The present invention relates to a communication device, a communication method, a communication system, and a computer program product.
Patent Literature 1 (Japanese Laid-open Patent Publication No. 2002-351766) discloses a setup file transmission system intended for facilitation of setup of a wireless LAN (local area network). With this setup file transmission system, when a distance between a personal computer device of a wireless LAN provider and a user terminal is equal to or less than a predetermined distance, wireless LAN setup information is transmitted to the user terminal via a server device and the personal computer of the wireless LAN provider through Bluetooth (registered trademark) communication. The user terminal performs the setup of the wireless LAN for the host device using the received wireless LAN setup information. This facilitates the wireless LAN setup.
When small-scale networks such as wireless LANs exist at places physically apart from each other, enhanced convenience can be achieved, if devices in different wireless LANs can communicate with each other. Hence, for example, when no printer devices exist in a first wireless LAN, a smart device disposed in the first LAN may operate a printer device disposed in a second wireless LAN to perform printing on the printer device disposed in the second wireless LAN.
Ensuring network security among different wireless LANs is, however, important in such a type of communication.
There is a need to enable communication with enhanced security between devices disposed in communication systems that are physically apart from each other.
To solve the foregoing problem, an aspect of the present invention provides a communication device that includes: a first communication unit that performs wireless communication through a first communication scheme; a second communication unit that performs wireless communication through a second communication scheme in a second communication range; and a connecting module configured to establish a communication connection that forms an external network. The second communication unit transmits setup information for establishing a communication line through the first communication scheme. The first communication unit performs wireless communication through the first communication scheme with another communication device that has received the setup information. The connecting module forms an exclusive external network to thereby establish a communication connection with an external device disposed in a communication system that exists at a physically different place.
An embodiment provides an effect that communication with security between devices disposed in communication systems that are physically apart from each other is enabled.
The following details, with reference to the accompanying drawings, a wireless local area network (LAN) communication system according to embodiments to which the present invention is applied.
The following describes a basic configuration of the wireless LAN communication system according to the embodiments to be described hereunder.
The communication range limiting device 1 forms an access point for a wireless LAN, such as a wireless LAN router. The communication range limiting device 1 forms, as an exemplary local area network, a wireless LAN communication area 5 indicated by the solid-line ellipse in
Exemplarily, a Bluetooth (registered trademark) PAN that performs Bluetooth (registered trademark) Low Energy (BLE) communication consuming ultra-low electric power may be used as the personal area network. In
The ROM 12 stores a communication control program for enabling communication of each device only in the BLE communication area 6 within the wireless LAN communication area 5. The communication control program may be stored in the RAM 13, the HDD 14, or other storage unit. The CPU 11 operates in accordance with the communication control program to thereby control the wireless LAN AP unit 16 and the BLE communication unit 17, controlling to enable communication of each device only in the BLE communication area 6 within the wireless LAN communication area 5.
In
The ROM 22 stores a communication control program for enabling communication of each device only in the BLE communication area 6 within the wireless LAN communication area 5. The communication control program may be stored in the RAM 23 or other storage unit. The CPU 21 operates in accordance with the communication control program to thereby control the wireless LAN communication unit 31 and the BLE communication unit 32. The CPU 21 thereby enables BLE communication in the BLE communication area 6 within the wireless LAN communication area 5.
The display unit 24 integrates a touch panel formed of a transparent electrode with a display panel to thereby form what is called a touch panel-mounted display unit. The wireless communication unit 29 performs communication of, for example, telephone and e-mail via a wireless base station operating on a predetermined carrier.
The ROM 42 stores a communication control program for enabling communication of each device only in the BLE communication area 6 within the wireless LAN communication area 5. The communication control program may be stored in the RAM 43, the HDD 46, or other storage unit. The CPU 41 operates in accordance with the communication control program to thereby control the wireless LAN communication unit 47 and the BLE communication unit 48. The CPU 41 thereby enables BLE communication in the BLE communication area 6 within the wireless LAN communication area 5. Additionally, the printer mechanism 45 performs printing of, for example, images and texts, in accordance with a print setup specified from the smartphone 2.
