JP4030369B2 - Relay device, terminal and network relay system - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a terminal capable of receiving a connection service to the Internet via a relay device connected by wireless communication, and a network relay system including the terminal and the relay device.
[0002]
[Prior art]
2. Description of the Related Art In recent years, Internet connection services for terminals have been provided through relay devices that relay connections to the Internet installed in streets and stores.
[0003]
Conventionally, as a method for receiving an Internet connection service, there is a method in which a user terminal connects to an access point provided by an Internet connection provider by dial-up. In this case, the user needs to make a contract with an Internet connection provider in advance and make complicated settings such as an access point telephone number, a user ID issued by the provider, and a password on the terminal.
[0004]
However, in order to receive a connection service from the user's terminal to the Internet via a relay device installed in a public place such as a street or a store, the setting is easy on the user's terminal. It is desired that the terminal can be easily identified and charged. Furthermore, a mechanism for easily registering a user terminal with the relay device is desired.
[0005]
As a first prior art, Japanese Patent Application Laid-Open No. 2001-111725 discloses that no complicated setting is performed in a user terminal, and the user terminal can be easily specified and charged in the relay device. A “charging system” is disclosed.
[0006]
The “billing system” disclosed in Japanese Patent Application Laid-Open No. 2001-111725 is a system in which a user terminal set with a physical address is connected to the Internet through a public connection terminal connectable to the user terminal. Here, by using a physical address that uniquely identifies a terminal as terminal identification information, the terminal can be connected to the Internet without performing complicated settings. On the relay device side, the terminal can be easily identified by the physical address used when the terminal is connected to the relay device, and charging can be performed for each user associated with the terminal.
[0007]
As a second prior art, Japanese Patent Application Laid-Open No. 10-222446 discloses a complicated terminal setting for connecting to the Internet stored in a storage medium, and the Internet is automatically installed by attaching the storage medium to the terminal. As a technique for connecting to the Internet, “Internet access device and system using information storage card and method thereof” is disclosed.
[0008]
In Japanese Patent Laid-Open No. 10-222446, when an access point provided by an Internet service provider is dialed up from a user's terminal and is provided with an Internet service, the access point's telephone number or user ID By attaching the storage medium storing the password to the terminal, a series of processes from connection of the terminal to the network to acquisition of information on the Internet can be automatically executed. By storing complicated settings on the terminal side in the storage medium, the user can easily access the Internet without making complicated settings on the terminal.
[0009]
[Problems to be solved by the invention]
However, in the technique disclosed in Japanese Patent Laid-Open No. 10-222446, the setting contents of the terminal for connecting to the Internet are stored in a card-type storage medium, and the terminal requires a special device for reading the storage medium. . In such a case, the terminal (notebook computer) cannot be connected to the access point (relay device) without a special device or software for reading the setting contents.
[0010]
On the other hand, in Japanese Patent Laid-Open No. 2001-111725, a physical address is used as terminal identification information, so that the terminal can be connected to the Internet without setting, and the relay apparatus also uses the terminal identification information to identify the terminal. You can specify and charge. However, there is no description of a method for easily registering identification information of a user terminal with a relay device.
[0011]
Actually, in order to register a user terminal with the relay apparatus, it is necessary to manually input a physical address as identification information for uniquely identifying the terminal. Alternatively, it is necessary to perform a complicated operation such as reading a physical address by directly connecting a cable connected to a network interface card of the terminal to the connector on the relay device side.
[0012]
The present invention has been made in order to solve the above-described problems, and its purpose is to easily provide a user with a relay device that provides a connection service to a public line network such as the Internet. When registering a terminal and receiving a connection service via the relay device, the setting at the terminal is easy, and the relay device, the terminal, and the network relay system can easily identify and charge the terminal even at the relay device Is to provide.
[0013]
[Means for Solving the Problems]
  In order to achieve the above object, according to an aspect of the present invention, a relay device used as an access point when a terminal accesses a public line network, a terminal communication means for performing wireless communication with the terminal, and a public line Network communication means connected to the network, and identification information including at least identification information for uniquely identifying the terminal.To represent the two-dimensional codeRecognition information reading means for reading, identification information reading means for reading the identification information of the terminal from the recognition information, identification information holding means for holding the identification information of the terminal read by the identification information reading means, and from the terminal to the public line network When a relay request is made, it is necessary to establish communication between the terminal and the relay device.EndWhen the identification information transmitted from the network matches the stored identification information, the public network is relayed. When a relay request is made from the public network to the terminal, the relay is performed using the stored identification information. Communication relay meansWhen receiving a relay request from the terminal to the public line network, if the identification information used in communication by the terminal and the identification information held in advance do not match, Means for transmitting a generation program for generating and displaying the recognition information including the identification information of the terminal as the two-dimensional code;Is provided.
[0014]
  According to the present invention, it is possible to realize a network relay process in which a terminal can connect to the Internet via a relay device. In such relay processing, the relay device receives the recognition information displayed by the terminal.From the two-dimensional code displayed on the terminalreading,Holds terminal identification information. When the terminal requests the relay device to relay to the Internet using wireless communication, the relay device establishes wireless communication only to the terminal holding the identification information and provides relay to the Internet. For this reason, the process of registering a terminal providing relay to the Internet in the relay device is simplified.. In addition, when the terminal does not have a program that generates recognition information that can be displayed, the relay apparatus can distribute a program for generating recognition information including identification information of the terminal to the terminal. That is, even if the terminal does not have a program for generating the recognition information including the identification information in advance, the program can be downloaded on the spot, and the terminal generates and displays the recognition information including the identification information using a two-dimensional code. can do.
  Preferably, the recognition information includes, in addition to the identification information, user authentication information for authenticating the user of the terminal, user authentication information reading means for reading the user authentication information from the recognition information, and user authentication information User authentication means for authenticating whether the user authentication information read by the reading means is a legitimate user of the relay device, and the identification information holding means is a legitimate user by the user authentication means. If it is determined, the identification information of the terminal read by the identification information reading means is held.
[0015]
As a result, the registration of the terminal to the relay device is performed by reading the identification information including the user authentication information indicating the authorized user, such as the user ID, and identifying the terminal after authenticating the user with the user authentication information. Keep information. For this reason, the process of registering the terminal providing the relay to the public line network in the relay device is simplified. The relay device can provide relay to the public line network only to terminals owned by authorized users.
[0016]
Preferably, the apparatus further comprises password input means for inputting a user password, and the user authentication means is a combination of the user authentication information read by the user authentication information reading means and the password input by the password input means. To authenticate whether the user is an authorized user of the relay device.
[0017]
As a result, the relay device reads the recognition information including the user authentication information, and the user inputs the password to authenticate the user by combining the user authentication information and the password. Will increase.
[0018]
Preferably, it further comprises a one-time password output means for outputting a one-time password when the user authentication means determines that the user is a legitimate user, at the time of a relay request from the terminal to the public line network, When a one-time password is transmitted from the terminal, the communication relay means performs a relay process.
[0019]
Thereby, since the relay device issues a one-time password and relays communication only when the one-time password is sent from the terminal, the accuracy of authenticating that the terminal is a legitimate terminal is increased.
[0020]
Preferably, the frequency input means for inputting the frequency with the communication time or the communication amount as a parameter in association with the terminal identification information, and the terminal is assigned in association with the terminal identification information held in the identification information holding means. Frequency holding means for holding frequency, frequency measuring means for measuring communication time or traffic when communication is relayed between the terminal and the public line network, information input by the frequency input means and frequency measuring means And a frequency changing means for changing the frequency held by the frequency holding means based on the information measured in step (b), and the communication relay means, when the frequency held by the frequency holding means reaches a predetermined value Then, the relay to the terminal having the identification information associated with the frequency is stopped.
[0021]
Thus, for example, the user pays the usage fee for the public line network in advance, and registers the frequency with the communication time or the traffic as a parameter in the relay device according to the paid usage fee. On the other hand, it is possible to easily charge for communication time or communication volume.
[0022]
Preferably, when receiving a relay request from the terminal to the public line network, if the terminal identification information used for communication with the terminal does not match the identification information held in advance, And a means for issuing warning information for prompting the relay device to read the recognition information including the identification information.
[0023]
Thus, for example, when the terminal tries to receive the public line network connection service from the relay device in a state where the terminal identification information is not registered in the relay device, the terminal is first registered with the relay device. Can be encouraged.
[0026]
  According to another aspect of the invention, a terminal is a wireless communication means for performing wireless communication with another device, and an identification for holding identification information for uniquely identifying the terminal used when performing wireless communication with another device. Information holding means;From the relay deviceRecognition information including at least identification informationAs a two-dimensional codeGenerationMeans for receiving a generation program for performing recognition and recognition information by the received generation program 2 Generate as dimensional codeMeans and display means for displaying the recognition information as a two-dimensional code.
