JP2008176712A - Service provision system and center server used therefor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent unauthorized access by leakage of address information by inputting apparatus registration information imparted to a network apparatus from a registration device in addition to the address information. <P>SOLUTION: In this service provision system, the network apparatus 2 has: the address information not capable of being read by a user; and the apparatus registration information one-to-one associated to the address information, capable of being read by the user. The registration device 3 notifies a center server 1 about the apparatus registration information together with user information. The center server 1 has: an apparatus information storage means 11 wherein the apparatus registration information and the address information of the network apparatus 2 are associated; and a user information storage means wherein the user information and the apparatus registration information are associated. When notifying a user terminal 4 from the network apparatus 2 about monitoring information, a collation means 13 collates the address information to the apparatus information storage means 11, and collates the acquired apparatus registration information with the user information storage means 12 to acquire the user information (an electronic mail address). <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a service providing system that allows a user to enjoy a service using a user terminal that communicates with a center server through a communication network using the center server and network equipment that communicate through a communication network such as the Internet, and a center used therefor It is about the server.

  In general, when providing services to network device users using a center server and network devices that communicate via a communication network such as the Internet, it is necessary to register the network devices and users in the center server. It is.

  Here, in the network device, the remote control device that receives the control information transmitted from the other terminal through the communication network and controls the load, the monitoring information acquired using the monitoring means such as the sensor is transmitted through the communication network to the other information. There are remote management devices that transmit to a terminal, and by using other terminals as user terminals, it becomes possible to provide remote control and remote monitoring services using network devices. In addition to remote monitoring and remote control, a service for performing various settings from a distance using a network device may be provided.

  As described above, when various services are provided using a network device that communicates with the center server, a user of the network device must be specified, and thus the registration operation described above is required. In this type of registration work, in order for the network device to communicate with the center server, it is necessary to notify the center server of address information unique to the network device. That is, it is necessary to notify the center server of the address information in association with the user information for specifying the user.

In this type of registration work, a technique has been considered in which identification information (ID) unique to a network device is notified to a center server as user registration information together with user information through a communication network (for example, see Patent Document 1). In the technique described in Patent Document 1, user information is input from an input unit provided in a network device, and user registration information including user information and identification information is notified from the network device to the center server. In the center server, the legitimate identification information of the network device is registered in advance, and the legitimate identification by comparing the identification information notified from the network device contained in the user registration information with the registered identification information. User registration information including information is registered in the center server. Therefore, it is possible for a user or the like to perform user registration without knowing identification information.
JP 2003-132026 A

  By the way, the network device used for remote control and remote monitoring usually does not have a function for inputting user information, so the technique described in Patent Document 1 cannot be adopted. That is, in the technique described in Patent Document 1, user registration information including identification information and user information is transmitted using packet information transmitted using address information (IP address) for identifying a network device in a communication network. Since it is transmitted to the center server as a payload, the address information, identification information, and user information cannot be separated, and the technique described in Patent Document 1 cannot be used unless it is a network device provided with input means.

  In order to solve this type of problem, it is conceivable to notify the center server of user registration information including identification information and user information using a registration device that communicates with the center server separately from the network device. Since the network device uses the address information when communicating with the center server, as in the technique described in Patent Document 1, in order to notify the user registration information as the payload of the packet transmitted using the address information, the registration device In this case, it is necessary to input address information, identification information, and user information, which causes a problem that it takes time for registration work.

  To solve this type of problem, it is possible to omit identification information from the information notified from the registration device to the center server, and notify the address information and user information from the registration device to the center server. Since there is generally a continuous value for (MAC address), there is a possibility that inadvertent input of another person's address information or registration of another person's network device due to erroneous input may occur. In particular, when a configuration in which address information is input using a registration device separated from a network device is used, it is possible to register in advance the address information of the value following the address information in the center server by knowing one address information. Since it becomes possible, there is a problem that unauthorized access to network devices by a malicious person cannot be avoided.