The projector device 4 receives image information that corresponds to a projected image supplied to the input IF unit 61 thereof. The image information is subjected to predetermined image processing including distortion correction performed by the image processing unit 62 before being projected onto, for example, a screen by the illuminating optical system 63.
The RAM 64 stores a communication control program for enabling communication of each device only in the BLE communication area 6 within the wireless LAN communication area 5. The communication control program may be stored in a ROM, a HDD, or other storage unit. The CPU 69 operates in accordance with the communication control program to thereby control the wireless LAN communication unit 67 and the BLE communication unit 68. The CPU 69 thereby enables BLE communication in the BLE communication area 6 within the wireless LAN communication area 5.
It is noted that the following description of this example assumes that the elements from the device connecting module 75 to the BLE communication control module 79 are achieved as software functions by the communication control program. The elements from the device connecting module 75 to the BLE communication control module 79 may nonetheless be achieved in part or in whole by an integrated circuit (IC) or by hardware.
The communication control program of the communication range limiting device 1 may be recorded and provided in a computer-readable recording medium such as a CD-ROM and a flexible disk (FD) as an installable or executable file. The communication control program of the communication range limiting device 1 may even be recorded and provided in a computer-readable recording medium such as a CD-R, a digital versatile disk (DVD), a Blu-ray disc (registered trademark), and a semi-conductor memory. The communication control program of the communication range limiting device 1 may still be provided by being installed via a network such as the Internet. The communication control program of the communication range limiting device 1 may still be embedded and provided in a ROM of a device, for example.
It is noted that the following description of this example assumes that the elements from the print request module 81 to the BLE communication control module 83 are achieved as software functions by the communication control program. The elements from print request module 81 to the BLE communication control module 83 may nonetheless be achieved in part or in whole by an integrated circuit (IC) or by hardware.
The communication control program of the smartphone 2 may be recorded and provided in a computer-readable recording medium such as a CD-ROM and a flexible disk (FD) as an installable or executable file. The communication control program of the smartphone 2 may even be recorded and provided in a computer-readable recording medium such as a CD-R, a digital versatile disk (DVD), a Blu-ray disc (registered trademark), and a semiconductor memory. The communication control program of the smartphone 2 may still be provided by being installed via a network such as the Internet. The communication control program of the smartphone 2 may still be embedded and provided in a ROM of a device, for example.
It is noted that the following description of this example assumes that the elements from the print module 85 to the BLE communication control module 87 are achieved as software functions. The elements from print module 85 to the BLE communication control module 87 may nonetheless be achieved in part or in whole by an integrated circuit (IC) or by hardware.
The communication control program of the printer device 3 may be recorded and provided in a computer-readable recording medium such as a CD-ROM and a flexible disk (FD) as an installable or executable file. The communication control program of the printer device 3 may even be recorded and provided in a computer-readable recording medium such as a CD-R, a DVD (Digital Versatile Disk), a Blu-ray disc (registered trademark), and a semiconductor memory. The communication control program of the printer device 3 may still be provided by being installed via a network such as the Internet. The communication control program of the printer device 3 may still be embedded and provided in a ROM of a device, for example.
In the wireless LAN communication system, the outer ellipse indicated by the solid line in
The smartphone 2 communicates with the printer device 3, the projector device 4, and other peripheral devices having the wireless LAN communication function to thereby be capable of remote control of, for example, printing of a desired image, text, or the like and projection of an image or the like via the wireless LAN.
