[go: up one dir, main page]

JP2004007375A - Communication repeater - Google Patents

Communication repeater Download PDF

Info

Publication number
JP2004007375A
JP2004007375A JP2002337564A JP2002337564A JP2004007375A JP 2004007375 A JP2004007375 A JP 2004007375A JP 2002337564 A JP2002337564 A JP 2002337564A JP 2002337564 A JP2002337564 A JP 2002337564A JP 2004007375 A JP2004007375 A JP 2004007375A
Authority
JP
Japan
Prior art keywords
communication
terminal
protocol
trunk
communication line
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2002337564A
Other languages
Japanese (ja)
Inventor
Hirobumi Terada
寺田 博文
Hideo Ikeda
池田 英生
Takuya Kusaka
日下 卓也
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kobe Steel Ltd
Original Assignee
Kobe Steel Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kobe Steel Ltd filed Critical Kobe Steel Ltd
Priority to JP2002337564A priority Critical patent/JP2004007375A/en
Publication of JP2004007375A publication Critical patent/JP2004007375A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Communication Control (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

<P>PROBLEM TO BE SOLVED: To provide a communication repeater which realizes prevention of taking a plurality of assignment signals by a terminal, and privacy protection and security improvement for a terminal user simply and at low costs in the communication repeater which repeats the interval between a trunk communication line such as CATV and FTTH and a terminal connected thereto by radio. <P>SOLUTION: The communication repeater is provided with a master station modem 11b which mutually converts a trunk side PPP (Point to Point Protocol) used in a trunk communication line ML, and a TCP/IP which enables a one-to-many communication with a plurality of terminals TEs by using a communication signal assigned by the trunk side PPP, and a PPPoE server 14b which mutually converts the TCP/IP and a terminal side communication protocol in which PPPoE is added to the lower layer of the TCP/IP. The PPPoE server 14b has an authentication function for authenticating whether or not the connection to the trunk communication line ML is permitted to each of the terminals TEs, and a function of dynamically assigning an IP address to each of the terminals TEs. <P>COPYRIGHT: (C)2004,JPO

