JPH09149187A - Remote diagnostic system for communication equipment - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide the diagnostic system in which valid security is conducted for remote diagnosis. SOLUTION: The diagnostic system is made up of a facsimile equipment A being a terminal station receiving a remote diagnosis and a center station equipment C having a function of executing the remote diagnosis. After an ID number with specific coincidence is set and registered to the facsimile equipment A and the center station equipment C respectively, the center station side ID number sent from the center station equipment C to the facsimile equipment A is compared with a terminal station side ID number registered already in its own equipment and only when the verification of the center station side ID number is successful from the result, the execution of the remote diagnosis is allowed and when unsuccessful, a telephone line is interrupted to reject access of remote diagnosis so as to allow the system to have provision against illegal access.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a remote diagnosis system for communication equipment, such as a facsimile machine, for improving confidentiality at the time of remote diagnosis.

[0002]

2. Description of the Related Art In recent years, various types of facsimile machines are available, including initial registration for setting date, time, etc., one-touch dial function, information service function, user selection function such as image quality selection, copy function, and answering machine function. Are added, and in order to execute those functions, it is necessary to follow the operation procedure set in the device. However, it is easy for an unfamiliar user to judge that the desired function cannot be executed due to a mistake in the operating procedure, and that it is due to a device failure, and a service company is requested to repair it. Very often I come to

As described above, when a desired function of the facsimile machine does not work due to a mistake in setting or registering the function, not due to the failure of the apparatus, it is not necessary for a service person to go to the user's house. Recently, a facsimile machine having a function called a remote diagnosis has been developed as a measure for taking measures.

The remote diagnostic function is a remote diagnostic function of various data set by a facsimile machine which is a terminal station, and a computer system installed in a center station of a service company by using an ordinary public telephone line. In the center station, remote diagnosis is started based on the data received from the terminal station, and new data in which the setting error of the terminal facsimile apparatus is corrected is returned to the user side. In this way, the remote diagnostic function is
It can be said that both the service company and the user can greatly reduce costs and troubles because the service person does not have to go to the user's house to correct a simple setting error instead of a mechanical failure of the device. .

[0005]

However, in the case of the conventional remote diagnostic system, there is no protection against access by remote diagnostics. Therefore, at the time of remote diagnostics, setting data relating to user's privacy, for example, communication partner The registered contents of will be leaked to the center station without the user's permission.

In this case, when there is a communication request from the center station which has a contractual relationship with the terminal station for the purpose of performing remote diagnosis, there is no problem because mutual trust relationship is established. There is no means to prevent this in the case where a person who has an unintentional intention such as collecting privacy information abuses the remote diagnosis function.

The present invention has been made in view of such conventional problems, and an object of the present invention is to provide a remote diagnosis system for communication equipment capable of effectively protecting against remote diagnosis.

[0008]

In order to achieve the above object, according to the present invention, a terminal station having a function of receiving remote diagnosis and a terminal station connected to the terminal station via a communication line are provided. In a remote diagnosis system configured by a center station having a function of executing remote diagnosis by an ID number, an ID number for setting and registering an ID number having a specific match in advance with each of the terminal station and the center station. Setting means is further provided, and further, the center station side ID is sent to the terminal station machine from the comparison result of the center station side ID number sent from the center station machine with the terminal station side ID number already registered by itself. Diagnostic control means is provided for permitting execution of remote diagnosis only when the number is successfully authenticated.

More specifically, the facsimile machine is configured to send information to the center station based on an information signal unique to the terminal station transmitted from the terminal station to the center station in a pre-communication procedure between the terminal station and the center station. An encryption means for encrypting the ID number on the center station side and transmitting it to the terminal station is provided.

Further, a terminal station such as a facsimile machine is assumed to have an encryption communication function, and the terminal station has a plain culture means for plainly encrypting the encrypted center station side ID number transmitted from the center station. Comparing means for comparing the ID number of the center station, which has been flat-cultivated by the flat culture means, with the ID number of the equipment already registered by the own machine, is provided. Side I
It is assumed that the procedure proceeds to the remote diagnosis procedure only when the D number matches the device-side ID number, and when the D number does not match, the remote diagnosis access is denied.