  The present invention has been made in view of the above reasons, and its purpose is to input device registration information given to a network device separately from address information from a registration device, and combine the device registration information with address information in a center server. Accordingly, it is an object of the present invention to provide a service providing system that prevents false registration in the center server and a center server used therefor.

  The invention of claim 1 is a center server that communicates with a user terminal through a communication network, a network device that allows a user to enjoy a service using the user terminal by communicating with the center server through a communication network, and a service. A registration device for registering a user and a network device to register with the center server through the communication network, and the network device records address information that is unreadable to the user and records unique address information used for communication in the communication network Communication with the center server using the medium, the device registration information recording medium that records the device registration information that is readable to the user and is associated with the address information on a one-to-one basis, and the address recorded on the address information recording medium A communication device for performing registration, and the registration device transmits user information for identifying a user to a device of a network device. An input unit for inputting together with the device registration information read from the recording information recording medium, and a notification unit for notifying the center server of the user information and the device registration information input by the input unit. Device information storage means for registering information and device registration information in association with each other, user information storage means for registering user information and device registration information notified from the registration device, and device information storage Using the device registration information of the means and the device registration information of the user information storage means, the matching means for associating the user information with the address information, and the user information and the address information associated with each other by the matching means Service providing means for mediating communication between the terminal and the network device is provided.

  In the invention of claim 2, in the invention of claim 1, the total number that can be set as the device registration information is larger than the total number of the address information and is set so as not to reflect the regularity of the address information. It is characterized by.

  In the invention of claim 3, in the invention of claim 1 or claim 2, the network device has monitoring information acquisition means for acquiring monitoring information from the monitoring means, and the communication means includes monitoring information together with address information. Transmitted to the center server, the user information includes an email address that can be received by the user terminal, the collating means associates the address information obtained from the network device with the email address, and The service providing means notifies the user terminal of the monitoring information transmitted from the network device using the electronic mail address.

  According to a fourth aspect of the present invention, in the first or second aspect of the present invention, the network device has load control means for receiving a control information to control a load, and the user information is transmitted to the center server by a user. Login information for authenticating the authentication information, the collating means associates the login information received from the user terminal with the address information, and the service providing means sends the network device having the address information from the user terminal. The control information received together with the login information is transmitted.

  According to the fifth aspect of the present invention, communication is possible between a user terminal, a network device, and a registration device through a communication network, and a user and a network device that enjoy the service are registered by the registration device, and the user is registered by the network device. A center server that allows a user to enjoy a service using a terminal, and the network device has an address information recording medium in which unique address information that is unreadable to the user and used for communication in a communication network is recorded, A device registration information recording medium that records device registration information that is readable to the user and is associated with address information on a one-to-one basis, and a communication unit that performs communication using the address recorded on the address information recording medium are provided. In the registration device, the device registration that reads the user information that identifies the user from the device registration information recording medium of the network device An input means for inputting together with the information and a notification means for notifying user information and device registration information input by the input means are provided, and the address information of the network device and the device registration information are registered in association with each other. Device information storage means, user information storage means in which user information notified from the registration device and device registration information are registered in association with each other, device registration information in the device information storage means, and equipment in the user information storage means A service that mediates communication between a user terminal and a network device by using collation means for associating user information and address information using registration information, and user information and address information associated by the collation means. Providing means.

  According to the configuration of the first aspect of the present invention, the address information is made unreadable to the user in the network device, and the device registration information that is readable by the user is input together with the user information by the registration device, and is provided in the center server. The device registration information and the user information are stored in the user registration means, and the device registration information and the address information are associated with each other in the device information storage means provided in the center server. The user information of the registration unit and the address information of the device information storage unit can be associated with each other. Therefore, when registering user information in the center server, the address information does not pass through the communication network, and it is possible to prevent unauthorized access to the network device due to leakage of the address information to others. is there. Moreover, even if the device registration information is known to others, if it is not registered in the center server, the address information is not combined, so that false registration in the center server can be prevented. The same applies when the user erroneously inputs the device registration information. In addition, by providing user information to the center server, the center server provides services by mediating communication between the network device and the user terminal. It is possible to give an instruction and transmit information acquired by the network device to the user terminal.

