JP4130809B2 - Method for constructing encrypted communication channel between terminals, apparatus and program therefor - Google Patents

Description

  The present invention relates to a technique for constructing a secure data channel between two terminals on a network.

  In the prior art, in order to construct a data channel between two terminals on an IP network and perform so-called peer-to-peer communication, from name registration to DNS, setting of FW etc. to ensure security Operations such as management and certificate acquisition are required. In addition, in order to perform peer-to-peer communication between multiple terminals with mutual authentication and encryption, obtain certificates for all these terminals, or manage IDs and passwords for all terminals. is required.

  As described above, in the conventional technology, a complicated operation is required to construct a secure data channel between two terminals on the IP network, and the name and address are registered in an open DNS. There is a problem that there is a risk of unauthorized access.

In addition, by introducing an intermediary server between the terminals, the data channel from one terminal is terminated by proxy, the data channel of the other terminal is also terminated by proxy, and the data channels of both terminals are matched on the intermediary server A mechanism for realizing a data channel between two terminals in a pseudo manner has also been proposed. However, this method has a problem that a large load is applied to the mediation server because all data between terminals passes through the mediation server. Another problem is that real-time access to home terminals is not possible.
JP 2002-208921 A

  The present invention has been made in view of the above points, and an object thereof is to provide a technique for easily constructing a secure data channel between terminals.

  The above-described problem is a method for establishing an encrypted communication channel between a first terminal and a second terminal connected to a network, the session management apparatus connected to the network, and a first Performing mutual authentication with the terminal, establishing a first encrypted communication channel between the session management device and the first terminal, and performing mutual authentication between the session management device and the second terminal. And establishing a second encrypted communication channel between the session management device and the second terminal, and the first terminal via the first encrypted communication channel and the second encrypted communication channel. And a method of exchanging key information between the second terminal and the second terminal.

  According to the present invention, a mutual trust relationship is established between each terminal and the session management apparatus by performing mutual authentication, whereby the session management apparatus is connected between the first terminal and the second terminal. An encrypted communication channel can be established by a simple signaling procedure, and a secure data channel can be easily established between terminals. Further, since the subsequent inter-terminal communication can be performed without going through the session management device, the conventional problem is solved.

  Further, the above-described problem is a method for establishing an encrypted communication channel between a first terminal and a second terminal connected to a network, and a session management device connected to the network and The key information for encrypted communication is exchanged with one terminal, the session management apparatus and the first terminal mutually authenticate, and the first encryption between the session management apparatus and the first terminal Establishing a communication channel, exchanging key information for encrypted communication between the session management device and the second terminal, the session management device and the second terminal authenticating each other, and session management Establishing a second encrypted communication channel between the device and the second terminal, and key information for encrypted communication between the first terminal and the second terminal by the first terminal Request message for connection to the second terminal including Transmitting to the session management device via the first encrypted communication channel, and the session management device transmitting the connection request message to the second terminal via the second encrypted communication channel; As a response to the connection request message, the terminal sends a response message including key information for encrypted communication between the first terminal and the second terminal via the second encrypted communication channel. This can also be solved by a method including the step of transmitting to the management device, and the session management device transmitting the response message to the first terminal via the first encrypted communication channel.

  In the above method, message communication between the first terminal and the session management apparatus and message communication between the second terminal and the session management apparatus can be performed based on SIP.

  A step in which the first terminal registers the name and address of the first terminal in the session management device via the first encrypted communication channel; and a second terminal performs the second encryption. Registering the name and address of the second terminal with the session management device via the communication channel, wherein the connection request message transmitted from the first terminal includes the name of the second terminal; The session management device may acquire the address of the second terminal from the name and transmit the connection request message to the address.

  Further, the session management device holds information as to whether or not to permit connection between terminals. When a connection request message is received, the session management apparatus refers to the information and the connection request source terminal It is determined whether or not the connection with the terminal is permitted. If the connection with the terminal is not permitted, the connection can be rejected.

  Further, each step is executed after the first terminal receives access from the third terminal, and between the first terminal and the second terminal established by execution of each step. The first terminal may receive data from the second terminal via an encrypted communication channel and transmit the data to the third terminal.

  Furthermore, after the first terminal receives access from the third terminal, the steps after the step for establishing the first encrypted communication channel and the second encrypted communication channel are executed, The first terminal receives data from the second terminal via an encrypted communication channel between the first terminal and the second terminal established by execution of the steps, and Data may be transmitted to the third terminal.

  In addition, the above-described problem is a method for establishing an encrypted communication channel between a first terminal and a second terminal connected to a network, and includes a public key management device connected to the network, An encryption communication channel establishment step in which key information for encrypted communication is exchanged with the first terminal, and the public key management device and the first terminal mutually authenticate; And the public key is transmitted to the public key management apparatus via the encrypted communication channel between the public key management apparatus established by the encrypted communication channel establishment step and the first terminal. And a public key management device generates a public key certificate of the received public key, and the public key certificate is transmitted via the encrypted communication channel between the public key management device and the first terminal. Transmitting to the first terminal; and And the terminal of establishing the encrypted communication channel using the public key between the first terminal and the second terminal by distributing the public key certificate to the second terminal. Can also be solved.

  According to the present invention, it is possible to establish a public key-based encrypted communication channel without obtaining a complicated procedure as in the prior art.

  The public key management device executes the encrypted communication channel establishment step and establishes the encrypted communication channel with the first terminal, and connects to the server via the encrypted communication channel. It may be configured to include a device having a function of generating and managing a public key certificate.