According to the above configuration, the center station encrypts the center station side ID number based on the information signal unique to the terminal station and the terminal station, and transmits the encrypted ID number. The terminal station deciphers the received ID number, and if it matches the ID number of its own station, enters the procedure of remote diagnosis. If they do not match, the line is disconnected. As a result, data can be transmitted and received after the remote diagnosis side and the remote diagnosis side recognize each other, so that security can be ensured. Also, the ID to use
By selecting the number, it is possible to apply fairly strong protection.

[0012]

BEST MODE FOR CARRYING OUT THE INVENTION An embodiment in which the present invention is applied to a remote diagnostic system in which a terminal station is a facsimile machine having an encryption communication function will be described with reference to the drawings. FIG. 1 shows a remote diagnosis system of this embodiment. In the figure, a user side facsimile device A as a terminal station is connected to a facsimile modem M via a public telephone line L and a relay station S. The facsimile modem M is connected to the center station C, which is a computer system of a service company, by an RS-232C cable.

As for the system including the center station C and the facsimile modem M, a facsimile apparatus having a PC-FAX function can be used in place of the facsimile modem M, and the system configuration with a computer can be used. Alternatively, the center station C may be configured by a facsimile device alone.

FIG. 2 shows the entire structure of the facsimile apparatus A.
FIG. 3 shows a connection state between the control unit and other components. In these figures, reference numeral 1 is a control unit composed of a microcomputer system, which controls the entire apparatus main body. Image data from the image processing unit 2 is given to the control unit 1. The image processing unit 2 creates image data by performing halftone processing, shading correction, and other predetermined image processing on the output signal of the reading unit 3 that optically reads a document to be transmitted. Reference numeral 4 denotes an operation unit including various operation keys such as a start key, which is composed of a liquid crystal display device (LCD) and the like, and includes a display unit for displaying various modes, a destination telephone number, a current time, etc. I'm out.

Reference numeral 5 is an encoding / decoding circuit, 6 is an encryption / plain culture circuit, 7 is a modem unit, and 8 is an NCU (network control unit) which constitutes a receiving unit for receiving an image signal. The control unit 1 is connected to the public telephone line L via the encoding / decoding circuit 5, the modem unit 7 and the NCU (network control unit) 8.

A transmission function unit 9 encodes image data by a predetermined encoding method, and creates a control signal necessary for facsimile communication. Reference numeral 10 denotes a reception function unit that executes decoding of a received code into image data and a predetermined reception control procedure. A recording unit 11 records a received image and the like on a recording sheet.

In FIG. 3, the control unit 1 includes a CPU 1
2, RAM 13, ROM 14, etc., and C
The PU 12 includes a reading unit 3, a recording unit 11, an operation unit 4, and an R.
The components of the AM 13, the ROM 14 and the modem 7 are connected to each other through the data bus 15.

The RAM 13 is composed of an SRAM backed up by a battery (not shown), which is a separate power source, and has a storage area for various data to be subjected to remote diagnosis. As various data storage areas, a one-touch dial storage area, a work area for performing encrypted communication, an encryption key storage area as one form of the memory area, an own station information storage area, a communication parameter storage area, various Examples include a setting data storage area and a counter. Further, the ROM 14 stores various parameters for overall control and other necessary software.

In the normal operation mode, the facsimile apparatus A having the above-mentioned configuration operates the keys of the operation section 4 to give a call command, a telephone number and transmission information to the control section 1, and the control section 1
And the transmission function unit 9, the image processing unit 2, and the encoding / decoding circuit 5 communicate with each other, call the destination via the public telephone line L, and transmit image data and the like after the line connection. Information is sent to the public telephone line L. Further, when receiving, the control unit 1 responds to the incoming call, and the control unit 1 and the reception function unit 1
0, the recording unit 11, the operation unit 4, and the encoding / decoding circuit 5 communicate with each other to execute a predetermined reception control procedure.