  According to the configuration of the invention of claim 2, since the total number that can be set as the device registration information is larger than the total number of address information, even if the device server properly notifies the center server of the device registration information, Since the probability that the device registration information is stored is low and the device registration information is set so as not to reflect the regularity of the address information, even if one device registration information is known, other valid device registration information Is difficult to generate, and access to the network device by unauthorized device registration information can be prevented.

  According to the configuration of the invention of claim 3, remote monitoring is enabled by notifying the user terminal of the monitoring information acquired by the network device by electronic mail. For example, it is possible to remotely monitor monitoring information acquired from monitoring means such as a fire sensor or a security sensor, or an image captured by a door phone with a camera as monitoring information. Alternatively, it is possible to monitor a distant situation using a web camera.

  According to the configuration of the invention of claim 4, it becomes possible to remotely control the load from the user terminal via the network device. For example, when a lighting device is used as a load, it is possible to instruct the lighting device to be turned on / off from m user shelves. Alternatively, it is possible to set the temperature of the air conditioner or bath, or to set the time for operating the load from a distance.

  The user terminal only needs to be able to communicate with the center server via a communication network, and a personal computer, a mobile phone, or the like can be used. The user terminal can also be used as a registration device.

  According to the configuration of the invention of claim 5, as in the case of claim 1, when the user information is registered, the address information does not pass through the communication network, so that the address information leaks to another person to the network device. There is an advantage that unauthorized access can be prevented. Further, since the address information is not combined even if the device registration information is known to others, it is possible to prevent false registration with the center server. The same applies when the user erroneously inputs the device registration information. In addition, since the user information is provided to provide a service by mediating communication between the network device and the user terminal, a control or setting instruction is given from the user terminal to the network device, It is possible to transmit information acquired by a network device to a user terminal.

  The configuration of this embodiment is shown in FIG. The communication network NT is a wide-area communication network and assumes the Internet, but other communication networks may be used. The network device 2, registration device 3, and user terminal 4 shown in FIG. 1 can communicate with the center server 1 via the communication network NT. The network device 2 allows the user to enjoy various services using the user terminal 4 by communicating with the center server 1.

  Further, as will be described later, in the center server 1, the device information in which the address information of the network device 2 used for communication with the network device 2 and the device registration information associated with the address information in one-to-one correspondence are registered. Storage means 11 is provided. The address information and device registration information stored in the device information storage means 11 are input from the terminal device 5 to the center server 1. In the illustrated example, the communication network NT is interposed between the terminal device 5 and the center server 1, but the communication network NT may not be interposed during this time. That is, the terminal device 5 is used by the manufacturer of the network device 2 or the administrator of the center server 1.

  The network device 2 receives the control information transmitted from the user terminal 4 via the center server 1 and remotely controls the load, and the monitoring information acquired by a monitoring means such as a fire sensor or a security sensor. 1 and at least one of the functions of notifying the user terminal 4 of the monitoring information via the center server 1. The network device 2 may acquire an image or sound of a camera-equipped doorphone slave unit as monitoring information, or may use a web camera incorporating a TV camera as monitoring means. Furthermore, there is a case in which a function that enables setting of conditions such as time and temperature at which the load is operated is provided in the network device 2 and the user terminal 4 instructs the network device 2 to set conditions through the center server 1. . There are cases where the load and monitoring means are provided integrally with the network device 2 and cases where a load and monitoring means provided separately from the network device 2 are connected to the network device 2.

  By the way, in the center server 1, in order for the network device 2 to allow the user to enjoy the service, it is necessary to associate the user who receives the service with the network device 2 with the network device 2.