[0027]
  As a result, the terminal can display the recognition information including the identification information assigned to the terminal itself or the network interface card of the terminal as information on the display screen as a two-dimensional code. For this reason, another device provided with the two-dimensional code reading means can easily acquire the identification information of the terminal by reading the displayed recognition information. In addition, by using a two-dimensional code, a large amount of information can be used as recognition information. At first glance, the contents included in the recognition information cannot be understood by looking at the two-dimensional code. Can be used.Moreover, even if the terminal does not have a program for generating recognition information including identification information in advance, the program can be downloaded on the spot, and the terminal generates and displays recognition information including identification information using a two-dimensional code. can do.
[0028]
Preferably, the apparatus further includes user authentication means for inputting or holding user authentication information for authenticating the user of the terminal, and the recognition information includes user authentication information in addition to the identification information.
[0029]
The terminal can display recognition information including user authentication information in addition to the terminal identification information. For this reason, the other device provided with the two-dimensional code reading means can easily acquire the authentication information of the user of the terminal by reading the displayed recognition information.
[0030]
Preferably, a display password input unit is further provided, and the recognition information is displayed on the display unit when the display password is input.
[0031]
Thereby, the recognition information can be displayed on the display screen of the terminal only when the password is input. Since the recognition information is displayed only when the password is input, the recognition information is not always displayed, and only the authorized person can display the recognition information. Therefore, security regarding the recognition information can be improved.
[0032]
  According to still another aspect of the present invention, there is provided a terminal control program for controlling the operation of a terminal device having wireless communication means for performing wireless communication with another device, wherein the wireless communication means performs wireless communication with another device. A terminal control program for controlling the operation of a terminal device having a step of holding identification information for uniquely identifying a terminal used when performing wireless communication with another device, and recognition information including at least the identification information Is generated as a two-dimensional codeA generation program for a relay deviceSteps,Generating recognition information by the received generation program;Causing the computer to execute a step of displaying the recognition information as a two-dimensional code.
[0033]
Preferably, the method further includes a step of inputting a display password to the terminal device, and the step of displaying as a two-dimensional code displays recognition information when the display password is input.
[0034]
According to still another aspect of the present invention, there is provided a terminal control program for controlling the operation of a terminal device that is a computer-readable recording medium and has wireless communication means for performing wireless communication with other devices. A step of holding identification information for uniquely identifying a terminal used when performing wireless communication with the device, a step of generating recognition information including at least the identification information as a two-dimensional code, and displaying the recognition information as a two-dimensional code And a terminal control program for causing the computer to execute the steps.
[0035]
The storage medium can hold the process as a program, and the process similar to that of the terminal can be performed by causing the terminal provided with a means for reading information from the storage medium to read the process.
[0036]
Preferably, the terminal control program further includes a step of inputting a display password to the terminal device, and the step of displaying as a two-dimensional code displays recognition information when the display password is input.
[0037]
  According to still another aspect of the present invention, a network relay system including a relay device used as an access point when accessing a public line network, and a terminal that performs wireless communication with the relay device, the relay device includes: A terminal communication means for performing wireless communication with the terminal, a network communication means for connecting to a public network,Recognition information reading means for reading a two-dimensional code representing recognition information including at least identification information for uniquely identifying a terminal;A recognition information reading means for reading the terminal recognition information, an identification information reading means for reading the terminal identification information from the recognition information, an identification information holding means for holding the terminal identification information read by the identification information reading means, and a terminal When a relay request is made to the public line network, if the identification information used for establishing communication between the terminal and the relay device matches the held identification information, the relay is performed to the public line network. Communication relay means for relaying to the terminal using the stored identification informationWhen the terminal receives a relay request to the public line network and the identification information used by the terminal does not match the identification information stored in advance, the terminal identification Means for transmitting a generation program for generating and displaying recognition information including information as a two-dimensional code, and the terminal includes wireless communication means for performing wireless communication with the relay device, and identification information holding means for holding identification information Means for receiving the generation program, generation means for generating the recognition information by the generation program, and display means for displaying the recognition information as a two-dimensional codeWith.
[0038]
  Thereby, it is possible to realize a network relay process in which the terminal can connect to the Internet via the relay device. In such relay processing, the relay device reads the identification information displayed by the terminal and holds the identification information of the terminal. When the terminal requests the relay device to relay to the Internet using wireless communication, the relay device establishes wireless communication only to the terminal holding the identification information and provides relay to the Internet. This simplifies the process of registering a terminal that provides relay to the Internet in the relay device.Moreover, even if the terminal does not have a program for generating recognition information including identification information in advance, the program can be downloaded on the spot, and the terminal generates and displays recognition information including identification information using a two-dimensional code. can do.
[0039]
Preferably, the recognition information generating means of the terminal generates a two-dimensional code, the display means of the terminal displays the two-dimensional code, and the recognition information reading means of the relay device reads the two-dimensional code.
[0040]
As a result, a two-dimensional code is used as recognition information, so that a large amount of information can be used as the recognition information. Existing software and devices can be used as the means and the reading means.
[0041]
Preferably, the terminal has user authentication information input means for inputting user authentication information for authenticating the user of the terminal, and user authentication for holding the user authentication information input by the user authentication information input means. An information holding unit, wherein the terminal recognition information includes user authentication information in addition to the identification information, and the relay device includes a user authentication information reading unit that reads the user authentication information from the recognition information, and a user User authentication means for authenticating whether the user authentication information read by the authentication information reading means is a legitimate user for the relay device, and the identification information holding means is a legitimate user by the user authentication means. If it is determined that the terminal information is the terminal identification information read by the identification information reading means.
[0042]
As a result, the registration of the terminal to the relay device is performed by reading the identification information including the user authentication information indicating the authorized user, such as the user ID, and identifying the terminal after authenticating the user with the user authentication information. Keep information. For this reason, the process of registering the terminal providing the relay to the public line network in the relay device is simplified. The relay device can provide relay to the public line network only to terminals owned by authorized users.
[0043]
Preferably, the relay device further includes password input means for inputting a user password, and the user authentication means is input by the user authentication information read by the user authentication information reading means and the password input means. It authenticates whether the user is an authorized user for the relay device from the combination with the password.
[0044]
As a result, the relay device reads the recognition information including the user authentication information, and the user inputs the password to authenticate the user by combining the user authentication information and the password. Will increase.
[0045]
Preferably, the relay device further includes a one-time password output means for outputting a one-time password when the user authentication means determines that the user is a legitimate user, and the relay device is connected to the public line network from the terminal. When the one-time password is transmitted from the terminal at the time of the relay request, the communication relay means performs relaying, and the terminal further includes one-time password input means for inputting the one-time password output from the relay device.
[0046]
The relay device issues a one-time password when it is authenticated as a legitimate user by the user authentication means, and relays communication only when the one-time password is sent from the terminal. The accuracy of authenticating that the user is a legitimate user is increased.
[0047]
Preferably, the relay device further includes one-time password output means for outputting a one-time password, and when the one-time password is transmitted from the terminal when the terminal requests connection to the public line network, the communication relay means The terminal further includes one-time password input means for inputting the one-time password output from the relay device.
[0048]
Thereby, since the relay device issues a one-time password and relays communication only when the one-time password is sent from the terminal, the accuracy of authenticating that the terminal is a legitimate terminal is increased.
[0049]
Preferably, the relay device associates the frequency with the communication time or the traffic as a parameter with the terminal identification information and inputs the frequency, and the terminal with the terminal identification information held in the identification information holding means. Frequency holding means for holding the frequency assigned to the terminal, frequency measuring means for measuring communication time or traffic when communication is relayed between the terminal and the public line network, and information input by the frequency input means And a frequency changing means for changing the frequency held by the frequency holding means based on the information measured by the frequency measuring means, and the communication relay means has the frequency held by the frequency holding means at a predetermined value. If it does, relay to the terminal having the identification information associated with the frequency is stopped.
[0050]
Thus, for example, the user pays the usage fee for the public line network in advance, and registers the frequency with the communication time or the traffic as a parameter in the relay device according to the paid usage fee. On the other hand, it is possible to easily charge for communication time or communication volume.
[0051]
Preferably, when the relay device receives a relay request from the terminal to the public line network, if the identification information of the terminal used for communication with the terminal does not match the identification information held in advance, Means is provided for issuing warning information for prompting the terminal to cause the relay device to read the recognition information including the identification information.
[0052]
Thus, for example, when the terminal tries to receive the public line network connection service from the relay device in a state where the terminal identification information is not registered in the relay device, the terminal is first registered with the relay device. Can be encouraged.
