JP2016110301A - System, information device, information processing apparatus, information processing method, and program - Google Patents

Abstract

A communication path between information devices is constructed in a form avoiding vulnerability without restricting communication. A system including a plurality of information devices includes first acquisition means, second acquisition means, identification means, and first control means. The first acquisition unit acquires a version of software installed in the information device for each of the plurality of information devices. For each combination of software versions, the second acquisition unit acquires communication enable / disable information indicating whether communication is possible for an information device equipped with software in the combination. The specifying means is based on the version of software installed in each of the plurality of information devices acquired by the first acquisition means and the communication availability information acquired by the second acquisition means. Identify the communication path. When the first control unit communicates between one information device and the other information devices among the plurality of information devices, the first control unit is configured to connect between the one information device and the other information device according to the communication path specified by the specifying unit. Control to communicate with. [Selection] Figure 1

Description

  The present invention relates to a system, an information device, an information processing apparatus, an information processing method, and a program.

  Techniques for performing various data communications using information devices including mobile communication terminals are known. For example, in a meeting place, a mobile communication terminal, an MFP, a projector, a PC, etc. can be linked to each other to give a presentation. In such communication between information devices, it is already known to use encryption communication so that there is no impersonation or tampering. Cryptographic communication software, which indicates software for providing cryptographic communication functions, is vulnerable to vulnerabilities. Therefore, it is necessary to rewrite the firmware of information equipment and upgrade the version of the cryptographic communication software every time a countermeasure is released. However, for example, when the information device is privately owned, the firmware may not be upgraded appropriately. For this reason, communication between information devices may be performed without being able to eliminate the vulnerability.

  For example, in Patent Document 1, in order to avoid security vulnerabilities of a plurality of network devices, an internal network router in the office or home has a function of checking the presence or absence of a security hole to access an external network. A technique is disclosed in which a terminal on an internal network to be tested is inspected for the presence of a security hole, and communication with an external network is restricted for a terminal that fails the inspection.

  However, conventionally, there is a mechanism for building communication paths between information devices in a way that avoids vulnerabilities without restricting communication even when the software version installed in some information devices is not appropriate. There wasn't.

  In order to solve the above-described problems and achieve the object, the present invention is a system including a plurality of information devices, and obtains a version of software installed in the information devices for each of the plurality of information devices. For each combination of software versions, first acquisition means, second acquisition means for acquiring communication enable / disable information indicating whether communication is possible for an information device equipped with the software in the combination, and the first acquisition Based on the version of the software installed in each of the plurality of information devices acquired by the means and the communication availability information acquired by the second acquisition device, the communication path between the plurality of information devices is determined. When the specifying unit for specifying and one information device among the plurality of information devices communicate with another information device, the communication unit specified by the specifying unit is followed. Te, and a first control means for controlling communication of the other information device and the one information device.

  ADVANTAGE OF THE INVENTION According to this invention, even when the version of the software mounted in some information apparatuses is not appropriate, the communication path | route between information apparatuses can be constructed | assembled in the form which avoided the vulnerability, without restrict | limiting communication.

FIG. 1 is a diagram illustrating an example of a schematic configuration of an information processing system. FIG. 2 is a diagram illustrating an example of a hardware configuration of the information device. FIG. 3 is a diagram illustrating an example of a program configuration of the information device. FIG. 4 is a diagram illustrating an example of a functional configuration of the non-manager machine. FIG. 5 is a diagram illustrating an example of a functional configuration of the manager machine. FIG. 6 is a diagram illustrating an example of device information of each information device. FIG. 7 is a diagram illustrating an example of vulnerability information. FIG. 8 is a flowchart illustrating an operation example of the information device. FIG. 9 is a flowchart illustrating an example of processing by the specifying unit. FIG. 10 is a flowchart illustrating an example of processing by the specifying unit. FIG. 11 is a flowchart illustrating an example of processing by the specifying unit. FIG. 12 is a diagram illustrating an example of communication path information. FIG. 13 is a schematic diagram of a network configuration constructed according to the communication path specified by the specifying means.

  Hereinafter, embodiments of a system, an information device, an information processing apparatus, an information processing method, and a program according to the present invention will be described in detail with reference to the accompanying drawings.

  FIG. 1 is a diagram illustrating an example of a schematic configuration of an information processing system 1 according to the present embodiment. As illustrated in FIG. 1, the information processing system 1 includes information devices 100 to 600 and a vulnerability information server 700. In the following description, the information device 100 is “A machine”, the information device 200 is “B machine”, the information device 300 is “C machine”, the information device 400 is “D machine”, the information device 500 is “manager machine”, The information device 600 is referred to as “F machine”. Further, when the information devices 100 to 600 are not distinguished from each other, they are simply referred to as “information devices”. In this example, the manager machine (information device 500) is connected to the vulnerability information server 700 via a network such as the Internet, and specifies a communication path between the information devices. More specific contents will be described later.