Description

【0001】
【発明の属する技術分野】
本発明は,CATVやFTTH等の基幹通信回線と各戸に設置される端末との間の無線通信を中継する無線中継装置に関するものである。
【0002】
【従来の技術】
近年,データ通信の急速な普及に伴い,高速な回線網への需要がますます増大している。しかしながら,CATV(ケーブルテレビ)やFTTH(Fiber To The Home)等,有線により提供される基幹通信回線は,各戸別に導入配線工事が必要である上,屋内のレイアウト変更時にも屋内配線工事が必要となる等,利用者にとって手間と金銭的負担を伴う場合が多い。特に,マンション等の集合住宅においては,多数の配線を狭いスペースに集線させることになるため,煩雑な各戸別の配線工事が不要な無線通信ネットワークの普及が望まれている。
このようなニーズに対応するシステムとして,例えば特開2000−299848号公報(公報1)には,既存のCATV網を用いて,そのネットワークの末端部分を無線に置き換えた双方向無線CATVシステムが提案されている。これは,数GHz以上の通信帯域の無線信号を用いてCATV網(基幹通信回線)に接続された通信中継装置(基地局)と複数の子局装置(加入者局)との間で無線によりデータの送受信を行う1対多(PMP)双方向無線通信システムである。このシステムは,前記通信中継装置が前記子局装置とCATV網の上位側に接続された所定のサーバとの通信を中継することによってインターネットへの接続サービスの他,映画等の映像データをオンデマンドで提供する等,ブロードバンドが必要な通信サービスに利用可能なものである。
【0003】
図3は従来のPMP双方向無線通信システムの概略構成図である。
従来のPMP双方向無線通信システムは,各戸別に設置され,パソコン等の端末TEに接続される複数の子局装置10aと,基幹通信回線ML(CATV網)に接続され,電柱等に設置される通信中継装置10bとを具備している。
さらに,前記通信中継装置10bは,親局モデム11b(いわゆるケーブルモデム),親局無線モデム12b,及び親局アンテナ13bを,前記子局装置10aは,子局無線モデム11a,及び子局アンテナ12aをそれぞれ具備している。
前記親局モデム11bは,前記基幹通信回線MLで用いられる通信プロトコルと,前記端末TEとの通信に用いられる通信プロトコルとの相互変換を行うものである。また,前記親局無線モデム12bは,前記基幹通信回線ML側の有線の通信帯域(周波数帯域)と前記子局装置10a側の無線の通信帯域との相互変換を行うものであり,当該親局無線モデム12bにより前記端末TEとの通信信号が,前記親局アンテナ13bを介して無線で送受信される。
一方,前記子局装置10aにおいては,前記子局アンテナ12aを介して前記通信中継装置10bとの間で無線信号の送受信が行われる。さらに,前記子局無線モデム11aにより,前記子局アンテナ12aで送受信される信号が,無線及び有線の各通信帯域に相互変換されるとともに,通信媒体の変換が行われる。当該子局装置10aと前記端末TEとの間の通信媒体は,例えば,IEEE802.3で規格される通信媒体等が用いられる。
【0004】
一般に,前記基幹通信回線MLでは,通信プロトコルとしてPPP(Point toPoint Protocol)が採用されており,前記基幹通信回線MLに接続される複数の前記通信中継装置10bそれぞれ(各ポイント)に割り当てられた通信信号により,前記基幹通信回線MLの上位側に接続される所定のサーバと,前記通信中継装置10bそれぞれとが個別に(Point to Pointで)通信できる。この基幹通信回線MLにおけるPPPとしては,CATVでの通信装置の規格であるDOCSIS(Data Over Cable Service Interface Specification)で採用される通信プロトコル等が知られている。以下,前記基幹通信回線MLにおける通信プロトコルを基幹PPPという。
また,前記通信中継装置10bと前記端末TEとの間では,これらの間で1対多通信が可能な通信プロトコル(以下,1対多通信プロトコルという)が採用される。この1対多通信プロトコルとしては,通常,パーソナルコンピュータ等で普及しているTCP/IPが採用される。従って,前記親局モデム11bは,前記基幹PPPと,TCP/IPとの相互変換を行う(前記基幹通信回線MLがTCP/IPの下層に前記基幹PPPが付加された通信プロトコルを採用している場合には,前記基幹PPPの付加及び除去を行う)。TCP/IPでは,通信を確立するために,前記端末TEそれぞれに対し,それらの番地情報であるIPアドレスを割り当てる必要がある。該IPアドレスが前記端末TEそれぞれに割り当てられる通信信号に含められることにより,前記端末TEは通信信号の中から自己に割り当てられた信号を識別できる。ここで,IPアドレスの割り当てには,いわゆるDHCP(Dynamic Host Configuration Protocol)が採用され,前記端末TEから接続要求があるごとに,前記親局モデム11bによってIPアドレスが動的に割り当てられることが多い(このように割り当てられるIPアドレスはいわゆるグローバルIPアドレスでなく,ローカルIPアドレスである)。これにより,前記端末TE側でのIPアドレスの設定等の煩雑な作業が不要となり,システムの管理者側からすれば前記端末TEそれぞれのIPアドレスを個別に管理する必要がなくなるので,システム管理が容易となる。
【0005】
【発明が解決しようとする課題】
しかしながら,前述した従来の構成では,前記親局モデム11bが管理する限られた数のIPアドレス(ローカルIPアドレス)の中からDHCPにより先着順(接続要求のあった順)に割り当てられるため,例えば,ある利用者が前記子局無線モデム11aと前記端末TEとの間にHUBを設ける等により複数の前記端末TEを前記子局装置10aに接続した場合には,これらすべてにIPアドレス(即ち,通信信号)が割り当てられてしまう現象,即ち,1人の利用者に複数のI/Pアドレスが割り当てられてしまう現象(IPアドレスの複数取り)が生じ,他の利用者の前記端末TEに割り当てるべきIPアドレスが不足してしまうという問題点があった。
さらに,前述した従来の構成では,前記親局モデム11b及び前記端末TEそれぞれがLAN接続されたのと同様のオープンな接続状態となるため,前記基幹通信回線MLに接続中のある利用者の前記端末TEにおいて,その記憶装置等の資源が共有設定されているような場合,他の利用者(他人)の前記端末TEの存在がわかってしまう上,場合によっては,前記端末TE相互間で不正なアクセスがなされてしまうというプライバシー上及びセキュリティ上の問題点があった。また,前記基幹通信回線MLの上位側に接続される所定のサーバに前記端末TE(利用者)それぞれを認証する機能を付加することも考えられるが,この場合,前記基幹通信回線MLの既存の通信プロトコルや前記親局モデム11bをはじめとする既存の通信機器等を変更しなければならず,システムの構築に膨大な時間と費用が必要となってしまうという問題点もあった。
従って,本発明は上記事情に鑑みてなされたものであり,その目的とするところは,基幹通信回線とこれに無線接続する端末との間を中継する通信中継装置において,端末によるアドレス(割り当て信号)の複数取り防止,端末利用者のプライバシー保護及びセキュリティー向上を簡易低コストで実現できる通信中継装置を提供することにある。
【0006】
【課題を解決するための手段】
上記目的を達成するために本発明は,通信信号を無線及び有線の各信号に相互変換することにより,所定の基幹通信回線と,無線通信を介して前記基幹通信回線に通信接続する複数の端末との間の通信を中継する通信中継装置において,前記基幹通信回線で用いられる通信プロトコルである基幹PPP(Point to PointProtocol)と,該基幹PPPで当該通信中継装置に割り当てられた通信信号を用いて当該通信中継装置と前記複数の端末との間の1対多通信を可能とする所定の1対多通信プロトコルの下位層にPPPが付加されたプロトコルである端末側通信プロトコルと,の相互変換を行うプロトコル変換手段と,前記端末側通信プロトコルによる通信信号を無線及び有線の各信号に相互変換する無線通信手段と,を具備してなることを特徴とする通信中継装置である。
これにより,当該通信中継装置と複数の端末それぞれとが,PPPに基づく個別の通信を行うことができるので,オープンなLAN接続のように,基幹通信回線に接続中のある利用者の端末から,他の利用者(他人)の端末の存在は認識できなくなり,端末相互間で不正なアクセスがなされることがなくなる。さらに,前記基幹通信回線の既存の通信プロトコル(前記基幹PPP)を用いるので,モデム等の既存の通信機器等を有効活用できる。
また,前記基幹通信回線の上位側に接続される所定のサーバに前記端末(利用者)それぞれを識別するPPPoE機能を付加する場合には,前記基幹通信回線とそのサーバとの間にルータ(IPルータ)を介在させることができないが,本発明によればそのような制約は生じない。
即ち,PPPoEは,OSI参照モデルにおけるレイヤ2上で動作するが,IPルータはその上位層であるレイヤ3上で動作するため,通信途中にルータが介在するとPPPoEに基づくパケットが中継されない。しかし,当該通信中継装置を前記基幹通信回線よりも前記端末側,即ちルータを介在させる必要のない位置に設けることにより,前記基幹通信回線よりも上位側にルータを介在させることが可能となる。一般に,前記基幹通信回線よりも上位側では,ルータを介在させて各種サーバ計算機を接続する場合が多いが,本発明によればそのような接続形態にも支障なく適用可能である。
【0007】
また,前記端末それぞれに対し前記基幹通信回線への接続を許可するか否かの認証を行う認証手段を具備するものも考えられる。
これにより,予め登録されている端末(の利用者)以外は基幹通信回線に接続できないので,1人の利用者が複数の端末を同時接続させることによって他の利用者に割り当てるべき通信信号(アドレス)が不足してしまうことがない。
【0008】
また,前記端末それぞれに対し前記基幹通信回線への接続を許可するか否かの認証を,前記基幹通信回線を介して接続された所定の認証サーバに問い合わせることにより行うよう構成されたものも考えられる。
これにより,前記基幹通信回線への接続許可に関する認証情報(認証に関する個人情報)や前記端末それぞれの前記基幹通信回線への接続実績に関する情報等を前記認証サーバ側で一括管理することができるので,それらの情報を当該通信中継装置それぞれに記録するよりも管理が容易となる。
【0009】
また,前記1対多通信プロトコルで用いられる前記端末それぞれに対応する所定の番地情報を動的に割り当てる番地情報割り当て手段を具備するものも考えられる。
これにより,端末側での前記番地情報の設定等の煩雑な作業が不要となり,システムの管理者側からすれば端末それぞれの前記番地情報を個別管理する必要がなくなるので,システム管理が容易となる。
また,例えば,前記1対多通信プロトコルがTCP/IPであるものや,前記端末側通信プロトコルにおけるPPPがPPPoE(Point to Point Protocol over Ethernet)であるものも考えられる(本明細書に記載の「Ethernet」は富士ゼロツクス株式会社の登録商標)。この他にも,前記端末側通信プロトコルにおけるPPPは,PPPoA(Point to Point Protocol over ATM)であってもよい。ここでATM(Ansynchronous Transfer Mode)とは,非同期転送モードの伝送方式であり,主に広帯域ISDN(B−ISDN:Broadband ISDN)に採用されるものである。
【0010】
【発明の実施の形態】
以下添付図面を参照しながら,本発明の実施の形態及び実施例について説明し,本発明の理解に供する。尚,以下の実施の形態及び実施例は,本発明を具体化した一例であって,本発明の技術的範囲を限定する性格のものではない。
ここに,図1は本発明の実施の形態に係る通信中継装置X及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表す図,図2は本発明の実施の形態に係る通信中継装置Xを構成するPPPoEサーバの構成を表すブロック図,図3は従来の通信中継装置及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表す図,図4は本発明の実施例に係る通信中継装置X1及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表す図である。
【0011】
本発明の実施の形態に係る通信中継装置Xは,図1に示すように,基幹通信回線ML(CATV網やFTTH網等)に接続され,複数の子局装置10a(加入者局)との間で無線によりデータの送受信を行うことにより,前記子局装置10aに接続される端末TEと,前記基幹通信回線MLの上位側に接続される所定のサーバとの通信を中継するものである。
本通信中継装置Xは,図3に示した従来の通信中継装置10bの前記親局モデム11b(いわゆるケーブルモデム)と,前記親局無線モデム12bとの間に,PPPoEサーバ14bを追加したものである。即ち,前記基幹PPPとTCP/IPとの相互変換を行う親局モデム11bと,前記TCP/IPによる通信信号に対して前記基幹通信回線ML側の有線の通信帯域(周波数帯域)と無線の通信帯域との相互変換を行う親局無線モデム12bと,該親局無線モデム12bに入出力される無線信号を前記子局装置10aとの間で送受信する親局アンテナ13bと,前記親局モデム11bと,前記親局無線モデム12bとの間に設けられた前記PPPoEサーバ14bとを具備している。前記親局アンテナ13bにより送受信される無線信号としては,IEEE802.11b規格の無線信号等が採用される。ここで,前記親局モデム11b及び前記PPPoEサーバ14bが前記プロトコル変換手段の一例であり,前記親局無線モデム12b及び前記親局アンテナ13bが前記無線通信手段の一例である。
一方,前記子局装置10aは,図3に示した従来の子局装置10aと同じである。即ち,前記子局アンテナ12aを介して本通信中継装置Xとの間で無線信号の送受信が行われ,さらに,前記子局無線モデム11aにより,前記子局アンテナ12aで送受信される信号が,無線及び有線の各通信帯域に相互変換されるとともに,当該子局装置10aと前記端末TEとの通信媒体(IEEE802.3で規格される通信媒体等)に変換される。
【0012】
前記PPPoEサーバ14bは,図2に示すように,通信制御を行う通信制御部141b,プロトコル変換等の各種演算処理を行うCPU142b,及びハードディスクやSRAM等の記憶手段であるデータ記憶部14bとを具備している。前記PPPoEサーバ14bは,前記親局モデム11bによって前記基幹PPPが1対多通信プロトコルの一例であるTCP/IPに変換された信号に対して,該TCP/IP(トランスポート層及びネットワーク層)の下位層(データリンク層及び/又は物理層)にいわゆるPPPoE(Point to Point Protocol over Ethernet)が付加されたプロトコル(前記端末側通信プロトコルに相当)に変換するとともに,前記端末TEから前記基幹通信回線ML側へ流れる通信信号に対してその逆変換を行うものである。これにより,前記基幹PPPで当該通信中継装置Xに割り当てられた通信信号を用いて当該通信中継装置Xと前記端末TEそれぞれとが個別に(Point to Pointで)通信できる。従って,オープンなLAN接続のように,本通信中継装置Xを介して前記基幹通信回線MLに接続中のある利用者の前記端末TEから,他の利用者(他人)の前記端末TEの存在は認識できなくなり,前記端末TE相互間で不正なアクセスがなされることもなくなる。即ち,プライバシー上及びセキュリティ上の従来の問題点が解消される。PPPoEの詳細は,RFC2516に規定されている。また,PPPの詳細は,RFC1661に規定されている。
【0013】
さらに,前記PPPoEサーバ14bは,前記端末TE(の利用者)それぞれに対し前記基幹通信回線MLへの接続を許可するか否かの認証を行う認証機能を備えている(前記認証手段の機能に相当)。これは,前記端末TEから前記基幹通信回線MLへの接続要求があった場合に,該接続要求に含まれるユーザID及びパスワードに基づいて,前記PPPoEサーバ1bの前記データ記憶部143b又は前記基幹通信回線MLの上位に接続された所定のサーバに予め登録された前記ユーザID及びパスワードとの照合を行い,一致した場合にのみ前記基幹通信回線MLへの接続を許可する機能である。このとき,前記端末TEから送信されてくる前記ユーザID及びパスワードが,既に接続中の前記端末TEに関するものである場合には,新たに接続許可はなされない。また,前記端末TEには,前記ユーザID及びパスワードの入力,及びPPPoEに基づく前記接続要求の送信を実行するプログラムであるPPPoEクライアント・ソフトウェアがインストールされている。そして,前記基幹通信回線MLへの接続要求が認証された場合にのみ,前記親局モデム11b(又は,前記PPPoEサーバ1b)によってIPアドレスが割り当てられ,前記基幹通信回線MLへの接続がなされる。
これにより,予め登録されている前記端末TE(の利用者)以外は前記基幹通信回線MLに接続できないので,先着順でIPアドレスが割り当てる場合に生じるIPアドレスの複数取りを防止でき,他の利用者の前記端末TEに割り当てるべきIPアドレスが不足してしまうという問題点が解消される。
【0014】
また,IPアドレスの割り当ては,接続ごとにIPアドレスが動的に割り当てられるいわゆるDHCP(Dynamic Host Configuration Protocol)が採用されている。これにより,前記端末TE側でのIPアドレスの設定等の煩雑な作業が不要となり,システムの管理者側からすれば前記端末TEそれぞれのIPアドレスを個別に管理する必要がなくなるので,システム管理が容易となる。
さらに,前記PPPoEサーバ14bは,前記端末TEそれぞれの前記基幹通信回線MLへの接続実績に関する接続実績情報を前記データ記憶部143bに記録する機能も有している。前記接続実績情報は,例えば,接続要求があったユーザID,接続日時及び時間,割り当てられたIPアドレス,接続先(前記基幹通信回線MLの上位側のいずれのサーバに接続されたか),通信速度,及び接続に失敗した実績等に関する情報である。この接続実績情報は,所定のタイミング(定期的,或いは前記基幹通信回線MLの上位側のサーバの要求に応じて等)で前記基幹通信回線MLの上位側に接続された所定のサーバに送信される。これにより,例えば,接続時間や通信速度等に応じて利用者に課金する等の多様な通信接続サービスを提供できる。
【0015】
【実施例】