The printer device 3, the projector device 4, and other peripheral devices include the wireless LAN communication units 47 and 67 and the BLE communication units 48 and 68. This arrangement enables BLE communication with the BLE communication unit 17 of the communication range limiting device 1. As indicated by the dotted-line ellipse in
Specifically, the wireless LAN communication system performs the wireless LAN setup through the BLE communication as will be described later. As a result, only the smartphone 2 and the printer device 3 that are capable of the BLE communication can actually perform communication using the wireless LAN. The wireless LAN setup cannot be performed for the projector device 4 that is incapable of the BLE communication, even though the projector device 4 is disposed inside the wireless LAN communication area 5, so that the wireless LAN communication is disabled with the projector device 4.
Basic Connection Operation with Respect to Smartphone
When the smartphone 2 is located within the BLE communication area 6, the BLE communication unit 32 of the smartphone 2 receives the advertisement packet (the communication range information) that has been transmitted from the communication range limiting device 1. By referring to the received communication range information, the smartphone 2 determines whether the smartphone 2 is located within the BLE communication area 6. A result of this determination is transmitted to the communication range limiting device 1 through the BLE communication as a response denoted by Step S2. If the smartphone 2 is located within the BLE communication area 6, the BLE communication unit 32 of the smartphone 2 and the BLE communication unit 17 of the communication range limiting device 1 perform pairing for the BLE communication (BLE pairing) at Step S3. The BLE pairing enables the BLE communication between the smartphone 2 and the communication range limiting device 1.
When the BLE pairing is completed, the device connecting module 75 of the communication range limiting device 1 uses the BLE communication to transmit to the smartphone 2 at Step S4 a PIN code (unique identification information) of the WPS system that facilitates wireless LAN connection and is standardized by Wi-Fi Alliance. Additionally, the device connecting module 75 of the communication range limiting device 1 transfers to the wireless LAN AP unit 16, at Step S6, the PIN code that has been transmitted to the smartphone 2, thereby issuing a command to prepare for starting communication by the WPS system. The wireless LAN AP unit 16 of the communication range limiting device 1 performs setup for the WPS system using the PIN code transmitted to the smartphone 2 at Step S8.
The BLE communication unit 32 of the smartphone 2, having received the PIN code of the WPS system from the communication range limiting device 1, transfers at Step S5 the received PIN code to the wireless LAN communication unit 31, thereby issuing a command to prepare for starting communication by the WPS system. At Step S7, the wireless LAN communication unit 31 performs setup for the WPS system using the PIN code transferred from the communication range limiting device 1. At Step S9, this establishes Wi-Fi connection (wireless LAN connection) between the smartphone 2 and the communication range limiting device 1 by the WPS system through the use of the PIN code.
As described above, the wireless LAN communication system automatically completes the Wi-Fi connection (wireless LAN connection) when the smartphone 2 is located within the BLE communication area 6 of the communication range limiting device 1. This automatic connection establishment relieves the user of setup knowledge about the wireless LAN and a troublesome operation to input the PIN code. In addition, encrypted information is transmitted and received among different devices in BLE communication, so that the PIN code can be transmitted and received with security.
Next, at Step S10, the BLE communication control module 83 of the smartphone 2 and the BLE communication control module 79 of the communication range limiting device 1 temporarily disconnect the BLE communication in order to enable connection of a new device. Thereafter, at Step S11, the device connecting module 75 of the communication range limiting device 1 transmits an advertisement packet that includes the communication range information indicating the BLE communication area 6, as described previously with reference to Step S1. The device connecting module 75 of the communication range limiting device 1 then attempts to establish a wireless LAN communication line with a device such as the smartphone 2 located in the BLE communication area 6 through the BLE communication as described previously.
Basic Connection Operation with Respect to Printer Device
The printer device 3 is a stationary device disposed in the BLE communication area 6 of the communication range limiting device 1. At Step S21, the printer device 3 transmits, at regular intervals and through the abovementioned three advertisement channels, an advertisement packet that includes connection inquiry information for inquiring whether a device to make a print request such as the smartphone 2 has been connected to the wireless LAN to the communication range limiting device 1 via the BLE communication unit 48. The peripheral device connecting module 76 of the communication range limiting device 1 illustrated in
If a device to make a print request such as the smartphone 2 has been connected to the wireless LAN, the peripheral device connecting module 76 of the communication range limiting device 1 and the BLE communication unit 48 of the printer device 3 perform pairing for the BLE communication (BLE pairing) at Step S23. The BLE pairing enables the BLE communication between the printer device 3 and the communication range limiting device 1.