  Note that the type and number of information devices included in the information processing system 1 are arbitrary. As the information device, for example, an MFP, a projector, a PC (Personal Computer), a smartphone, a dedicated terminal for video conference, an interactive whiteboard, or the like can be used.

  FIG. 2 is a block diagram illustrating an example of a hardware configuration of the information device. As shown in FIG. 2, the information device includes a CPU 11, a ROM 12, a RAM 13, a nonvolatile memory 14, a NIC 15, an operation unit 16, an NFC receiver 17, and an NFC transmitter 18. The CPU 11 comprehensively controls the operation of the information equipment. The ROM 12 is a non-volatile memory that stores various data, and the RAM 13 is a volatile memory that functions as a work area (work area) for the CPU 11.

  The nonvolatile memory 14 includes version information indicating a version of software for providing an encryption communication function (hereinafter referred to as “encryption communication software”) and presence / absence of shared information indicating information shared with other information devices. And presence / absence information indicating the information device and identification information for identifying the information device (hereinafter referred to as “device ID”) are stored. The cryptographic communication software takes countermeasures whenever a vulnerability is pointed out, and a new version of the cryptographic communication software is released. The version of the cryptographic communication software is updated every time the firmware (software for controlling hardware incorporated in the information device) is updated.

  The presence or absence of shared information can be set using the operation unit 16 that accepts various operations and displays various types of information. For example, it is assumed that information devices that have remote conference materials (electronic files) that are shared by each information device as shared information are assumed to be accessed from other information devices. It is necessary to set presence / absence information indicating that this is being performed.

  In other words, the nonvolatile memory 14 can be considered to store information in which version information, presence / absence information, and a device ID are associated with each other (in the following description, it may be referred to as “device information”). . For example, the device information may include information indicating that another information device is designated as a server.

  The NIC 15 is an interface for connecting to a network, and is configured with a wired LAN I / F in this example. However, the NIC 15 is not limited to this, and may be a wireless LAN I / F, for example.

  The NFC receiver 17 and the NFC transmitter 18 are a reception unit and a transmission unit for performing short-range wireless communication. The NFC receiver 17 is a device for receiving information according to the NFC (Near field communication) standard, and the NFC transmitter 18 is a device for transmitting information according to the NFC standard.

  FIG. 3 is a diagram illustrating an example of a program configuration of the information device. In this example, the firmware of the information device is stored in the ROM 12, and the encryption communication software exists in the firmware. In this example, by updating (updating) the firmware, the encryption communication software is also updated at the same time. However, for example, the encryption communication software may be updated independently.

  FIG. 4 is a diagram illustrating an example of a functional configuration of information devices (A machine, B machine, C machine, D machine, and F machine) other than the manager machine. As shown in FIG. 4, an information device other than the manager device (which may be referred to as a “non-manager device” in the following description) includes device information transmission means 21, communication path information acquisition means 22, and first control. Means 23.

  The device information transmitting means 21 transmits the above-described device information stored in the nonvolatile memory 14 of the own device to the manager device. The communication path information acquisition unit 22 acquires communication path information described later from the manager machine. The first control unit 23 is acquired by the communication path information acquisition unit 22 when the own device (which can be considered as one of the plurality of information devices) communicates with another information device. Control is performed for communication between one information device and another information device in accordance with the communication path information. Specific contents will be described later.

  In this example, the functions of the device information transmission unit 21, the communication path information acquisition unit 22, and the first control unit 23 described above are realized by the CPU 11 executing a program stored in the ROM 12 or the like. However, the present invention is not limited thereto, and may be realized by, for example, a dedicated hardware circuit (semiconductor integrated circuit or the like).

  FIG. 5 is a diagram illustrating an example of a functional configuration of the manager machine. As shown in FIG. 5, the manager machine includes first acquisition means 31, second acquisition means 32, identification means 33, second control means 34, and first control means 35.

  The first acquisition unit 31 acquires the version of software installed in the information device for each of the plurality of information devices. In this example, the software is cryptographic communication software for providing a cryptographic communication function. In addition, the first acquisition unit 31 has shared information from an information device having shared information indicating information shared with other information devices among a plurality of information devices. (In this example, corresponding to “presence / absence information”) is acquired. In the present embodiment, the first acquisition unit 31 includes version information indicating the version of the encryption communication software installed in the non-manager machine from the non-manager machine (A machine to D machine, F machine), and the non-manager machine. Device information in which presence / absence information indicating whether or not a device has shared information is associated with a device ID for identifying the non-manager device is acquired. Also, the device information (device information of the manager device) stored in the nonvolatile memory 14 of the own device is acquired. In short, the first acquisition unit 31 may be any form that acquires the version of the software installed in the information device for each of the plurality of information devices including the own device (manager machine). In this example, it can be considered that the manager machine corresponds to the “information processing apparatus” in the claims.