前記通信中継装置Xでは,前記PPPoEサーバ14bが,前記端末TE(の利用者)それぞれに対し前記基幹通信回線MLへの接続を許可するか否かの認証を行う認証機能を備えていたが,これに限るものでなく,前記端末TE(の利用者)それぞれに対し前記基幹通信回線MLへの接続を許可するか否かの認証を,前記基幹通信回線MLを介して接続された所定の認証サーバに問い合わせることにより行うよう構成された実施例である通信中継装置X1も考えられる。
図4は,通信中継装置X1及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表すものである。
図4に示すように,通信中継装置X1の構成は,前記通信装置Xの構成と変わりはなく,通信中継装置X1を構成する前記PPPoEサーバ14bの構成も図2に示した構成と変わりはない。通信中継装置X1が前記通信装置Xと異なる点は,前記端末TE(の利用者)の認証に関する前記PPPoEサーバ14bの機能(前記CPU142b(図2参照)により実行される所定のプログラムの機能)のみである。
通信中継装置X1の前記PPPoEサーバ14bは,前記端末TEから前記基幹通信回線MLへの接続要求があった場合に,該接続要求に含まれるユーザID及びパスワードに所定の暗号化を施し,暗号化された前記ユーザID及びパスワードを前記基幹通信回線MLを介して接続された所定の認証サーバ16cに転送することにより,前記基幹通信回線MLへの接続を許可するか否かの認証を前記認証サーバ16cに問い合わせる。この暗号化は行わないことも考えられるが,セキュリティ上,暗号化を行う方が望ましい。ここで,前記認証サーバ16cは,例えばRUDIUSやTACACS+等の周知の認証プロトコル及びDHCPを具現するプログラムが実行可能に構成された計算機等である。
また,前記認証サーバ16cは,前記基幹PPPとTCP/IPとの相互変換を行うケーブルモデム11cを介して前記基幹通信回線MLに接続されており,さらに,前記ケーブルモデム11cと前記認証サーバ16cとの間には,必要に応じてルータ15c(IPルータ)が設けられる
【0016】
一方,前記認証サーバ16cでは,受信した前記ユーザID及びパスワード(必要に応じて復号化処理を施す)に基づいて,当該認証サーバ16cのハードディスク等の記憶手段或いは他のファイルサーバ等に予め登録された前記ユーザID及びパスワードとの照合を行い,一致した場合には前記基幹通信回線MLへの接続を許可する旨の応答とその前記端末TEへ割り当てるIPアドレス(DHCPにより動的に割り当て)とを,そうでない場合には同接続を許可しない旨の応答を前記PPPoEサーバ14bに対して返信する。このとき,前記端末TEから前記PPPoEサーバ14bを介して送信されてくる前記ユーザID及びパスワードが,既に接続中の前記端末TEに関するものである場合には,新たに接続許可はなされない。また,前記端末TEに,前記ユーザID及びパスワードの入力,及びPPPoEに基づく前記接続要求の送信を実行するプログラムであるPPPoEクライアント・ソフトウェアがインストールされている点は前述した実施の形態と同様である。そして,前記PPPoEサーバ14bは,前記認証サーバ16cからの応答及びIPアドレス(これは存在する場合のみ)を受信し,前記基幹通信回線MLへの接続を許可する旨の応答と割り当てられるIPアドレスとを受け取った場合にのみ,そのIPアドレスを用いて前記PPPoEサーバ1bにより前記基幹通信回線MLへの接続がなされる。
これにより,予め登録されている前記端末TE(の利用者)以外は前記基幹通信回線MLに接続できないので,先着順でIPアドレスが割り当てる場合に生じるIPアドレスの複数取りを防止でき,他の利用者の前記端末TEに割り当てるべきIPアドレスが不足してしまうという問題点が解消される。
また,前記基幹通信回線への接続許可に関する認証情報(前記ユーザIDやパスワード等の認証に関する個人情報)や前記端末TEそれぞれの前記基幹通信回線MLへの接続実績に関する前記接続実績情報を前記認証サーバ16c側で一括管理することができるので,それらの情報を通信中継装置それぞれに記録するよりも管理が容易となる。また,前述したようにOSI参照モデルにおけるレイヤ2上で動作するPPPoEは,本通信中継装置X1から下位側(前記端末TE側)で完結しているので,図4に示すように前記ルータ15cが前記認証サーバ16cとの間に介在する場合であっても適用可能である。
【0017】
【発明の効果】
以上説明したように,本発明によれば,基幹通信回線側のPPPで割り当てられた通信信号を用いて複数の端末それぞれと個別に(Point to Pointで)無線通信できるので,オープンなLAN接続のように,基幹通信回線に接続中のある利用者の前記端末から,他の利用者(他人)の端末の存在は認識できなくなり,端末相互間で不正なアクセスがなされることもなくなる。即ち,プライバシー上及びセキュリティ上の従来の問題点が解消される。
また,認証機能或いは上位側の認証サーバへの認証問い合わせ機能を有することにより,予め登録されている端末(の利用者)以外は基幹通信回線に接続できないので,先着順でIPアドレスを割り当てる場合に生じるIPアドレス(即ち,通信信号)の複数取りを防止でき,他の利用者の前記端末TEに割り当てるべきIPアドレスが不足してしまうという問題点が解消される。
また,IPアドレスを動的に割り当てることにより,端末側でのIPアドレスの設定等の煩雑な作業が不要となり,システムの管理者側からすれば端末それぞれのIPアドレスを個別管理する必要がなくなるので,システム管理が容易となる。しかも,以上のことを,基幹通信回線の既存の通信プロトコルや,これに対応したモデム等の機器等を変更することなく,簡易低コストで実現できる。
【図面の簡単な説明】
【図1】本発明の実施の形態に係る通信中継装置X及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表す図。
【図2】本発明の実施の形態に係る通信中継装置Xを構成するPPPoEサーバの構成を表すブロック図。
【図3】従来の通信中継装置及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表す図。
【図4】本発明の実施例に係る通信中継装置X1及びそれを構成要素とする1対多双方向無線通信システムの概略構成を表す図。
【符号の説明】
10a…子局装置
10b…従来の通信中継装置
11a…子局無線モデム
11b…親局モデム(ケーブルモデム)
12a…子局アンテナ
12b…親局無線モデム
13b…親局アンテナ
14b…PPPoEサーバ
141b…通信制御部
142b…CPU
143b…データ記憶部
15c…ケーブルモデム
16c…認証サーバ
ML…基幹通信回線
TE…端末[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a wireless relay device that relays wireless communication between a backbone communication line such as CATV or FTTH and a terminal installed in each house.
[0002]
[Prior art]
2. Description of the Related Art In recent years, with the rapid spread of data communication, a demand for a high-speed network has been increasing. However, core communication lines provided by wire, such as CATV (cable TV) and FTTH (Fiber To The Home), require introductory wiring work for each house, and indoor wiring work is required even when changing the indoor layout. In many cases, it takes time and money for the user. Particularly, in an apartment house or the like, since a large number of wirings are concentrated in a narrow space, it is desired to spread a wireless communication network which does not require complicated wiring work for each house.
As a system that meets such needs, for example, Japanese Patent Application Laid-Open No. 2000-299848 (Publication 1) proposes a two-way wireless CATV system that uses an existing CATV network and replaces the end of the network with wireless. Have been. This is a wireless communication between a communication relay device (base station) connected to a CATV network (backbone communication line) and a plurality of slave station devices (subscriber stations) by using a radio signal of a communication band of several GHz or more. It is a one-to-many (PMP) two-way wireless communication system for transmitting and receiving data. In this system, the communication relay device relays communication between the slave station device and a predetermined server connected to an upper side of a CATV network, thereby providing not only a connection service to the Internet but also on-demand video data such as a movie. It can be used for communication services that require broadband, such as those provided by.
[0003]
FIG. 3 is a schematic configuration diagram of a conventional PMP two-way wireless communication system.
The conventional PMP two-way wireless communication system is installed in each house, is connected to a plurality of slave station devices 10a connected to a terminal TE such as a personal computer, and a backbone communication line ML (CATV network), and is installed on a telephone pole or the like. And a communication relay device 10b.
Further, the communication relay device 10b includes a master station modem 11b (so-called cable modem), a master station wireless modem 12b, and a master station antenna 13b, and the slave station device 10a includes a slave station wireless modem 11a, and a slave station antenna 12a. Respectively.
The master station modem 11b performs mutual conversion between a communication protocol used in the trunk communication line ML and a communication protocol used for communication with the terminal TE. The master station wireless modem 12b performs mutual conversion between a wired communication band (frequency band) on the backbone communication line ML side and a wireless communication band on the slave station device 10a side. A communication signal with the terminal TE is wirelessly transmitted and received by the wireless modem 12b via the master station antenna 13b.
On the other hand, the slave station device 10a transmits and receives wireless signals to and from the communication relay device 10b via the slave station antenna 12a. Further, the signal transmitted and received by the slave station antenna 12a is mutually converted by the slave station wireless modem 11a into wireless and wired communication bands, and the communication medium is converted. As a communication medium between the slave station device 10a and the terminal TE, for example, a communication medium standardized by IEEE802.3 is used.
[0004]
Generally, PPP (Point to Point Protocol) is adopted as the communication protocol in the trunk communication line ML, and the communication relay device 10b connected to the trunk communication line ML is assigned to each of the communication relay devices 10b (each point). With the signal, a predetermined server connected to the upper side of the trunk communication line ML and each of the communication relay devices 10b can communicate individually (point to point). As the PPP in the backbone communication line ML, a communication protocol adopted in DOCSIS (Data Over Cable Service Interface Specification) which is a standard of a communication device in CATV is known. Hereinafter, the communication protocol in the backbone communication line ML is referred to as backbone PPP.