  The present invention includes unique address information (MAC address) necessary for the network device 2 to communicate with the center server 1 and unique device registration information set separately from the address information. As described above, the center server 1 is provided with the device information storage unit 11 that stores the address information and the device registration information in association with each other. The device registration information is a code combining numbers and alphabets. Further, the user and the network device 2 are associated with each other by user information for identifying the user and the above-described device registration information, and the center server 1 stores the user information and the device registration information in association with each other. User information storage means 12 is provided.

  Both the address information and the device registration information are set uniquely for the network device 2, and the address information and the device registration information correspond one-to-one. The correspondence between the address information and the device registration information is defined by the manufacturer of the network device 2, and this correspondence is input from the terminal device 5 to the center server 1. Here, if the address information and the device registration information are manually input from the terminal device 5, the possibility of erroneous input increases, so the device registration information is automatically entered in the terminal device 5 with respect to the address information given to the network device 2. The address information and the device registration information are registered in the device registration information storage unit 11 of the center server 1. Here, the address information and device registration information given from the terminal device 5 to the center server 1 are stored in the device registration information storage unit 11 by the device information registration unit 15 provided in the center server 1.

  When the device registration information is generated in the terminal device 5, the device registration information can be generated by giving address information to an appropriate generation function. However, the generation function is set so as not to reflect the regularity of the address information so that the generation function cannot be predicted even if a plurality of sets of address information and device registration information are acquired. The generation function is set so that the device registration information can be generated from the address information, but the address information cannot be obtained from the device registration information by a reverse operation. For example, a function that generates pseudo-random numbers can be used as the generation function. More preferably, the device registration information may be generated from the address information using a random number table instead of the generation function.

  The total number of device registration information that can be set is preferably larger than the total number of address information. As a result, the probability that the corresponding address information exists when appropriate device registration information is given to the device registration information storage means 11 can be lowered, and address information can be extracted from unauthorized device registration information. Can be prevented.

  On the other hand, in the network device 2, the address information is recorded in the address information storage medium 21 such as a non-volatile memory that is unreadable to the user, and the device registration information is stored in the network device 2 so as to be readable by the user. It is recorded on the device registration information recording medium 22 such as an attached printed matter. The address information recorded in the address information storage medium 21 is used by the communication means 23 of the network device 2 when the network device 2 communicates with the network server 1 through the communication network NT.

  As the device registration information recording medium 22, a sticker attached to the network device 2, a card or instruction manual bundled with the network device 2, a package for packing the network device 2, or the like is used. That is, the device registration information generated in the terminal device 5 is printed on the device registration information recording medium 22 and attached to the network device 2.

  By the way, the user information and the device registration information stored in the user information storage unit 12 are notified to the center server 1 using the registration device 3. The registration device 3 is a terminal of the communication network NT and is operated by a user of the network device 2. The registration device 3 notifies the center server 1 via the communication network NT of input means 31 for inputting user information and device registration information, and user information and device registration information input from the input means 31. Notification means 32. Here, the user information and device registration information given from the registration device 3 to the center server 1 are stored in the user information storage means 12 by the user registration means 16 provided in the center server 1.

  The device registration information input by the registration device 3 is device registration information attached to the network device 2, and the user information includes at least one of the user's e-mail address and login information. The user information may include the name and address of the user. The e-mail address is an address when the center server 1 transmits an e-mail to the user terminal 4, and the login information is used to confirm the authority of the user when accessing the center server 1 from the user terminal 4. Information. The login information is configured as a login name combining alphabets and numbers, for example.

  The center server 1 is provided with collation means 13 for associating user information and address information using the device registration information in the device information storage means 11 and the device registration information in the user information storage means 12. When one of the user information and the address information is given, the verification unit 13 extracts the other using the device registration information as a search key.

  The center server 1 also includes service providing means 14 that mediates communication between the user terminal 4 and the network device 2 using the user information and address information associated by the matching means 13. Services provided by the service providing means 14 include those that transmit monitoring information acquired by the network device 2 to the user terminal 4 and those that give instructions from the user terminal 4 to the network device 2.