[0053]
Preferably, when the relay device receives a relay request from the terminal to the public line network, if the terminal identification information used for communication with the terminal does not match the identification information held in advance, the terminal In response, a generation program for generating recognition information including identification information is transmitted.
[0054]
  Thereby, for example, when the terminal does not have a program for generating recognition information that can be displayed, the relay apparatus can distribute a program for generating recognition information including identification information of the terminal to the terminal. .
  ThisAccording to still another aspect of the present invention, the relay device includes reading means for reading a two-dimensional code, and the two-dimensional code includes at least identification information for specifying a terminal, and storage means for storing the identification information A registration unit for registering the identification information read by the reading unit in the storage unit, and a relay unit for relaying communication from the terminal according to the identification information registered in the storage unitWhen a relay request is received from a terminal whose identification information is not registered, the recognition information including the identification information is sent to the unregistered terminal. 2 Means for transmitting a generation program for generation and display as a dimensional code;Is provided.
  Thereby, the identification information of a terminal can be easily registered with a two-dimensional code. In addition, the terminal can be safely registered in the relay device without transmitting a physical address to the network.Moreover, even if the terminal does not have a program for generating recognition information including identification information in advance, the program can be downloaded on the spot, and the terminal generates and displays recognition information including identification information using a two-dimensional code. can do.
  According to still another aspect of the present invention, the relay device includes a reading unit that reads a two-dimensional code, and the two-dimensional code holds at least identification information and user information for identifying a terminal, and the identification information and use A storage means for associating and storing user information, a registration means for registering identification information and user information read by the reading means in the storage means, and authenticating a user of the terminal using the user information An authentication unit for performing communication, and a relay unit for relaying communication from the terminal according to the authentication result by the authentication unit and the identification information registered in the storage unit,When a relay request is received from a terminal whose identification information is not registered, the recognition information including the identification information is sent to the unregistered terminal. 2 Means for transmitting a generation program for generation and display as a dimensional code;Is provided.
  Thereby, by registering user information, security is enhanced by using user information at the time of user terminal authentication.Moreover, even if the terminal does not have a program for generating recognition information including identification information in advance, the program can be downloaded on the spot, and the terminal generates and displays recognition information including identification information using a two-dimensional code. can do.
  Preferably, when the terminal is registered, the storage means stores information for specifying the user as user authentication information in association with a service provided for each user.
  Thus, by associating the user information with the service, it is possible to provide a service (for example, a time-limited Internet connection service) for each user.
Preferably, the registration means performs registration based on a comparison between user authentication information registered in the storage means and information read by the reading means.
[0055]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. In the following description, the same parts are denoted by the same reference numerals, and their names and functions are also the same. Therefore, detailed description thereof will not be repeated.
[0056]
[First Embodiment]
FIG. 1 is a schematic block diagram showing a configuration of a network relay system 1000 according to the first embodiment of the present invention.
[0057]
Referring to FIG. 1, network relay system 1000 includes terminal 100, storage medium 110, and relay device 120.
[0058]
Here, the terminal 100 includes a terminal identification information holding unit 101 that holds a physical address that uniquely identifies the terminal 100, and a communication start / end processing unit 102 that performs communication start and end processing with the relay device 120. A wireless communication unit 103 that performs wireless communication with the relay device 120, a recognition information generation unit 104 that generates recognition information including terminal identification information as information, and a display unit 105 that can display the recognition information.
[0059]
Communication performed by the communication unit 103 with the relay device (access point) 120 is, for example, a TCP / IP-based wireless LAN or short-range wireless communication defined in IEEE802.11b, IEEE802.11a, IEEE802.11g, etc. Bluetooth (R), or wireless communication between a mobile phone and a base station is assumed.
[0060]
The storage medium 110 is associated with the terminal 100 in advance in a one-to-one correspondence, and holds physical address information that can uniquely identify the terminal 100 and user information such as a user name. Here, “physical address information” is information representing the same value as the physical address (MAC address) held in the terminal identification information holding unit 101 of the terminal 100. The storage medium 110 may be a paper card, a magnetic card, an IC card, or the like having a barcode or a two-dimensional code printed on the surface.
[0061]
Further, referring to FIG. 1, relay device 120 includes terminal communication device 121 that performs wireless communication with terminal 100, network communication unit 122 for connecting to the Internet, which is a wide area network, identification information reading device 123, Identification information registration unit 124, identification information determination unit 125, communication start / end processing unit 126, communication relay unit 127, fee input unit 128, frequency addition unit 129, frequency management unit 130, user information And a holding unit (user information database) 131.
[0062]
The identification information reading device 123 reads the physical address and user information of the terminal 100 from the storage medium 110 that stores the physical address of the terminal 100 used in the terminal communication device 121. As the identification information reading device 123, for example, a handy scanner, a barcode reader, a magnetic card reader, an IC card reader / writer, or the like can be used.
[0063]
The identification information registration unit 124 registers the physical address of the terminal 100 read from the identification information reading device 123 in the user information database 131 as user terminal identification information.
[0064]
The identification information determination unit 125 determines whether the physical address of the terminal 100 acquired by the terminal communication device 121 matches the physical address held in the user information database 131. If the determination results of the identification information determination unit 125 match, the “user name” in use is identified by the physical address of the terminal 100 in communication.
[0065]
The communication start / end processing unit 126 performs communication start / end processing with the terminal 100.
[0066]
The communication relay unit 127 performs relay between the terminal 100 and a public line network such as the Internet. That is, when the communication relay unit 127 receives a relay request from the terminal 100 to the Internet via the terminal communication device 121, the communication relay unit 127 receives from the terminal having a physical address that matches the physical address stored in the identification information determination unit 125. Only when it is determined to be a relay request, the communication start / end processing unit 126 starts communication and relays to the Internet.
[0067]
Note that the “public network” refers to a network in which computers or the like of a plurality of organizations that are not related to each other are connected to each other via the line.
[0068]
Further, the operator of the relay device 120 inputs a fee paid in advance by the user of the terminal 100 through the fee input unit 128. For example, the operator of the relay device 120 can input from a keyboard or the like corresponding to the physical address held in the storage medium 110 by the identification information reading device 123.
[0069]
The frequency adding unit 129 adds the frequency according to the fee paid in advance and registers it in the user information database 131. “Frequency” indicates the available communication time or communication volume, and is determined according to the usage fee paid in advance as the price of the Internet connection service.
[0070]
The frequency management unit 130 acquires the frequency stored in the user information database 131, subtracts the frequency as needed according to the usage time or the amount of communication used, and records the remaining frequency in the user information database 131 again. Process.
[0071]
FIG. 2 is a conceptual diagram showing physical addresses and frequencies that are “terminal identification information” stored in the user information database 131.
[0072]
In the user information database 131, the physical address of the user terminal 100 read from the storage medium 110 and the frequency added according to the fee input by the fee input unit 128 are stored in association with each other.
[0073]
FIG. 3 is a schematic block diagram for explaining the configuration of the communication relay unit 127 shown in FIG.
[0074]
With reference to FIG. 3, the configuration of the communication relay unit 127 and the processing to be performed will be described in more detail.
[0075]
The communication relay unit 127 transmits a data to the terminal, a terminal reception unit 132 that receives data from the terminal 100, a terminal transmission unit 133 that transmits data to the terminal 100, a network reception unit 134 that receives data from the network, and the network. A network transmission unit 135, an IP address allocation unit 136 that allocates an IP address in response to a request from a terminal, and a packet configuration unit 137 that configures a packet that is a unit of data transmission and reception.
[0076]
In this embodiment, a physical address (MAC: Media Access Control) used as identification information of the terminal 100 is a data link layer address used during normal network communication, and is unique to the network interface card. Allocated. When the terminal 100 is equipped with a network interface card having a unique physical address, the terminal can be uniquely specified by the physical address, so that the physical address can be used as the terminal identification information.
[0077]
On the other hand, the IP address assigned to the terminal 100 by the IP address assigning unit 136 is an address used in an upper layer of the physical address, and can identify the devices at both ends in communication including relay. More specifically, the terminal 100 and the connection destination to which the terminal 100 is connected via the Internet can be specified.
[0078]
FIG. 4 is a conceptual diagram showing the format of a packet used between terminal 100 and relay device 120 and a packet input / output to / from relay device 120 from the Internet.
[0079]
Referring to FIG. 4, the packet is configured with an area for storing a transmission source physical address 301, a transmission destination physical address 302, a transmission source IP address 303, a transmission destination IP address 304, and data 305.
[0080]
Referring to FIG. 1 and FIG. 4, the communication relay unit 127 uses the identification information determination unit 125 to authenticate whether it is a legitimate user terminal based on the source physical address 301 of the packet received from the terminal, and When it is authenticated that the terminal is a user terminal, it starts communication and relays to the Internet.