In addition, between the communication relay device 10b and the terminal TE, a communication protocol capable of performing one-to-many communication between them (hereinafter, referred to as a one-to-many communication protocol) is employed. As this one-to-many communication protocol, TCP / IP which is generally used in personal computers and the like is adopted. Therefore, the master station modem 11b performs mutual conversion between the trunk PPP and TCP / IP (the trunk communication line ML adopts a communication protocol in which the trunk PPP is added below TCP / IP). In this case, the basic PPP is added and removed). In TCP / IP, in order to establish communication, it is necessary to assign an IP address, which is address information, to each of the terminals TE. By including the IP address in the communication signal assigned to each of the terminals TE, the terminal TE can identify the signal assigned to itself from the communication signals. Here, so-called DHCP (Dynamic Host Configuration Protocol) is adopted for the assignment of the IP address, and the IP address is often dynamically assigned by the master station modem 11b every time there is a connection request from the terminal TE. (The IP address assigned in this way is not a so-called global IP address, but a local IP address). This eliminates the need for complicated work such as setting an IP address on the terminal TE side, and eliminates the need for the system administrator to individually manage the IP address of each of the terminal TEs. It will be easier.
[0005]
[Problems to be solved by the invention]
However, in the above-described conventional configuration, a limited number of IP addresses (local IP addresses) managed by the master station modem 11b are allocated by DHCP on a first-come-first-served basis (in the order of connection request). When a user connects a plurality of the terminals TE to the slave station device 10a by providing a HUB between the slave station wireless modem 11a and the terminal TE, the IP addresses (ie, A communication signal) is assigned, that is, a plurality of I / P addresses are assigned to one user (a plurality of IP addresses are assigned), and assigned to the terminal TE of another user. There is a problem in that there are not enough IP addresses.
Further, in the above-described conventional configuration, since each of the master station modem 11b and the terminal TE is in an open connection state similar to that of a LAN connection, the user of the user connected to the trunk communication line ML is in the open connection state. In the case where resources such as storage devices are set to be shared in the terminal TE, the existence of the terminal TE of another user (another person) can be known, and in some cases, illegal communication between the terminals TE may occur. There is a problem in privacy and security that an unauthorized access is made. It is also conceivable to add a function of authenticating each of the terminals TE (user) to a predetermined server connected to the upper side of the trunk communication line ML. In this case, the existing server of the trunk communication line ML may be provided. It is necessary to change the communication protocol and the existing communication equipment such as the master station modem 11b, and there is a problem that enormous time and cost are required for constructing the system.
Accordingly, the present invention has been made in view of the above circumstances, and an object of the present invention is to provide a communication relay device for relaying between a backbone communication line and a terminal wirelessly connected to the backbone communication line, by using an address (assignment signal) by the terminal. It is an object of the present invention to provide a communication relay device capable of easily and at a low cost realizing prevention of multiple taking, protection of terminal user privacy and improvement of security.
[0006]
[Means for Solving the Problems]
In order to achieve the above object, the present invention provides a method for converting a communication signal into a wireless signal and a wired signal, whereby a predetermined trunk communication line and a plurality of terminals connected to the trunk communication line via wireless communication. A communication relay device that relays communication between the communication device and a communication protocol assigned to the communication relay device by using a basic PPP (Point to Point Protocol) which is a communication protocol used in the main communication line. A mutual conversion between a terminal-side communication protocol, which is a protocol in which PPP is added to a lower layer of a predetermined one-to-many communication protocol that enables one-to-many communication between the communication relay device and the plurality of terminals, is performed. Protocol conversion means for performing, and wireless communication means for mutually converting communication signals according to the terminal-side communication protocol into wireless and wired signals, By comprising comprises a communication relay apparatus according to claim.
As a result, the communication relay device and each of the plurality of terminals can perform individual communication based on PPP, so that a terminal of a certain user connected to the backbone communication line, such as an open LAN connection, The presence of the terminal of another user (other person) cannot be recognized, and unauthorized access between the terminals does not occur. Further, since the existing communication protocol of the trunk communication line (the trunk PPP) is used, existing communication equipment such as a modem can be effectively used.
When a PPPoE function for identifying each of the terminals (users) is added to a predetermined server connected to the upper side of the trunk communication line, a router (IP) is provided between the trunk communication line and the server. Router) cannot be interposed, but according to the present invention, such a restriction does not occur.
That is, PPPoE operates on layer 2 in the OSI reference model, but since the IP router operates on layer 3 which is an upper layer thereof, if a router intervenes during communication, packets based on PPPoE are not relayed. However, by providing the communication relay device at the terminal side of the trunk communication line, that is, at a position where a router does not need to be interposed, a router can be interposed at a higher level than the trunk communication line. Generally, various server computers are often connected via a router on the upper side of the trunk communication line, but according to the present invention, such a connection form can be applied without any trouble.
[0007]
It is also conceivable to provide an authentication means for authenticating whether or not each terminal is permitted to connect to the backbone communication line.
As a result, only terminals (users) registered in advance cannot connect to the backbone communication line, so that one user can simultaneously connect a plurality of terminals to transmit communication signals (addresses) to be assigned to other users. ) Does not run out.
[0008]
It is also conceivable that the terminal is configured to perform authentication as to whether or not each terminal is permitted to connect to the trunk communication line by inquiring a predetermined authentication server connected through the trunk communication line. Can be
This allows the authentication server to collectively manage authentication information (personal information regarding authentication) relating to permission to connect to the trunk communication line, information relating to the connection performance of the respective terminals to the trunk communication line, and the like. Management becomes easier than recording such information in each of the communication relay devices.
[0009]
It is also conceivable to provide address information allocating means for dynamically allocating predetermined address information corresponding to each of the terminals used in the one-to-many communication protocol.
This eliminates the need for complicated work such as setting the address information on the terminal side, and eliminates the need for the system administrator to individually manage the address information for each terminal, thereby facilitating system management. .
Further, for example, the one-to-many communication protocol may be TCP / IP, or the PPP in the terminal-side communication protocol may be PPPoE (Point to Point Protocol over Ethernet) (refer to “the description in this specification”). "Ethernet" is a registered trademark of Fuji Xerox Co., Ltd.). In addition, the PPP in the terminal-side communication protocol may be PPPoA (Point to Point Protocol over ATM). Here, the ATM (Asynchronous Transfer Mode) is a transmission system in an asynchronous transfer mode, and is mainly used for a broadband ISDN (B-ISDN).
