[go: up one dir, main page]

WO2018131082A1 - Système de communication - Google Patents

Système de communication Download PDF

Info

Publication number
WO2018131082A1
WO2018131082A1 PCT/JP2017/000539 JP2017000539W WO2018131082A1 WO 2018131082 A1 WO2018131082 A1 WO 2018131082A1 JP 2017000539 W JP2017000539 W JP 2017000539W WO 2018131082 A1 WO2018131082 A1 WO 2018131082A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
command
data
reader
data update
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2017/000539
Other languages
English (en)
Japanese (ja)
Inventor
三露 学
日下部 進
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Quadrac Co Ltd
Original Assignee
Quadrac Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Quadrac Co Ltd filed Critical Quadrac Co Ltd
Priority to JP2017522561A priority Critical patent/JP6157797B1/ja
Priority to PCT/JP2017/000539 priority patent/WO2018131082A1/fr
Publication of WO2018131082A1 publication Critical patent/WO2018131082A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements

Definitions

  • the present invention relates to a communication system.
  • Patent Documents 1 and 2 A communication system in which a server on a network controls a user device via a reader / writer has been proposed (see Patent Documents 1 and 2). Further, a communication system has been proposed in which a user device executes a predetermined process and returns a response to the reader / writer based on a command from the reader / writer (see Patent Document 3).
  • a server on a network controls a user device via a reader / writer
  • synchronization replication
  • the processing for the user device may not be correctly transferred from the normal server to the spare server.
  • a communication system including a first server and a second server, wherein the first server is connected to the second server and a reader / writer via a network, and transmits data update information to the second server.
  • the command and accompanying information of the command are transmitted to the user device via the reader / writer, and the second server connects the reader / writer with a network.
  • the data update information is received from the first server, the data in the second server is updated based on the received data update information, and after the update, from the first server
  • the switch to the second server occurs, the command and the accompanying information of the command are sent via the reader / writer based on the data in the second server.
  • Communication system for transmitting to over laser device.
  • FIG. 1 is a schematic diagram illustrating a configuration of a communication system 1 according to a first embodiment.
  • 3 is a schematic diagram for explaining data in a first server 30.
  • FIG. 4 is a schematic diagram for explaining data in a second server 40.
  • FIG. 6 is a sequence diagram illustrating an operation example of the communication system 1 according to the first embodiment.
  • FIG. 1 is a schematic diagram illustrating a configuration of a communication system 1 according to the first embodiment.
  • the communication system 1 according to the first embodiment is a communication system including a first server 30 and a second server 40, and the first server 30 includes a second server 40, a reader / writer 22, 24, the data update information is transmitted to the second server 40, the data update information is transmitted to the second server 40, and then the user device is connected via the reader / writers 22 and 24.
  • the second server 40 when the second server 40 is connected to the reader / writers 22 and 24 via the network 50 and receives data update information from the first server 30, When the data in the second server 40 is updated based on the received data update information, and the switching from the first server 30 to the second server 40 occurs after the update, the second server Based on the data in the 0 and accompanying information command and the command is a communication system that transmits to the user device 12, 14 through the reader-writer 22. Details will be described below.
  • the user devices 12 and 14 include, for example, an IC chip and a storage device, and data such as a balance of electronic money is stored in the storage device.
  • the data stored in the storage devices of the user devices 12 and 14 can be updated by the user devices 12 and 14 executing a command, for example.
  • the reader / writers 22 and 24 are devices for reading and writing data in the user devices 12 and 14, and are composed of, for example, a supermarket cash register device or a station ticket gate.
  • the number of user devices and reader / writers is not particularly limited. In this embodiment, it is assumed that two user devices 12 and 14 and two reader / writers 22 and 24 are arranged in the communication system 1.
  • the first server 30 is connected to the second server 40 and the reader / writers 22 and 24 via the network 50.
  • the network 50 is, for example, the Internet.
  • the first server 30 includes a CPU, a memory, and the like, and operates when the CPU executes a program stored in the memory. Data is stored in the memory of the first server 30.
  • the first server 30 transmits a command and accompanying information of the command to the user devices 12 and 14 based on the data in the first server 30.
