control unit 12 cannot encrypt the imaging data. If the client control unit 12 is to encrypt the imaging data, it is necessary to change or replace the hardware configuration of the client control unit 12, such as installing a processor for encrypting the imaging data in the client control unit 12. It is conceivable that Since the client device 10 is a component constituting a social infrastructure such as a surveillance camera, it is not easy to change or replace the hardware configuration. In view of such circumstances, it is desirable that the imaging data be encrypted and output to the network NW without changing the client device 10 .
- a client-side communication control device 30 connected between the client device 10 and the network NW encrypts data transmitted by the client device 10 and outputs the encrypted data to the network NW.
- the server-side communication control device 31 connected between the server device 20 and the network NW encrypts control data transmitted by the server device 20 and outputs the encrypted control data to the network NW.
- FIG. 3 is a block diagram showing a functional configuration example of the communication control device 30 on the client side and the communication control device 31 on the server side shown in FIG.
- the client-side communication control device 30 and the server-side communication control device 31 have the same functional configuration. Therefore, the configuration of one (for example, the communication control device 30 on the client side) will be described below, and the configuration of the other (for example, the communication control device 31 on the server side) will be omitted. Further, hereinafter, when the communication control device 30 on the client side and the communication control device 31 on the server side are not distinguished, they are simply referred to as the communication control device 30 (31) or the like.
- the communication control device 30 (31) includes a NW (network) communication unit 32, a control unit 33, a device communication unit 34, a reader/writer 35, a storage unit 36, an IC card 40, Prepare.
- the IC card 40 is an example of an "authentication section".
- the authentication unit is not limited to what is realized by the reader/writer 35 and the IC card 40 .
- the authentication unit may be implemented by the control unit 33 or may be implemented by a processing circuit for authentication processing.
- the NW communication unit 32 is connected to the network NW and communicates with the other communication control device 30 (31) via the network NW.
- the control unit 33 is, for example, a processor including a CPU, etc., and controls the communication control device 30 (31) in an integrated manner.
- the control unit 33 transmits commands to the IC card 40 via the reader/writer 35 and receives responses from the IC card 40 .
- the control unit 33 transmits information based on the response received from the IC card 40 to the other communication control device 30 (31) via the NW communication unit 32 .
- the control unit 33 transmits a command to the IC card 40 based on information received from the other communication control device 30 (31) via the NW communication unit 32 .
- the device communication unit 34 is connected to a device (client device 10 or server device 20) and communicates with the device. Specifically, the device communication unit 34 of the communication control device 30 on the client side is connected to the client device 10, acquires imaging data from the client device 10, and outputs decrypted control data to the client device 10. . The device communication unit 34 of the communication control device 31 on the server side is connected to the server device 20 , acquires control data from the server device 20 , and outputs decoded imaging data to the server device 20 .
- the reader/writer 35 is connected to the IC card 40 via the contact portion 36 and communicates with the IC card 40 .
- the IC card 40 is formed by mounting an IC module 41 on, for example, a plastic card base material. That is, the IC card 40 includes an IC module 41 and a card substrate in which the IC module 41 is embedded. Also, the IC card 40 is detachably attached to the communication control device 30 (31), and can communicate with the communication control device 30 (31) via the contact portion 36.
- the storage unit 36 is a memory as a non-temporary computer-readable storage medium, and stores the operating program of the control unit 33 and the like.
- the control unit 33 operates based on an operation program and implements each function. For example, the control unit 33 operates based on an operation program, reports the communication status to the communication control management device 50 , and controls operations based on control commands from the communication control management device 50 .
- the storage unit 36 also stores a destination list (communication permission list).
- the destination list includes information for specifying communication partners with which communication is permitted. For example, information for specifying a communication partner is a URL (Uniform Resource Locator).
- the destination list stored in the storage unit 36 includes identification information for specifying the client devices 10 (10-1 to 10-N).
- the IC card 40 receives a command (processing request) transmitted by the communication control device 30 (31) via the contact unit 36, and executes processing (command processing) according to the received command. Then, the IC card 40 transmits a response (processing response), which is the execution result of the command processing, to the communication control device 30 (31) via the contact section 36.
- a command processing request
- processing response processing response
- the IC module 41 has a contact portion 36 and an IC chip 42 .
- the contact portion 36 has terminals for various signals necessary for the IC card 40 to operate.
- the terminals for various signals are the terminal for receiving power supply voltage, clock signal, reset signal, etc. from the communication control device 30 (31), and the serial data input terminal for communicating with the communication control device 30 (31). It has an output terminal (SIO terminal).
- the IC chip 42 is, for example, an LSI (Large Scale Integration) such as a one-chip microprocessor.
- FIG. 4 is a diagram showing a hardware configuration example of the IC card 40 shown in FIG.
- the IC card 40 includes an IC module 41 including contact portions 36 and an IC chip 42 .
- the IC chip 42 includes a UART (Universal Asynchronous Receiver Transmitter) 43, a CPU 44, a ROM (Read Only Memory) 45, a RAM (Random Access Memory) 46, and an EEPROM (registered trademark) (Electrically Erasable Programmable ROM). 47. Also, each configuration (43 to 47) is connected via an internal bus BS.
- UART Universal Asynchronous Receiver Transmitter
- the UART 43 performs serial data communication with the communication control device 30 (31) via the SIO terminal described above.
- the UART 43 outputs data (for example, 1-byte data) obtained by parallel-converting the serial data signal received via the SIO terminal to the internal bus BS.
- the UART 43 also serial-converts the data acquired via the internal bus BS and outputs the data to the communication control device 30 (31) via the SIO terminal.
- the UART 43 receives commands from the communication control device 30 (31) via the SIO terminal, for example. Also, the UART 43 transmits a response to the communication control device 30 (31) via the SIO terminal.
- the CPU 44 executes programs stored in the ROM 45 or EEPROM 47 to perform various processes of the IC card 40 .
- the CPU 44 executes command processing according to the command received by the UART 43 via the contact unit 36, for example.
- the ROM 45 is, for example, a non-volatile memory such as a mask ROM, and stores programs for executing various processes of the IC card 40 and data such as command tables.
- the RAM 46 is, for example, a volatile memory such as SRAM (Static RAM), and temporarily stores data used when performing various processes of the IC card 40 .
- the EEPROM 47 is, for example, an electrically rewritable non-volatile memory and a non-temporary computer-readable storage medium.
- the EEPROM 47 stores various data used by the IC card 40 .
- the EEPROM 47 stores information used for various services (applications) using the IC card 40, for example.
- FIG. 5 is a block diagram showing a functional configuration example of the IC card 40 shown in FIG.
- the IC card 40 includes a communication section 400 , a control section 401 and a storage section 404 .
- each part of the IC card 40 shown in FIG. 5 is realized using the hardware of the IC card 40 shown in FIG.
- the communication unit 400 is realized by, for example, the UART 43, the CPU 44, and programs stored in the ROM 45, and transmits and receives commands and responses to, for example, the communication control device 30 (31) via the contact unit 36. I do. That is, the communication unit 400 receives a command (processing request) requesting a predetermined process from the communication control device 30 (31) and transmits a response (processing response) to the command to the communication control device 30 (31). The communication unit 400 causes the RAM 46 to store the received data received from the communication control device 30 (31) via the UART 43 . Also, the communication unit 400 transmits the transmission data stored in the RAM 46 to the communication control device 30 (31) via the UART 43 .
- the control unit 401 is realized by, for example, the CPU 44, the RAM 45, and the ROM 46 or the EEPROM 47, and controls the IC card 40 in an integrated manner.
- the control unit 401 includes a command processing unit 402 and an encryption/decryption unit 403 .
- the processing performed by the command processing unit 402 is an example of "authentication processing”.
- the processing performed by the encryption/decryption unit 403 is an example of “encryption/decryption processing”.
- the command processing unit 402 executes various command processing.
- the command processing unit 402 performs, for example, an SSL/TLS handshake as command processing for requesting an HTTPS request, which will be described later.
- SSL/TLS handshake key information necessary for encrypted communication is exchanged, and mutual authentication with the communication destination device is performed.