  Further, message communication between the first terminal and the public key management device can be performed based on SIP.

  Also, the above-mentioned problem is a method for establishing an encrypted communication channel between a first terminal and a second terminal connected to a network, comprising: a public key management device connected to the network; A first encryption communication channel establishment step in which key information for encrypted communication is exchanged with the first terminal, and the public key management device and the first terminal mutually authenticate; and a public key management device A second encrypted communication channel establishment step in which key information for encrypted communication is exchanged between the first terminal and the second terminal, and the public key management device and the second terminal mutually authenticate, The terminal generates a secret key and a public key, and the public key is a first encrypted communication channel between the public key management apparatus and the first terminal established by the first encrypted communication channel establishment step. Sending to the public key management device via The management device stores the received public key in the storage device, and the second terminal receives the public key between the public key management device established by the second encrypted communication channel establishment step and the second terminal. Also through a second encrypted communication channel between the first terminal and the second terminal to establish an encrypted communication channel using the public key between the first terminal and the second terminal. can be solved.

  The public key management device includes a device that establishes an encrypted communication channel with a first terminal and a second terminal, and a public key that is connected to the device via the encrypted communication channel. The message communication between the first terminal and the public key management device and the message communication between the second terminal and the public key management device may be configured. It can also be performed based on SIP.

  Moreover, according to this invention, the session management apparatus, terminal, and program which perform the process in said method are provided.

  According to the present invention, a secure data channel can be easily constructed between terminals. Further, since the subsequent communication between terminals can be performed without going through the session management device, the conventional problem in the case of using the mediation server is solved.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

(First embodiment)
First, the outline of the first embodiment of the present invention will be described with reference to FIG.

  As shown in FIG. 1, a session management server 3 is installed between a terminal 1 and a terminal 2, and a data channel is established between the terminal 1 and the session management server 3 and the terminal 2 between the terminal 1 and the terminal 2. Signaling (signaling procedure) is executed, and after data channel construction, data communication is performed only between terminals without going through the session management server 3.

  In signaling, first, exchange of encryption key information is performed for establishing a secure signaling channel for performing encrypted communication such as IPsec between the terminal 1 and the session management server 3 and between the session management server 3 and the terminal 2. Mutual authentication is performed. Then, name registration to the session management server is established via the secure signaling channel established between the terminal 1 and the session management server 3 and between the session management server 3 and the terminal 2, and the secure data channel is established between the terminal 1 and the terminal 2. Signaling for is performed.

  Mutual communication between the session management server 3 and the terminal 1 and between the session management server 3 and the terminal 2 by signaling in establishing a secure signaling channel between the terminal 1 and the session management server 3 and between the session management server 3 and the terminal 2. Since a trust relationship based on authentication is established, a trust relationship is also established between the terminal 1 and the terminal 2. That is, a trust chain model via the session management server 3 is constructed by the mutual authentication. Therefore, a simple key information exchange procedure can be used in signaling for establishing a secure data channel between the terminal 1 and the terminal 2.

  Next, a communication sequence between the terminal 1 -session management server 3 -terminal 2 will be described with reference to FIG.

  The sequence shown in FIG. 2 is based on a system configuration in which the terminal 1, the session management server 3, and the terminal 2 are connected to an IP network such as the Internet.

  Each terminal includes a signaling function for performing signaling with the session management server 3, a function for performing data communication via a secure data channel, and an application for providing a desired service using the data communication. Yes.

  The session management server also has a signaling function for performing signaling with each terminal, a connection policy control function for controlling connection permission between terminals, an authentication function for authenticating each terminal, a terminal name to an IP address And a database for storing IDs and passwords used for authentication, a database for storing names and IP addresses in association with each other, and the like. Further, a function equivalent to general DNS can be provided as a name resolution function.

  As shown in FIG. 2, in constructing a secure data channel between the terminal 1 and the terminal 2, first, a secure signaling channel is constructed between the terminal 1 and the session management server 3 and between the terminal 2 and the session management server 3, respectively. , Do name registration.

  That is, key information (information for generating a cryptographic key) used for encryption communication such as IPsec is exchanged between the terminal 1 and the session management server 3 (step 1). Thereafter, mutual authentication is performed by encrypting information including its own ID and password and transmitting it to the other party (step 2). After authentication, a secure signaling channel is established, and the terminal 1 registers the name and IP address with the session management server 3 using the channel (step 3). A similar sequence is executed between the terminal 2 that is the communication partner of the terminal 1 and the session management server 3, and the name and IP address of the terminal 2 are registered in the session management server 3 (steps 4, 5, and 6).

  Thereafter, a connection request from the terminal 1 to the terminal 2 is transmitted via the secure signaling channel (step 7). The connection request includes the name of the terminal 2 and key information for encryption communication (information for generating the encryption key). The session management server 3 that has received the connection request checks that the terminal 1 is not lying with respect to the connection request from the terminal 1 (caller spoofing check), and further uses the connection policy control function to connect the terminal 1 and the terminal. 2 is checked (step 8), and if permitted, the IP address of the terminal 2 is obtained from the name of the terminal 2 by referring to the database using the name resolution function (step 9). ), And transfer the connection request to the terminal 2 via the secure signaling channel (step 10). At this time, the IP address of the terminal 1 is also transmitted to the terminal 2. If the connection between the terminal 1 and the terminal 2 is not permitted, the connection request for the terminal 1 is rejected. At this time, information regarding the terminal 2 is not transmitted to the terminal 1 at all.