[0010]
BEST MODE FOR CARRYING OUT THE INVENTION
Hereinafter, embodiments and examples of the present invention will be described with reference to the accompanying drawings to provide an understanding of the present invention. The following embodiments and examples are mere examples embodying the present invention, and do not limit the technical scope of the present invention.
FIG. 1 is a diagram showing a schematic configuration of a communication relay device X according to an embodiment of the present invention and a one-to-many two-way wireless communication system using the same as a component, and FIG. 2 is a diagram showing an embodiment of the present invention. FIG. 3 is a block diagram showing a configuration of a PPPoE server constituting the communication relay device X, FIG. 3 is a diagram showing a schematic configuration of a conventional communication relay device and a one-to-many two-way wireless communication system including the same, and FIG. FIG. 1 is a diagram illustrating a schematic configuration of a communication relay device X1 according to an embodiment of the present invention and a one-to-many two-way wireless communication system including the same as a component.
[0011]
As shown in FIG. 1, a communication relay device X according to an embodiment of the present invention is connected to a backbone communication line ML (CATV network, FTTH network, or the like) and communicates with a plurality of slave station devices 10a (subscriber stations). By transmitting and receiving data wirelessly between the terminals, the communication between the terminal TE connected to the slave station device 10a and a predetermined server connected to the upper side of the trunk communication line ML is relayed.
This communication relay device X is obtained by adding a PPPoE server 14b between the master station modem 11b (so-called cable modem) and the master station wireless modem 12b of the conventional communication relay device 10b shown in FIG. is there. That is, a master station modem 11b for performing mutual conversion between the main PPP and TCP / IP, and a wired communication band (frequency band) and a wireless communication for the communication signal by the TCP / IP on the main communication line ML side. A master station wireless modem 12b for performing mutual conversion with a band, a master station antenna 13b for transmitting / receiving a radio signal input / output to / from the master station wireless modem 12b to / from the slave station device 10a, and a master station modem 11b And the PPPoE server 14b provided between the master station wireless modem 12b. As the radio signal transmitted and received by the master station antenna 13b, a radio signal of the IEEE802.11b standard or the like is adopted. Here, the master station modem 11b and the PPPoE server 14b are examples of the protocol conversion unit, and the master station wireless modem 12b and the master station antenna 13b are examples of the wireless communication unit.
On the other hand, the slave station device 10a is the same as the conventional slave station device 10a shown in FIG. That is, a radio signal is transmitted / received to / from the communication repeater X via the slave station antenna 12a, and a signal transmitted / received by the slave station antenna 12a is transmitted by the slave station wireless modem 11a. In addition to being converted to a communication band of each wire and a wired communication band, it is converted to a communication medium (such as a communication medium specified by IEEE802.3) between the slave station device 10a and the terminal TE.
[0012]
As shown in FIG. 2, the PPPoE server 14b includes a communication control unit 141b that performs communication control, a CPU 142b that performs various arithmetic processes such as protocol conversion, and a data storage unit 14b that is a storage unit such as a hard disk or an SRAM. are doing. The PPPoE server 14b responds to a signal obtained by converting the core PPP into TCP / IP, which is an example of a one-to-many communication protocol, by using the TCP / IP (transport layer and network layer). The lower layer (data link layer and / or physical layer) is converted into a protocol (corresponding to the terminal-side communication protocol) in which a so-called PPPoE (Point to Point Protocol over Ethernet) is added, and the terminal TE converts the trunk communication line. The reverse conversion is performed on the communication signal flowing to the ML side. Thus, the communication relay apparatus X and each of the terminals TE can individually (point-to-point) communicate with each other using the communication signal assigned to the communication relay apparatus X in the trunk PPP. Therefore, like the open LAN connection, the presence of the terminal TE of another user (other person) from the terminal TE of one user connected to the trunk communication line ML via the communication relay device X is Recognition becomes impossible, and illegal access is not made between the terminals TE. That is, the conventional problems of privacy and security are solved. Details of PPPoE are specified in RFC2516. The details of PPP are defined in RFC1661.
[0013]
Further, the PPPoE server 14b has an authentication function for authenticating whether or not each of the terminals TE (user) is permitted to connect to the backbone communication line ML (in the function of the authentication means, Equivalent). This is because when the terminal TE requests connection to the trunk communication line ML, the data storage unit 143b of the PPPoE server 1b or the trunk communication based on the user ID and password included in the connection request. This is a function for checking a user ID and a password registered in advance in a predetermined server connected to a higher level of the line ML, and permitting connection to the trunk communication line ML only when the user ID and the password match. At this time, if the user ID and the password transmitted from the terminal TE are related to the already connected terminal TE, no new connection is permitted. In addition, PPPoE client software, which is a program for executing the input of the user ID and password and the transmission of the connection request based on PPPoE, is installed in the terminal TE. Only when the connection request to the trunk communication line ML is authenticated, an IP address is assigned by the master station modem 11b (or the PPPoE server 1b), and connection to the trunk communication line ML is made. .
As a result, only the terminal TE (user of the terminal) registered in advance can connect to the trunk communication line ML, so that it is possible to prevent a plurality of IP addresses from being obtained when an IP address is assigned on a first-come, first-served basis. The problem that the IP address to be assigned to the terminal TE of the user becomes insufficient is solved.
[0014]
In addition, so-called DHCP (Dynamic Host Configuration Protocol) in which an IP address is dynamically assigned for each connection is adopted for the assignment of the IP address. This eliminates the need for complicated work such as setting an IP address on the terminal TE side, and eliminates the need for the system administrator to individually manage the IP address of each of the terminal TEs. It will be easier.
Further, the PPPoE server 14b has a function of recording connection result information on the connection result of each of the terminals TE to the backbone communication line ML in the data storage unit 143b. The connection result information includes, for example, a user ID that has made a connection request, a connection date and time, an assigned IP address, a connection destination (to which server on the upper side of the trunk communication line ML has been connected), and a communication speed. , And information on the results of connection failure. The connection result information is transmitted to a predetermined server connected to the upper side of the backbone communication line ML at a predetermined timing (periodically or in response to a request from a server on the upper side of the backbone communication line ML). You. This makes it possible to provide various communication connection services such as charging a user according to a connection time, a communication speed, and the like.