  FIG. 6 is a diagram illustrating an example of device information of each information device. In the example of FIG. 6, the device information of the A machine includes version information indicating that the version of the encryption communication software is “Ver1.0”, and shared information indicating that the version does not have shared information (example of FIG. 6). In this case, the shared information indicating “none”) is associated with the device ID “12345” for identifying the Aircraft A. In addition, the device information of the B machine includes version information indicating that the version of the encryption communication software is “Ver1.0” and shared information indicating that the version includes shared information (“Yes” in the example of FIG. 6). Shared information) and a device ID “23456” for identifying the Aircraft B are associated with each other.

  Further, the device information of the C machine includes version information indicating that the version of the encryption communication software is “Ver1.2”, and shared information indicating that the version does not have shared information (“None” in the example of FIG. 6). Shared information) and a device ID “34567” for identifying the C machine are associated with each other. The device information of the D machine includes version information indicating that the version of the encryption communication software is “Ver1.2” and shared information indicating that the version does not have shared information (“None” in the example of FIG. 6). Shared information) and a device ID “45678” identifying the D machine are associated with each other.

  The device information of the E machine includes version information indicating that the version of the encryption communication software is “Ver1.1”, and shared information indicating that the version does not have shared information (“None” in the example of FIG. 6). And the device ID “56789” for identifying the E machine are associated with each other. Furthermore, the device information of the manager machine includes version information indicating that the version of the encryption communication software is “Ver1.1”, and shared information indicating that the version includes shared information (“Yes” in the example of FIG. 6). And the device ID “67890” for identifying the manager machine are associated with each other.

  Returning to FIG. For each combination of versions of software (encrypted communication software in this example), the second acquisition means 32 is communication enable / disable information (in this example, “vulnerability information”) indicating whether communication is possible for an information device equipped with software in the combination. "). Communication enable / disable information includes the version of software corresponding to the server side in server / client communication (version of encrypted communication software installed on the server side) and the version of software corresponding to client side (encrypted communication installed on the client side). For each combination with (software version), information indicating whether or not communication of an information device equipped with software in the combination is possible. In this specification, “communication availability” means normal communication, in other words, communication availability avoiding vulnerability (it may be considered whether there is vulnerability).

  In the present embodiment, the second acquisition unit 32 acquires vulnerability information from the vulnerability information server 700. FIG. 7 is a diagram illustrating an example of vulnerability information. The vulnerability information shown in FIG. 7 includes an information device corresponding to a version indicating “Ver1.0” (an information device equipped with a version of encrypted communication software indicating “Ver1.0”), a server in server / client communication. In this case, the information device corresponding to the version indicating “Ver1.2” can communicate as a client, the information device corresponding to the version indicating “Ver1.0”, and the version indicating “Ver1.1” This indicates that the information device corresponding to is unable to communicate as a client.

  Further, the vulnerability information shown in FIG. 7 includes information devices corresponding to the version indicating “Ver1.0” and “Ver1.v1” when the information device corresponding to the version indicating “Ver1.1” is a server. The information device corresponding to the version indicating “1” can communicate as a client, and the information device corresponding to the version indicating “Ver 1.2” cannot communicate as a client. Further, the vulnerability information shown in FIG. 7 includes information devices corresponding to the version indicating “Ver1.0” and “Ver1.v1” when the information device corresponding to the version indicating “Ver1.2” is a server. The information device corresponding to the version indicating “1” can communicate as a client, and the information device corresponding to the version indicating “Ver 1.2” cannot communicate as a client.

  Returning to FIG. The specifying unit 33 includes a version of software (encrypted communication software in this example) installed in each of the plurality of information devices acquired by the first acquiring unit 31, and communication enable / disable information acquired by the second acquiring unit 32 ( In this example, communication paths between a plurality of information devices are specified based on “vulnerability information”. In the present embodiment, the specifying unit 33 includes a plurality of information devices based on the device information of each information device acquired by the first acquisition unit 31 and the vulnerability information acquired by the second acquisition unit 32. Identify communication paths between each other.

  In the present embodiment, the specifying unit 33, when an information device having shared information among a plurality of information devices is a target device and the target device is a server, if there is another information device that can communicate as a client. When the device of interest is determined as a server and the device of interest is a client, if there is another information device that can communicate as a server, the device of interest is determined as a client.

  Then, after determining whether the information device having the shared information is a server or a client, the specifying unit 33 sets an information device that does not have the shared information among a plurality of information devices as a target device. If an information device determined as a server already exists, if the target device is a client, and if communication with the information device already determined as a server is possible, the target device is determined as a client.

  On the other hand, if there is no information device determined as a server other than the target device that does not have shared information, the specifying unit 33 may include another information device that can communicate as a client when the target device is the server. For example, when the target device is determined as a server and the target device is a client, if there is another information device that can communicate as a server, the target device is determined as a client. Further, even if there is already an information device determined as a server other than the target device that does not have shared information, the specifying unit 33 cannot communicate with the information device that has already been determined as the server if the target device is a client. If the target device is a server, if there is another information device that can communicate as a client, the target device is determined as a server, and if the target device is a client, the server can communicate as a server. If there is another information device, the device of interest is determined as a client.