  • the accompanying information of the command includes a sequence number and an execution number. In the present embodiment, it is assumed that both the sequence number and the execution number are included in the accompanying information of the command.
  • FIG. 2 is a schematic diagram for explaining data in the first server 30.
  • the data in the first server 30 is stored in a table format, for example.
  • the table has records, and the record has fields of record number, command, sequence number, execution number, session key, reader / writer number, status, and update time. Records are updated by adding new records.
  • Each data stored in the record is preferably encrypted. Encryption can be performed by, for example, a symmetric key system such as AES or DES, or an asymmetric key system such as RSA or ECC.
  • a record number is stored in the record number field.
  • the record number is a number for identifying the record.
  • the first server 30 and the second server 40 can generate a record number when adding a record, for example.
  • the sequence number is stored in the sequence number field.
  • the sequence number is a number for identifying a sequence in one session. For example, if sequence number 0001 is assigned to one sequence in a session, 0002 can be assigned to the next sequence and 0003 can be assigned to the next sequence.
  • the command number It is possible to easily determine whether or not the response is transmitted from the outside illegally.
  • the execution number is stored in the execution number field.
  • the execution number is a number with a different value for each command. For example, if the execution number 00AA is assigned to the command 1, the next command 2 can be assigned the execution number 00AB.
  • the same execution number as the number assigned previously is assigned. In this way, when the command is retransmitted from the server by negotiating the protocol that the command having the same execution number is not executed between the server and the user device, the user device 12, 14 is changed to the user device 12, 14 is prevented from being updated twice in error.
  • the session key is stored in the session key field.
  • the session key is data generated when the user devices 12 and 14 and the first server 30 perform mutual authentication for each session.
  • the session key is stored in the first server 30 and the user devices 12 and 14 after generation.
  • the session key generated for one session is valid only for that one session.
  • Data transmitted and received between the user devices 12 and 14 and the first server 30 can be encrypted with a session key including a command and accompanying information of the command.
  • the session key can be generated according to a symmetric key system such as AES or DES, or an asymmetric key system such as RSA or ECC.
  • the reader / writer number is stored in the reader / writer number field.
  • the reader / writer number is a number for identifying the reader / writer.
  • the status is stored in the status field.
  • the status can include, for example, Ready and Wait. “Ready” indicates a state in which a command is ready to be transmitted from the server to the user device, and “Wait” indicates a state in which the user device is waiting for a response.
  • the update time field stores the time when the record was added.
  • the first server 30 transmits data update information to the second server 40 before transmitting the command. Then, the first server 30 transmits a command and accompanying information of the command to the user devices 12 and 14 via the reader / writers 22 and 24 with the data update completion notification from the second server 40 as a trigger. For example, first, the first server 30 identifies a record whose status is Ready from the table in the first server 30, and changes the status of the identified record from Ready to Wait. Next, the first server 30 includes the data included in the record whose status is changed in the data update information and transmits the data update information to the second server 40.
  • the first server 30 uses the notification as a trigger to store the command and accompanying information (eg, sequence) stored in the record whose status has been changed. Number and execution number) with the session key of the record whose status has been changed, and this is encrypted via the reader / writers 22 and 24 identified by the reader / writer number of the record whose status has been changed, 14 is transmitted.
  • command and accompanying information eg, sequence
  • the first server 30 When the first server 30 does not receive a response from the user devices 12 and 14 within a predetermined time after transmitting the command, the first server 30 transmits (retransmits) the command and the accompanying information of the command again. Note that “transmission” in this specification includes transmission (retransmission) again in addition to transmission for the first time.
  • the second server 40 is connected to the first server 30 and the reader / writers 22 and 24 via the network 50.
  • the second server 40 includes a CPU, a memory, and the like, and operates when the CPU executes a program stored in the memory. Data is stored in the memory of the second server 40.
  • FIG. 3 is a schematic diagram for explaining data in the second server 40.
  • the data in the second server 40 is stored in a table format in the same manner as the data in the first server 30.