  The terminal 2 that has received the connection request transmits a response message including key information for encryption communication to the session management server 3 via the secure signaling channel as a response to the connection request (step 11). A response message is sent to the terminal 1 (step 12). At this time, the IP address of the terminal 2 is also transmitted to the terminal 1.

  With this procedure, encrypted communication between the terminal 1 and the terminal 2 becomes possible. That is, a secure data channel is established and desired data communication is performed.

  The fact that the secure signaling channel has been established through steps 1, 2, 4, and 5 means that the terminal-session management server has successfully authenticated each other and a trust relationship has been established. Since such a relationship is established between the terminal 1 and the session management server 3 and between the terminal 2 and the session management server 3, the terminal 1 and the terminal 2 are also mutually reliable. From step 7 onward, it is possible to use a procedure that is simpler than the key exchange procedure used in general encrypted communication.

  As means for realizing the above sequence, it is possible to use a protocol that is an extension of SIP (session initiation protocol). That is, the session management server 3 is caused to function as a SIP proxy server, and information exchanged in the above procedure is included in the SIP message.

  In this case, a REGISTER message can be used for establishing a secure signaling channel and registering a name, and an INVITE message can be used for establishing a secure data channel between terminal 1 and terminal 2.

  A sequence example in the case of using SIP is shown in FIG.

  The example shown in FIG. 3 is an example when signaling is performed via a plurality of session management servers connected by a secure channel. A plurality of session management servers connected by a secure channel may be referred to as a session management device. In the sequence configuration shown in FIG. 3, the IP address of the terminal 1 is 2001: 1234 :: 10, the IP address of the session management server A is 2001: 6789 :: 5060, and the IP address of the session management server B is 2001: abcd :: 5060, the IP address of the terminal 2 is 2001: cdef :: 10.

  An ID and a password are distributed in advance between each terminal and the session management server, and each of the terminal and the session management server stores the other party's ID and password in its own storage device. The session management server A and the session management server B communicate via a secure channel such as TLS.

  First, the terminals 1 and 2 use the REGISTER message to establish a secure channel with the session management server and register a name (conforming to SIP) to the session management servers A and B (step 21). (Corresponding to steps 1 to 6 in FIG. 2). The procedure of this part will be described later in detail.

  Subsequently, the terminal 1 uses the INVITE message describing the key information for encryption communication (information for generating the secret shared key in the example in the figure) as an SDP parameter as a connection request to the terminal 2, and the terminal 1 and the session management server A is transmitted via a secure signaling channel between A (step 22). Session management server A transfers the INVITE message to session management server B via a secure channel between session management servers A and B (step 23).

  The INVITE message from the terminal 1 includes a Route-Security header. When the Route-Security header is added, the device that has received the INVITE message asks whether the route from the address indicated by the Route-Security header: [address] to the device is secure (for example, Whether the encryption is performed by IPsec) is checked, and if it is secure, the Route-Security header is left as it is and the message is transferred. When it is necessary to check whether the route is secure at the transfer destination, a message with a Route-Security header: [your address] is transferred to the transfer destination. The response message has the Route-Security header added so far, and it can be seen that the message has been transferred via a secure route. In other words, the Route-Security header provides a mechanism for ensuring the safety of the route.

  Session management server B transmits an INVITE message to terminal 2 via a secure signaling channel between terminal 2 and session management server B (step 24). The session management server A and the session management server B perform name resolution for the terminal 2.

  The terminal 2 that has received the INVITE message transmits a response message including key information for encrypted communication as an SDP parameter to the terminal 1 (step 25). Then, the response message is carried in the opposite direction on the same route as the INVITE message, and is transmitted to the terminal 1 (steps 26 and 27).

  Thereafter, an acknowledgment (ACK) message is transmitted from the terminal 1 to the terminal 2 (steps 28 to 30), and encrypted communication (for example, communication by IPsec) between the terminal 1 and the terminal 2 becomes possible.

  The sequence of the REGISTER message in step 21 in FIG. 3 is, for example, as shown in FIG.

  In this case, first, a REGISTER message including key information for encryption communication (IPsec or the like) is transmitted from the terminal to the session management server (step 211). As a response, the session management server returns a response message including the key information for encryption communication to the terminal (step 212). Subsequently, the terminal transmits a REGISTER message including authentication information for authenticating the terminal by the session management server (step 213). In response, the session management server transmits a response message including authentication information necessary for the terminal to authenticate the session management server to the terminal (step 214). After mutual authentication is obtained, encrypted communication using the secure signaling channel becomes possible.

  Thereafter, since the packet is encrypted and transmitted / received via the secure signaling channel, name registration is performed by a normal REGISTER message sequence (steps 215 and 216).

  In the above sequence, it is assumed that other information necessary for encrypted communication such as IPsec is appropriately transmitted and received. Note that the authentication information may be information including an ID, a password, or the like, or a certificate (X.509 certificate or the like). Further, authentication information (certificate) may be included in a message used for exchanging key information for encryption communication.

  Next, functional blocks of each device when SIP is used as a signaling protocol will be described with reference to FIG.

  The session management server includes an SIP proxy that performs a process for transferring a call (message), an SIP registrar that performs SIP name registration, an authentication module that authenticates each terminal using an ID, a password, or a certificate, IPsec And an encryption module for performing encrypted communication.

  In addition, each terminal has a function unit that performs communication on the secure data channel, a SIP function unit that performs message communication based on SIP including transmission / reception of INVITE messages and issuance of REGISTER messages, IDs, passwords, certificates, etc. It has an authentication module for authenticating the session management server, and an encryption module for performing encrypted communication such as IPsec.