  Further, in the present embodiment, when there are a plurality of information devices determined as the server, the specifying unit 33 includes a plurality of information devices determined as servers so that each of the plurality of information devices determined as servers can communicate. Among them, an information device as a server and an information device as a client are determined. Specific contents of the communication path specifying method will be described later.

  Returning to FIG. The second control unit 34 performs control (communication between a plurality of non-manager machines and manager machines) that causes a plurality of information devices to communicate with each other using the communication path specified by the specifying unit 33. In the present embodiment, the second control means 34 is communication path information indicating a communication path specified by the specifying means 33 for a non-manager machine (a non-manager machine that has transmitted device information to the manager machine). Control to send. Then, the first control means 23 of the non-manager machine obtains from the manager machine when its own device (which can be considered as one of the plurality of information devices) communicates with another information device. According to the communication path information (according to the communication path specified by the specifying means 33), control is performed to communicate between one information device and another information device. More specific contents will be described later. In addition, the function of the 1st control means 35 which a manager machine has is the same as the function of the 1st control means 23 which a non-manager machine has.

  In this example, the functions of the first acquisition unit 31, the second acquisition unit 32, the identification unit 33, the second control unit 34, and the first control unit 35 are as follows. This is realized by executing a stored program, but is not limited thereto, and may be realized by, for example, a dedicated hardware circuit (semiconductor integrated circuit or the like).

  FIG. 8 is a flowchart illustrating an operation example of the information device. In the example of FIG. 8, the processes in steps S601 to S607 indicate processes on the manager machine side, the processes in steps S608 to S610 indicate processes on the non-manager machine side, and the processes in steps S611 to S632 are performed on the manager machine side. And the process common to a non-manager machine is shown.

  First, processing on the manager machine side will be described. When the manager machine is turned on (when power supply to the manager machine is started), the manager machine (CPU 11) displays guide information for prompting the non-manager machine closer to the manager machine on the operation unit 16. Control is performed (step S601). Next, the manager machine (first acquisition unit 31) acquires (receives) device information from the non-manager machine (step S602). Here, the manager machine sets a non-manager machine that has transmitted device information within a certain time as a target for establishing a network connection (a target for specifying a communication path). After the predetermined time has elapsed (step S603: Yes), the manager machine (second acquisition unit 32) receives (acquires) the latest vulnerability information from the vulnerability information server 700 (step S604).

  Next, the manager machine (specifying means 33) specifies the communication path between the information devices based on the device information for each non-manager machine acquired in step S602 and the vulnerability information acquired in step S604 (step S604). S605). Specific contents of step S605 will be described later. Next, the manager machine (second control means 34) transmits the communication path information indicating the communication path specified in step S605 to the non-manager machine that has transmitted the device information in step S602 (in this example, short-range wireless communication). (Communication according to the NFC standard) (step S606). Then, the manager machine (CPU 11) determines whether or not a start key (not shown) for instructing to start the construction of the network configuration is pressed (step S607), and when the start key is pressed (step S607). In step S607: Yes), the process proceeds to step S611 common to the manager machine and the non-manager machine. The processing after step S611 will be described later.

  Next, processing on the non-manager machine side will be described. When the power source of the non-manager machine is turned on (when power supply to the non-manager machine is started), the non-manager machine (CPU 11) sends a device information transmission button (not shown) for instructing transmission of device information. It is determined whether or not is pressed (step S608). When the information transmission button is pressed (step S608: Yes), the non-manager machine (device information transmission means 21) transmits the device information stored in its own nonvolatile memory 14 to the short-range wireless communication (in this example, NFC). (Communication according to the standard) is transmitted to the manager machine (step S609). Then, the non-manager machine (communication path information acquisition unit 22) receives (acquires) the communication path information from the manager machine as a response to the device information transmitted in step S609 (step 610). Thereafter, the processing after step S611 common to the manager machine and the non-manager machine is performed. The processing after step S611 will be described later.

  Next, specific contents of the processing in step S605 described above will be described with reference to FIGS. In step S605, the manager machine (identifying means 33) first refers to the device information for each non-manager machine (the non-manager machine that has transmitted the device information in step S602) for which the communication path is to be identified, and shares it. A non-manager machine (that is, a non-manager machine having shared information) that has transmitted device information including presence / absence information indicating that information is included is determined. Further, the device information stored in the non-volatile memory 14 of the own device is referred to, and it is determined whether or not the device information includes presence / absence information indicating that the device has shared information. Then, for each information device having shared information (which may include a manager machine), it is determined whether to be a server or a client. Since it is less traffic if the information device having shared information is on the server side, in this example, it is determined in advance whether there is no problem with the information device having shared information as a server. FIG. 9 is a flowchart showing an example of processing by the specifying unit 33 in this case. In the following description, it is assumed that, as an example, the device information of each information device (including the manager device) is represented in FIG. 6, and the latest vulnerability information is represented in FIG.