When the BLE pairing is completed, the peripheral device connecting module 76 of the communication range limiting device 1 transmits to the printer device 3 at Step S24 a PIN code of the WPS system that facilitates wireless LAN connection and is standardized by Wi-Fi Alliance. Additionally, the communication range limiting device 1 transfers, at Step S26 to the wireless LAN AP unit 16, the PIN code that has been transmitted to the printer device 3, thereby issuing a command to prepare for starting communication by the WPS system. The wireless LAN AP unit 16 of the communication range limiting device 1 performs setup for the WPS system using the PIN code transmitted to the printer device 3 at Step S28.
The BLE communication unit 48 of the printer device 3, having received the PIN code of the WPS system from the communication range limiting device 1, transfers at Step S25 the received PIN code to the wireless LAN communication unit 47, thereby issuing a command to prepare for starting communication by the WPS system. At Step S27, the wireless LAN communication unit 47 performs setup for the WPS system using the PIN code transferred from the BLE communication unit 48. At Step S29, this establishes Wi-Fi connection (wireless LAN connection) between the printer device 3 and the communication range limiting device 1 by the WPS system through the use of the PIN code.
Next, at Step S30, the BLE communication unit 48 of the printer device 3 and the BLE communication unit 17 of the communication range limiting device 1 temporarily disconnect the BLE communication in order to enable connection of a new device. Thereafter, at Step S31, the BLE communication unit 48 of the printer device 3 transmits an advertisement packet that includes the connection inquiry information, as described previously with reference to Step S21. When a device to make a print request is connected to the wireless LAN, the communication range limiting device 1 establishes a wireless LAN communication line with the printer device 3 located in the BLE communication area 6 through the BLE communication as described previously.
The flowchart illustrated in
When using the smartphone 2 to remotely control the printer device 3, the user operates to start a print application program stored in memory of, for example, the ROM 22 of the smartphone 2. When the print application program is started to operate, the print request module 81 of the smartphone 2 illustrated in
At Step S43, the print module 85 of the printer device 3 inquires data to be printed of the smartphone 2 through the wireless LAN communication. If data, such as an image or text, stored in the smartphone 2 is to be printed, the user notifies the printer device 3 that the data to be printed is data stored in the smartphone 2 through the wireless LAN communication. Alternatively, if an image or other data projected with the projector device 4 is to be printed, the user notifies the printer device 3 that the data to be printed is data projected with the projector device 4 through the wireless LAN communication. Finally, at Step S44, the print module 85 of the printer device 3 executes printing by acquiring the data specified by the user from the device specified by the user (the smartphone 2 or the projector device 3) through the wireless LAN communication.
It is noted that, in this example, the communication range limiting device 1 transmits the communication range information to the smartphone 2 and the smartphone 2 compares the current position of the communication range limiting device with the BLE communication area 6 indicated by the communication range information to thereby detect withdrawal from the BLE communication area 6. Another arrangement may nonetheless be made in which the smartphone 2 transmits the current position of the communication range limiting device detected with the GPS or the like to the communication range limiting device 1 through the BLE communication and the communication range limiting device 1 compares the current position of the smartphone 2 with the BLE communication area 6 to thereby detect withdrawal of the device such as the smartphone 2 from the BLE communication area 6. In this arrangement, the withdrawal detecting module 77 illustrated in
The wireless LAN communication unit 31 of the smartphone 2, when instructed by the BLE communication unit 32 to disconnect the wireless LAN, requests the communication range limiting device 1 to disconnect the wireless LAN using the wireless LAN communication at Step S53. The communication range limiting device 1, upon receipt of the wireless LAN disconnection request, disconnects the wireless LAN communication line associated with the device that has made the wireless LAN disconnection request as indicated by Step S54. This disconnects the wireless LAN communication line for not only the smartphone 2, but also the printer device 3.