  The functions of the above session management server and each terminal are realized by a program, and each means of the session management device and terminal in the present invention is realized by a program, the session management device, and hardware of the terminal. It is what. The terminal is a computer such as a general PC including a CPU, a memory, a hard disk, and the like, a mobile device, and the like, and the functions of the terminal of the present embodiment can be realized by installing the program in the computer. The terminal may be a digital home appliance. The session management server is a computer such as a server, and the functions of the session management server according to the present embodiment can be realized by installing the program on the server.

  As described above, the configuration as in the present embodiment provides the following effects.

  First, since the name and the IP address are registered by the REGISTER message every time the terminal address is changed, the terminal side can use so-called dynamic IP address assignment. In addition, since the session management server performs name resolution, name registration in an open DNS, which was necessary in the past, becomes unnecessary. In addition, since a secure channel is established between each terminal and the session management server and signaling is performed, FW management on the terminal side becomes unnecessary. Further, since the session management server manages the ID and password of each terminal, it is not necessary to manage a large number of IDs and passwords on the terminal side. In addition, because the session management server connection policy control function does not even allow name resolution for the partner terminal that does not permit connection, the existence of the terminal itself is not known, and the terminal is illegally accessed. No fear of receiving. Furthermore, since the port number necessary for the secure data channel is transmitted by signaling via the secure signaling channel, the port number is not known to the outside if the signaling is not normally completed. Further, since only light signaling passes through the intermediate server (session management server) and actual data communication is performed between terminals in a peer-to-peer manner, the load on the intermediate server is not excessive.

  Further, in the prior art, in order to perform peer-to-peer communication that is mutually authenticated and encrypted between a large number of terminals, the certificates of all the terminals are obtained, or the IDs of all the terminals, Although it is necessary to manage passwords, according to the present invention, no prior security setting is required between members.

  Further, in the prior art, even if data channel encryption is not required, there was only a method using PKI as a means for ensuring the authenticity of the calling party number, but according to the present invention, service setting (SIP ID / password setting can prevent calling number spoofing / falsification.

(Second Embodiment)
Next, as described above, a secure signaling channel is established between each terminal and the session management server, and using the secure signaling channel, a SIP message including key information necessary for encrypted communication is sent. An embodiment in which this mechanism is applied will be described.

  When using public key-based authentication technology such as SSL encryption communication, it is necessary to use a public key certificate issued by a certificate authority (CA). It is cumbersome to update the password periodically, and the use of public key-based authentication technology using public key certificates is often avoided.

  In the second embodiment described below, using the fact that a trust relationship is established between each terminal and the session management server, a public key is simply registered in the server and simplified from that server. The public key certificate of the public key and the public key itself can be obtained. As a result, public key-based authentication technology can be easily used between terminals, and encryption communication such as SSL can be easily performed between terminals.

  A communication procedure in the present embodiment will be described with reference to FIGS.

  The system configuration in the present embodiment includes a terminal 11 that distributes a public key, a terminal 12 that performs public key-based cryptographic communication with the terminal 11 upon receiving the distribution of the public key, and the first embodiment. Including a session management server 21, a session management server 22, and a session management server 21, 22 connected to the session management servers 21 and 22 through a secure channel. Further, a secure signaling channel is established between each terminal and the session management server by the method described in the first embodiment. The session management server and the simple CA server can be configured as one device. A simple CA server and a session management server connected by a secure channel may be collectively referred to as a public key management device.

  In the present embodiment, each terminal, the session management servers 21 and 22, and the simplified CA management server 30 have a function of transmitting and receiving a PUBLISH message (SIP message) for requesting issuance of a public key certificate. Yes. The PUBLISH message uses a public key, public key certificate, etc. described in its body part.

  In FIG. 6, the terminal 11 first creates a private key / public key pair (step 31). Then, the public key is registered in the simple CA server using the PUBLISH message via the secure signaling channel between the terminal 11 and the session management server 21 and the secure channel between the session management server and the simple CA server (step 32).

  Subsequently, in FIG. 7, the terminal 11 acquires the public key certificate created using the secret key of the simple CA server 30 from the simple CA server 30 via the session management server 21 and the secure signaling channel (step 33). The public key certificate is issued from the simple CA server 30 only for a predetermined period, for example. Note that this predetermined period of time coincides with the validity period of the public key certificate. Then, as shown in FIG. 8, the terminal 11 distributes the public key certificate to the general terminal 13 (step 34), so that, for example, SSL communication between the terminal 11 and the terminal 13 becomes possible. Note that the method of performing SSL communication between the terminal 11 and the terminal 13 using the public key is the same as the conventional SSL communication method.

  Further, the terminal 12 that is securely connected to the simple CA server 30 and has a trust relationship with the simple CA server 30 can receive the public key of the terminal 11 from the simple CA server 30 without using the public key certificate format (step 35). ). Then, it becomes possible to perform public key-based cryptographic communication between the terminal 11 and the terminal 12.

  FIG. 9 shows a sequence when a secure data channel (SSL communication channel) is constructed between the terminal 11 and the terminal 13. Note that FIG. 9 does not show the session management server 22.

  In the terminal 11 and the session management server 21, the procedure (step 41) from the establishment of the secure signaling channel by the REGISTER message to the SIP name registration is the same as in the first embodiment. The session management server 21 and the simplified CA server 30 are connected by a TLS secure channel. Further, it is assumed that the terminal 13 has previously acquired the public key of the simple CA server 30 itself.