- the mutual authentication is an authentication process in which the communication control device 30 on the client side and the communication control device 31 on the server side mutually confirm that they are mutually authenticated devices before communicating with each other. be.
- the encryption/decryption unit 403 executes a process of encrypting data and a process of decrypting the encrypted data.
- the encryption/decryption unit 403 encrypts data output from a device (client device 10 or server device 20) acquired via the communication unit 400.
- FIG. Also, the encryption/decryption unit 403 decrypts encrypted data from the network NW acquired via the communication unit 400 .
- the storage unit 404 is, for example, a storage unit configured by an EEPROM 47, and includes a certificate information storage unit 405 and a secret information storage unit 406.
- the certificate information storage unit 405 stores a certificate for a device (client device 10 or server device 20) issued by the communication control management device 50.
- FIG. Specifically, information indicating the client certificate is stored in the certificate information storage unit 405 of the IC card 40 attached to the communication control device 30 on the client side.
- Information indicating a server certificate is stored in the certificate information storage unit 405 of the IC card 40 attached to the communication control device 31 on the server side.
- the secret information storage unit 406 stores a secret key issued by the communication control management device 50 for the device (client device 10 or server device 20). Specifically, information indicating a secret key issued to the communication control device 30 on the client side is stored in the secret information storage unit 406 of the IC card 40 attached to the communication control device 30 on the client side. . Information indicating a private key issued to the communication control device 31 on the server side is stored in the certificate information storage unit 405 of the IC card 40 attached to the communication control device 31 on the server side.
- FIG. 6 is a block diagram showing a configuration example of the communication control management device 50 shown in FIG.
- the communication control management device 50 includes, for example, a NW (network) communication unit 500, a control unit 510, a storage unit 520, and a display unit 530.
- the NW communication unit 500 is connected to the network NW and communicates with the communication control device 30 (31) via the network NW.
- the control unit 510 includes, for example, a processor such as a CPU. Control unit 510 implements various processes by causing the processor to execute programs. The control unit 510 comprehensively controls the communication control management device 50 . Also, the control unit 510 mainly operates as a private certification authority that recognizes the legitimacy of the communication control device 30 (31). In the example shown in FIG. 6, the controller 510 includes a key generation unit 511, a certificate issuance unit 512, a certificate update unit 513, a certificate management unit 514, a management unit 515, and a monitoring unit 514 by the processor executing programs. A process for realizing the function of the unit 516 is executed.
- the key generation unit 511 issues a private key corresponding to a public key included in a certificate, which will be described later, based on, for example, an authentication application from the communication control device 30 (31).
- the certificate issuing unit 512 issues a certificate that recognizes the legitimacy of the communication control device 30 (31) based on the authentication application from the communication control device 30 (31).
- the certificate includes a public key and information indicating the owner of the communication control device 30 (31).
- the certificate update unit 513 updates the certificate by setting a new expiration date for the certificate whose expiration date has passed. For example, based on an update application from the communication control device 30 (31), the certificate update unit 513 issues a certificate with the validity period of the certificate issued to the communication control device 30 (31) extended. and transmits the issued certificate to the communication control device 30 (31). Information indicating the issued certificate is received by the communication control device 30 (31) and stored in the certificate information storage unit 405 of the IC card 40 of the communication control device 30 (31). ) certificate validity period is extended.
- the certificate management unit 514 manages certificates that have already been issued.
- the certificate management unit 514 for example, when the validity of each other is not proved in the mutual authentication due to falsification or theft of the IC card 40 attached to the communication control device 30 (31), the communication control device 30 (31) Process to invalidate the certificate issued to. Also, based on an inquiry from the communication control device 30 (31), the certificate management unit 514 confirms that the certificate issued to the communication control device 30 (31) and other communication devices is A response may be made as to whether or not it has been issued. Further, the certificate management unit 514 may periodically check whether the issued certificate is used by the valid communication control device 30 (31).
- the management unit 515 manages the communication control device 30 (31). For example, the management unit 515 remotely controls mutual authentication performed by the communication control device 30 (31) via the network NW.
- the monitoring unit 516 monitors communication between the client devices 10 (10-1 to 10-N) based on the management information that defines regular communication between the client devices 10 (10-1 to 10-N) as communication using packets PA1 including the VLAN tag TG1. do.
- the monitoring unit 516 based on the management information that defines regular communication between the communication control management device 50 and the communication control devices 30 (30-1 to 30-N) as communication by the packet PA2 including the VLAN tag TG2, The communication between the communication control management device 50 and the communication control device 30 is monitored.
- the monitoring unit 516 communicates with the communication control management device 50 based on management information that defines normal communication between the communication control management device 50 and the communication control device 30-1 as communication by packets PA2 containing the VLAN tag TG2.
- Communication control management based on management information that monitors communication of the control device 30-1 and defines normal communication between the communication control management device 50 and the communication control device 30-2 as communication by the packet PA3 containing the VLAN tag TG3. It monitors communication between the device 50 and the communication control device 30-2.
- the storage unit 520 is a memory as a non-temporary computer-readable storage medium, and stores an operation program of the control unit 510 and the like.
- the control unit 510 operates based on an operation program and implements each function.
- the control unit 510 operates based on an operation program and controls the communication control device 30 by transmitting control commands to the communication control device 30 .
- the control unit 510 operates based on an operation program and transmits alert information to the communication control device 30 .
- Storage unit 520 also stores a destination list (communication permission list).
- the destination list includes information for specifying communication partners with which communication is permitted.
- information for identifying a communication partner is a URL (Uniform Resource Locator).
- the destination list stored in the storage unit 520 includes identification information for specifying the client devices 10 (10-1 to 10-N).
- the storage unit 520 also includes a key information storage unit 521 and a certificate information storage unit 522, for example.
- the key information storage unit 521 stores, for example, information indicating already issued public keys and private keys.
- the certificate information storage unit 522 stores, for example, information indicating already issued certificates.
- the key information storage unit 521 and the certificate information storage unit 522 are referred to, for example, when the key generation unit 511 issues a private key and when the certificate issue unit 512 issues a certificate.
- the key information storage unit 521 also stores information indicating the private key issued by the key generation unit 511 .
- the certificate information storage unit 522 also stores information indicating the certificate issued by the certificate issuing unit 512 .
- the display unit 530 displays information about the attacked communication path. For example, when it is identified that the communication route VP1 is being attacked, the display unit 530 displays that the communication route VP1 is being attacked, that an abnormality has occurred in the communication route VP1, and that the communication route VP1 is under attack. Indicates that communication has been interrupted.
- FIG. 7 is a sequence chart showing an example of processing performed by the communication system 1. As shown in FIG.
- the client device 10 When the client device 10 transmits imaging data to the server device 20, it first transmits an HTTP request to the server device 20 (step S1).
- the HTTP request sent by the client device 10 is acquired by the communication control device 30 on the client side (step S2).
- the client-side communication control device 30 Upon receiving the HTTP request sent by the client device 10, the client-side communication control device 30 sends an HTTPS request (ClientHello) to the server-side communication control device 31 (step S3). As a result, a handshake between the communication control device 30 on the client side and the communication control device 31 on the server side is started (step S4).
- HTTPS request ClientHello
- the ClientHello sent by the communication control device 30 on the client side includes, for example, information indicating the TLS version and a list of encryption methods and algorithms used for communication.
- the server-side communication control device 31 transmits an HTTPS response (ServerHello) to the client-side communication control device 30 as a response to ClientHello.
- ServerHello transmitted by the communication control device 31 on the server side includes, for example, information selected by the server device 20 from options presented in ClientHello.
- the communication control device 31 on the server side makes a selection in response to the presentation from the communication control device 30 on the client side, thereby determining a specific encryption algorithm for communication.
- the communication control device 31 on the server side sends information necessary for the common key used for encrypted communication.
- the information necessary for the common key includes, for example, information indicating the public key issued to the server device 20 and its certificate, and information requesting the transmission of the public key and its certificate of the client device 10.
- the communication control device 30 on the client side sends to the communication control device 31 on the server side a public key issued to itself, its certificate, and information necessary for a common key used for encrypted communication.
- Mutual authentication between the communication control device 30 on the client side and the communication control device 31 on the server side is performed, for example, as follows.