To re-establish the wireless LAN communication line after it has been disconnected, the communication range limiting device 1 renews the PIN code. As a result, when the smartphone 2 that has moved out of the BLE communication area 6 re-enters the BLE communication area 6, the wireless LAN communication line is established using a PIN code different from the previous one.
As described above, the wireless LAN communication system can automatically disconnect the wireless LAN communication line and the BLE communication line when the smartphone 2 moves out of the BLE communication area 6. This capability allows the range in which the smartphone 2 can be connected to the wireless LAN to be limited to a predetermined range (within the BLE communication area 6). In addition to the smartphone 2 that has moved out of the BLE communication area 6, the wireless LAN communication system further disconnects the wireless LAN communication line of the printer device 3 that has been communicating with the smartphone 2. This arrangement prevents an inconvenience in which the connection of the printer device 3 to the wireless LAN communication line that is no longer used as a result of the disconnection of the wireless LAN communication line with respect to the smartphone 2 continues to exist wastefully, so that an even greater communication security can be achieved. Specifically, even a user who is not authorized to connect to a local network such as an in-house LAN is temporarily and simply allowed to have his or her device connected to the local network and to use his or her device, while security of the local network is ensured.
Additionally, the PIN code is renewed when the wireless LAN communication line that has previously been disconnected is to be re-established. This arrangement prevents the following illegal act: the smartphone 2 that has moved out of the BLE communication area 6 reuses the PIN code used in the last connection to thereby attempt to intercept another device through the wireless LAN communication.
When the smartphone 2 moves out of the BLE communication area 6, the wireless LAN communication line is disconnected of the printer device 3 that has been communicating with the smartphone 2 as well as the smartphone 2. This arrangement prevents an inconvenience in which the connection of the printer device 3 to the wireless LAN communication line that is no longer used as a result of the disconnection of the wireless LAN communication line with respect to the smartphone 2 continues to exist wastefully, so that an even greater communication security can be achieved.
It is noted that a public key may be delivered in place of the PIN code of the WPS system that is delivered from the communication range limiting device 1 to a device such as the smartphone 2 through the BLE communication when the wireless LAN communication line is to be established. The wireless LAN communication line may be established by delivering, in place of the PIN code of the WPS system, a public key according to the Diffie-Hellman key exchange method, for example. In this case, the public key is transmitted and received within the BLE communication area 6, so that a wireless LAN administrator can monitor the transmission and reception of the public key. This approach clarifies, for example, the specific device that transmits the public key, the specific device that receives the public key, and the specific user. Thus, illegal communications by an illegal user and an illegal device, what is called spoofing, can be prevented. In addition, when the wireless LAN communication line that has previously been disconnected is to be re-established, preferably, a new public key different from the previous one is used as with the PIN code described previously.
Additionally, the PIN code or the public key may be transmitted by sound (an acoustic output propagating through a space) from the communication range limiting device 1 to a device such as the smartphone 2 or the printer device 3. Because the acoustic output offers spatial transmissibility poorer than that of the radio waves used in the BLE communication, the transmission and reception range of the PIN code, for example, can be limited to a range over which sound can be transmitted and received between devices. Thus, the PIN code or the like is transmitted and received in a narrow range which a system administrator, for example, can monitor. As a result, illegal communications by an illegal user and an illegal device, what is called spoofing, mentioned previously can be prevented even more reliably.
Additionally, presence of a device within the BLE communication area 6 may be monitored using received signal strength indication (RSSI) of the BLE communication unit 17 instead of the communication range information. By setting the received signal strength indications of the BLE communication regarded as an exit RSSI area and an entrance RSSI area to desired levels, the range over which connection can be made to the wireless LAN (range of the entrance RSSI area) can be dynamically adjusted within the BLE communication area 6.