  • the table has records.
  • the data stored in the record, the encryption of the record, and the like are the same as in the case of the first server 30 and will not be described.
  • the second server 40 When the second server 40 receives the data update information from the first server 30, the second server 40 updates the data in the second server 40 based on the received data update information. Thereby, the data in the second server 40 is synchronized with the data in the first server 30. Data update is performed by adding a new record, and each data included in the data update information is stored in each field in the new record.
  • the second server 40 transmits a data update completion notification to the first server 30 after the data update.
  • the data update completion notification is a notification indicating that the data update is completed.
  • the second server 40 When the second server 40 switches from the first server 30 to the second server 40 after the data in the second server 40 is updated, the second server 40 attaches a command and a command based on the data in the second server 40.
  • Information is transmitted to the user devices 12 and 14 via the reader / writers 22 and 24. That is, the second server 40 takes charge of the processing for the user devices 12 and 14 instead of the first server 30 when switching from the first server 30 to the second server 40 occurs. Transmission from the second server 40 is performed based on data in the second server 40. Since the data in the second server 40 is kept up-to-date based on the data update information received from the first server 10, the command transmitted by the second server 40 is transmitted by the first server 30. Done in the same way.
  • the cause of switching is not particularly limited. As an example, switching occurs when a failure occurs in the first server 30 or when the first server 30 is overloaded.
  • FIG. 4 is a sequence diagram illustrating an operation example of the communication system 1 according to the first embodiment.
  • an operation example of the communication system 1 according to the first embodiment will be described with reference to FIG.
  • Step S11 the first server 30 updates data in the first server 30.
  • the data is updated by adding a new record to the table in the first server 30.
  • Step S12 the first server 30 transmits data update information to the second server 40 before transmitting the command.
  • the first server 30 identifies a record whose status is Ready from the table in the first server 30, and changes the status of the identified record from Ready to Wait.
  • the first server 30 includes the data included in the record whose status is changed in the data update information and transmits the data update information to the second server 40.
  • the second server 40 updates the data in the second server 40 based on the data update information received from the first server 30.
  • the data is updated by adding a new record to the table in the second server 40 based on the data update information, for example.
  • Data included in the received data update information is stored in each field of the newly added record.
  • the second server 40 adds a new record if the table in the second server 40 includes a record having an update time that is newer than the update time included in the received data update information.
  • the received data update information can be discarded.
  • Step S14 Next, the second server 40 transmits a data update completion notification to the first server 30.
  • Step S15, Step S16 the first server 30 transmits a command and accompanying information of the command to the user devices 12 and 14 via the reader / writers 22 and 24 with the data update completion notification from the second server 40 as a trigger.
  • Step S19 the user device 12 transmits a response indicating that the data update has been normally completed to the first server 30.
  • the user device 12 encrypts this response with a session key generated by mutual authentication with the first server 30 before transmitting the response.
  • Step S20 Next, it is assumed that a failure occurs in the first server 30 and processing for the user devices 12 and 14 is taken over from the first server 30 to the second server 40.
  • the processing for the user devices 12 and 14 is handled not by the first server 30 but by the second server 40 thereafter.
  • the second server 40 transmits polling to the first server 30 at a predetermined interval, and when the first server 30 does not respond to the polling, it is determined that a failure has occurred in the first server 30.
  • the processing can be taken over from the first server 30.
  • the second server 40 receives an instruction to take over from a load sharing device (load balancer) that monitors the load of the first server 30 and the second server 40, according to the received instruction, The processing of the first server 30 can be taken over.
  • load sharing device load balancer
  • Step S21, Step S22 the second server 40 determines whether or not a response has arrived within a predetermined time from the user devices 12 and 14 based on the data in the second server 40 (step S21). 2 Update the data in the server 40 (step S22).
  • the second server 40 determines that no response has been received from the user device 12 within a predetermined time, and updates the data in the second server 40.