[0081]
The relay device 120 can be used as, for example, a wireless LAN access point installed in a fast food store. In this case, for example, a personal computer equipped with a wireless LAN card can be used as the terminal 100. A user who has made a purchase at a fast food restaurant asks a clerk to register his / her personal computer in the access point at the counter. After that, a user who sits down connects to a wireless LAN access point and receives an Internet connection service (Web access, e-mail, etc.).
[0082]
The operation of the network relay system 1000 according to the first embodiment will be described in further detail below.
[0083]
FIG. 5 is a flowchart showing a processing procedure of network relay system 1000.
[0084]
Referring to FIG. 5, as a processing procedure, first, registration processing (step S0001) of terminal 100 to relay device 120 using storage medium 110 is performed. Subsequently, a wireless communication start process (step S0002) between the terminal 100 and the relay apparatus 120 is performed, the terminal 100 and the Internet communication process (step S0003) via the relay apparatus 120, and further, the terminal 100 and the relay apparatus are relayed. Processing for disconnecting wireless communication with the device 120 (step S0004) is performed. Hereinafter, each processing procedure will be described in detail.
[0085]
The registration process to the relay device 120 of the terminal 100 in step S0001 in FIG. 5 will be described.
[0086]
As a registration process in the relay device 120, the identification information reading device 123 of the relay device 120 reads the physical address (P100) as the identification information from the storage medium 110 and registers it in the user information database 131 of the relay device 120. .
[0087]
Next, the wireless communication start process between the terminal 100 and the relay device 120 in step S0002 of FIG. 5 will be described.
[0088]
FIG. 6 is a flowchart illustrating a procedure of wireless communication start processing in the relay device 120. FIG. 7 is a conceptual diagram of a packet used in each processing procedure.
[0089]
Hereinafter, referring to FIGS. 6 and 7, first, relay device 120 receives a request for IP address assignment as shown in FIG. 7A from terminal 100 via terminal communication device 121 (step S0021). .
[0090]
As shown in FIG. 7A, in the IP address allocation request packet, the physical address value of the terminal 100 (P100) is set in the source physical address 301, and the value (P− BB) are respectively set. Note that nothing is set in the transmission source IP address 303, the transmission destination IP address 304, and the data 305.
[0091]
The relay device 120 extracts the physical address (P100) of the terminal 100 from the request source physical address 301 (step S0022). Further, the relay device 120 uses the identification information determination unit 125 to determine whether the physical address of the terminal 100 extracted from the request matches the physical address held in the identification information holding unit (step S0023).
[0092]
When the physical address matches the identification information of the regular terminal registered in advance, the relay device 120 uses the communication relay unit 127 to create a response including the IP address as information for the terminal 100 (step S0024).
[0093]
As shown in FIG. 7B, in the response packet including the IP address as information, the physical address value (P120) of the relay device 120 is set as the transmission source physical address 301, and the physical address of the terminal 100 is set as the transmission destination physical address 302. The address value (P100), the IP address value (IP120) of the relay device is set in the source IP address 303, and the IP address value (IP100) assigned to the terminal 100 is set in the destination IP address 304, respectively. ing. Note that nothing is set in the data 305.
[0094]
On the other hand, if the physical addresses do not match, the relay device 120 creates a response that does not assign an IP address to the terminal (step S0025).
[0095]
As shown in FIG. 7C, in the response packet to which no IP address is assigned, the physical address value (P120) of the relay device 120 is the source physical address 301, and the physical address of the terminal 100 is the destination physical address 302. (P100) is set in the source IP address 303 and the IP address value (IP120) of the relay device is set in the source IP address 303, but nothing is set in the destination IP address 304 and the data 305. The relay device 120 transmits the created response to the terminal 100 via the terminal communication device 121 (step S0026).
[0096]
Next, communication processing between the terminal 100 and the Internet via the relay device 120 in step S0003 in FIG. 5 will be described.
[0097]
FIG. 8 is a flowchart showing a procedure of relaying packets from the terminal 100 to the Internet in the relay device 120 in the Internet communication processing with the terminal 100 via the relay device 120. FIG. 9 is a conceptual diagram of a packet used in each processing procedure.
[0098]
8 and 9, relay device 120 receives a connection request to the Internet from terminal 100 via terminal communication device 121 (step S0027).
[0099]
As shown in FIG. 9A, in the connection request packet to the Internet, the physical address value (P100) of the terminal 100 is the source physical address 301, and the physical address of the relay device 120 is the destination physical address 302. The value (P-120) is the IP address value (IP100) assigned to the terminal 100 for the source IP address 303, and the IP address (IP) of the server on the Internet that provides the service for the destination IP address 304. -Server) is set for each.
[0100]
Next, the relay device 120 extracts the physical address (P100) of the terminal 100 from the source physical address 301 of the connection request packet to the Internet (step S0028). Further, the relay device 120 uses the identification information determination unit 125 to determine whether the physical address of the terminal extracted from the request matches the terminal identification information (physical address) registered in the user information database 131. (Step S0029). If the physical addresses match, the relay device 120 performs packet relay to the Internet (step S0030). That is, in the Internet connection request packet of FIG. 9A, the physical address value (P-120) of the relay device 120 is directly communicated to the source physical address 301, and the relay device 120 directly communicates to the destination physical address 302. The value (P-xx) of the physical address of the device (such as a router) that performs the processing is reset as shown in FIG. 9B, and the packet is transmitted to the Internet side via the network communication device 122. If the physical addresses do not match, the packet is discarded (step S0031).
[0101]
FIG. 10 is a flowchart illustrating a procedure for relaying packets from the Internet to the terminal 100 in the relay device 120 in the Internet communication processing with the terminal 100 via the relay device 120. FIG. 11 is a conceptual diagram of packets used in each processing procedure.
[0102]
Referring to FIGS. 10 and 11, relay device 120 receives a response from Internet to terminal 100 via network communication device 122 (step S0032).
[0103]
As shown in FIG. 11A, in the response packet from the Internet, the value (P-xx) of the physical address of the device (router or the like) with which the relay device 120 communicates directly with the source physical address 301 is sent. The physical address value (P120) of the relay device 120 is the physical address 302, the IP address (IP-Server) of the server on the Internet that provides the service is the source IP address 303, and the terminal is the destination IP address 304 The value (IP100) of the IP address assigned to 100 is set.
[0104]
Next, the relay device 120 extracts the value of the IP address assigned to the terminal 100 from the transmission destination IP address 304 of the response packet from the Internet (step S0033), and corresponds to the IP address from the identification information holding unit. The physical address of the terminal 100 is taken out (step S0034).
[0105]
Next, the relay device 120 performs packet relay to the terminal 100 (step S0035). That is, in the response packet from the Internet of FIG. 11A, the physical address value (P-120) of the relay device 120 is set as the source physical address 301, and the physical address value of the terminal 100 is set as the destination physical address 302. (P100) is reset as shown in FIG. 11B, and the packet is transmitted to the terminal 100 via the terminal communication device 121.
[0106]
Next, the wireless communication disconnection process between the terminal 100 and the relay device 120 in step S0004 of FIG. 5 will be described.
[0107]
FIG. 12 is a flowchart illustrating a wireless communication disconnection process in the relay device 120.
[0108]
Referring to FIG. 12, when terminal communication device 121 receives a wireless communication disconnection request issued by terminal 100 (step S0042), or when relay device 120 attempts to disconnect wireless communication with terminal 100 (step S0042). In step S0043), or when there is no response from the terminal 100 for a certain period of time (step S0044), the communication start / end processing unit 126 of the relay device 120 performs a process of ending wireless communication with the terminal 100 (step S0045).
[0109]
However, if it is attempted to disconnect the wireless communication with the terminal 100 on the relay device 120 side in step S0043, the terminal communication device 121 changes to the terminal 100 before performing the wireless communication end processing with the terminal 100 in step S0045. On the other hand, it is necessary to send a wireless communication disconnection request (step S0046).
[0110]
Here, the case of attempting to disconnect the wireless communication with the terminal 100 on the relay device 120 side is assigned to the terminal 100, for example, when the Internet connection service is terminated at the end of business hours, or in the frequency management described later. This is a case where the frequency becomes zero.
[0111]
In step S0044, when there is no response from the terminal 100 for a certain period of time, for example, a command (equivalent to a Unix (R) ping command) for confirming communication arrival with the terminal 100 is transmitted at regular intervals. This is the case when there is no response.