The above-described example encompasses the BLE communication area within the wireless LAN communication area. Nonetheless, as illustrated, for example, in
In the wireless LAN communication system having the basic configuration described above, the distance over which each of the devices can communicate using the wireless LAN communication is limited to short distances within the BLE communication area 6. When the above-described wireless LAN communication system exists in plurality at places that are physically apart from each other, enhanced convenience can be achieved, if devices in the different wireless LAN communication systems can communicate with each other. Specifically, when no printer devices exist in a first wireless LAN communication system, a smart device disposed in the first wireless LAN communication system can operate a printer device disposed in a second wireless LAN communication system to perform printing on the printer device disposed in the second wireless LAN communication system.
The wireless LAN communication system described above, however, achieves enhanced security by setting the BLE communication area 6 within the wireless LAN communication area 5 to thereby permit and control use of the wireless LAN in a limited range within the wireless LAN communication area 5. Thus, a need exists to maintain such enhanced security even when communication is enabled between the devices disposed in different wireless LAN communication systems that exist at places physically apart from each other.
In one embodiment, in an environment including a plurality of wireless LAN communication systems that exist at places physically apart from each other, an Internet Protocol Version 6 (IPv6) address having a specific prefix is distributed to each of the wireless LAN communication systems and a virtual private network (VPN) connection is established among the wireless LAN communication systems. In addition, the wireless LAN communication systems exchange information on lists of devices held by respective wireless LAN communication systems during the VPN connection. Each of the wireless LAN communication systems performs communication control of the devices using the list information. This arrangement enables communication between devices disposed in different wireless LAN communication systems that exist at places that are physically apart from each other with enhance security.
As illustrated in
In addition, the HDD 14 of the communication range limiting device 1 holds a second list 92 that lists peripheral devices such as the printer devices 3 and the projector device 4 located within the BLE communication area 6. The communication range limiting device 1 further includes a memory control module 93 that performs memory control of the first list 91 and the second list 92 with respect to the HDD 14. The communication range limiting device 1 further includes a network interface (NW I/F) 94 for establishing a VPN connection with another wireless LAN communication system. The memory control module 93 is an exemplary generating module. The smart devices and the peripheral devices are each an exemplary communication device.
Additionally, in the wireless LAN communication system in the embodiment, the smartphone 2 has a transfer list 95 stored in the RAM 23 and includes a memory control module 96 that performs memory control of the transfer list 95 with respect to the RAM 23. The transfer list 95 to be described later is transmitted from the communication range limiting device 1 to a smart device such as the smartphone 2 located within the BLE communication area 6. The transfer list 95 contains, for example, the type, the IPv6 address, and control information of each device within the BLE communication area 6 and the IPv6 address of the wireless LAN communication system to which the device belongs.
In addition, the communication range limiting device 1 can also connect to a wide area network such as the Internet 100 via the NW I/F 94. The CPU 11 functions, as will be later described, as a router control module (denoted by reference numeral 98 in
As will be described later, the memory control module 93 generates the first list 91 that lists smart devices such as smartphones 2 located within the BLE communication area 6 and stores the first list 91 in memory of, for example, the HDD 14. The memory control module 93 further generates the second list 92 that lists peripheral devices such as the printer devices 3 and the projector devices 4 located within the BLE communication area 6 and stores the second list 92 in memory of, for example, the HDD 14. The router control module 98 performs routing and addressing when, as illustrated in
It is noted that the following description of this example assumes that the elements from the device connecting module 75 to the BLE communication control module 79, the memory control module 93, the router control module 98, and the gateway control module 99 are achieved as software functions by the communication control program. The elements from the device connecting module 75 to the BLE communication control module 79, the memory control module 93, the router control module 98, and the gateway control module 99 may nonetheless be achieved in part or in whole by an integrated circuit (IC) or by hardware. Understandably, the communication control program of the communication range limiting device 1 may be recorded and provided in a computer-readable recording medium such as a CD-ROM and a semiconductor memory as an installable or executable file as described previously. Additionally, the wireless LAN AP unit 16 of the communication range limiting device 1 is an exemplary first communication unit. The BLE communication unit 17 of the communication range limiting device 1 is an exemplary second communication unit.