[0015]
【Example】
In the communication relay device X, the PPPoE server 14b has an authentication function of authenticating whether or not each of the terminals TE (user) is permitted to connect to the trunk communication line ML. The present invention is not limited to this, and the authentication of whether or not each of the terminals TE (user) is permitted to connect to the backbone communication line ML is performed by a predetermined authentication connected via the backbone communication line ML. A communication relay device X1 which is an embodiment configured to perform the inquiry by inquiring the server is also conceivable.
FIG. 4 shows a schematic configuration of a communication relay device X1 and a one-to-many two-way wireless communication system including the same as a component.
As shown in FIG. 4, the configuration of the communication relay device X1 is not different from the configuration of the communication device X, and the configuration of the PPPoE server 14b constituting the communication relay device X1 is also the same as the configuration shown in FIG. . The communication relay device X1 is different from the communication device X only in the function of the PPPoE server 14b (the function of a predetermined program executed by the CPU 142b (see FIG. 2)) regarding the authentication of the terminal TE (user). It is.
When the PPPoE server 14b of the communication relay device X1 receives a connection request from the terminal TE to the trunk communication line ML, the PPPoE server 14b performs predetermined encryption on the user ID and the password included in the connection request, and performs encryption. By transferring the user ID and the password to the predetermined authentication server 16c connected through the trunk communication line ML, the authentication as to whether or not to permit connection to the trunk communication line ML is performed by the authentication server. Contact 16c. Although it is conceivable that this encryption is not performed, it is preferable to perform encryption for security. Here, the authentication server 16c is, for example, a computer configured to execute a program that implements a well-known authentication protocol such as RUDIUS or TACACS + and DHCP.
The authentication server 16c is connected to the trunk communication line ML via a cable modem 11c for performing mutual conversion between the trunk PPP and TCP / IP. Between them, a router 15c (IP router) is provided as needed.
[0016]
On the other hand, in the authentication server 16c, based on the received user ID and password (decryption processing is performed as necessary), the authentication server 16c is registered in advance in storage means such as a hard disk of the authentication server 16c or another file server. The user ID and the password are compared with each other, and if they match, a response indicating that connection to the trunk communication line ML is permitted and an IP address (dynamically assigned by DHCP) assigned to the terminal TE. Otherwise, a response not to permit the connection is returned to the PPPoE server 14b. At this time, if the user ID and the password transmitted from the terminal TE via the PPPoE server 14b relate to the terminal TE already connected, no new connection permission is made. Further, the point that the terminal TE is installed with the PPPoE client software which is a program for executing the input of the user ID and the password and the transmission of the connection request based on the PPPoE is the same as the above-described embodiment. . Then, the PPPoE server 14b receives the response from the authentication server 16c and the IP address (only when it exists), and responds to permit connection to the backbone communication line ML and the assigned IP address. Only when the IP address is received, the PPPoE server 1b connects to the main communication line ML using the IP address.
As a result, only the terminal TE (user of the terminal) registered in advance can connect to the trunk communication line ML, so that it is possible to prevent a plurality of IP addresses from being obtained when an IP address is assigned on a first-come, first-served basis. The problem that the IP address to be assigned to the terminal TE of the user becomes insufficient is solved.
In addition, the authentication server stores authentication information (permission information relating to authentication such as the user ID and password) relating to connection permission to the main communication line and the connection result information relating to the connection result of the terminal TE to the main communication line ML. Since the information can be collectively managed on the 16c side, the management is easier than recording the information in each communication relay device. Further, as described above, the PPPoE operating on the layer 2 in the OSI reference model is completed on the lower side (the terminal TE side) from the communication relay apparatus X1, and therefore, as shown in FIG. The present invention is applicable even when interposed between the authentication server 16c.
[0017]
【The invention's effect】
As described above, according to the present invention, a plurality of terminals can be individually (point-to-point) wirelessly communicated using a communication signal allocated by the PPP on the backbone communication line. As described above, the presence of the terminal of another user (other person) cannot be recognized from the terminal of one user connected to the main communication line, and unauthorized access between the terminals does not occur. That is, the conventional problems of privacy and security are solved.
Also, by having an authentication function or an authentication inquiry function to an upper-level authentication server, only terminals (users) registered in advance cannot connect to the backbone communication line. It is possible to prevent a plurality of IP addresses (that is, communication signals) from being generated, thereby solving the problem that IP addresses to be assigned to the terminals TE of other users are insufficient.
Also, by dynamically allocating the IP address, complicated work such as setting of the IP address on the terminal side becomes unnecessary, and it becomes unnecessary for the system administrator to individually manage the IP address of each terminal. , System management becomes easy. In addition, the above can be realized simply and at low cost without changing the existing communication protocol of the backbone communication line and the equipment such as the modem corresponding thereto.
[Brief description of the drawings]
FIG. 1 is a diagram illustrating a schematic configuration of a communication relay device X according to an embodiment of the present invention and a one-to-many two-way wireless communication system including the same as a component.
FIG. 2 is a block diagram illustrating a configuration of a PPPoE server included in the communication relay apparatus X according to the embodiment of the present invention.
FIG. 3 is a diagram illustrating a schematic configuration of a conventional communication relay device and a one-to-many two-way wireless communication system including the same as a component.
FIG. 4 is a diagram showing a schematic configuration of a communication relay device X1 according to an embodiment of the present invention and a one-to-many two-way wireless communication system using the same as a component;
[Explanation of symbols]
10a: slave station device
10b: Conventional communication relay device
11a: slave station wireless modem
11b: Master station modem (cable modem)
12a: slave station antenna
12b: Master station wireless modem
13b: Master station antenna
14b: PPPoE server
141b: Communication control unit
142b CPU
143b Data storage unit
15c ... Cable modem
16c: Authentication server
ML: Backbone communication line
TE ... terminal