- the communication control device 30 on the client side generates a signature from the received ServerHello etc. and transmits it to the communication control device 31 on the server side.
- the server-side communication control device 31 verifies the signature received from the client-side communication control device 30 based on the certificate received from the client-side communication control device 30 . If the verification succeeds, the communication control device 31 on the server side determines that the certificate definitely belongs to the communication control device 30 on the client side. Further, the server-side communication control device 31 generates a signature from the ClientHello and the like received so far, and transmits it to the client-side communication control device 30 .
- the client-side communication control device 30 verifies the signature received from the server-side communication control device 31 based on the certificate received from the server-side communication control device 31 . If the verification is successful, the communication control device 30 on the client side determines that the certificate belongs to the communication control device 31 on the server side without error.
- the client-side communication control device 30 and the server-side communication control device 31 are used for encryption respectively. Generate and exchange common keys.
- the server-side communication control If the public key issued to the server device 20 sent from the server-side communication control device 31 and its certificate are certificates that are permitted by the client-side communication control device 30, the server-side communication control If the public key and its certificate sent from the communication control device 30 on the client side are acceptable to the communication control device 31 on the server side, the device 31 ends the handshake.
- the server-side communication control device 31 When the server-side communication control device 31 establishes a handshake with the client-side communication control device 30, it transmits an HTTP request to the server device 20 (step S5).
- the HTTP request is an HTTP request sent from the client device 10 in step S1.
- the HTTP request sent by the communication control device 31 on the server side is received by the server device 20 (step S6).
- the server device 20 recognizes that the HTTP request has been requested from the client device 10 . Therefore, the server device 20 sends an HTTP response to the client device 10 (step S7).
- the HTTP response transmitted by the server device 20 is acquired by the communication control device 31 on the server side (step S8).
- the communication control device 31 on the server side encrypts the acquired HTTP response from the server device 20 using the common key determined in the handshake in step S4 (step S9).
- the HTTP response encrypted by the communication control device 31 on the server side is received by the communication control device 30 on the client side via the network NW (step S10).
- the communication control device 30 on the client side decrypts the received HTTP response using the common key (step S11).
- the HTTP response decrypted by the communication control device 30 on the client side is acquired by the client device 10 (step S12).
- the client device 10 receives the decrypted HTTP response (step S13). At this time, the client device 10 recognizes that an HTTP response has been received from the server device 20 . Therefore, the client device 10 transmits imaging data to the server device 20 (step S14).
- the imaging data transmitted by the client device 10 is acquired by the communication control device 30 on the client side (step S15).
- the communication control device 30 on the client side encrypts the imaging data transmitted by the client device 10 using the common key (step S16).
- the imaging data encrypted by the communication control device 30 on the client side is received by the communication control device 31 on the server side via the network NW (step S17).
- the communication control device 31 on the server side decrypts the received imaging data using the common key (step S18).
- the imaging data decoded by the communication control device 31 on the server side is acquired by the server device 20 (step S19).
- the server device 20 receives the decoded imaging data (step S20). At this time, the server device 20 recognizes that it has received the imaging data from the client device 10 .
- step S4 of the above flowchart if the mutual authentication between the client-side communication control device 30 and the server-side communication control device 31 is not correctly performed, the client-side communication control device 30 communication is not permitted. Specifically, the communication control device 30 on the client side does not output the information transmitted from the communication destination to the client device 10 . This is because there is a possibility that the communication destination is an unauthorized communication device masquerading as the communication control device 31 on the server side if the mutual authentication is not performed correctly. In this case, the communication control device 30 on the client side may transmit to the communication control management device 50, for example, a communication record when the mutual authentication was not performed correctly. As a result, the communication control management device 50 can acquire a communication record when mutual authentication is not performed correctly, and grasp the pattern and frequency of unauthorized communication with the communication control device 30 on the client side under management. This makes it possible to monitor network anomalies.
- the communication control device 30 on the client side selects a communication destination based on a transmission destination list indicating information of communication devices permitted to communicate with the client device 10 instead of mutual authentication in the handshake performed in step S4 of the above flowchart. You may make it determine whether it permits communication with.
- Information on communication devices shown in the destination list is, for example, a URL (Uniform Resource Locator).
- the control unit 33 of the communication control device 30 on the client side permits communication with the communication destination when the URL of the communication destination is registered in the destination list, and permits communication with the destination when the URL is not registered in the destination list. does not allow communication with
- control unit 33 may update the destination list.
- the control unit 33 stores URLs of communication destinations permitted to communicate with the client device 10 and URLs of communication destinations not permitted for a certain period of time. Then, the control unit 33 updates the destination list by, for example, re-registering, among the URLs registered in the destination list, the URLs of destinations with which communication has been performed for a certain period of time.
- the client-side communication control device 30 may transmit to the communication control management device 50 the destination URLs for which communication was permitted and the destination URLs for which communication was not permitted for a certain period of time.
- the communication control management device 50 may update the destination list based on the communication destination URL that communicated with the communication control device 30 on the client side. By updating the destination list by the communication control management device 50, it is possible to collectively manage the communication devices communicating with the communication control device 30 on the client side under the control of the communication control management device 50.
- the communication control device 30 on the client side verifies whether or not the contents of the information (for example, firmware update program) transmitted to the client device 10 after the handshake is established in step S4 are correct. You can do it.
- the control unit 33 of the communication control device 30 on the client side verifies it using a verification key (verification key).
- the communication control management device 50 may transmit the verification key to each of the communication control device 30 on the client side and the communication control device 31 on the server side, for example.
- the server-side communication control device 31 generates a hash value from information (plaintext) to be transmitted to the client device 10, and encrypts the generated hash value with a verification key. Then, the communication control device 31 on the server side further encrypts the plaintext and the encrypted hash value with a secret key, and transmits the encrypted hash value to the client device 10 . Also, the communication control device 30 on the client side decrypts the information using the common key, and obtains the plaintext and the encrypted hash value.
- the communication control device 30 on the client side generates a hash value from the obtained plaintext and decrypts the encrypted hash value with the verification key. If the hash value generated from the plaintext and the decrypted hash value are equal, the communication control device 30 on the client side determines that the information transmitted to the client device 10 is correct. In this case, the communication control device 30 on the client side outputs the decrypted information (plaintext) to the client device 10 . On the other hand, if the hash value generated from the plaintext and the decrypted hash value are not equal, the communication control device 30 on the client side sends the information transmitted to the client device 10 to the server device 20 or the communication control device on the server side.
- the communication control device 30 on the client side does not output the decrypted information (plaintext) to the client device 10 .
- the client device 10 can receive only information that has been verified as having correct content. Normally, it is considered that the client device 10 determines whether or not the content of the update program is correct when updating the firmware. By verifying the content of the information transmitted by the client device 10, the processing load on the client device 10 can be reduced.
- the communication system 1 includes a client-side communication control device 30 connected between the client device 10 and the network NW, and a server-side communication device connected between the server device 20 and the network NW. and a control device 31 .
- the communication control device 30 on the client side encrypts information from the client device 10 and transmits it to the communication control device 31 on the server side via the network NW.
- information from the device 20 is decoded and transmitted to the client device 10.
- the communication control device 31 on the server side encrypts information from the server device 20 and transmits it to the communication control device 30 on the client side via the network NW. (information from the device) is decoded and transmitted to the server device 20 .
- the communication system 1 can improve the safety of the social infrastructure system without changing the social infrastructure system.
- Security is improved by combining HTTP protocol imaging data (so-called plain text) transmitted from the client device 10 to the server device 20 with, for example, SSL/TLS protocol by the communication control device 30 on the client side. This is because it will be replaced by HTTPS.
- Control data transmitted to the server device 20 or the client device 10 is encrypted, but is decrypted by the communication control device 30 on the client side and received by the client device 10. There is no need to have the existing device perform decoding processing, and the existing device can be used as it is without modification.
- mutual authentication is performed by the communication control device 30 on the client side and the communication control device 31 on the server side.
- can In general client terminals and server devices, since an unspecified number of client terminals communicate with the server device, valid client certificates are issued and managed for the unspecified number of client terminals. It is unrealistic to continue.