[0112]
In the wireless communication end process (step S0045) in the communication start / end processing unit 126, the registered physical address is deleted from the identification information holding unit 124, and the correspondence information with the IP address is also discarded. Even if the terminal 100 receives a connection request to the Internet after the end processing, the relay to the Internet is not performed. It is also possible to newly assign an IP address whose association has been canceled to another terminal.
[0113]
The process performed in the terminal 100 in the first embodiment is a process in which a personal computer equipped with a wireless LAN is connected to a wireless LAN access point whose use is restricted by a physical address to perform Internet access. Since they are the same, the description is omitted here.
[0114]
In this way, by using the physical address as the terminal identification information, the terminal can be connected to the Internet without complicated settings and without adding a new device. In the relay device, the terminal can be easily specified by the physical address of the terminal.
[0115]
Further, as a method for registering a terminal in the relay apparatus, by using a storage medium in which the physical address of the terminal is used, it is possible to easily register without performing complicated work. Since the storage medium can be carried in various places, the registration work to the relay device is facilitated.
[0116]
[Second Embodiment]
Next, the configuration of the network relay system 2000 according to the second embodiment of the present invention will be described in detail.
[0117]
The configuration of the network relay system 2000 is the same as that of the network relay system 1000 according to the first embodiment. However, in the network relay system 2000, user information (user name, etc.) and a user password are set for each user as user authentication information for registering the terminal 100 in the relay device 120, and the relay device 120 A configuration for determining whether or not to provide the Internet connection service to the terminal 100 after authenticating the user using the user authentication information is provided.
[0118]
FIG. 13 is a schematic block diagram of a relay device 120 ′ used in the network relay system 2000 according to the second embodiment.
[0119]
Referring to FIG. 13, in addition to the configuration of relay device 120 in network relay system 1000 according to the first embodiment, relay device 120 ′ associates a user password and a one-time password with the physical address of terminal 100. A user authentication information storage unit 132 that records the user information, a user authentication unit 133 that authenticates the user of the terminal 100 from the user information and the user password, and a one-time password that issues a one-time password to the user of the terminal 100 A password issuing unit 134, a one-time password output device 135 that outputs the issued one-time password, and a user password input device 136 that inputs a user password are provided.
[0120]
Here, the “user password” may be information that can authenticate each user individually. For example, when each user makes a registration application in advance in order to use the network relay system 2000, The password may be a combination of numerical values, characters, symbols, etc. assigned to the user by the network relay system 2000 operator, or the network relay system 2000 operator may use a biometric such as the user's fingerprint. Information may be registered in advance. Therefore, the “user password” is authentication information that can be commonly used by the user for each of the network relay systems 2000 installed at a plurality of locations.
[0121]
On the other hand, the “one-time password” is issued each time from the one-time password output device 135 when using the network relay system 2000 installed in a specific place, and is used for a predetermined communication period. It is information for authenticating. Here, the “predetermined communication period” may be a period from the start of communication via the relay device 120 to the end of the communication, or the frequency registered for the user. A corresponding period may be used.
[0122]
The user authentication unit 133 and the one-time password issuing unit 134 are placed inside the relay device 120 ′ for convenience, but may be realized as an authentication server that is an external service of the relay device 120 ′.
[0123]
The one-time password output device 135 outputs the one-time password issued by the one-time password issuing unit 134. Specifically, the one-time password output device 135 corresponds to a display device such as a display and a printing device such as a printer. The user password input device 136 is a part where the user of the terminal 100 directly inputs the user password to the relay device 120 ′, and specifically includes a numeric keypad, a keyboard, or a biometric information input device such as a fingerprint. Is done.
[0124]
The terminal 100 is also provided with a one-time password input unit 106 for inputting the one-time password output from the one-time password output device 135 to the terminal 100.
[0125]
That is, the following four types of information are used for user authentication in the second embodiment.
[0126]
(1) User information 1 (user name etc.) included in the storage medium 110.
(2) A user password input from the user password input device 136 of the relay device 120.
[0127]
(3) User information 2 (user name, etc.) sent from the terminal 100 at the time of wireless communication connection.
[0128]
(4) A one-time password issued by the one-time password issuing unit 134 and sent from the terminal 100 when wireless communication is connected.
[0129]
In the network relay system 2000 according to the second embodiment, a user authentication method including all the above four will be described. In addition, it is sufficient that at least one of the above four user authentication methods is provided for implementation.
[0130]
Here, FIG. 14 shows the physical address and frequency, which are “terminal identification information” stored in the user information database 131, and “user authentication information” stored in the user authentication information storage unit 132. It is a conceptual diagram.
[0131]
The “terminal identification information” shown in FIG. 14A is the same as that in the first embodiment.
On the other hand, as shown in FIG. 14B, user information (user name and the like) and user password set for each user are registered in the user authentication information storage unit 132 in advance. The set user information (user name, etc.) and the user password are notified in advance to the user, and in addition to the physical address of the terminal 100, the user information (user name, etc.) is stored in the storage medium 110. Is included. As user information, in addition to the user name, payment information such as a credit card number may be included.
[0132]
Further, it is assumed that the user authentication information storage unit 132 stores the one-time password issued by the one-time password issuing unit 134 and terminal identification information (physical address) in association with the user information.
[0133]
Hereinafter, the processing procedure of the network relay system 2000 will be described.
The basic flow of processing of the network relay system 2000 is the same as that of the network relay system 1000 of the first embodiment shown in FIG.
[0134]
However, the network relay system 2000 differs from the network relay system 1000 in the specific contents of the individual processes in steps S0001 to S0004 in FIG.
[0135]
Therefore, first, also in the network relay system 2000, the registration process to the relay device 120 of the terminal 100 is performed using the storage medium 110 as in step S0001 of FIG.
[0136]
FIG. 15 is a flowchart for explaining processing unique to the second embodiment of the relay device 120 ′ performed in addition to the processing in the first embodiment.
[0137]
Referring to FIG. 15, user information (user name, etc.) and terminal identification information (physical address) are read from storage medium 110 by identification information reader 123 of relay device 120 ′ (step S0151).
[0138]
Next, the user password input by the user of the terminal 100 is acquired via the user password input device 136 (step S0152). The relay device 120 ′ sends the user information (user name, etc.) acquired in step S0151 and the user password acquired in step S0152 to the user authentication unit 133, and the user authentication unit 133 is registered. It is checked whether the user is a regular user (step S0153).
[0139]
If the user authentication unit 133 determines that the user is not an authorized user, an error message is output to the display device or the like (step S0154), and the process ends.
[0140]
On the other hand, if the user authentication unit 133 determines that the user is a legitimate user, the one-time password issuing unit 134 issues a one-time password (step S0155).
[0141]
The physical address read from the storage medium 110, the user password input from the user password input device 136, and the one-time password issued by the one-time password issuing unit 134 are combined and held in the user authentication information storage unit 132. (Step S0156).
[0142]
In this step, when the user password is already used for authentication in the user authentication unit 133, it is not necessary to hold the user password. The issued one-time password is output from the one-time password issuing unit 134 and passed to the user of the terminal 100 (step S0157).
[0143]
The one-time password passed to the user is given to the terminal 100 by the user from the one-time password input unit 106 of the terminal 100, and stored in the terminal identification information holding unit 101 together with the terminal identification information, for example. It is possible.
[0144]
FIG. 16 shows a second example of the relay device 120 ′ performed in addition to the processing in the first embodiment as the start processing of the wireless communication between the terminal 100 and the relay device 120 ′ in step S0002 of FIG. It is a flowchart for demonstrating the process peculiar to this embodiment.
[0145]
Referring to FIG. 16, relay device 120 ′ transmits a packet including user information (user name, etc.) and a one-time password as shown in FIG. 7D from terminal 100 through terminal communication device 121. (Step S2001), and the source physical address of the received packet is taken out as the physical address of the terminal 100 (step S2002).
[0146]
Next, the one-time password and the user password held in association with the physical address extracted in step S2002 are extracted from the user authentication information storage unit 132 (step S2003).
[0147]
The one-time password received in step S2001 is compared with the one-time password extracted in step S2003 (step S2004). If they do not match, an error is returned to the terminal 100 or a response not assigned an IP address is returned (step S2005) The process is terminated.
[0148]
On the other hand, if they match in step S2004, the user information (user name, etc.) received in step S2001 and the user password extracted in step S2003 are combined and sent to the user authentication unit 133 and registered. It is checked whether the user is an authorized user (step S2006).
[0149]
If the user authentication unit 133 determines that the user is not a legitimate user, an error is returned to the terminal 100 or a response not assigned an IP address is returned (step S2007), and the process is terminated.
[0150]
If the user authentication unit 133 determines that the user is a legitimate user, a response for assigning an IP address to the terminal 100 is returned (step S2008), and the process ends. In the subsequent communication, it is assumed that the terminal 100 belongs to a legitimate user, and the relay device 120 provides a relay service with the Internet.