  In order to register the public key of the terminal 11, the terminal 11 first transmits a PUBLISH message including the public key in the SIP body part to the session management server 21 (step 42). The session management server 21 transfers the PUBLISH message to the simple CA server 30 (step 43). The simple CA server 30 registers the public key and issues a public key certificate, and sends a response message including the public key certificate in the body part to the session management server 21 as a response to the PUBLISH message (step 44). The session management server 21 transfers the response message to the terminal 11 (step 45). Thereafter, a session for SSL encrypted communication is started between the terminal 11 and the terminal 13 (step 46-). Step 46 and subsequent steps are the same as the procedure for performing the conventional SSL communication. That is, by performing the processing up to step 45 in advance, SSL communication between terminals can be freely performed at an arbitrary timing thereafter.

  FIG. 10 shows a functional block diagram of each device.

  The function of the session management server is the same as that of the first embodiment. In addition to the functions shown in FIG. 5, the terminal has a PUBLISH message transmission function in the SIP function unit. It also has a secret key, public key generation function, and public key certificate management function. In addition to the encryption module, authentication module, and SIP function unit, the simple CA server has functions for managing public keys and issuing public key certificates. Public key management is, for example, storing a public key in a storage device together with identification information of a terminal corresponding to the public key.

  As described above, according to the present embodiment, a simple public key management model can be realized based on the trust relationship between the terminal, the session management server, and the simple CA server.

  In each of the above embodiments, the case where SIP is used as an information transmission / reception means has been described as an example, but the information transmission / reception means is not limited to SIP. For example, HTTP can be used instead of SIP.

(Third embodiment)
A further embodiment applying a mechanism for constructing a secure data channel by signaling using a secure signaling channel will be described next. In the following description, “http” is used in a broad sense including “https” unless otherwise indicated.

  In the present embodiment, one terminal (for example, terminal 1) in the configuration of FIG. 2 has a gateway function (hereinafter, terminal 1 is referred to as gateway device 1) that performs protocol conversion from http to SIP, In this mode, a mobile terminal such as a PDA accesses the gateway device 1 to enable communication using a secure data channel between the mobile terminal and the terminal 2.

  FIG. 11 shows the overall configuration of the present embodiment. As shown in FIG. 11, the terminal 1 in the configuration shown in FIG. 2 is replaced with the gateway device 1, and the mobile terminal 41, the Web browser terminal 42 under the firewall in the company accesses the gateway device 1, and the gateway device 1 A secure data channel is established between the terminals 2, and communication is performed between the mobile terminal 41 and the terminal 2 via the gateway device 1. The terminal 2 is a Web server that allows only access from a specific user, for example.

  Next, the operation of the present embodiment will be described with reference to the sequence chart of FIG. In the sequence of FIG. 12, it is assumed that secure signaling channels between the gateway device 1 and the session management server 3 and between the session management server 3 and the terminal 2 have been established. Hereinafter, a mobile terminal 41 will be described as an example of a terminal that accesses the gateway device 1.

  First, the mobile terminal 41 accesses the gateway device 1 using the http protocol (step 51). When accessing, the gateway apparatus 1 acquires the telephone number of the mobile terminal 41. Further, an ID and a password may be transmitted from the mobile terminal 41 to the gateway device 1. The gateway device 1 authenticates the mobile terminal 41 using a telephone number, ID, or password (step 52).

  The gateway device 1 holds a table for storing user identifiers (telephone numbers and IDs) and names of connection destinations permitted to be connected to the user, as shown in FIG. For example, the gateway device 1 receives access from the mobile terminal 41, acquires a name from the table, and transmits it to the mobile terminal 41. The mobile terminal 41 displays the name, causes the user to select a specific name, and transmits the selected name to the gateway device 1. Thereby, the gateway apparatus 1 can acquire the name of the access destination of the mobile terminal 41. Instead of such a method, a name may be directly input from the mobile terminal 41 and transmitted to the gateway device 1. Further, what is displayed on the mobile terminal 41 may be an image showing an outline of a site corresponding to the name, not the name itself.

  The gateway device 1 that has acquired the name as described above transmits an INVITE message including the name to the session management server 3, thereby requesting connection to the connection destination (terminal 2 in the present embodiment) indicated by the name. I do. The processing in steps 53 to 56 shown in FIG. 12 is the same as the processing shown in steps 7 to 12 in FIG.

  After establishing the secure data channel, an http response is returned to the mobile terminal 41 in step 59. Thereafter, communication is performed between the mobile terminal 41 and the gateway device 1 and between the gateway device 1 and the terminal 2 using the http protocol or the https protocol. Here, the gateway device 1 performs an operation of receiving data from the terminal 2 and transmitting it to the mobile terminal 41. In addition, data conversion is performed in the gateway device 1 so as to be suitable for display on the mobile terminal 41 as necessary. Further, the gateway apparatus 1 receives a request from the mobile terminal 41 and transmits it to the terminal 2.

  In the above example, it is assumed that a common secure signaling channel is established in advance between the gateway device 1 and the session management server 3, but for the mobile terminal 41, the gateway device 1 A secure signaling channel may be provided between the session management servers 3.

  FIG. 14 shows a functional block diagram of the gateway device 1. FIG. 14 mainly shows functions for signaling for data channel construction.

  As shown in FIG. 14, the gateway device 1 includes a Web server unit 51 that performs http protocol processing, a pseudo SIP function unit 52, a SIP control unit 53, an IPsec control unit 54, and a database 55 that is used for authentication of a mobile terminal. I have. Although not shown, an http protocol processing unit for performing http communication between the gateway apparatus 1 and the terminal 2 after establishing the secure data channel is provided.