Further, the operation unit 4, which mainly includes the CPU 2, the encoding / decoding circuit 5, the encryption / plain culture circuit 6, the modem unit 7 and the NCU 8, the modulation / demodulation unit 7, the reading unit 3, and the recording unit 11,
As shown in FIG. 4, the control unit 1 functions as a cryptographic communication unit that encrypts a document in forward and backward directions, and a process for cryptographic communication is programmed in the control unit 1 for both transmission and reception.

FIG. 4 (A) shows a signal processing procedure at the time of transmission. The document to be transmitted is first read by the reading section 3. The read image data is compressed by the encoding / decoding circuit 5 such as MH, that is, encoded. Next, in order to perform secret communication on the compressed image data, the encryption / plaintext circuit 6 performs an encryption process using a secret encryption key, and the encrypted data is sent from the modem unit 7. It

FIG. 4B shows a signal processing procedure at the time of reception. The ciphertext reception data of the original received by the modem 7 is encrypted by the encryption / plaintext circuit 6 and the same secret code as the sender. A so-called plain culture process is performed in which a ciphertext is decrypted using a key. The plain-text image data is decompressed, that is, decoded by the encoding / decoding circuit 5 to become original image data, which is printed by the recording unit 11, and the original is taken out by the receiving side. The secret encryption key mentioned here is a kind of data.

The RAM 13 of the facsimile device A of the terminal station, which is constructed and functions as described above, and the RAM (not shown) provided in the computer system of the center station C, include the facsimile device A of the terminal station and the center device. An ID number having a specific match is set and registered in advance in each of the station C. Then, the CPU of the facsimile device A
12 operates to permit execution of remote diagnosis only when the ID number sent from the center station is successfully authenticated based on the result of comparison with the ID number already registered in the machine itself. To do.

That is, the center station on the service company side for remote diagnosis and the terminal station on the user side set specific ID numbers respectively, and the center station machine C sets the facsimile machine A of the user at its own station. Send the ID number you made.

FIG. 5 shows the communication procedure in the transmission mode when performing remote diagnosis. First, in step # 1, a CNG signal as a ringing tone is sent from the center station C to the user side facsimile apparatus A to make a call. When the line is connected and the called side receives the CNG signal, the facsimile apparatus A returns a CED signal for identifying the called station to the calling side in step # 2, and then follows the normal G3 facsimile apparatus procedure to initialize. The NSF1 signal which is the identification signal is returned to the center station C.

When the center station C receives each of the above signals, it first checks the NSF1 signal to see if the facsimile machine A is a model having a common configuration.
When it is confirmed that the facsimile machine A has a common configuration with the facsimile modem M of the center station, the NSS1 signal and the TCF signal are transmitted to the facsimile machine A in step # 3.

Here, the NSS1 signal is a non-standard function setting signal including information for performing non-standard communication,
The response parameter to the F1 signal, that is, the non-standard function displayed by the NSF1 signal is compared with the capability of the reception side and the capability of the transmission side to determine the transmission parameter and notify the reception side. The TCF signal is a check signal for confirming training.

The ID number can be transmitted by allocating a predetermined number of bits to a predetermined position of the NSS1 signal in this pre-communication procedure.
That is, the information field of the NSS1 signal is provided with a flag for transmitting the ID number, and the flag is set to transmit the ID number to the facsimile apparatus A. Facsimile apparatus A refers to the above information field in the NSS1 signal to determine whether to allow remote diagnosis. Then, the received ID number is checked, and if it is judged that the remote diagnosis is permitted, the remote diagnosis is started.

Upon completion of the training check on the calling side, the facsimile apparatus A returns a CFR signal if it can be received in step # 4, and returns an FTT signal if it cannot be received.
Here, the CFR signal is a reception preparation confirmation signal for confirming that the image transmission may be started, and is a response signal indicating that the procedure before the message transmission is completed and the message transmission may be started. is there. The FTT signal is a response signal that rejects the G3 training signal and requests retraining.