[0151]
In the terminal 100, user information (user name, etc.) and a one-time password are set and a packet including them is generated and transmitted in the wireless communication start process.
[0152]
In this way, by using the user authentication information, it is possible to prevent the terminal from being illegally registered when registering the terminal to the relay apparatus. When the connection request to the relay apparatus is requested, the user authentication is performed. Since the IP address is assigned to the terminal after performing the above, other users can be prevented from using it illegally.
[0153]
[Third Embodiment]
Next, the network relay system according to the third embodiment of the present invention will be described in detail.
[0154]
The configuration of the network relay system according to the third embodiment is the same as that of the network relay system 1000 according to the first embodiment. However, in the third embodiment, in addition to the processing performed by the network relay system 1000 of the first embodiment, billing is performed according to the communication time or communication amount to the Internet. Charging is performed according to the frequency determined according to the paid usage fee. When the frequency is subtracted to 0 according to the communication time or communication volume used, the terminal 100 cannot communicate with the relay device 120.
[0155]
The processing procedure is divided into a frequency registration process according to the paid usage fee and a frequency subtraction process according to the used communication time or traffic.
[0156]
FIG. 17 is a flowchart illustrating a procedure of processing for registering the frequency in the relay apparatus 120. Here, in the registration process (step S0001) of the terminal 100 in FIG. 5, the frequency registration is performed simultaneously with the registration process of the terminal 100.
[0157]
With reference to FIG. 17, the identification information reading device 123 of the relay device 120 reads the physical address (P100) as identification information from the storage medium 110 (step S0011).
[0158]
The identification information determination unit 125 is used to determine whether the physical address matches the stored physical address (step S0012). If it is determined that they match, the frequency stored in association with the physical address by the user information holding unit 131 is extracted (step S0013).
[0159]
The fee paid by the fee input unit 128 is input (step S0014). If it is not determined that they match, the frequency registration process is terminated. The frequency is added according to the fee paid by the frequency adding unit 130 (step S0015). The user information holding unit holds the frequency in association with the physical address (step S0016).
[0160]
This frequency may be held in association with the user name and user password described in the second embodiment. This makes it possible to charge for each user, not for each terminal during communication.
[0161]
The fee is input to the relay device 120 by the store clerk from the register keyboard or the like according to the amount paid by the user at the fast food restaurant or the like.
[0162]
FIG. 18 is a flowchart showing the procedure of the frequency subtraction process according to the communication time or communication volume used in the relay device 120.
[0163]
That is, the process shown in FIG. 18 is a process performed in step S0002 of FIG.
[0164]
Referring to FIG. 18, when the communication start process is performed, relay device 120 reads the frequency held in association with the physical address by user information holding unit 131 (step S0051).
[0165]
Subsequently, the frequency management unit 131 waits until a certain communication time or communication amount is reached (step S0052), and subtracts the frequency (step S0053). The remaining frequency is recorded in the frequency holding unit 127 (step S0054).
[0166]
When the frequency becomes 0, the frequency subtraction process is ended (step S0055), and the relay apparatus 120 is requested to perform a disconnection process (step S0056). The frequency subtraction process is terminated before the cutting process (step S0004) in FIG. 5 is performed.
[0167]
As a point card, the remaining number may be managed by a storage medium. When the terminal 100 is registered in the relay device 120, the remaining frequency is read from the storage medium, the frequency is added according to the paid usage fee, and is written to the storage medium. The relay device 120 also manages the remaining number. After the communication end processing, the frequency is managed as a point card by writing the remaining frequency managed by the relay device 120 to the storage medium. The storage medium may be a magnetic card, an IC card, or the like that can be read by the relay device 120.
[0168]
In this way, charging can be performed by managing the connection by subtracting the frequency according to the communication time or communication volume to the Internet.
[0169]
[Fourth Embodiment]
The fourth embodiment is a modification of the first to third embodiments, and has a function of transmitting a message from the relay device 120 or the relay device 120 ′ to the terminal 100. For example, the following message can be assumed.
[0170]
(1) When the terminal 100 tries to receive an Internet connection service from the relay device 120 (or the relay device 120 ′) without registering the physical address of the terminal 100 in the relay device 120 (or the relay device 120 ′), A message prompting the user to perform the registration process first is transmitted.
[0171]
(2) In a state where user authentication information (user information and user password) of the terminal 100 is not registered in advance in the relay device 120 (or relay device 120 ′) or the user authentication unit 133 of the external authentication server, When the terminal 100 tries to receive an Internet connection service from the relay device 120 (or the relay device 120 ′), a message that prompts the user to perform user registration processing is transmitted.
[0172]
(3) The frequency is monitored by the frequency management unit 130 of the relay device 120 (or the relay device 120 ′), the remaining frequency held by the user information holding unit 131 that holds the frequency is monitored, and the remaining frequency is constant. When the frequency becomes less than the number of times, a message for notifying the terminal 100 that the remaining frequency is small is transmitted.
[0173]
As a configuration for notifying the message as described above, a control unit is provided in the relay device 120 (or relay device 120 ′) to determine whether the messages (1) to (3) need to be transmitted, A message may be transmitted from the terminal communication device 121 to the terminal 100 according to the control from the control unit. Further, on the terminal 100 side, there are a method of displaying the remaining frequency on the screen of the display unit 105 of the terminal 100, a warning sound on the terminal 100 side, a method of notifying the terminal 100 by e-mail, and the like. be able to.
[0174]
Specifically, for example, it is assumed that the terminal 100 can perform mobile phone communication and can receive mobile phone mail. If a packet including the mobile phone mail address of the terminal 100 is received via the terminal communication device 121 at the start of the wireless communication process, a message can be sent to the terminal 100 using the mobile phone mail.
[0175]
Further, in the procedure of the wireless communication start process in the relay apparatus 120 described with reference to FIG. 6, an IP address is not assigned when a physical address is not registered. However, an IP address is assigned for the time being and transmitted during the relay process. It is also possible to implement such that the relay to the Internet is not performed based on the original physical address or the source IP address, or only the internal content of the relay device 120 can be accessed. In this case, when the browser of the terminal 100 sends a packet to the Internet to perform Web access, a process of redirecting to a page on which a message from the relay device 120 is written without relaying to the Internet is also considered. It is done.
[0176]
Further, after the IP address assignment is completed, if a packet including the mail address of the terminal 100 is received via the terminal communication device 121 at the start of the wireless communication process, the message is directly mailed via the wireless communication. Can also be delivered.
[0177]
When transmitting the message as described in (3) above, the relay device 120 (or relay device 120 ′) notifies the terminal 100 that the remaining frequency is low or the remaining frequency is close to 0. The user is alerted and can add the remaining frequency.
[0178]
[Fifth Embodiment]
Next, the configuration and operation of the network relay system according to the fifth embodiment of the present invention will be described in detail.
[0179]
FIG. 19 is a schematic block diagram for explaining a configuration of a network relay system 3000 according to the fifth embodiment.
[0180]
The network relay system 3000 includes a terminal 210 and a relay device 120. However, unlike the configuration of the network relay system 1000, the storage medium 110 is not included. Other parts that are the same as or equivalent to those of the network relay system 1000 according to the first embodiment are denoted by the same reference numerals.
[0181]
The configuration of the relay device 120 of the network relay system 3000 is the same as that of the network relay system 1000 according to the first embodiment.
[0182]
However, the terminal 210 creates recognition information including the physical address of the terminal 210 as information on the display screen of the display unit 213.
[0183]
In the process corresponding to step S0001 in FIG. 5, the relay device 120 reads the recognition information displayed on the screen of the terminal 210 with a scanner or camera, analyzes the recognition information and extracts the physical address, thereby relaying the terminal 210. Registration processing to the device 120 is performed.
[0184]
Hereinafter, the configuration of the terminal 210 will be described with reference to FIG. The terminal 210 includes a terminal identification information holding unit 211 that holds a physical address that uniquely identifies the terminal, a recognition information creation unit 212 that creates recognition information that includes the physical address of the terminal as information, and recognition information that holds the recognition information. A storage unit 219, a display unit 213 that displays recognition information, a communication start / end processing unit 214 that performs communication start and end processing with the relay device 120, a communication unit 215 that performs wireless communication with the relay device 120, and recognition information A display password input unit 216 for inputting a display password necessary for displaying the user, a user authentication information input unit 217 for inputting user authentication information for authenticating the user of the terminal, and the user A user authentication information holding unit 218 that holds the user authentication information input by the authentication information input unit.
[0185]
In the following, an implementation procedure for a method of creating and displaying recognition information including the physical address of the terminal 210 will be described.