  • the determination of whether or not the response has arrived is performed by, for example, identifying a record whose status is Wait among the records stored in the table in the second server 40 and determining a predetermined time from the update time of the identified record. This can be done by judging whether or not.
  • the sequence number is regularly incremented from 0002 to 0003 according to a predetermined protocol, but since the execution number is 00AA which is the same as the execution number of the command that has already updated the data, the data update condition is satisfied. Shall not. Therefore, the data update by the user device 12 is not performed.
  • the user device 12 uses the execution number received from the second server 40 as the stored execution number. It is possible to easily determine whether or not the execution number is the same as the execution number of the command that has already updated the data.
  • Step S27, Step S28 the user device 12 transmits a response to the data update to the second server 40.
  • the user device 12 encrypts the response with the session key generated by mutual authentication with the first server 30 before transmitting the response.
  • synchronization (replication) of the first server 30 and the second server 40 is performed at an appropriate timing. That is, before the command is transmitted from the first server 30 to the user devices 12 and 14, the data update information is transmitted from the first server 30 to the second server 40, and the data in the first server 30 and the second Data in the server 40 is synchronized (replicated). Therefore, even if a switch from the first server 30 to the second server 40 occurs after transmitting a command from the first server 30 to the user devices 12, 14, the user device 12, 14 can be correctly taken over.
  • the communication system 1 includes two servers, the first server 30 and the second server 40, but the communication system 1 may include three or more servers.
  • the third and subsequent servers can be operated in the same manner as the second server 40 described above, for example. Further, for example, the third and subsequent servers can take over the process of the second server 40 by the same method as the case of taking over the process of the first server 30 instead of the first server 30.
  • Comparative Example 1 As Comparative Example 1, a communication system in which data update information is transmitted from the first server 30 to the second server 40 after one second has elapsed after the command is transmitted from the first server 30 to the user devices 12 and 14. consider. In the first comparative example, after the command is transmitted from the first server 30 to the user devices 12 and 14, the first server 30 fails before the data update information is transmitted from the first server 30 to the second server 40. It is assumed that switching from the first server 30 to the second server 40 occurs.
  • the user apparatus 12 since the sequence number is not correctly transferred, the user apparatus 12 determines that the data update condition is not satisfied in step S25 described above, and updates the data in the user apparatus 12. Step S26 is not executed.
  • step S26 since the execution number is not taken over correctly, if the data update in step S26 is executed, the balance of electronic money stored in the user device 12 has already been increased by 100 yen. It will be increased by 100 yen again.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Hardware Redundancy (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Le problème à résoudre par la présente invention est de fournir un système de communication dans lequel un premier serveur et un deuxième serveur sont synchronisés l'un avec l'autre à des moments appropriés. Le deuxième serveur prend correctement en charge un processus pour un dispositif d'utilisateur à la place du premier serveur. À cet effet, le premier serveur est relié au deuxième serveur et à un dispositif de lecture/d'écriture par l'intermédiaire d'un réseau, transmet une commande et des informations associées à la commande au dispositif utilisateur par l'intermédiaire du dispositif de lecture/d'écriture après la transmission des informations de mise à jour de données au deuxième serveur. Le deuxième serveur est relié au dispositif de lecture/d'écriture par l'intermédiaire du réseau et, lors de la réception des informations de mise à jour de données provenant du premier serveur, le deuxième serveur met à jour des données dans le deuxième serveur sur la base des informations de mise à jour de données reçues. Après cette mise à jour, s'il devient nécessaire que le deuxième serveur assure la prise en charge à la place du premier serveur, le deuxième serveur transmet alors une commande et des informations associées à la commande au dispositif utilisateur par l'intermédiaire du dispositif de lecture/d'écriture sur la base des données dans le deuxième serveur.
PCT/JP2017/000539 2017-01-11 2017-01-11 Système de communication Ceased WO2018131082A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2017522561A JP6157797B1 (ja) 2017-01-11 2017-01-11 通信システム
PCT/JP2017/000539 WO2018131082A1 (fr) 2017-01-11 2017-01-11 Système de communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2017/000539 WO2018131082A1 (fr) 2017-01-11 2017-01-11 Système de communication