  The specifying unit 33 executes the process shown in FIG. 9 for each information device having shared information (in this example, the B machine and the manager machine). Hereinafter, the information device to be processed in FIG. 9 is referred to as a device of interest. First, the specifying unit 33 determines whether or not the target device is designated by another information device as a server (step S801). For example, the specifying unit 33 refers to the device information of each information device and determines whether or not the information specifying the target device as a server is included, so that the target device is specified as a server from another information device. It can be determined whether or not. When the device of interest is designated as a server (step S801: Yes), the specifying unit 33 determines the device of interest as a server (step S803).

  If the device of interest is not designated as a server (step S801: No), the specifying unit 33 determines whether there is another information device that can communicate as a client when the device of interest is a server ( Step S802). When the target device is a server and there is another information device that can communicate as a client (step S802: Yes), the specifying unit 33 determines the target device as a server (step S803). For example, it is assumed that the target device is a B machine. As shown in FIG. 6, the version of the encryption communication software corresponding to the machine B indicates “Ver1.0”, and as shown in FIG. 7, the information device corresponding to the version indicating “Ver1.0” is a server. In this case, it is understood that the information device corresponding to the version indicating “Ver1.2” can communicate as a client. As shown in FIG. 6, since the version of the encryption communication software corresponding to each of the C machine and the D machine indicates “Ver1.2”, other information that can be communicated as a client when the B machine is a server. Since it can be determined that there are devices (C machine and D machine in this example), in this example, the specifying unit 33 can determine B machine as a server. Similarly, when the device of interest is a manager machine, when the manager machine is a server, it can be determined that there are other information devices (A machine, B machine, and E machine in this example) that can communicate as clients. In this example, the specifying unit 33 can determine the manager machine as a server.

  On the other hand, when the target device is a server and there is no other information device that can communicate as a client (step S802: No), the specifying unit 33 uses the device information and the latest vulnerability information of each information device. When the target device is a client, it is determined whether there is another information device that can communicate as a server (step S804). When the target device is a client and there is another information device that can communicate as a server (step S804: Yes), the specifying unit 33 determines the target device as a client (step S805). Further, when the target device is a client and there is no other information device that can communicate as a server (step S804: No), the specifying unit 33 cannot use the target device (other information device). It is determined that communication cannot be performed (step S806).

  For each information device having shared information, the specifying unit 33 determines whether to be a server or a client, and then should be a server or a client for each information device that does not have shared information. To decide. FIG. 10 is a flowchart showing an example of processing by the specifying unit 33 in this case. The specifying unit 33 executes the process shown in FIG. 10 for each information device that does not have shared information (in this example, A machine, C machine, D machine, and E machine). Hereinafter, the information device that is the target of the process illustrated in FIG. 10 is referred to as a device of interest.

  First, the specifying unit 33 determines whether an information device determined as a server other than the target device already exists (step S901), and when an information device determined as a server other than the target device already exists (step S901: Yes), when the target device is a client, the specifying unit 33 determines whether or not communication with the server whose existence has been confirmed in step S901 is possible (step S902). If the target device is a client and communication is possible with the server whose existence has been confirmed in step S901 (step S902: Yes), the specifying unit 33 determines the target device as a client (step S903).

  As described above, in this example, since the machine B and the manager machine have already been determined as servers, the result of step S901 is affirmative, and the process proceeds to step S902. Here, for example, it is assumed that the target device is an A machine. As shown in FIG. 6, the version of the encryption communication software corresponding to the A machine indicates “Ver1.0”, and as shown in FIG. 7, the information device corresponding to the version indicating “Ver1.0” is used as the client. In this case, the information device corresponding to the version indicating “Ver1.1” and the information device corresponding to the version indicating “Ver1.2” can be communicated as a server. Here, as shown in FIG. 6, the version of the encryption communication software corresponding to the machine B that has already been determined as the server indicates “Ver1.0”, and the version of the encryption communication software corresponding to the manager machine is “Ver1.1”. Therefore, it is understood that when the machine A is a client, the manager machine can communicate as a server. Therefore, in this example, when the machine A is a client, it can be determined that communication with the server (in this example, the manager machine) whose existence has been confirmed in step S901 is possible. Can be determined as a client.

  Similarly, when the target device is the C machine, it can be determined that communication with the server (the B machine in this example) that has been confirmed in step S901 is possible when the C machine is the client. The specifying unit 33 can determine the C machine as a client. Similarly, when the device of interest is the D machine, it can be determined that communication with the server (the B machine in this example) confirmed to exist in step S901 is possible when the D machine is the client. The specifying unit 33 can determine the D machine as a client. Further, when the device of interest is an E machine, similarly, when the E machine is a client, it can be determined that communication with the server (in this example, the manager machine) confirmed to exist in step S901 is possible. The specifying unit 33 can determine the E machine as a client.