  The pseudo SIP function unit 52 includes a pseudo SIP function control unit 521, and generates an individual pseudo SIP function unit 522 in response to an access from the mobile terminal 41. The individual pseudo SIP function unit 522 is for performing signaling for establishing a secure signaling data channel in place of the mobile terminal that has accessed. The pseudo SIP function unit 52 is called a “pseudo” SIP function unit because it functions as a SIP function unit in the terminal shown in FIG. In the individual pseudo SIP function unit 522, substantial information to be included in the SIP message is generated and passed to the SIP control unit 53, and the SIP control unit 53 generates and transmits a packet according to the SIP protocol. The IPsec control unit 54 corresponds to the encryption module shown in FIG.

  Next, the overall operation will be described. It is assumed that the secure signaling channel between the gateway device 1 and the session management server 3 has already been established by the SIP control unit 53. The communication between the mobile terminal and the gateway device may be either http or https.

  First, the web server unit 51 receives an http request from the mobile terminal 41. The Web server unit 51 passes the information of the http request to the pseudo SIP function control unit 521. The pseudo SIP function control unit 521 uses information such as an ID included in the information to authenticate the accessed mobile terminal 41 by referring to the database 55. If the authentication is OK, an individual pseudo SIP function unit 522 corresponding to the accessed mobile terminal 41 is generated. Then, the name of the connection destination desired by the user of the mobile terminal 41 is acquired by the connection name acquisition procedure as described above, for example. The table information shown in FIG. 13 is included in the database 55.

  Thereafter, the individual pseudo SIP function unit 522 generates an INVITE message serving as a connection request, and transmits the message to the session management server 3 via the SIP control unit 53. Then, according to the sequence shown in FIG. 12, the IPsec control unit 54 creates an IPsec connection (secure data channel) with the terminal 2. Thereby, communication can be performed between the gateway apparatus 1 and the terminal 2 via the secure data channel, for example, using http or https. Then, the data received by the gateway device 1 is converted as necessary and transmitted to the mobile terminal 41.

  As described above, according to the present embodiment, the gateway device 1 has a pseudo SIP function as a substitute for the mobile terminal 41 and performs signaling for establishing a secure data channel instead of the mobile terminal 41.

  Therefore, even if the terminal has a function of only the http communication, the connection partner side does not realize that the channel is established by the communication based on the SIP, and only performs the conventional http connection to the gateway device 1. It becomes possible to perform secure communication using a secure data channel with a terminal of a connection partner, and the scope of application of the mechanism described in the first embodiment becomes wider.

  In addition, the gateway device 1 maintains a table as shown in FIG. 13 in which destinations to which each terminal can be connected are stored, so that even a terminal with a poor operation system such as a mobile phone can access the portal site of the gateway. Simply select the other party and you can easily connect to the other party.

  The present invention is not limited to the above-described embodiments, and various modifications and applications can be made within the scope of the claims.

It is a figure for demonstrating the outline | summary of the 1st Embodiment of this invention. It is a sequence diagram of communication between the terminal 1-session management server 3-terminal 2. It is a figure which shows a sequence in detail. It is a figure which shows the sequence of a REGISTER message. It is a functional block diagram of each apparatus in the case of using SIP as a signaling protocol. It is a figure for demonstrating the communication procedure in 2nd Embodiment. It is a figure for demonstrating the communication procedure in 2nd Embodiment. It is a figure for demonstrating the communication procedure in 2nd Embodiment. It is a sequence diagram in the case of constructing a secure data channel (SSL communication channel) between the terminal 11 and the terminal 13. It is a functional block diagram of each apparatus in 2nd Embodiment. It is a system configuration figure in a 3rd embodiment. It is a sequence chart which shows operation | movement of 3rd Embodiment. It is a table which shows a correspondence of a user and a connecting point. 3 is a functional block diagram of the gateway device 1. FIG.

Explanation of symbols

1, 2, 11, 12, 13 Terminal 3, A, B, 21, 22 Session management server 30 Simple CA server 41 Mobile terminal 42 FW subordinate Web browser terminal 51 Web server unit 52 Pseudo SIP function unit 53 SIP control unit 54 IPsec Control unit 55 Database 521 Pseudo SIP function control unit 522 Individual pseudo SIP function unit

Claims (14)