- the communication control device 30 on the client side and the communication control device 31 on the server side can perform mutual authentication, and the security can be improved.
- a client terminal that does not have a client certificate may be required to enter an ID and password issued by the server device in order to communicate with the server device.
- the password may be required to be a long string of letters and numbers, or be required to be changed periodically.
- management becomes troublesome, and there are cases where the passwords are leaked instead by leaving the passwords in a memo or recording them in the web browser.
- the communication control device 30 on the client side since the communication control device 30 on the client side has a client certificate, it is possible to reliably perform mutual authentication with the server device 20. Therefore, password authentication becomes unnecessary. For this reason, the trouble of inputting passwords and the trouble of periodically changing and managing passwords is eliminated, thereby improving convenience for the user. In other words, safety can be maintained without imposing a burden on the user.
- the communication system 1 in the communication system 1 described above, mutual authentication is performed between the client device 10 and the server device 20 via the communication control device 30 (31). not hijacked by In other words, the communication system 1 can also take measures against ransomware.
- the terminal may be illegally hijacked and used as an unauthorized terminal for attacks such as malware.
- the terminal may be illegally hijacked and used as an unauthorized terminal for attacks such as malware.
- mutual authentication is performed between the client device 10 and the server device 20 via the communication control device 30 (31), so that the administrator inside the network NW Even if an absent terminal is illegally hijacked and used for an attack, it can be prevented from being infected with malware or the like.
- the server device 20 is connected to the communication control device 31 on the server side, and authentication processing is not performed inside the server device 20 . Therefore, it becomes clear that the server device 20 connected to the communication control device 31 on the server side is under the control of the communication control management device 50 without the need to hold a certificate or the like inside the server device 20 . If the server device 20 already has a functional unit corresponding to the server-side communication control device 31, the server-side communication control device 31 is necessarily physically connected between the server device 20 and the network NW. you don't have to. In this case, the authentication process with the communication control device 30 on the client side is performed by the functional unit corresponding to the communication control device 31 on the server side which the server device 20 originally has.
- control unit 401 of the IC card 40 performs at least one of mutual authentication and encryption/decryption processing. Therefore, the device cost of the communication control device 30 (31) can be suppressed.
- the IC card 40 attached to the communication control device 30 (31) performs at least one of mutual authentication and encryption/decryption processing.
- the IC card 40 described above has a storage function for storing a private key and a client certificate (or a server certificate), and a processing function for performing at least one of mutual authentication and encryption/decryption processing.
- a SIM card with an IC chip mounted thereon may be used, and the form of a card may not be adopted.
- the IC card 40 of the communication control device 30 on the client side is detachably attached to the communication control device 30 on the client side.
- the IC card 40 and the communication control device 30 on the client side can be separated, so when either one of them is to be replaced, the other device can be replaced.
- the IC card 40 and the communication control device 30 on the client side are integrated, when replacing the part corresponding to the IC card 40, the entire communication control device 30 on the client side must be replaced.
- the maintenance cost can be suppressed when replacing a specific part such as the IC card 40 of the communication control device 30 on the client side.
- the communication system 1 further includes a communication control management device 50, and the communication control management device 50 stores a secret key and a client certificate to be stored in the IC card 40 attached to the communication control device 30 on the client side. and a private key to be stored in the IC card 40 attached to the communication control device 31 on the server side and a server certificate are sent to the communication control device 31 on the server side.
- the communication system 1 can perform handshake using the valid private key and certificate issued by the communication control management device 50 and determine the common key. The safety of the infrastructure system can be further improved.
- the configuration of the communication system 1 is not limited to the example described above.
- the communication control device 30 (31) may use an HSM (Hardware Security Module) that implements the functions of the communication control device 30 (31) with hardware based on the processing load.
- the communication control device 30 (31) is not limited to a configuration in which an IC card is attached, as long as secure processing is possible. It may also be configured as follows.
- secure communication using the SSL/TLS protocol may be always performed, or it may be possible to select whether or not to perform communication using the SSL/TLS protocol.
- only one direction of the two-way communication between the client device 10 and the server device 20 may be communication using the SSL/TLS protocol.
- secure communication using the SSL/TLS protocol may be always performed, or it may be possible to select whether or not to perform communication using the SSL/TLS protocol.
- communication using the SSL/TLS protocol may be always performed, and unauthorized access to the client device 10 or the server device 20 may be stored.
- a record of unauthorized access may be sent to the communication control management device 50 .
- the communication control management device 50 can recognize the presence or absence of unauthorized access, and can detect and take countermeasures before a large-scale attack on the entire system begins.
- the communication control device 30 (31) periodically checks whether or not the connection with the client device 10 or the server device 20 to which it is connected is maintained. may In this case, information indicating the connection state may be transmitted to the communication control management device 50 .
- the communication control management device 50 determines that the communication control device 30 (31) is disconnected from the client device 10 or the server device 20 when the information indicating the connection state cannot be received from the communication control device 30 (31).
- the disconnected communication control device 30 (31) is invalidated. By doing so, the communication control management device 50 prevents the disconnected communication control device 30 (31) from being connected to an unauthorized device and abused for spoofing.
- the IC card 40 attached to the communication control device 30 (31) may be equipped with a chip with high tamper resistance called a secure element that has acquired CC (Common Criteria/ISO15408) certification. .
- CC Common Criteria/ISO15408
- the program of the client device 10 may be updated from the server device 20, the communication control management device 50, etc. via the communication control device 30 (31).
- the function of the client device 10 can be safely updated by updating the program (firmware update) via the communication control device 30 (31).
- the firmware transmitted from the server device 20 has the signature of the server device 20 encrypted by the communication control device 31 on the server side, for example. Granted.
- the client device 10 can determine that the transmitted firmware is definitely the firmware transmitted from the server device 20 by decoding the signature by the communication control device 30 on the client side.
- the client device 10 will receive an error message based on the unauthorized firmware. It is possible to eliminate the fact that an update is made.
- the firmware can be safely updated from the server device 20, the communication control management device 50, or the like to the client device 10. It is also possible to reduce the work cost compared to the case where the client physically moves to the place where each client device 10 is installed and performs the firmware update work for a plurality of client devices 10 .
- the client device 10 may be started and stopped from the server device 20, the communication control management device 50, etc. via the communication control device 30 (31).
- the functions of the client device 10 can be safely updated, and secure remote control can be realized.
- At least one of the client device 10 and the server device 20 may be a device that performs wireless communication via a wireless LAN (Local Area Network) or the like.
- the communication control device 30 on the client side has a wireless communication function, encrypts data transmitted by the client device 10, and encrypts the encrypted data.
- the data is transmitted to the server device 20 by wireless communication.
- the client-side communication control device 30 communicates with the server-side communication control device 31
- the communication destination of the client-side communication control device 30 is limited to this. never.
- the client-side communication control device 30-1 may communicate with the client-side communication control device 30-2.
- the communication control device 30-1 on the client side receives a communication start signal from the communication control device 30-2 on the client side
- the communication control device 30-1 on the client side performs mutual authentication with the communication control device 30-2 on the client side. It confirms that the side communication control device 30-2 is a valid communication terminal.
- the communication control device 30-1 on the client side outputs the information received from the communication control device 30-2 on the client side to the client device 10.
- FIG. By adding an authenticator to transmission data using encryption, it is possible to detect falsification of communication information and identify a sender. Therefore, in the communication system 1, in the communication between the communication control device 30 on the client side and the communication control device 31 on the server side, and the communication between the communication control devices 30 on the client side, "the You can ensure that you receive data that is not
- FIG. 8 is a diagram showing a configuration example of the communication system 1 according to the first embodiment.
- the hardware configuration and the like of the communication system 1 shown in FIG. 8 have already been described.
- a communication control device 30-1 (first communication control device) is connected between a network connection device 7 (switch or the like) and a client device 10-1 (first client device).
- the communication control device 30-2 (second communication control device) is connected between the network connection device 7 and the client device 10-2 (second client device).
- the communication control device 30-N (Nth communication control device) is connected between the network connection device 7 and the client device 10-N (Nth client device).
- the client device 10 is an IoT device.