[0186]
FIG. 20 is a flowchart for explaining a procedure for generating and displaying or printing recognition information including physical addresses as information in the terminal 210.
[0187]
Referring to FIG. 20, terminal 210 acquires terminal identification information (step S0061). The terminal identification information is a physical address assigned to the terminal 210 itself, or a physical address of a communication device used by being attached to the terminal 210 such as a wireless LAN card.
[0188]
Next, the terminal 210 activates a program for creating recognition information (step S0062), and creates recognition information including the physical address of the terminal 210 as information by the recognition information creation program (step S0063). In the process of creating recognition information, user authentication information such as a user name may be included.
[0189]
Next, the terminal 210 stores the created recognition information in the recognition information storage unit 219 (step S0064), and displays the recognition information on the display screen of the terminal 210 in accordance with a user instruction (step S0065), or on paper or the like The recognition information is printed on the medium (step S0066). Note that, as a user instruction in step S0065, display may be performed only when a display password is input from the display password input unit 216. Since the recognition information including the physical address of the terminal 100 is not always displayed on the display screen of the terminal 100, it is possible to prevent snooping and improve safety.
[0190]
FIG. 21 is a flowchart showing a procedure for registration on the relay device 120 side. FIG. 21 shows a procedure in which the relay device 120 reads the recognition information including the physical address as information from the display screen of the terminal 210, decodes the recognition information, acquires the physical address, and registers it.
[0191]
Referring to FIG. 21, relay device 120 reads the recognition information displayed on terminal 210 by holding the screen of terminal 210 on which the recognition information is displayed over identification information reading device 123 of the relay device (step S0071). .
[0192]
Next, the relay device 120 detects the position of the recognition information from the read information (step S0072). Among them, the relay device 120 cuts out only the recognition information portion (step S0073), and decodes the cut recognition information (step S0074).
[0193]
Further, the relay device 120 acquires terminal identification information (physical address of the terminal 210) and registers it in the user information database by the identification information registration unit 124 of the relay device 120 (step S0075).
[0194]
Procedure for creating authentication information including user authentication information acquired from the user authentication unit at the terminal 210, reading the authentication information displayed on the terminal at the relay device 120, performing user authentication, and registering the terminal 210 Since this is the same as in the first embodiment, description thereof will not be repeated.
[0195]
The “recognition information” in the fifth embodiment is expressed by, for example, a two-dimensional code or a bar code, and the identification information reading device 123 of the relay apparatus 120 is, for example, a two-dimensional code or A scanner that can read a barcode.
[0196]
Further, the “two-dimensional code” is a method of recording digital information by arranging black and white information two-dimensionally on a recording surface, and QR code, MaxiCode, PDF417 (two-dimensional barcode), and the like are known. Information corresponding to the bits of the digital data is mapped and recorded in black and white cells or black and white bars. A two-dimensional code can record information of about 1 Kbyte, while a barcode has only an information amount of about several tens of bytes.
[0197]
FIG. 22 is a conceptual diagram illustrating a procedure in which a two-dimensional code including the physical address of the terminal 210 as information is displayed on the display screen of the terminal 210 and the identification information reading device 123 of the relay device 120 reads the recognition information.
[0198]
For example, when a wireless LAN access point installed in a fast food restaurant is installed, a user who has made a purchase presents a personal computer (terminal 210) on which a two-dimensional code is displayed at a counter. The store clerk reads the two-dimensional code displayed on the screen of the personal computer with a scanner (identification information reader 123) installed at the cash register. The physical address decoded from the two-dimensional code is sent to the server that manages the access point, and is registered in the identification information holding unit 124.
[0199]
In this way, recognition information including the physical address of the terminal 210 is created on the terminal side, and the relay device 120 reads the recognition information displayed on the display screen of the terminal, so that the physical address of the terminal can be easily disclosed. Safety is improved in that it is not done.
[0200]
[Sixth Embodiment]
The network relay system of the sixth embodiment is a modification of the fourth embodiment, and uses a terminal 210 of the fifth embodiment instead of the terminal 100.
[0201]
That is, when the terminal 100 tries to receive the Internet connection service from the relay device 120 without registering the physical address of the terminal 100 in the relay device 120, a message prompting to perform the registration process first is received from the relay device 120. It is transmitted to the terminal device 210. Further, the relay device 120 distributes not only such a message but also a program for generating recognition information including a physical address to the terminal 210.
[0202]
For example, in the procedure of the wireless communication start process in the relay apparatus 120 of FIG. 6, instead of performing the process of step S0025, an IP address is assigned to the unregistered terminal 210 for the time being. In addition, the terminal 210 that is not registered is not relayed to the Internet by looking at the transmission source physical address or the transmission source IP address during the relay process, or can access only the internal content of the relay device 120. Implementation to do.
[0203]
In this case, when a browser of the unregistered terminal 210 sends a packet to the Internet to perform Web access, the browser 210 redirects to a page on which a message from the relay device 120 is written without relaying to the Internet. Can also be considered.
[0204]
FIG. 23 is a conceptual diagram illustrating a screen displayed on the terminal 210 when performing processing such as redirecting to a page in which a message from the relay device 120 is written.
[0205]
As shown in FIG. 23, a program for generating recognition information including a physical address can be downloaded from this page.
[0206]
In the fourth embodiment, the method for transmitting a message by cellular phone mail or mail via wireless communication has been described. A program for generating recognition information including a physical address as attached data of these mails is provided. In addition, it is also possible to transmit to the terminal 210. Thus, even if the terminal 210 does not have a program for generating recognition information including a physical address in advance, the terminal 210 can download the program on the spot and generate and display recognition information (two-dimensional code) including the physical address and the like. can do.
[0207]
In the first to sixth embodiments described above, the processing performed by the terminal 100 (or terminal 210) and the relay device 120 (or relay device 120 ′) is realized as software by a program.
[0208]
This program can be distributed by storing it in a computer-readable storage medium, and each program is installed in the terminal 100 (or terminal 210) and the relay device 120 (or relay device 120 ′) in each process. It can be configured to be executed.
[0209]
Examples of storage media include tape media such as magnetic tape and cassette tape, magnetic disks such as floppy (R) disks and hard disks, CD-ROM (Compact Disc Read Only Memory) / MO (Magneto-Optics) disks / Disc media consisting of optical discs such as MD (Mini Disc) / DVD (Digital Versatile Disc), card systems such as IC cards and optical cards, mask ROM (Read Only Memory), EPROM (Erasable and Programmable Read Only Memory) Any medium such as an EEPROM (Electrically Erasable and Programmable Read Only Memory), a solid memory element including a semiconductor memory such as a flash ROM, or the like may be used.
[0210]
The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.
[0211]
【The invention's effect】
As described above, according to the present invention, it is possible to easily register a user's terminal to a relay apparatus that provides an Internet connection service, and it is not specified even if a special apparatus is not installed in the terminal. Many people can use the Internet easily. The user can connect to the Internet without performing complicated settings for the terminal, and the relay device can easily identify the terminal and perform billing.
[0212]
Furthermore, when a terminal is registered with the relay device, by authenticating the user using the user authentication information, only the terminal authenticated as possessed by the authorized user is registered, and the terminal is illegally registered. Can be prevented.
[Brief description of the drawings]
FIG. 1 is a schematic block diagram showing a configuration of a network relay system 1000 according to a first embodiment of the present invention.
FIG. 2 is a conceptual diagram showing physical addresses and frequencies that are “terminal identification information” stored in a user information database 131;
3 is a schematic block diagram for explaining a configuration of a communication relay unit 127 shown in FIG.
FIG. 4 is a conceptual diagram showing a format of a packet used between terminal 100 and relay device 120 and a packet input / output to / from relay device 120 from the Internet.
FIG. 5 is a flowchart showing a processing procedure of network relay system 1000;
6 is a flowchart illustrating a procedure of wireless communication start processing in the relay apparatus 120. FIG.
FIG. 7 is a conceptual diagram of a packet used in each processing procedure.
FIG. 8 is a flowchart showing a procedure for relaying a packet from the terminal 100 to the Internet in the relay apparatus 120;
FIG. 9 is a conceptual diagram of a packet used in each processing procedure.
FIG. 10 is a flowchart showing a packet relay procedure from the Internet to the terminal 100 in the relay device 120;
FIG. 11 is a conceptual diagram of a packet used in each processing procedure.
12 is a flowchart showing wireless communication disconnection processing in the relay apparatus 120. FIG.
FIG. 13 is a schematic block diagram of a relay device 120 ′ used in the network relay system 2000 according to the second embodiment.
14 is a conceptual diagram showing a physical address and frequency as “terminal identification information” stored in a user information database 131, and “user authentication information” stored in a user authentication information storage unit 132. FIG. is there.