Establishing an encrypted communication channel between a first terminal and a second terminal connected to a network, and performing communication between the third terminal and the second terminal via the encrypted communication channel A method,
Key information for encrypted communication is exchanged between the session management device and the second terminal, the session management device and the second terminal authenticate each other, and the session management device and the second terminal A first step of establishing a second encrypted communication channel at
A second step in which a first terminal receives access from a third terminal;
The session management apparatus and the first terminal connected to the network exchange key information for encrypted communication, and the session management apparatus and the first terminal mutually authenticate, and the session management apparatus and the first terminal A third step of establishing a first encrypted communication channel with one terminal;
The first terminal sends a connection request message to the second terminal including key information for encrypted communication between the first terminal and the second terminal via the first encrypted communication channel. A fourth step in which the session management device transmits the connection request message to the second terminal via the second encrypted communication channel;
As a response to the connection request message, the second terminal sends a response message including key information for encrypted communication between the first terminal and the second terminal via the second encrypted communication channel. A session management device, and the session management device transmits the response message to the first terminal via the first encrypted communication channel;
The first terminal receives data from the second terminal via the encrypted communication channel between the first terminal and the second terminal established by execution of the fourth and fifth steps; A sixth step of transmitting the data to a third terminal,
The first terminal includes a table indicating at least one connection destination permitted for the third terminal, and information on the at least one connection destination is stored in the third in response to the access from the third terminal. A connection destination message from the third terminal, and a connection request message to the second terminal is transmitted to the session management apparatus in the fourth step based on the designation. . Establishing an encrypted communication channel between a first terminal and a second terminal connected to the network, and performing communication between the third terminal and the second terminal using the encrypted communication channel A method,
The session management apparatus and the first terminal connected to the network exchange key information for encrypted communication, and the session management apparatus and the first terminal mutually authenticate, and the session management apparatus and the first terminal A first step of establishing a first encrypted communication channel with one terminal;
Key information for encrypted communication is exchanged between the session management device and the second terminal, the session management device and the second terminal authenticate each other, and the session management device and the second terminal A second step of establishing a second encrypted communication channel with:
A third step in which the first terminal receives access from the third terminal;
The first terminal sends a connection request message to the second terminal including key information for encrypted communication between the first terminal and the second terminal via the first encrypted communication channel. A fourth step in which the session management device transmits the connection request message to the second terminal via the second encrypted communication channel;
As a response to the connection request message, the second terminal sends a response message including key information for encrypted communication between the first terminal and the second terminal via the second encrypted communication channel. A session management device, and the session management device transmits the response message to the first terminal via the first encrypted communication channel;
The first terminal receives data from the second terminal via the encrypted communication channel between the first terminal and the second terminal established by execution of the fourth and fifth steps; A sixth step of transmitting the data to a third terminal,
The first terminal includes a table indicating at least one connection destination permitted for the third terminal, and information on the at least one connection destination is stored in the third in response to the access from the third terminal. A connection destination message from the third terminal, and a connection request message to the second terminal is transmitted to the session management apparatus in the fourth step based on the designation. .   The session management device holds information on whether or not to permit connection between terminals, and when receiving a connection request message from the connection request source terminal to the connection request destination terminal, refers to the information, It is determined whether or not the connection request source terminal is permitted to connect to the connection request destination terminal, and if permitted, the connection request message is transmitted to the connection request destination terminal and permitted. 3. The method according to claim 1, wherein, if not, the connection is rejected without transmitting the connection request message to the connection request destination terminal. 4. A method for establishing an encrypted communication channel between a first terminal and a second terminal connected to a network comprising:
A first cipher that exchanges key information for encrypted communication between a public key management device and a first terminal connected to the network, and that performs mutual authentication between the public key management device and the first terminal Communication channel establishment step,
A second encrypted communication channel establishment step in which key information for encrypted communication is exchanged between the public key management device and the second terminal, and the public key management device and the second terminal mutually authenticate; ,
A first terminal generates a secret key and a public key, and the public key is a first cipher between the public key management apparatus and the first terminal established by the first encrypted communication channel establishment step. Transmitting to a public key management device via an encrypted communication channel;
The public key management device stores the received public key in the storage device, and the second terminal uses the public key management device and the second terminal established by the second encrypted communication channel establishment step. Obtaining via a second encrypted communication channel between
Establishing an encrypted communication channel using the public key between the first terminal and the second terminal.   The public key management device includes a device that establishes an encrypted communication channel with a first terminal and a second terminal, and a public key that is connected to the device via the encrypted communication channel. The method according to claim 4, comprising a device having a function of managing.   The method according to claim 4 or 5, wherein message communication between the first terminal and the public key management device and message communication between the second terminal and the public key management device are performed based on SIP. A public key management device that manages a public key used to establish an encrypted communication channel between a first terminal and a second terminal connected to a network,
A first encrypted communication channel establishing means for exchanging key information for encrypted communication with the first terminal and performing mutual authentication with the first terminal;
A second encrypted communication channel establishing means for exchanging key information for encrypted communication with the second terminal and performing mutual authentication with the second terminal;
The disclosure of the first terminal from the first terminal via the first encrypted communication channel between the public key management device established by the first encrypted communication channel establishing means and the first terminal Means for receiving the key;
Means for storing the received public key in a storage device;
The public key of the first terminal is transmitted to the second terminal via the second encrypted communication channel between the public key management apparatus established by the second encrypted communication channel establishing means and the second terminal. And a means for transmitting to the public key management device.   The public key management device includes a device that establishes an encrypted communication channel with a first terminal and a second terminal, and a public key that is connected to the device via the encrypted communication channel. The public key management device according to claim 7, comprising: a device having a management function.   9. The public key according to claim 7, further comprising means for performing message communication between the first terminal and the public key management device and message communication between the second terminal and the public key management device based on SIP. Management device. A terminal that establishes an encrypted communication channel with a second terminal using a session management device connected to a network,
First, key information for encrypted communication is exchanged with a session management apparatus connected to the network, mutual authentication is performed with the session management apparatus, and an encrypted communication channel is established with the session management apparatus. Means for establishing an encrypted communication channel of