- the communication control management device 50 is connected to the network connection device 7 and manages communication between the communication control devices 30-1 and 30-2. That is, the communication control device 30-N and the communication control management device 50 are arranged so as to sandwich the network connection device 7 therebetween.
- the communication control management device 50 transmits a control command to the communication control device 30-N to generate a packet containing a predetermined VLAN tag.
- a VLAN tag includes identification information such as an ID.
- the communication control management device 50 detects a communication abnormality based on the communication content reported from the communication control device 30-N. For example, a communication abnormality is an attack on a network by a third party, including falsification of data.
- the NW communication unit 32 of the communication control device 30-1 receives control commands from the communication control management device 50.
- Control unit 33 (first processor) of communication control device 30-1 follows a control command or the like from communication control management device 50 to generate packet PA1 (first packet) including VLAN tag TG1 (first virtual tag).
- the device communication unit 34 (first interface) of the communication control device 30-1 transmits and receives a packet PA1 including the VLAN tag TG1, thereby connecting the client device 10-1 and another client device (for example, the client device 10-2). to mediate communications between
- the control unit 33 controls the client device 10-1 and the client device 10-2. Permit the communication of the device 10-2.
- the device communication unit 34 receives data transmitted from the client device 10-1, the control unit 33 generates a packet PA1 including the VLAN tag TG1 based on the received data, and the device communication unit 34 receives the generated A packet PA1 is sent to the client device 10-2.
- the communication control device 30-1 may control the client device 10-1, and the data transmitted from the client device 10-1 may be the packet PA1 including the VLAN tag TG1.
- the NW communication unit 32 of the communication control device 30-2 receives the control command from the communication control management device 50.
- the control unit 33 (second processor) of the communication control device 30-2 follows a control command or the like from the communication control management device 50 to generate a packet PA1 (first packet) including the VLAN tag TG1 (first virtual tag).
- To generate Device communication unit 34 (second interface) of communication control device 30-2 transmits and receives packet PA1 including VLAN tag TG1 to connect client device 10-2 and another client device (for example, client device 10-1). to mediate communications between
- the control unit 33 controls the client device 10-1 and the client device 10-2. Permit the communication of the device 10-2.
- the device communication unit 34 receives data transmitted from the client device 10-2, the control unit 33 generates a packet PA1 including the VLAN tag TG1 based on the received data, and the device communication unit 34 receives the generated A packet PA1 is sent to the client device 10-1.
- the communication control device 30-2 may control the client device 10-2, and the data transmitted from the client device 10-2 may be the packet PA1 including the VLAN tag TG1.
- the control unit 510 of the communication control management device 50 generates a packet PA2 (second packet) containing the VLAN tag TG2 (second virtual tag) for communicating with each communication control device 30-N.
- the NW communication unit 500 of the communication control management device 50 communicates with each communication control device 30-N using a packet PA2 including the VLAN tag TG2.
- the NW communication unit 500 communicates with the communication control device 30-1 or 30-2 using a packet PA2 containing the VLAN tag TG2.
- control unit 510 controls the communication between the client devices 10 (10-1 to 10-N) based on the management information that specifies that the regular communication between the client devices 10 (10-1 to 10-N) is communication by the packet PA1 including the VLAN tag TG1. to monitor.
- control unit 510 based on the management information that defines normal communication between the communication control management device 50 and the communication control devices 30 (30-1 to 30-N) as communication by the packet PA2 including the VLAN tag TG2, The communication between the communication control management device 50 and the communication control device 30 is monitored.
- the management information is stored in the storage unit 520 or the like.
- the communication control device 30 and the communication control management device 50 communicate using packets containing VLAN tags, thereby logically dividing communication paths and improving security.
- steady communication between the client devices 10 is executed on the virtual communication path VP1 identified by the VLAN tag TG1, and control commands between the communication control management device 50 and the communication control device 30 are executed.
- the communication of the alert information is executed through the virtual communication path VP2 specified by the VLAN tag TG2.
- FIG. 9 is a flowchart showing an example of communication monitoring by the communication system 1 according to the first embodiment.
- the control unit 510 of the communication control management device 50 monitors communication abnormalities in the communication path.
- a communication abnormality is an attack on a network by a third party, including falsification of data.
- the control unit 510 Based on the destination list (communication permission list) stored in the storage unit 520, the control unit 510 confirms that the communication is by the client device 10 that is permitted to communicate, and checks the VLAN tag included in the packet on the communication path. Based on this, a packet contradiction is monitored (ST101). For example, if control unit 510 does not detect a packet contradiction (ST102, NO), it determines that there is no abnormality in the communication path, and continues monitoring (ST101).
- control unit 510 When control unit 510 detects a contradiction in packets on the communication path (ST102, YES), control unit 510 shifts to processing according to the detection of the contradiction. If the control unit 510 cannot confirm that the communication is performed by the client device 10 for which communication is permitted, the control unit 510 determines that the communication is unauthorized and blocks the communication. For example, the control unit 510 determines that regular communication on the communication path VP1 between the client devices 10 (10-1 to 10-N) is communication by the packet PA1 including the VLAN tag TG1 based on the management information. to monitor. In addition, the control unit 510, based on the management information that defines normal communication between the communication control management device 50 and the communication control devices 30 (30-1 to 30-N) as communication by packets PA2 containing the VLAN tag TG2, Monitor communication path VP2.
- control unit 510 detects a contradiction in the packet on the communication path VP1 (ST103, YES), and is under attack on the communication path VP1. (ST104). Control unit 510 instructs output of warning information indicating that communication path VP1 is being attacked, and display unit 530 displays warning information indicating that communication path VP1 is being attacked (ST106). In addition, the control unit 510 may block communication on the communication path VP1 in order to protect the network from attacks.
- control unit 510 detects a contradiction in the packet on the communication path VP2 (ST103, NO), and is attacked on the communication path VP2. (ST105).
- Control unit 510 instructs output of warning information indicating that communication path VP2 is being attacked, and display unit 530 displays warning information indicating that communication path VP2 is being attacked (ST105).
- the control unit 510 may block communication on the communication path VP2.
- FIG. 10 is a diagram showing a configuration example of a communication system 1 according to the second embodiment. The hardware configuration and the like of the communication system 1 shown in FIG. 10 have already been described.
- the control unit 510 of the communication control management device 50 generates different packets containing different VLAN tags for communicating with each communication control device 30-N. That is, control unit 510 generates packet PA2 (second packet) including VLAN tag TG2 (second virtual tag) for communicating with communication control device 30-1, and communicates with communication control device 30-2. A packet PA3 (third packet) containing a VLAN tag TG3 (third virtual tag) for The NW communication unit 500 of the communication control management device 50 communicates with each communication control device 30-N using different packets containing different VLAN tags. That is, NW communication unit 500 communicates with communication control device 30-1 by packet PA2 containing VLAN tag TG2, and communicates with communication control device 30-2 by packet PA3 containing VLAN tag TG3.
- control unit 510 controls the communication between the client devices 10 (10-1 to 10-N) based on the management information that specifies that the regular communication between the client devices 10 (10-1 to 10-N) is communication by the packet PA1 including the VLAN tag TG1. to monitor. Further, the control unit 510 defines regular communication between the communication control management device 50 and the communication control device 30-1 as communication by the packet PA2 including the VLAN tag TG2. The communication between the communication control management device 50 and the communication control device 30-1 is monitored based on the management information that defines the regular communication between the communication control device 50 and the communication control device 30-1 as the communication by the packet PA3 including the VLAN tag TG3. It monitors communication between the communication control devices 30-2.
- the communication control device 30 and the communication control management device 50 communicate using packets containing VLAN tags, thereby logically dividing communication paths and improving security.
- steady communication between the client devices 10 is executed on the communication path VP1 identified by the VLAN tag TG1, and control commands are sent between the communication control management device 50 and the communication control device 30-1.
- the communication of alert information is executed on the communication path VP2 specified by the VLAN tag TG2, and the communication of the control command and the alert information between the communication control management device 50 and the communication control device 30-2 is specified by the VLAN tag TG3. Execute on communication path VP3.