  First, the operation of the service providing unit 14 will be described by taking as an example a service for transmitting the monitoring information acquired by the network device 2 to the user terminal 4. That is, assume that the network device 2 has a function corresponding to remote monitoring. The device information storage means 11 stores device registration information and address information by the manufacturer using the terminal device 5 when the network device 2 is manufactured, and is registered in the user information storage means 12 when the network device 2 is purchased. It is assumed that device registration information and user information are stored by the user using the device 3.

  As shown in FIG. 2, when the monitoring information to be notified to the user terminal 4 is generated in the network device 2 (S1), the communication means 23 of the network device 2 extracts the address information recorded in the address information recording medium 21. Then, using the address information, the center server 1 is notified of the occurrence of the monitoring information and the contents of the monitoring information are transmitted (S3). The occurrence of monitoring information means that the monitoring status changes, for example, when it is used for security and an intruder or fire is detected, or when a door phone slave unit is detected. The monitoring information acquisition means 24 provided in the network device 2 detects the presence or absence of the change.

  When the center server 1 receives the monitoring information from the network device 2 (S4), the network device 2 gives the address information used for transmitting the monitoring information to the collating unit 13, and the collating unit 13 acquires the device registration information. The address information is collated with the device information storage means 11 (S5). When the device registration information corresponding to the address information is extracted from the device information storage unit 11 (S6), the collation unit 13 collates the device registration information with the user information storage unit 12 (S7), and the user information ( In this case, an e-mail address) is acquired (S8). Since it is possible to notify the monitoring information to the user terminal 4 by acquiring the user information, the service providing means 14 generates a document relating to the contents of the monitoring information (S9), and electronically sends it to the user terminal 4. A mail is transmitted (S10).

  The document generated by the service providing unit 14 is created by selecting a document according to the contents of the monitoring information from a standard sentence prepared in advance and adding a user name or the like. Further, if the device registration information is not extracted in step S6 or the user information is not extracted in step S7, both are regarded as unauthorized access and the subsequent processing is not performed (S11).

  Through the operation described above, the monitoring information acquired in the network device 2 can be notified to the user terminal 4 by e-mail. However, since it is an e-mail, it is not possible to monitor the video and audio of the door phone slave unit and the web camera in the user terminal 4 in real time. When video and audio are monitored in real time, an instruction for acquiring video and audio is given from the user terminal 4 to the network device 2 by processing similar to the remote control or condition setting described below.

  In the following, it is a case where the user terminal 4 instructs the center server 1 to access the network device 2, and the remote control that instructs the load operation by the user terminal 4 or the condition for setting the load operation condition The operation of the service providing unit 14 will be described using a service for setting as an example. As in the case of remote monitoring, device registration information and address information are stored in the device information storage unit 11, and device registration information and user information are stored in the user information storage unit 12. .

  When the center server 1 is instructed to access the network device 2 from the user terminal 4, when the user terminal 4 requests the center server 1 to access the network device 2 as shown in FIG. In order to indicate that the user operating the user terminal 4 has the authority to access the network device 2, login information as user information is transmitted to the center server 1 (S1). .

  When the center server 1 receives the login information from the user terminal 4 (S2), the center server 1 provides the login information to the verification unit 13, and the verification unit 13 verifies the login information with the user information storage unit 12 (S3). If login information that matches the login information received from the user terminal 4 is registered in the user information storage means 12, the device registration information is extracted. This verification confirms the authority of the user. When the device registration information corresponding to the login information is extracted from the user information storage unit 12 (S4), the verification unit 13 compares the device registration information with the device information storage unit 11 (S5). If the device registration information is stored in the device information storage means 11, the address information of the network device 2 can be acquired (S6).

  By the way, the network device 2 periodically accesses the center server 1, and when the network device 2 having the address information acquired by the verification means 13 is accessed to the center server 1, the network device 2 A control request is made (S7). Here, the communication means 23 of the network device 2 collates the address information received from the center server 1 with the address information recorded on the address information recording medium 21 (S8). Is given to the load control means 25 (S9). The load control means 25 may control the operating state of the load, or may set operating conditions such as temperature and operating time in an air conditioner or a bath. When the network device 2 is a device that acquires video and audio from a camera-equipped doorphone or a web camera, the video and audio are transferred to the user terminal 4 via the center server 1. In some cases.