The BLE communication control module 83 has a connection request function that, in response to a user operation, makes a communication connection request to another wireless LAN communication system that exists at a physically remote place. The BLE communication control module 83 further has a disconnection function that, in response to a communication disconnection request transmitted from another wireless LAN communication system that exists at a physically remote place, disconnects the communication with the other wireless LAN communication system. In
The IPv6 address of the wireless LAN communication system to which a specific smart device belongs represents an IPv6 address of the wireless LAN communication system that controls the smart device in question. The IPv6 address of the smart device is a Wi-Fi address that is an exemplary first address. A Bluetooth address is an exemplary second address. The IPv6 address of the wireless LAN communication system to which the smart device belongs is an exemplary network address that is assigned to a particular wireless LAN communication system and that is not duplicated.
Briefly, when a communication line is established with another wireless LAN communication system that exists at a physically remote place, the other wireless LAN communication system at the remote side transmits the IPv6 address of the wireless LAN communication system at the remote side and the IPv6 address of the smart device controlled by the wireless LAN communication system at the remote side. The memory control module 93 of the communication range limiting device 1 generates the above-described first list 91 that includes also the IPv6 address of the wireless LAN communication system at the remote side and the IPv6 address of the smart device controlled by the wireless LAN communication system at the remote side. This results in the first list 91 storing not only the information on the wireless LAN communication system at the host side, but also the information on the wireless LAN communication system at the remote side when the communication line is established with another wireless LAN communication system that exists at a physically remote place.
Briefly, when a communication line is established with another wireless LAN communication system that exists at a physically remote place, the other wireless LAN communication system at the remote side transmits the IPv6 address of the wireless LAN communication system at the remote side, the IPv6 address of the peripheral device controlled by the wireless LAN communication system at the remote side, and the abovementioned control information. The memory control module 93 of the communication range limiting device 1 generates the above-described second list 92 that includes also the IPv6 address of the wireless LAN communication system at the remote side, the IPv6 address of the peripheral device controlled by the wireless LAN communication system at the remote side, and the control information. This results in the second list 92 storing not only the information on the wireless LAN communication system at the host side, but also the information on the wireless LAN communication system at the remote side when the communication line is established with another wireless LAN communication system that exists at a physically remote place.
The communication range limiting device 1 transfers to each smart device, such as the smartphone 2, the transfer list 95 that includes, out of information on the peripheral device registered in the second list 92 illustrated in
Each smart device registers in RAM 23 the transfer list 95 of each peripheral device transferred from the communication range limiting device 1 (see
A flowchart illustrated in
More specifically, the communication range limiting device 1 sets, at Step S61, a virtual random number generated according to the step specified in RFC 4193 for a prefix that belongs to FC00::/8 to thereby generate a link-local address. Then, at Step S62, the communication range limiting device 1 transmits a router solicitation (RS) command via the NW I/F 94 using the generated link-local address as a transmitter address of an IPv6 packet, thereby requesting a router advertisement (RA).
The communication range limiting device 1 next receives a RA returned in response to the RS command to thereby acquire prefix information in a network interface. The communication range limiting device 1 then generates, for example, a 128-bit IPv6 address from the acquired prefix information and interface identification (ID) based on a media access control (MAC) address of the host node. The communication range limiting device 1 performs address collision detection for the generated IPv6 address. The communication range limiting device 1, when having detected no address collision, validates the generated IPv6 address. The foregoing steps set the IPv6 address for the wireless LAN communication system. The communication range limiting device 1 causes the memory control module 93 to register the IPv6 address that has been set as described above for the wireless LAN communication system in the first list 91 and the second list 92.