- FIG. 11 is a flowchart showing an example of communication monitoring by the communication system 1 according to the second embodiment.
- the control unit 510 of the communication control management device 50 monitors communication abnormalities in the communication path.
- a communication abnormality is an attack on a network by a third party, including falsification of data.
- the control unit 510 Based on the destination list (communication permission list) stored in the storage unit 520, the control unit 510 confirms that the communication is by the client device 10 that is permitted to communicate, and checks the VLAN tag included in the packet on the communication path. Based on this, a packet contradiction is monitored (ST201). For example, if control unit 510 does not detect packet contradiction (ST202, NO), it determines that there is no abnormality in the communication path, and continues monitoring (ST201).
- control unit 510 When control unit 510 detects a contradiction in the packet on the communication path (ST202, YES), control unit 510 shifts to processing according to the detection of the contradiction. If the control unit 510 cannot confirm that the communication is performed by the client device 10 for which communication is permitted, the control unit 510 determines that the communication is unauthorized and blocks the communication. For example, the control unit 510 determines that regular communication on the communication path VP1 between the client devices 10 (10-1 to 10-N) is communication by the packet PA1 including the VLAN tag TG1 based on the management information. to monitor.
- control unit 510 monitors the communication path VP2 based on the management information that defines normal communication between the communication control management device 50 and the communication control device 30-1 as communication by the packet PA2 including the VLAN tag TG2. Further, the control unit 510 monitors the communication path VP3 based on the management information that defines normal communication between the communication control management device 50 and the communication control device 30-2 as communication by the packet PA3 including the VLAN tag TG3.
- control unit 510 detects a contradiction in the packet on the communication path VP1 (ST203, YES), and is under attack on the communication path VP1. (ST205). Control unit 510 instructs to output warning information indicating that communication path VP1 is being attacked, and display unit 530 displays warning information indicating that communication path VP1 is being attacked (ST208). In addition, the control unit 510 may block communication on the communication path VP1 in order to protect the network from attacks.
- control unit 510 detects a contradiction in the packet on the communication path VP2 (ST204, YES), and is attacked on the communication path VP2. (ST206).
- Control unit 510 instructs output of warning information indicating that communication path VP2 is being attacked, and display unit 530 displays warning information indicating that communication path VP2 is being attacked (ST208).
- the control unit 510 may block communication on the communication path VP2.
- control unit 510 detects a contradiction in the packet on the communication path VP3 (ST204, NO), and is attacked on the communication path VP3. (ST207). Control unit 510 instructs output of warning information indicating that communication path VP3 is being attacked, and display unit 530 displays warning information indicating that communication path VP3 is being attacked (ST208). In order to protect the network from attacks, the control unit 510 may block communication on the communication path VP3.
- the third embodiment is implemented in combination with the first and second embodiments.
- the communication system 1 generates one or more dummy communication paths.
- the communication system 1 generates dummy communication paths between the communication control management device 50 and each client device 10 . That is, a dummy communication path is generated in parallel with the regular communication path VP2.
- the control unit 510 of the communication control management device 50 generates a packet PA4 (fourth packet) including the VLAN tag TG4 (fourth virtual tag).
- the NW communication unit 500 of the communication control management device 50 communicates with each communication control device 30-N through a dummy communication path using a packet PA4 including the VLAN tag TG4.
- An attacker cannot distinguish between the legitimate communication paths VP1 and VP2 and the dummy communication paths. Therefore, by generating dummy communication paths, it is possible to reduce the risk of attacks on the legitimate communication paths VP1 and VP2.
- the communication system 1 may generate different dummy communication paths between the communication control management device 50 and each client device 10 . That is, a dummy communication path is generated in parallel with each of the normal communication paths VP2 and VP3.
- Control unit 510 of communication control management device 50 generates packet PA4 (fourth packet) including VLAN tag TG4 (fourth virtual tag).
- the NW communication unit 500 of the communication control management device 50 communicates with each communication control device 30-1 through a dummy communication path using a packet PA4 including the VLAN tag TG4.
- control unit 510 generates packet PA5 (fifth packet) including VLAN tag TG5 (fifth virtual tag).
- the NW communication unit 500 of the communication control management device 50 communicates with each communication control device 30-2 through a dummy communication path using a packet PA5 including the VLAN tag TG5.
- An attacker cannot distinguish between the legitimate communication paths VP1, VP2 and VP3 and the dummy communication paths. Therefore, by creating a dummy communication path, it is possible to reduce the risk of attacks on the regular communication paths VP1 and VP2.
- the communication system 1 may generate different dummy communication paths between each client device 10 . That is, a dummy communication path is generated in parallel with the regular communication path VP1.
- Control unit 33 of communication control device 30-1 generates packet PA4 (fourth packet) including VLAN tag TG4 (fourth virtual tag).
- the device communication unit 34 communicates with each communication control device 30-2 through a dummy communication path using a packet PA4 including the VLAN tag TG4.
- the control unit 33 of the communication control device 30-2 generates a packet PA4 (fourth packet) including the VLAN tag TG4 (fourth virtual tag).
- the device communication unit 34 communicates with each communication control device 30-1 through a dummy communication path using a packet PA4 including the VLAN tag TG4.
- An attacker cannot distinguish between the legitimate communication paths VP1 and VP2 and the dummy communication paths. Therefore, by creating a dummy communication path, it is possible to reduce the risk of attacks on the regular communication paths VP1 and VP2.
- the communication system 1 makes communication paths between devices logically different using VLAN tags. For example, even if packets on a communication path are disguised by an attack, the communication path under attack can be identified from discrepancies in the packets, and the communication path under attack can be blocked. can.
- identification information such as a VLAN tag as means for constructing logically different communication paths has been described, this embodiment is not limited to this, and IP (Internet Protocol) An address or the like may be used to detect fraud.
- the program according to the present embodiment may be transferred while stored in the electronic device, or may be transferred without being stored in the electronic device. In the latter case, the program may be transferred via a network, or may be transferred while being stored in a storage medium.
- a storage medium is a non-transitory tangible medium.
- the storage medium is a computer-readable medium and is read and executed by each device that configures the communication system 1 .