  If the device registration information is not extracted in step S4 or the address information is not extracted in step S5, both are regarded as unauthorized access and the subsequent processing is not performed (S10).

  As described above, the address information is held in the center server 1 and the network device 2, but since the address information is unreadable to the user, the address information leaks to others and the user By erroneously inputting information, it is possible to prevent the network device 2 from being used improperly by another person or using the network device 2 of another person by mistake.

It is a block diagram which shows embodiment. It is operation | movement explanatory drawing same as the above. It is operation | movement explanatory drawing same as the above.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Center server 2 Network apparatus 3 Registration apparatus 4 User terminal 11 Equipment information storage means 12 User information storage means 13 Verification means 14 Service provision means 21 Address information recording medium 22 Equipment registration information recording medium 23 Communication means 24 Monitoring information acquisition means 25 Load control means 31 Input means 32 Notification means NT Communication network

Claims (5)

  A center server that communicates with a user terminal through a communication network, a network device that allows a user to enjoy a service using the user terminal by communicating with the center server through a communication network, and a user and a network device that enjoy the service And a registration device for registering with the center server through the communication network, and the network device is readable to the user, and is an address information recording medium in which unique address information used for communication in the communication network is recorded. And a device registration information recording medium in which device registration information associated with the address information in a one-to-one correspondence is recorded, and a communication means for communicating with the center server using the address recorded in the address information recording medium. The registration device uses the device registration information recording medium of the network device as the user information for identifying the user. Input means for inputting together with the read device registration information, and notification means for notifying the user information and device registration information input by the input means to the center server, the center server including the address information of the network device and the device registration information Device information storage means registered in association with each other, user information storage means in which user information and device registration information notified from the registration device are registered in association with each other, and device registration information in the device information storage means And the device registration information of the user information storage means, the matching means for associating the user information and the address information, the user terminal and the network device using the user information and the address information associated by the matching means, And a service providing means for mediating communication between the two.   2. The service providing system according to claim 1, wherein the total number that can be set as the device registration information is set so as to be larger than the total number of the address information and not reflect the regularity of the address information.   The network device has monitoring information acquisition means for acquiring monitoring information from monitoring means, the communication means transmits the monitoring information together with address information to the center server, and the user information is received by the user terminal. The address information obtained from the network device is associated with the email address, and the service providing means is transmitted from the network device using the email address. 3. The service providing system according to claim 1, wherein the monitoring information is notified to the user terminal.   The network device has load control means for receiving a control information to control a load, the user information includes login information for authenticating a user by the center server, and the verification means is a user terminal 2. The login information received from the user terminal is associated with address information, and the service providing means transmits the control information received together with the login information from the user terminal to the network device having the address information. Or the service provision system of Claim 2.   Communication between the user terminal, network device, and registration device is possible via the communication network, and the user and network device that enjoy the service are registered by the registration device, and the service using the user terminal is used by the network device. A center server that can be enjoyed by a user, an address information recording medium in which unique address information that is unreadable to a user and used for communication in a communication network is recorded on a network device, and is readable by a user A device registration information recording medium that records device registration information associated with address information on a one-to-one basis and a communication unit that performs communication using the address recorded on the address information recording medium are provided. Enter the user information that identifies the user along with the device registration information read from the device registration information recording medium of the network device. Device information storage means provided with input means and notification means for notifying user information and device registration information input by the input means, in which address information of the network device and device registration information are registered in association with each other A user information storage means for registering the user information notified from the registration device in association with the device registration information, the device registration information in the device information storage means, and the device registration information in the user information storage means. Using collation means for associating user information and address information, and service providing means for mediating communication between the user terminal and the network device using the user information and address information associated by the collation means. The center server used for the service provision system characterized by providing.

Images