FIG. 15 is a flowchart for explaining processing unique to the second embodiment of the relay device 120 ′;
FIG. 16 is a flowchart for explaining processing unique to the second embodiment of the relay device 120 ′ as start processing of wireless communication between the terminal 100 and the relay device 120 ′;
FIG. 17 is a flowchart illustrating a procedure of processing for registering a frequency in the relay apparatus.
FIG. 18 is a flowchart showing a procedure of frequency subtraction processing according to the communication time or communication volume used in relay apparatus 120.
FIG. 19 is a schematic block diagram for explaining a configuration of a network relay system 3000 according to the fifth embodiment.
FIG. 20 is a flowchart for explaining a procedure for generating and displaying or printing recognition information including a physical address as information in terminal 210;
FIG. 21 is a flowchart showing a procedure for registration on the relay device 120 side;
FIG. 22 is a conceptual diagram illustrating a procedure for reading the recognition information by the identification information reading device 123 of the relay device 120.
FIG. 23 is a conceptual diagram showing a screen displayed on terminal 210 when performing a process of redirecting to a page on which a message from relay device 120 is written.
[Explanation of symbols]
100 terminal, 101 terminal identification information holding unit, 102 communication start / end processing unit, 103 wireless communication unit, 104 recognition information creation unit, 105 display unit, 110 storage medium, 120, 120 ′ relay device, 121 terminal communication device, 122 Network communication unit, 123 identification information reader, 124 identification information registration unit, 125 identification information determination unit, 126 communication start / end processing unit, 127 communication relay unit, 128 fee input unit, 129 frequency addition unit, 130 frequency management unit, 131 User information holding unit, 134 One-time password issuing unit, 135 One-time password output device, 136 User password input device, 210 terminal, 211 Terminal identification information holding unit, 212 Recognition information creating unit, 213 Display unit, 214 Communication Start / end processing unit, 215 communication unit, 216 display Seward input unit, 217 User authentication information input unit, 218 User authentication information holding unit, 219 Recognition information storage unit, 1000, 2000, 3000 Network relay system.

Claims (16)

A relay device used as an access point when a terminal accesses a public line network,
Terminal communication means for performing wireless communication with the terminal;
Network communication means for connecting to the public network;
Recognition information reading means for reading a two-dimensional code representing recognition information including at least identification information for uniquely identifying the terminal;
Identification information reading means for reading terminal identification information from the recognition information;
Identification information holding means for holding the identification information of the terminal read by the identification information reading means;
When relay request from the terminal to the public network, when said the identification information and the held identification information transmitted said end late or found for establishing communication terminal and the relay apparatus are identical A communication relay means for performing relay to the public line network and relaying to the terminal using the held identification information at the time of relay request from the public line network to the terminal ;
When receiving a relay request from the terminal to the public line network, if the identification information used by the terminal for communication and the identification information held in advance do not match, And a means for transmitting a generation program for generating and displaying the recognition information including the identification information of the terminal as the two-dimensional code . The recognition information includes, in addition to the identification information, user authentication information for authenticating a user of the terminal,
User authentication information reading means for reading the user authentication information from the recognition information;
User authentication means for authenticating whether the user authentication information read by the user authentication information reading means is an authorized user of the relay device;
The said identification information holding | maintenance means hold | maintains the said identification information of the said terminal read by the said identification information reading means, when it determines with the said user authentication means being a regular user. Relay device. A password input means for inputting the password of the user;
The user authentication means includes a user who is an authorized user of the relay device from a combination of the user authentication information read by the user authentication information reading means and a password input by the password input means. The relay device according to claim 2, wherein authentication is performed to determine whether or not there is. A one-time password output means for outputting a one-time password when the user authentication means determines that the user is a legitimate user;
The relay device according to claim 2 or 3, wherein when the one-time password is transmitted from the terminal when the terminal requests to relay to the public line network, the communication relay unit performs a relay process. It further comprises a one-time password output means for outputting a one-time password,
Requests to connect to the public network from the terminal, when the one-time password from the terminal is transmitted, performs relay processing in the communication relay means, a relay device according to claim 1. A frequency input means for inputting a frequency having a communication time or a traffic volume as a parameter in association with the identification information of the terminal;
Frequency holding means for holding the frequency assigned to the terminal in association with the identification information of the terminal held in the identification information holding means;
Frequency measuring means for measuring communication time or traffic when communication is relayed between the terminal and the public line network;
A frequency changing means for changing the frequency held by the frequency holding means based on the information input by the frequency input means and the information measured by the frequency measuring means;
The said communication relay means stops the relay with respect to the terminal with the identification information matched with the said frequency, when the said frequency hold | maintained by the said frequency holding means becomes a predetermined value. The relay device according to any one of the above.   When receiving a relay request from the terminal to the public line network, if the identification information of the terminal used for communication with the terminal does not match the identification information held in advance, the terminal The relay apparatus according to claim 1, further comprising means for issuing warning information that prompts the relay apparatus to read the recognition information including the identification information. Wireless communication means for performing wireless communication with other devices;
Identification information holding means for holding identification information for uniquely identifying a terminal used when performing wireless communication with other devices;
Means for receiving a generation program for generating recognition information including at least the identification information as a two-dimensional code from a relay device ;
Generating means for generating the recognition information as the two-dimensional code by the generated generation program ;
And a display means for displaying the recognition information as the two-dimensional code. A user authentication means for inputting or holding user authentication information for authenticating a user of the terminal;
The terminal according to claim 8 , wherein the recognition information includes the user authentication information in addition to the identification information. A display password input means;
The terminal according to claim 8 or 9 , wherein when the display password is input, the recognition information is displayed on the display means. A terminal control program for controlling the operation of a terminal device having wireless communication means for performing wireless communication with other devices,
Holding identification information for uniquely identifying a terminal used when performing wireless communication with the other device;
Receiving from the relay device a generation program for generating recognition information including at least the identification information as a two-dimensional code;
Generating the recognition information by the received generation program;
A terminal control program for causing a computer to execute the step of displaying the recognition information as the two-dimensional code. A network relay system comprising a relay device used as an access point when accessing a public line network, and a terminal that performs wireless communication with the relay device,
The relay device is
Terminal communication means for performing wireless communication with the terminal;
Network communication means for connecting to the public network;
Recognition information reading means for reading a two-dimensional code representing recognition information including at least identification information for uniquely identifying the terminal;
Recognition information reading means for reading the recognition information of the terminal;
Identification information reading means for reading the identification information of the terminal from the recognition information;
Identification information holding means for holding the identification information of the terminal read by the identification information reading means;
When the relay request from the terminal to the public line network is made, if the identification information used for establishing communication between the terminal and the relay device matches the held identification information, the relay to the public line network Communication relay means for relaying to the terminal using the stored identification information when a relay request is made from the public line network to the terminal ;
When receiving a relay request from the terminal to the public line network, if the identification information used by the terminal for communication and the identification information held in advance do not match, And a means for transmitting a generation program for generating and displaying the recognition information including the identification information of the terminal as the two-dimensional code,
The terminal
Wireless communication means for performing wireless communication with the relay device;
Identification information holding means for holding the identification information;
Means for receiving the generating program;
Generating means for generating the recognition information by the generating program;
A network relay system comprising display means for displaying the recognition information as the two-dimensional code . A relay device,
Comprising reading means for reading a two-dimensional code;
The two-dimensional code includes at least the identification information for specifying a terminal,
Storage means for storing the identification information;
Registration means for registering the identification information read by the reading means in the storage means;
Relay means for relaying communication from the terminal according to the identification information registered in the storage means ;
When a relay request is received from a terminal whose identification information is not registered, a generation program for generating and displaying recognition information including the identification information as a two- dimensional code is transmitted to the unregistered terminal. And a relay device. A relay device,
Comprising reading means for reading a two-dimensional code;
The two-dimensional code holds at least identification information for identifying a terminal and user information,
Storage means for associating and storing the identification information and the user information;
A registration unit for registering the identification information and the user information read by the reading unit in the storage unit;
An authentication means for authenticating a user of the terminal using the user information;
According to the authentication result by the authentication means and the identification information registered in the storage means,
Relay means for relaying communication from the terminal ;
When a relay request is received from a terminal whose identification information is not registered, a generation program for generating and displaying recognition information including the identification information as the two-dimensional code is transmitted to the unregistered terminal A relay device. The storage means stores information for identifying a user as user authentication information in association with a service provided for each user when registering the terminal. 13. The relay device according to 3 or 14 . The relay according to claim 15 , wherein the registration unit performs registration based on a comparison between the user authentication information registered in the storage unit and information read by the reading unit. apparatus.

Images