  On the other hand, in the above-described step S902, when the target device is a client and communication with the server confirmed to exist in step S901 is impossible (step S902: No), the specifying unit 33 displays the device information of each information device. Then, using the latest vulnerability information, if the target device is a server, it is determined whether there is another information device that can communicate as a client (step S904). When the target device is a server and there is another information device that can communicate as a client (step S904: Yes), the specifying unit 33 determines the target device as a server (step S905). On the other hand, if the target device is a server and there is no other information device that can communicate as a client (step S904: No), the specifying unit 33 can communicate as a server when the target device is a client. It is determined whether there is any information device (step S906). When the target device is a client and there is another information device that can communicate as a server (step S906: Yes), the specifying unit 33 determines the target device as a client (step S908). Further, when the target device is a client and there is no other information device that can communicate as a server (step S906: No), the specifying unit 33 cannot use the target device (other information device). It is determined that communication cannot be performed (step S907).

  Further, in the present embodiment, when there are a plurality of information devices determined as the server, the specifying unit 33 includes a plurality of information devices determined as servers so that each of the plurality of information devices determined as servers can communicate. Among them, an information device as a server and an information device as a client are determined. FIG. 11 is a flowchart showing an example of processing by the specifying unit 33 in this case. The specifying unit 33 executes the process shown in FIG. 11 for each information device (B machine and manager machine in this example) determined as a server. Hereinafter, the information device that is the target of the process illustrated in FIG. 11 is referred to as a device of interest.

  First, the identification unit 33 uses the device information of each information device and the latest vulnerability information, and when the target device is a server, other information devices that can communicate as a client among the information devices that have been determined as the server. It is determined whether or not it exists (step S1001). When the target device is a server, if there is another information device that can communicate as a client among the information devices determined as a server (step S1001: Yes), the specifying unit 33 determines the target device as a server. (Step S1002).

  As described above, in this example, since the machine B and the manager machine are determined as servers, it is assumed that the target device is a manager machine, for example. As shown in FIG. 6, the version of the encryption communication software corresponding to the manager machine indicates “Ver1.1”, and as shown in FIG. 7, the information device corresponding to the version indicating “Ver1.1” is a server. In this case, it is understood that the information device corresponding to the version indicating “Ver1.0” and the information device corresponding to the version indicating “Ver1.1” can communicate as clients. Here, as shown in FIG. 6, since the version of the encryption communication software corresponding to the machine B determined as the server indicates “Ver1.0”, when the manager machine is a server, the machine B communicates as a client. It turns out that it is possible. Therefore, in this example, when the manager machine is a server, it can be determined that there is another information device (B machine in this example) that can communicate as a client among information devices that have been determined as servers. The specifying unit 33 can determine the manager machine as a server.

  Further, for example, a case is assumed where the device of interest is a B machine. As shown in FIG. 6, the version of the encryption communication software corresponding to the machine B indicates “Ver1.0”, and as shown in FIG. 7, the information device corresponding to the version indicating “Ver1.0” is a server. In this case, it can be seen that only the information device corresponding to the version indicating “Ver1.2” can communicate as the client. Here, as shown in FIG. 6, since the version of the encryption communication software corresponding to the manager machine determined as the server indicates “Ver1.1”, when the machine B is a server, the manager machine communicates as a client. It turns out that it is impossible. Therefore, in this example, when the machine B is a server, it can be determined that there is no other information device that can communicate as a client among the information devices that have been determined as the server, and the process moves to step S1003. To do.

  In step S <b> 1003, the specifying unit 33 can communicate with another information device that has been determined as a server when the device of interest is a client using the device information of each information device and the latest vulnerability information. Is determined (step S1003). When the device of interest is a client, if it is possible to communicate with another information device that has been determined as a server (step S1003: Yes), the specifying unit 33 determines the device of interest as a client (step S1004). For example, it is assumed that the target device is a B machine. As shown in FIG. 6, the version of the encryption communication software corresponding to the machine B indicates “Ver1.0”, and as shown in FIG. 7, the information device corresponding to the version indicating “Ver1.0” is used as the client. In this case, it is understood that the information device corresponding to the version indicating “Ver1.1” and the information device corresponding to the version indicating “Ver1.1” can communicate as a server. Here, as shown in FIG. 6, since the version of the encryption communication software corresponding to the manager machine determined as a server indicates “Ver1.1”, when the machine B is a client, the manager machine communicates as a server. It turns out that it is impossible. Therefore, in this example, when the machine B is a client, it can be determined that communication with another information device (in this example, a manager machine) determined as a server is possible. The machine can be determined as a client.

  On the other hand, when the target device is a client and communication with another information device that has been determined as a server is impossible (step S1003: No), the specifying unit 33 determines that the target device and another server that has been determined as a server. It is determined that the information device cannot be connected (step S1005).