FT indicating that reception is impossible at the center station C
When the T signal is received, fallback, that is, the transmission speed is reduced, the TSI signal, the NSS1 signal, and the TCF signal are transmitted again to check the training. Further, when the CFR signal indicating the receivability is received, it can be determined that the communication at that speed is possible, and therefore, the transmission of the MSG signal, that is, the remote diagnosis data is started in step # 5.

After the image transmission is completed, a PPS-EOP signal is sent in step # 6 to notify the end of the procedure. When the facsimile device A receives this PPS-EOP signal,
In step # 7, the MCF signal is returned. The MCF signal is a message confirmation signal and is an acknowledgment of the EOP signal indicating that the message has been completely received. Finally, in step # 8, the DCN signal is transmitted from the center station C and the communication ends. Here, the DCN signal is a disconnection command signal that is sent to notify the other party that the telephone line L will be disconnected, and does not require a response.

Further, the facsimile apparatus A checks the received ID number by the above flag in the NSS1 signal, and when a different ID number is received, for example, as shown in FIG. A DCN signal is transmitted from A and the line is disconnected. Note that steps # 11 to # 13 in FIG. 6 are the same as steps # 1 to # 3 in FIG. 5, so description thereof will be omitted.

By the way, the ID numbers set in both the center station C and the facsimile machine A can be determined by using the following method, for example.

First, as a first method, there is a method using a fixed value. For this, for example, as the ID number, a value "1234" is used commonly for all models. In this case, NS
Since it is not announced that any field of the S1 signal is the ID number, checking the NSS1 signal does not immediately reveal or discover the ID number to the third party.

The second method is to take a different value each time remote diagnosis is performed. this is,
Set the ID number to the date of remote diagnosis. For example, if the date is August 5, "0805" is used as the ID number.

As a third method, there is a method of encrypting the date used in the second method. Taking the above date as an example, this is encrypted based on "0805".
In other words, when "0805" is considered as a hexadecimal number and expressed in binary, it becomes "0000100000000101". If the data after circularly shifting this to the right by 5 bits is used as the ID number, it becomes "001010000000000000", which is "2840" in hexadecimal, so this value is used.

As a fourth method, there is a method of utilizing the number of times of communication. This is because the remote diagnosis is performed from the central station C to the facsimile machine A, the number of times is stored in the counter of the RAM, the value is referred to each time, and the ID number is used.

As a more specific version of the above-described embodiment, the other party can be checked at the time of remote diagnosis by the following method. That is, the center station and the terminal station set and register the ID number beforehand, and the information signal (CSI signal etc.) unique to the terminal station transmitted from the terminal station to the center station in the pre-communication procedure.
Then, the ID number is encrypted and then transmitted from the center station to the terminal station. At the terminal station, the encrypted ID number and number sent from the center station are flattened, the match with the already registered ID number and number is checked, and only when they match, the remote diagnosis procedure is performed. If it does not match, the access for remote diagnosis is denied by disconnecting the line.

In this case, the center station C sets this ID number from the operation section of its own when the user sets up the facsimile apparatus A in advance.

Next, the actual operation will be described. First, the center station side transmits the CSI signal and NSF in the pre-communication procedure transmitted from the facsimile apparatus A of the terminal station.
Receives the two-signal station name. Here, the NSF2 signal is a signal for identifying a non-standard function including information for performing non-standard communication and notifying that the remote diagnosis is possible. The CSI signal is a called terminal identification signal indicating the telephone number of the called terminal.

Then, the center station C uses two convenient values of its own name of the CSI signal and the NSF2 signal,
The ID number is encrypted, and this encrypted ID number is
It is set to the own station ID number of the S1 signal and transmitted to the facsimile apparatus A. Facsimile device A is center station C
The ID number you received from
If the numbers match, the procedure for remote diagnosis starts. Conversely,
If they do not match, the line is disconnected.