- the storage medium may be any medium, such as a CD-ROM, a memory card, etc., as long as it can store a program and is readable by a computer. While several embodiments of the invention have been described, these embodiments have been presented by way of example and are not intended to limit the scope of the invention.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
まず、各実施形態に係る通信システムの基本的な構成例および動作例について説明する。
図1は、各実施形態に係る通信システムのベースとなる構成を有する通信システム1の構成例を示す図である。
通信システム1は、クライアント装置10(10-1~10-N)(N:自然数)と、サーバ装置20と、クライアント側の通信制御装置30(30-1~30-N)(N:自然数)(「第1の通信制御装置」の一例)と、サーバ側の通信制御装置31(「第1の通信制御装置」の一例)と、通信制御管理装置50(「プライベート認証局」の一例)と、ネットワーク6と、ネットワーク接続装置7(ゲートウェイなど)と、を備える。以下の説明においては、ネットワーク6と、ネットワーク6とクライアント装置10等とを接続するネットワーク接続装置7と、をまとめて「ネットワークNW」とも称する。
クライアント装置10は、NW(ネットワーク)通信部11と、クライアント制御部12と、撮像部13とを備える。NW通信部11は、例えば、クライアント装置10のイーサネット(登録商標)のポートである。NW通信部11は、クライアント側の通信制御装置30に接続され、クライアント装置10からサーバ装置20に対して送信されるデータをクライアント側の通信制御装置30に出力する。なお、NW通信部11は、従来のシステムであれば、ネットワークNWに接続され、ネットワークNWを介して、サーバ装置20と通信を行う機能部に相当する。
撮像部13は、クライアント制御部12の指示に従い、所定箇所における風景を撮像する。撮像部13は、撮像したデータ(撮像データ)を、クライアント制御部12に出力する。
ここで、ICカード40は、「認証部」の一例である。認証部は、リーダライタ35およびICカード40で実現するものに限定されない。認証部は、制御部33が実現しても良いし、認証処理用の処理回路で実現しても良い。
NW通信部32は、ネットワークNWに接続され、ネットワークNWを介して、他方の通信制御装置30(31)と通信を行う。
ICカード40は、例えば、プラスチックのカード基材に、ICモジュール41を実装して形成されている。すなわち、ICカード40は、ICモジュール41と、ICモジュール41が埋め込まれたカード基材とを備える。また、ICカード40は、通信制御装置30(31)に着脱可能に装着され、コンタクト部36を介して通信制御装置30(31)と通信可能である。
ICカード40は、コンタクト部36と、ICチップ42とを備えたICモジュール41を備えている。そして、ICチップ42は、UART(Universal Asynchronous Recei ver Transmitter)43と、CPU44と、ROM(Read Only Memory)45と、RAM(Random Access Memory)46と、EEPROM(登録商標)(Electrically Erasable Programmable ROM)47とを備える。また、各構成(43から47)は、内部バスBSを介して接続されている。
ここで、コマンド処理部402が行う処理は、「認証処理」の一例である。また、暗号化復号部403が行う処理は、「暗号化復号処理」の一例である。
NW通信部500は、ネットワークNWに接続され、ネットワークNWを介して、通信制御装置30(31)と通信を行う。
また、記憶部520は、送信先リスト(通信許可リスト)を記憶する。送信先リストは、通信が許可された通信相手を特定するための情報を含む。例えば、通信相手を特定するための情報は、URL(Uniform Resource Locator)である。本実施形態では、記憶部520に記憶される送信先リストは、クライアント装置10(10-1~10-N)を特定するための識別情報を含む。
図7は、通信システム1が行う処理の一例を示すシーケンスチャートである。
次に、第1の実施形態に係る通信システムについて説明する。
図8は、第1の実施形態に係る通信システム1の構成例を示す図である。図8に示す通信システム1の各ハードウェア構成等は、既に説明した通りである。
例えば、制御部510は、クライアント装置10(10-1~10-N)の間の通信経路VP1の正規通信を、VLANタグTG1を含むパケットPA1による通信と定めた管理情報に基づき、通信経路VP1を監視する。また、制御部510は、通信制御管理装置50と通信制御装置30(30-1~30-N)の間の正規通信を、VLANタグTG2を含むパケットPA2による通信と定めた管理情報に基づき、通信経路VP2を監視する。
次に、第2の実施形態に係る通信システムについて説明する。
第1の実施形態に係る通信システム1は、通信制御管理装置50が、2台のクライアント装置10の間の通信経路と、通信制御管理装置50とクライアント装置10の間の通信経路とを異なる通信経路にして、攻撃された通信経路を特定する。ここで説明する第2の実施形態に係る通信システム1は、通信制御管理装置50が、2台のクライアント装置10の間の通信経路と、通信制御管理装置50とクライアント装置10の間の通信経路VP2とを異なる通信経路にした上で、さらに、通信制御管理装置50と各クライアント装置10の間の通信経路を異なる通信経路にして、攻撃された通信経路を特定する。第2の実施形態の説明では、第1の実施形態との相違部分を中心に説明し、共通部分については適宜省略する。
図10は、第2の実施形態に係る通信システム1の構成例を示す図である。図10に示す通信システム1の各ハードウェア構成等は、既に説明した通りである。
例えば、制御部510は、クライアント装置10(10-1~10-N)の間の通信経路VP1の正規通信を、VLANタグTG1を含むパケットPA1による通信と定めた管理情報に基づき、通信経路VP1を監視する。また、制御部510は、通信制御管理装置50と通信制御装置30-1の間の正規通信を、VLANタグTG2を含むパケットPA2による通信と定めた管理情報に基づき、通信経路VP2を監視する。また、制御部510は、通信制御管理装置50と通信制御装置30-2の間の正規通信を、VLANタグTG3を含むパケットPA3による通信と定めた管理情報に基づき、通信経路VP3を監視する。
次に、第3の実施形態に係る通信システムについて説明する。
第3の実施形態は、第1及び第2の実施形態と組み合わせて実施する。第3の実施形態では、通信システム1は、1以上の複数のダミーの通信経路を生成する。
本発明のいくつかの実施形態を説明したが、これらの実施形態は、例として提示したものであり、発明の範囲を限定することは意図していない。これら新規な実施形態は、その他の様々な形態で実施されることが可能であり、発明の要旨を逸脱しない範囲で、種々の省略、置き換え、変更を行うことができる。これら実施形態やその変形は、発明の範囲や要旨に含まれるとともに、特許請求の範囲に記載された発明とその均等の範囲に含まれる。
Claims (10)
- ネットワーク接続装置と第1のクライアント装置の間に接続される第1の通信制御装置、前記ネットワーク接続装置と第2のクライアント装置の間に接続される第2の通信制御装置、及び前記ネットワーク接続装置に接続され、前記第1の通信制御装置と第2の通信制御装置による通信を管理する通信制御管理装置を備える通信システムであって、
前記第1の通信制御装置は、
第1の仮想タグを含む第1のパケットを生成する第1のプロセッサと、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する第1のインタフェースと、
を備え、
前記第2の通信制御装置は、
前記第1の仮想タグを含む前記第1のパケットを生成する第2のプロセッサと、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する第2のインタフェースと、
を備え、
前記通信制御管理装置は、
第2の仮想タグを含む第2のパケットを生成する第3のプロセッサと、
前記第2のパケットにより前記第1の通信制御装置又は前記第2の通信制御装置と通信する第3のインタフェースと、
を備え、
前記第3のプロセッサは、前記第1のクライアント装置と前記第2のクライアント装置の間の正規通信を前記第1の仮想タグを含む前記第1のパケットによる通信と定め、前記通信制御管理装置と前記第1の通信制御装置又は第2の通信制御装置の間の正規通信を前記第2の仮想タグを含む前記第2のパケットによる通信と定めた管理情報に基づき、通信を監視する通信システム。 - 前記第3のプロセッサは、前記第1のクライアント装置と前記第2のクライアント装置の間の第1の通信経路のパケットから検出される仮想タグが前記第1の仮想タグと矛盾する場合に、前記第1の通信経路の異常を検出する請求項1の通信システム。
- 前記第3のプロセッサは、前記通信制御管理装置と前記第1の通信制御装置の間の第2の通信経路のパケット、又は前記通信制御管理装置と前記第2の通信制御装置の間の第2の通信経路のパケットから検出される仮想タグが前記第2の仮想タグと矛盾する場合に、前記第2の通信経路の異常を検出する請求項2の通信システム。
- 前記通信制御管理装置は、
前記第1又は第2の通信経路の異常を表示する表示部を備える請求項3の通信システム。 - 前記通信制御管理装置は、
前記第1のクライアント装置と前記第2のクライアント装置を特定する識別情報を含む通信許可リストを記憶するメモリを備え、
前記第3のプロセッサは、前記通信許可リストに基づき前記第1のクライアント装置と前記第2のクライアント装置の通信を許可する請求項1乃至4の何れか一つの通信システム。 - 前記第1のクライアント装置と前記第2のクライアント装置の間の通信は、前記第1のクライアント装置又は前記第2のクライアント装置で生成された情報の送受信であり、
前記通信制御管理装置と前記第1のクライアント装置又は前記第2のクライアント装置の間の通信は、制御コマンド又は通信アラートの送受信である請求項1乃至5の何れか一つの通信システム。 - 前記第1の通信経路は、前記第1の仮想タグにより特定される仮想の通信経路であり、 前記第2の通信経路は、前記第2の仮想タグにより特定される仮想の通信経路である請求項3又は4の通信システム。
- ネットワーク接続装置と第1のクライアント装置の間に接続される第1の通信制御装置、前記ネットワーク接続装置と第2のクライアント装置の間に接続される第2の通信制御装置、及び前記ネットワーク接続装置に接続され、前記第1の通信制御装置と第2の通信制御装置の通信を管理する通信制御管理装置を備える通信システムであって、
前記第1の通信制御装置は、
第1の仮想タグを含む第1のパケットを生成する第1のプロセッサと、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する第1のインタフェースと、
を備え、
前記第2の通信制御装置は、
前記第1の仮想タグを含む前記第1のパケットを生成する第2のプロセッサと、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する第2のインタフェースと、
を備え、
前記通信制御管理装置は、
第2の仮想タグを含む第2のパケットを生成し、また、第3の仮想タグを含む第3のパケットを生成する第3のプロセッサと、