Publications (1)

Publication Number Publication Date
WO2018131082A1 true WO2018131082A1 (fr) 2018-07-19

Family

ID=59272980

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/000539 Ceased WO2018131082A1 (fr) 2017-01-11 2017-01-11 Système de communication

Country Status (2)

Country Link
JP (1) JP6157797B1 (fr)
WO (1) WO2018131082A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000149080A (ja) * 1998-11-13 2000-05-30 Toshiba Corp 入退室管理装置及び入退室管理システム
JP2008123334A (ja) * 2006-11-14 2008-05-29 National Institute Of Advanced Industrial & Technology 分散サーバシステム
JP2015170226A (ja) * 2014-03-07 2015-09-28 富士通株式会社 データ転送システム及び方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000149080A (ja) * 1998-11-13 2000-05-30 Toshiba Corp 入退室管理装置及び入退室管理システム
JP2008123334A (ja) * 2006-11-14 2008-05-29 National Institute Of Advanced Industrial & Technology 分散サーバシステム
JP2015170226A (ja) * 2014-03-07 2015-09-28 富士通株式会社 データ転送システム及び方法

Also Published As

Publication number Publication date
JP6157797B1 (ja) 2017-07-05
JPWO2018131082A1 (ja) 2019-01-17

Similar Documents

Publication Publication Date Title
CN109756582B (zh) 区块链网络中的信息记录方法、装置、节点及存储介质
JP5818816B2 (ja) 読み取り装置によって無線タグを識別及び認証する方法
US20060031262A1 (en) Synchronizing client data and server data
US8769100B2 (en) Method and apparatus for cluster data processing
US20240275600A1 (en) Secure element, method for registering tokens, and token reference register
CN101443741A (zh) 用于使用动态证书来识别复制装置的系统和方法
JP5040486B2 (ja) ネットワークシステムおよびプログラム
CN106375064B (zh) 一种密码键盘usb通信异常恢复方法及系统
JP2009015748A (ja) ネットワークシステムおよびプログラム
TW201349005A (zh) 基於擴展參數集的安全性資訊交互系統、裝置及方法
JP6157797B1 (ja) 通信システム
US12450615B2 (en) Method, terminal, and coin register for transmitting electronic coin data sets
JP2004505354A (ja) データ転送を保護して装置を通信させる方法及びシステム及びそのための装置
US10536280B2 (en) RFID tag for secure access to a service from an access terminal
JP5979719B2 (ja) Atmシステム及び方法
JP2025110134A (ja) 電子情報記憶媒体、icチップ、icカード、セキュアチャネル開設方法、及びプログラム
US10514850B2 (en) Information processing system, server device, Information processing method, and computer program product
CN119585760A (zh) 安全元件、用于寄存代币的方法和代币参考寄存器
JP6801448B2 (ja) 電子情報記憶媒体、認証システム、認証方法、及び認証アプリケーションプログラム
CN103164912B (zh) 一种pos系统以及基于该pos系统的信息处理方法
JP2023088716A (ja) 情報処理装置、情報処理システム及びプログラム
JP2007173911A (ja) データ処理装置、データ処理プログラム、およびデータ処理システム
JP2015050736A (ja) 決済端末及び決済端末プログラム
JP2009230315A (ja) 端末、情報記憶媒体、サービス提供システム及びデータ更新方法
JP2011008679A (ja) 資金移動処理サーバ

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2017522561

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17891782

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17891782

Country of ref document: EP

Kind code of ref document: A1