[0042]

As described above, according to the remote diagnosis system of the present invention, ID numbers having a specific matching are set and registered in advance in each of the terminal station and the center station. At, in the center station side ID number sent from the center station side machine, the center station side ID
Since it is configured to control the remote diagnostics to be executed only when the number is successfully authenticated, the remote diagnostics side and the remote diagnostics side will recognize each other before sending and receiving data. Therefore, security can be secured. In addition, effective and strong protection can be applied by selecting the ID number to be used.

According to the second aspect of the present invention, the ID number having the specific matching is set and registered in advance in each of the terminal station and the center station, while the center station transmits the ID number to the terminal station and the center station. Based on the information signal unique to the terminal station transmitted from the terminal station to the center station in the pre-communication procedure, the center station side ID number is encrypted and transmitted to the terminal station.

The terminal station which has received this has already registered itself with the plain culture means for plain writing the encrypted center station side ID number and the center station side ID number number flatly written by the plain culture means. Compared with the device side ID number, the result is that the procedure goes to the remote diagnosis procedure only when the center station side ID number number matches the device side ID number number. Configured to deny remote diagnostic access.

Therefore, even if the same ID number is used for many users, the encrypted ID numbers sent from the center station to the user side facsimiles are different, so that the center stations that are not authorized are not authorized. You can deal with illegal access from. For example,
When a dealer P has a customer X, it is possible to prevent another dealer Q from easily performing remote diagnosis for the customer X.

[Brief description of the drawings]

FIG. 1 is a diagram schematically showing a remote diagnostic system according to an embodiment of the present invention.

FIG. 2 is a block diagram showing the overall configuration of a facsimile device.

FIG. 3 is a block diagram showing a specific state of the control unit and a connection state with other components.

FIG. 4 is a block diagram showing a procedure of normal cipher transmission / reception.

FIG. 5 is a diagram schematically showing a signal sequence in a communication procedure in a remote diagnostics transmission mode.

FIG. 6 is a diagram schematically showing a signal sequence in a procedure for disconnecting the signal.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 control section 2 image processing section 3 reading section 4 operation section 5 encoding / decoding circuit 6 encryption / plain culture circuit 7 modulation / demodulation section modem 8 NCU 9 transmission function section 10 reception function section 11 recording section 12 CPU 13 RAM 14 ROM

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁶ Identification code Internal reference number FI Technical display location H04N 1/44 H04N 1/44 H04Q 9/00 311 H04Q 9/00 311W

Claims (3)

[Claims] 1. A terminal station having a function of receiving remote diagnosis, and a center station connected to the terminal station via a communication line and having a function of executing remote diagnosis for the terminal station. In the configured remote diagnosis system, an ID number setting means for setting and registering an ID number having a specific match in advance is provided in each of the terminal station and the center station, and the terminal station is provided with the center number. The center station side ID number sent from the station machine is the terminal station side I that has already been registered in the machine itself.
A remote diagnostic system for communication equipment, characterized by comprising diagnostic control means for permitting execution of remote diagnostics only when authentication of the ID number on the center station side is successful based on the result of comparison with the D number. 2. A terminal station having a function of receiving remote diagnosis, and a center station connected to the terminal station via a communication line and having a function of executing remote diagnosis for the terminal station. In the configured remote diagnostic system, an ID number setting means for setting and registering an ID number having a specific match in advance is provided for each of the terminal station and the center station, while the center station is provided with the terminal station. And an encryption means for encrypting the center station side ID number based on the information signal unique to the terminal station transmitted from the terminal station to the center station in the pre-procedure for the communication with the center station, A plain culture means for plainly transmitting the encrypted center station side ID number transmitted from the center station to the terminal station, and a center Comparison means for comparing the station side ID number with the device side ID number that has already been registered in the device itself, and only when the center station side ID number matches the device side ID number according to the comparison result of this comparison means. A remote diagnostic system for a communication device, comprising: a diagnostic control unit that shifts to a remote diagnostic procedure and rejects remote diagnostic access when they do not match. 3. The remote diagnostic system for a communication device according to claim 1, wherein the terminal station is configured as a facsimile device having an encryption communication function.