  FIG. 12 is an example of communication path information indicating the communication path specified by the specifying means 33 as described above, and FIG. 13 is constructed according to the communication path specified by the specifying means 33 as described above. It is a schematic diagram of a network configuration. As understood from FIGS. 12 and 13, each of the C machine and the D machine can communicate with the B machine as a client having the B machine as a server. Each of the A machine and the E machine can communicate with the manager machine as a client having the manager machine as a server. Furthermore, the B machine can communicate with the manager machine as a client having the manager machine as a server. For example, if there is an unusable information device (information device that cannot communicate with other information devices), the communication path information shown in FIG. For example, “null” indicating that there is no information may be described in each item of “server” and “client when the own apparatus is a server”. The above is the specific content of the process of step S605 in FIG.

  Returning to FIG. 8, processing common to the manager machine and the non-manager machine after step S611 will be described. In the following description, when a manager machine and a non-manager machine are not distinguished, they are simply referred to as information devices. In step S611, the information equipment (first control means 23, 35) refers to the communication path information indicating the communication path specified by the manager machine (specifying means 33), and the information equipment that cannot be used by the information equipment. It is determined whether or not (step S611). When the own device is an unusable information device (step S611: Yes), the information device (CPU 11) performs control to display on the operation unit 16 that the own device is an unusable information device (step S611). S612).

  On the other hand, when the information device is not an unusable information device (step S611: No), the information device (first control means 23, 35) refers to the communication path information and all the information devices are connected to the network. It is determined whether or not the connection is established (step S620). When all the information devices are not connected via the network (step S620: No), that is, when the network configuration for connecting all the information devices cannot be constructed, the information device (CPU 11) connects all the information devices. Control is performed to display on the operation unit 16 that the configuration cannot be constructed (step S621). When an instruction to continue the construction of the network configuration is received (for example, when a key (not shown) for instructing to continue the construction of the network configuration is pressed, Step S623: Yes), the process will be described later. The process moves to step S624. Further, when an instruction to cancel (cancel) the construction of the network configuration is received (for example, when a key (not shown) for instructing to cancel the construction of the network configuration is pressed, step S623: No), the processing Ends.

  In the above-described step S620, when all the information devices are connected via the network (step S620: Yes), that is, when a network configuration for connecting all the information devices is constructed, the information devices (the first control unit 23, 35) refers to the communication path information and determines whether or not the own device becomes a client (step S624). If the device itself becomes a client (step S624: Yes), the information device (first control means 23, 35) transmits a negotiation start request to the information device serving as the server (step S625). For example, the negotiation start request includes candidate information indicating one or more encryption communication methods (protocols) that can be supported by an information device as a client. Then, negotiation such as determination of the encryption communication method is performed with the information device serving as the server (step S626). For example, an information device serving as a server can determine an optimal encryption communication method with reference to candidate information included in a negotiation received from an information device serving as a client. Then, the information device (first control means 23, 35) serving as the client executes processing (client processing) necessary for connecting to the information device serving as the server (step S627).

  After the above-described step S627 or when the device does not become a client in the above-described step S624 (step S624: No), the information device (first control means 23, 35) refers to the communication path information, It is determined whether or not the own device becomes a server (step S628). When the device itself becomes a server (step S628: Yes), the information device (first control means 23, 35) performs a waiting process for a negotiation start request from the information device that becomes the client (step S629). When the negotiation start request is received from the information device that becomes the client, the above-described negotiation is performed (step S630), and processing (server processing) necessary for connecting to the information device that becomes the client is performed (step S631). . Then, after the network configuration is established, each information device executes various application processes (step S632).

  As described above, in this embodiment, for each combination of the version of software (encrypted communication software in this example) and the version of software installed in each of a plurality of information devices, the software in the combination is installed. Based on the vulnerability information indicating whether or not information devices can communicate, communication paths between a plurality of information devices are specified so as to avoid the vulnerability (so that they can communicate with each other normally). When one information device and another information device among the plurality of information devices communicate with each other, control is performed to communicate between the one information device and the other information device according to the specified communication path. As a result, for example, even when there are two or more information devices that have a combination that cannot be directly communicated (a combination of versions of encrypted communication software), the vulnerability is avoided without rejecting the communication. A network configuration can be constructed in the form.

  If the presence / absence information indicating the presence / absence of shared information is changed in any information device after the network configuration is constructed, for example, the presence / absence information indicating “No” is changed to the presence / absence information indicating “Yes”. Even in such a case, the information device can transmit shared information held by the information device directly or via another information device to information devices other than the information device included in the constructed network configuration. (It can be transmitted by bucket relay method).

  As mentioned above, although embodiment which concerns on this invention was described, this invention is not limited to each above-mentioned embodiment as it is, A component can be deform | transformed and embodied in the range which does not deviate from the summary in an implementation stage. . Various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the above-described embodiments. For example, some components may be deleted from all the components shown in the embodiment.