Claims (6)

通信信号を無線及び有線の各信号に相互変換することにより,所定の基幹通信回線と,無線通信を介して前記基幹通信回線に通信接続する複数の端末との間の通信を中継する通信中継装置において,
前記基幹通信回線で用いられる通信プロトコルである基幹PPP(Point to Point Protocol)と,該基幹PPPで当該通信中継装置に割り当てられた通信信号を用いて当該通信中継装置と前記複数の端末との間の1対多通信を可能とする所定の1対多通信プロトコルの下位層にPPPが付加されたプロトコルである端末側通信プロトコルと,の相互変換を行うプロトコル変換手段と,
前記端末側通信プロトコルによる通信信号を無線及び有線の各信号に相互変換する無線通信手段と,
を具備してなることを特徴とする通信中継装置。A communication relay device for relaying communication between a predetermined backbone communication line and a plurality of terminals connected to the backbone communication line via wireless communication by mutually converting communication signals into wireless and wired signals. At
A point-to-point protocol (PPP), which is a communication protocol used in the backbone communication line, and a communication signal allocated to the communication relay apparatus by the backbone PPP, between the communication relay apparatus and the plurality of terminals. Protocol conversion means for performing mutual conversion between a terminal-side communication protocol which is a protocol obtained by adding PPP to a lower layer of a predetermined one-to-many communication protocol which enables one-to-many communication;
Wireless communication means for mutually converting communication signals according to the terminal-side communication protocol into wireless and wired signals;
A communication relay device comprising: 前記端末それぞれに対し前記基幹通信回線への接続を許可するか否かの認証を行う認証手段を具備してなる請求項1に記載の通信中継装置。2. The communication relay device according to claim 1, further comprising an authentication unit configured to authenticate each of the terminals as to whether to permit connection to the trunk communication line. 前記端末それぞれに対し前記基幹通信回線への接続を許可するか否かの認証を,前記基幹通信回線を介して接続された所定の認証サーバに問い合わせることにより行うよう構成されてなる請求項1に記載の通信中継装置。2. The apparatus according to claim 1, wherein each terminal is configured to perform authentication as to whether or not to permit connection to the trunk communication line by inquiring a predetermined authentication server connected through the trunk communication line. The communication relay device according to the above. 前記1対多通信プロトコルで用いられる前記端末それぞれに対応する所定の番地情報を動的に割り当てる番地情報割り当て手段を具備してなる請求項1〜3のいずれかに記載の通信中継装置。4. The communication relay device according to claim 1, further comprising address information allocating means for dynamically allocating predetermined address information corresponding to each of said terminals used in said one-to-many communication protocol. 前記1対多通信プロトコルがTCP/IPである請求項1〜4のいずれかに記載の通信中継装置。The communication relay device according to claim 1, wherein the one-to-many communication protocol is TCP / IP. 前記端末側通信プロトコルにおけるPPPがPPPoE(Point to Point Protocol over Ethernet)である請求項1〜5のいずれかに記載の通信中継装置。The communication relay device according to any one of claims 1 to 5, wherein the PPP in the terminal-side communication protocol is PPPoE (Point to Point, Protocol, over Ethernet).
JP2002337564A 2002-04-12 2002-11-21 Communication repeater Pending JP2004007375A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2002337564A JP2004007375A (en) 2002-04-12 2002-11-21 Communication repeater