前記第2のパケットにより前記第1の通信制御装置と通信し、また、前記第3のパケットにより前記第2の通信制御装置と通信する第3のインタフェースと、
を備え、
前記第3のプロセッサは、前記第1のクライアント装置と前記第2のクライアント装置の間の正規通信を前記第1の仮想タグを含む前記第1のパケットによる通信と定め、前記通信制御管理装置と前記第1の通信制御装置の間の正規通信を前記第2の仮想タグを含む前記第2のパケットによる通信と定め、前記通信制御管理装置と前記第2の通信制御装置の間の正規通信を前記第3の仮想タグを含む前記第3のパケットによる通信と定めた管理情報に基づき、通信を監視する通信システム。 - ネットワーク接続装置と第1のクライアント装置の間に接続される第1の通信制御装置、前記ネットワーク接続装置と第2のクライアント装置の間に接続される第2の通信制御装置、及び前記ネットワーク接続装置に接続され、前記第1の通信制御装置と第2の通信制御装置による通信を管理する通信制御管理装置に実行させるプログラムを記憶した非一時的コンピュータ可読記憶媒体であって、
前記第1の通信制御装置に、
第1の仮想タグを含む第1のパケットを生成する手順と、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する手順とを実行させ、
前記第2の通信制御装置に、
前記第1の仮想タグを含む前記第1のパケットを生成する手順と、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する手順とを実行させ、
前記通信制御管理装置に、
第2の仮想タグを含む第2のパケットを生成する手順と、
前記第2のパケットにより前記第1の通信制御装置又は前記第2の通信制御装置と通信する手順と、
前記第1のクライアント装置と前記第2のクライアント装置の間の正規通信を前記第1の仮想タグを含む前記第1のパケットによる通信と定め、前記通信制御管理装置と前記第1の通信制御装置又は第2の通信制御装置の間の正規通信を前記第2の仮想タグを含む前記第2のパケットによる通信と定めた管理情報に基づき、通信を監視する手順とを実行させるプログラムを記憶した非一時的コンピュータ可読記憶媒体。 - ネットワーク接続装置と第1のクライアント装置の間に接続される第1の通信制御装置、前記ネットワーク接続装置と第2のクライアント装置の間に接続される第2の通信制御装置、及び前記ネットワーク接続装置に接続され、前記第1の通信制御装置と第2の通信制御装置の通信を管理する通信制御管理装置に実行させるプログラムを記憶した非一時的コンピュータ可読記憶媒体であって、
前記第1の通信制御装置は、
第1の仮想タグを含む第1のパケットを生成する手順と、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する手順とを実行し、
前記第2の通信制御装置は、
前記第1の仮想タグを含む前記第1のパケットを生成する手順と、
前記第1のパケットの送受信により前記第1のクライアント装置と前記第2のクライアント装置の間の通信を仲介する手順とを実行し、
前記通信制御管理装置は、
第2の仮想タグを含む第2のパケットを生成し、また、第3の仮想タグを含む第3のパケットを生成する手順と、
前記第2のパケットにより前記第1の通信制御装置と通信し、また、前記第3のパケットにより前記第2の通信制御装置と通信する手順と、
前記第1のクライアント装置と前記第2のクライアント装置の間の正規通信を前記第1の仮想タグを含む前記第1のパケットによる通信と定め、前記通信制御管理装置と前記第1の通信制御装置の間の正規通信を前記第2の仮想タグを含む前記第2のパケットによる通信と定め、前記通信制御管理装置と前記第2の通信制御装置の間の正規通信を前記第3の仮想タグを含む前記第3のパケットによる通信と定めた管理情報に基づき、通信を監視する手順とを実行させるプログラムを記憶した非一時的コンピュータ可読記憶媒体。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP22771191.8A EP4311190A1 (en) | 2021-03-19 | 2022-03-08 | Communication system and computer-readable storage medium |
US18/458,326 US20230403177A1 (en) | 2021-03-19 | 2023-08-30 | Communication system and computer-readable storage medium |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2021046360A JP2022145099A (ja) | 2021-03-19 | 2021-03-19 | 通信システム及びプログラム |
JP2021-046360 | 2021-03-19 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/458,326 Continuation US20230403177A1 (en) | 2021-03-19 | 2023-08-30 | Communication system and computer-readable storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022196439A1 true WO2022196439A1 (ja) | 2022-09-22 |
Family
ID=83320445
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2022/009983 WO2022196439A1 (ja) | 2021-03-19 | 2022-03-08 | 通信システム及びコンピュータ可読記憶媒体 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20230403177A1 (ja) |
EP (1) | EP4311190A1 (ja) |
JP (1) | JP2022145099A (ja) |
WO (1) | WO2022196439A1 (ja) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005073033A (ja) * | 2003-08-26 | 2005-03-17 | Nippon Telegr & Teleph Corp <Ntt> | 顧客宅内装置の不正動作監視方法 |
JP2005142944A (ja) * | 2003-11-07 | 2005-06-02 | Nippon Telegraph & Telephone East Corp | 拠点識別装置及び通信データ処理方法並びにそのコンピュータプログラム |
JP2012533231A (ja) | 2009-07-09 | 2012-12-20 | シーパケット ネットワークス, インコーポレイテッド | ネットワークトラフィックの転送、分類および監視を向上させる装置および方法 |
WO2020179706A1 (ja) * | 2019-03-04 | 2020-09-10 | 株式会社 東芝 | 通信制御装置および通信システム |
-
2021
- 2021-03-19 JP JP2021046360A patent/JP2022145099A/ja active Pending
-
2022
- 2022-03-08 WO PCT/JP2022/009983 patent/WO2022196439A1/ja active Application Filing
- 2022-03-08 EP EP22771191.8A patent/EP4311190A1/en active Pending
-
2023
- 2023-08-30 US US18/458,326 patent/US20230403177A1/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005073033A (ja) * | 2003-08-26 | 2005-03-17 | Nippon Telegr & Teleph Corp <Ntt> | 顧客宅内装置の不正動作監視方法 |
JP2005142944A (ja) * | 2003-11-07 | 2005-06-02 | Nippon Telegraph & Telephone East Corp | 拠点識別装置及び通信データ処理方法並びにそのコンピュータプログラム |
JP2012533231A (ja) | 2009-07-09 | 2012-12-20 | シーパケット ネットワークス, インコーポレイテッド | ネットワークトラフィックの転送、分類および監視を向上させる装置および方法 |
WO2020179706A1 (ja) * | 2019-03-04 | 2020-09-10 | 株式会社 東芝 | 通信制御装置および通信システム |
Also Published As
Publication number | Publication date |
---|---|
JP2022145099A (ja) | 2022-10-03 |
EP4311190A1 (en) | 2024-01-24 |
US20230403177A1 (en) | 2023-12-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220385655A1 (en) | Communication control system and communication control device | |
US8904178B2 (en) | System and method for secure remote access | |
WO2020179706A1 (ja) | 通信制御装置および通信システム | |
JP7191726B2 (ja) | 通信制御装置および通信システム | |
JP7132150B2 (ja) | 通信制御システム | |
US11736219B2 (en) | Communication control device and communication control system | |
WO2022196439A1 (ja) | 通信システム及びコンピュータ可読記憶媒体 | |
JP7246945B2 (ja) | 通信制御ユニット | |
JP7163206B2 (ja) | 通信制御装置 | |
JP7042853B2 (ja) | クライアント側通信制御装置、およびサーバ側通信制御装置 | |
JP7204534B2 (ja) | 通信システム | |
JP7273523B2 (ja) | 通信制御装置および通信制御システム | |
WO2023176431A1 (ja) | 情報処理装置および通信システム | |
JP7278807B2 (ja) | 通信制御装置および通信システム | |
JP2024074630A (ja) | 情報処理装置および通信システム | |
JP7191727B2 (ja) | 通信制御装置および通信システム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22771191 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2022771191 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2022771191 Country of ref document: EP Effective date: 20231019 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11202306382W Country of ref document: SG |