A connection request message to the second terminal including key information for encrypted communication between the terminal and the second terminal is transmitted to the encrypted communication channel established by the encrypted communication channel establishment means. Via the session management device and receiving a response message including key information for encrypted communication between the terminal and the second terminal from the second terminal. A second encrypted communication channel establishing means for establishing an encrypted communication channel with the second terminal;
A process by the first encrypted communication channel establishment means for establishing an encrypted communication channel between the terminal and the session management device after receiving an access from a third terminal; Processing by the second encrypted communication channel establishment means for establishing an encrypted communication channel between two terminals, and between the terminal and the second terminal established by these processes Means for receiving data from the second terminal via the encrypted communication channel and transmitting the data to the third terminal;
A table indicating at least one connection destination permitted for the third terminal;
Means for transmitting the information of the at least one connection destination to the third terminal in response to access from the third terminal, and receiving designation of the connection destination from the third terminal;
The terminal according to claim 2, wherein the second encrypted communication channel establishment means transmits a connection request message to the second terminal to a session management device based on the designation of the connection destination. A terminal that establishes an encrypted communication channel with a second terminal using a session management device connected to a network,
First, key information for encrypted communication is exchanged with a session management apparatus connected to the network, mutual authentication is performed with the session management apparatus, and an encrypted communication channel is established with the session management apparatus. Means for establishing an encrypted communication channel of
A connection request message to the second terminal including key information for encrypted communication between the terminal and the second terminal is transmitted to the encrypted communication channel established by the encrypted communication channel establishment means. Via the session management device and receiving a response message including key information for encrypted communication between the terminal and the second terminal from the second terminal. A second encrypted communication channel establishing means for establishing an encrypted communication channel with the second terminal;
After receiving an access from the third terminal, execute processing by the second encrypted communication channel establishment means for establishing an encrypted communication channel between the terminal and the second terminal, Means for receiving data from the second terminal via an encrypted communication channel between the terminal and the second terminal established by processing, and transmitting the data to the third terminal;
A table indicating at least one connection destination permitted for the third terminal;
Means for transmitting the information of the at least one connection destination to the third terminal in response to access from the third terminal, and receiving designation of the connection destination from the third terminal;
The terminal according to claim 2, wherein the second encrypted communication channel establishment means transmits a connection request message to the second terminal to a session management device based on the designation of the connection destination. A program for causing a computer to function as a public key management device for managing a public key used for establishing an encrypted communication channel between a first terminal and a second terminal connected to a network, The
A first encrypted communication channel establishing means for exchanging key information for encrypted communication with the first terminal and performing mutual authentication with the first terminal;
A second encrypted communication channel establishing means for exchanging key information for encrypted communication with the second terminal and performing mutual authentication with the second terminal;
The disclosure of the first terminal from the first terminal via the first encrypted communication channel between the public key management device established by the first encrypted communication channel establishing means and the first terminal Means for receiving the key,
Means for storing the received public key in a storage device;
The public key of the first terminal is transmitted to the second terminal via the second encrypted communication channel between the public key management apparatus established by the second encrypted communication channel establishing means and the second terminal. A program that functions as a means to transmit to A program for causing a computer as a first terminal to function as a terminal for establishing an encrypted communication channel with a second terminal using a session management device connected to a network, the computer comprising:
First, key information for encrypted communication is exchanged with a session management apparatus connected to the network, mutual authentication is performed with the session management apparatus, and an encrypted communication channel is established with the session management apparatus. Means for establishing an encrypted communication channel,
An encryption established by the first encrypted communication channel establishment means for a connection request message to the second terminal including key information for encrypted communication between the computer and the second terminal Response message including key information for encrypted communication between the computer and the second terminal from the second terminal via the session management device, transmitted to the session management device via the communication channel Second encrypted communication channel establishment means for establishing an encrypted communication channel between the computer and the second terminal by receiving
Processing by the first encrypted communication channel establishment means for establishing an encrypted communication channel between the computer and a session management device after the computer has received access from a third terminal; The second encrypted communication channel establishment means for establishing an encrypted communication channel between the first terminal and the second terminal, and the computer and the second terminal established by these processes Means for receiving data from the second terminal via an encrypted communication channel to and transmitting the data to the third terminal;
In response to access from the third terminal, refer to a table provided in the computer indicating at least one connection destination permitted for the third terminal, and obtain information on the at least one connection destination. A program that is transmitted to a third terminal and functions as means for receiving a designation of a connection destination from the third terminal,
The second encrypted communication channel establishment unit transmits a connection request message to the second terminal to a session management device based on the designation of the connection destination. A program for causing a computer as a first terminal to function as a terminal for establishing an encrypted communication channel with a second terminal using a session management device connected to a network, the computer comprising:
First, key information for encrypted communication is exchanged with a session management apparatus connected to the network, mutual authentication is performed with the session management apparatus, and an encrypted communication channel is established with the session management apparatus. Means for establishing an encrypted communication channel,
An encryption established by the first encrypted communication channel establishment means for a connection request message to the second terminal including key information for encrypted communication between the computer and the second terminal Response message including key information for encrypted communication between the computer and the second terminal from the second terminal via the session management device, transmitted to the session management device via the communication channel Second encrypted communication channel establishment means for establishing an encrypted communication channel between the computer and the second terminal by receiving
After the computer receives access from the third terminal, the processing by the second encrypted communication channel establishment means for establishing an encrypted communication channel between the computer and the second terminal is executed. Means for receiving data from the second terminal via an encrypted communication channel established between the computer and the second terminal, and transmitting the data to the third terminal. ,
In response to access from the third terminal, refer to a table provided in the computer indicating at least one connection destination permitted for the third terminal, and obtain information on the at least one connection destination. A program that is transmitted to a third terminal and functions as means for receiving a designation of a connection destination from the third terminal,
The second encrypted communication channel establishment unit transmits a connection request message to the second terminal to a session management device based on the designation of the connection destination.

Images