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2002110425 2002-04-12
JP2002337564A JP2004007375A (en) 2002-04-12 2002-11-21 Communication repeater

Publications (1)

Publication Number Publication Date
JP2004007375A true JP2004007375A (en) 2004-01-08

Family

ID=30446947

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2002337564A Pending JP2004007375A (en) 2002-04-12 2002-11-21 Communication repeater

Country Status (1)

Country Link
JP (1) JP2004007375A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008158903A (en) * 2006-12-25 2008-07-10 Matsushita Electric Ind Co Ltd Authentication system and main terminal
CN102487502A (en) * 2010-12-01 2012-06-06 电子科技大学 A security method for group communication
JP2016076993A (en) * 2011-04-11 2016-05-12 インターデイジタル パテント ホールディングス インコーポレイテッド Session manager and transmission source internet protocol (ip) address selection

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008158903A (en) * 2006-12-25 2008-07-10 Matsushita Electric Ind Co Ltd Authentication system and main terminal
CN102487502A (en) * 2010-12-01 2012-06-06 电子科技大学 A security method for group communication
JP2016076993A (en) * 2011-04-11 2016-05-12 インターデイジタル パテント ホールディングス インコーポレイテッド Session manager and transmission source internet protocol (ip) address selection

Similar Documents

Publication Publication Date Title
CN102713923B (en) Server device, client device, communication system, integrated circuit for server control, integrated circuit for client control, method of connecting client device, method of connecting server device, and communication system for setting security level corresponding to distance between devices System connection method
EP1575230B1 (en) Server for routing connection to client device
US8832279B2 (en) Network system, machine allocation device and machine allocation method
CN100508478C (en) Universal plug and play mirroring device, system and method
JP4023240B2 (en) User authentication system
US8213456B2 (en) Communications system and communication apparatus
JP4142015B2 (en) User identification system, user identification device, user identification method, address translation device, and program
US6934754B2 (en) Methods and apparatus for processing network data transmissions
US6697864B1 (en) Login architecture for network access through a cable system
US20050160477A1 (en) Communication system using home gateway and access server for preventing attacks to home network
JP4504970B2 (en) Virtual wireless local area network
JP2011508551A (en) Apparatus and method for simultaneously accessing multiple wireless networks
TW200947969A (en) Open network connections
CN101610177A (en) System and method based on the business configuration of DHCP Server mechanism
KR101426721B1 (en) Method and equipment for authenticating subscriber terminal
CN101166093A (en) An authentication method and system
JP2002084306A (en) Packet communication device and network system
JP2004007375A (en) Communication repeater
US20060209723A1 (en) Network device and management technique of the same
JP7789629B2 (en) Network system, communication control device, communication control method, and program
US8347075B1 (en) Methods to mitigate attacks against fiber-to-the-home network systems
JP4608466B2 (en) Communication system and communication method
CN116389173B (en) Method, system, medium and equipment for realizing enterprise production network ad hoc network
JP4312650B2 (en) Access network system and method
JP6973326B2 (en) Communication system and communication method

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20050926

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20070705

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20070710

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20071113