  The program executed by the information device of the above-described embodiment is an installable or executable file, and is a CD-ROM, flexible disk (FD), CD-R, DVD (Digital Versatile Disk), USB. (Universal Serial Bus) or the like may be recorded and provided on a computer-readable recording medium, or may be provided or distributed via a network such as the Internet. Various programs may be provided by being incorporated in advance in a ROM or the like.

DESCRIPTION OF SYMBOLS 1 Information processing system 21 Device information transmission means 22 Communication path information acquisition means 23 First control means 31 First acquisition means 32 Second acquisition means 33 Identification means 34 Second control means 35 First control means 700 Vulnerability Sex information server

JP 2007-272396 A

Claims (12)

A system including a plurality of information devices,
A first acquisition means for acquiring a version of software installed in the information device for each of the plurality of information devices;
For each combination of software versions, second acquisition means for acquiring communication enable / disable information indicating whether or not communication of an information device equipped with the software in the combination is possible;
The plurality of information devices based on the version of the software installed in each of the plurality of information devices acquired by the first acquisition unit and the communication availability information acquired by the second acquisition unit A specifying means for specifying a communication path between each other;
Control that communicates between the one information device and the other information device according to the communication path specified by the specifying means when one information device and the other information device among the plurality of information devices communicate. First control means for performing
system. For each combination of the version of the software corresponding to the server side in server / client communication and the version of the software corresponding to the client side, the communication enable / disable information includes information on communication of an information device equipped with the software in the combination. Indicates whether or not
The system of claim 1. The first acquisition unit has the shared information from an information device having shared information indicating information shared with other information devices among the plurality of information devices. To get information about
If the information device having the shared information among the plurality of information devices is the target device and the target device is the server, the specifying unit may be the target device if there is another information device that can communicate as a client. If the target device is a client, and there is another information device that can communicate as a server, the target device is determined as a client.
The system according to claim 2. After determining whether the information device having the shared information is a server or a client, the specifying unit sets an information device that does not have the shared information among the plurality of information devices as a target device, and other than the target device. If there is already an information device determined as a server in the above case, if the target device is a client, if the information device already determined as a server is communicable, the target device is determined as a client.
The system according to claim 3. If there is no information device determined as a server other than the device of interest that does not have the shared information, the specifying unit may use another device that can communicate as a client when the device of interest is a server. When the target device is determined as a server and the target device is a client, if there is another information device that can communicate as a server, the target device is determined as a client.
The system according to claim 4. When the information processing unit determined as a server other than the target device that does not have the shared information already exists and the target unit is a client, the specifying unit is unable to communicate with the information device already determined as the server When the target device is a server, if there is another information device that can communicate as a client, the target device is determined as a server, and when the target device is a client, If this information device exists, the target device is determined as a client.
The system according to claim 4. In the case where there are a plurality of information devices determined as servers, the specifying means is an information device serving as a server among the plurality of information devices determined as servers so that each of the plurality of information devices determined as servers can communicate. And determine the information devices to be clients,
The system according to any one of claims 3 to 6. The software is cryptographic communication software for providing a cryptographic communication function.
The system according to any one of claims 1 to 7.   Information equipment used in the system according to claim 1. An information processing apparatus,
First acquisition means for acquiring a version of software installed in the information device for each of the plurality of information devices including the information processing apparatus;
For each combination of software versions, second acquisition means for acquiring communication enable / disable information indicating whether or not communication of an information device equipped with the software in the combination is possible;
The plurality of information devices based on the version of the software installed in each of the plurality of information devices acquired by the first acquisition unit and the communication availability information acquired by the second acquisition unit A specifying means for specifying a communication path between each other;
Using a communication path specified by the specifying means, a second control means for performing control to communicate between the plurality of information devices,
Information processing device. An information processing method executed by an information processing apparatus,
A first acquisition step of acquiring a version of software installed in the information device for each of the plurality of information devices including the information processing apparatus;
A second acquisition step of acquiring communication enable / disable information indicating whether or not communication of an information device equipped with the software in the combination is possible for each combination of the software versions;
The plurality of information devices based on the version of the software installed in each of the plurality of information devices acquired in the first acquisition step and the communication availability information acquired in the second acquisition step A specific step of identifying communication paths between each other;
A second control step of performing control to communicate between the plurality of information devices using the communication path specified in the specifying step,
Information processing method. In the computer installed in the information processing device,
A first acquisition step of acquiring a version of software installed in the information device for each of the plurality of information devices including the information processing apparatus;
A second acquisition step of acquiring communication enable / disable information indicating whether or not communication of an information device equipped with the software in the combination is possible for each combination of the software versions;
The plurality of information devices based on the version of the software installed in each of the plurality of information devices acquired in the first acquisition step and the communication availability information acquired in the second acquisition step A specific step of identifying communication paths between each other;
A program for executing a second control step for performing control for communication between the plurality of information devices using the communication path specified in the specifying step.

Images