The communication range limiting device 1 responds to IPv6 address user settings by Dynamic Host Configuration Protocol version 6 (DHCPv6) at Step S62.
A flowchart illustrated in
The device connecting module 75 illustrated in
If a response rejecting connection of a new smart device is received from the previously connected smart device as a result of the inquiry about whether a new smart device can be connected (No at Step S73), the device connecting module 75 notifies the smart device that has been detected to be moved into the BLE communication area 6 of connection rejection via the BLE communication control module 79 and the BLE communication unit 17 at Step S78. The device connecting module 75 then disconnects the BLE communication and terminates the steps of the flowchart illustrated in
It is noted that the step of inquiring of the previously connected smart device the connection of a new smart device to thereby obtain permission at Step S72, Step S73, and Step S78 may be omitted.
If a response permitting connection of a new smart device is received from the previously connected smart device as a result of the inquiry about whether a new smart device can be connected (Yes at Step S73), and if no previously connected smart devices exist (no smart devices are registered in the first list 91), the device connecting module 75 delivers, at Step S74, a public key according to, for example, the Diffie-Hellman key exchange method to the new smart device via the BLE communication control module 79 and the BLE communication unit 17 through BLE communication.
This step causes an IP address (Wi-Fi address) of the new smart device to be automatically set through Wi-Fi wireless communication line setup by WPA/WPA2 in the new smart device and the communication range limiting device 1, so that the new smart device is connected to the wireless LAN (Wi-Fi connection). The new smart device causes the wireless LAN communication control module 82 to perform wireless LAN setup control using the public key received by the BLE communication unit 32.
When the wireless LAN communication line is established with the new smart device, the device connecting module 75 of the communication range limiting device 1 transmits a RS command and receives a RA returned in response to the RS command via the NW I/F 94 to thereby acquire prefix information in the network interface. The device connecting module 75 next generates, for example, a 128-bit IPv6 address from the acquired prefix information and the interface ID based on the MAC address of the new smart device. The communication range limiting device 1 performs address collision detection for the generated IPv6 address. The communication range limiting device 1, when having detected no address collision, sets the generated IPv6 address as the IPv6 address of the new smart device. It is noted that, at Step S75, the IPv6 address may be set by DHCPv6 in response to user operation.
At Step S76, the memory control module 93 of the communication range limiting device 1 registers the IPv6 address of the new smart device set as described above in the first list 91. When another wireless LAN communication system connected by, for example, VPN connection exists at a physically remote place, the device connecting module 75 notifies the other wireless LAN communication system of the first list 91. The memory control module 93 of the communication range limiting device 1 of the other wireless LAN communication system stores in the HDD 14 the reported first list 91 as the first list 91 of the smart device controlled by the other wireless LAN communication system (second information). This is the end of the steps of the flowchart illustrated in
A PIN code in place of the public key may be delivered at Step S74. The public key, the PIN code, and the like are exemplary setup information for establishing a communication line of first wireless communication. The PIN code is exemplary unique identification information.
A flowchart illustrated in
The peripheral device connecting module 76 illustrated in
If a response rejecting connection of a new peripheral device is received from the previously connected smart device as a result of the inquiry about whether a new peripheral device can be connected (No at Step S83), the peripheral device connecting module 76 notifies the peripheral device that has been detected to be moved into the BLE communication area 6 of connection rejection via the BLE communication control module 79 and the BLE communication unit 17 at Step S89. The peripheral device connecting module 76 then disconnects the BLE communication with the new peripheral device (the peripheral device that has been rejected for connection by the smart device) that has required connection with the wireless LAN communication line and terminates the steps of the flowchart illustrated in
It is noted that the step of inquiring of the previously connected smart device the connection of a new peripheral device to thereby obtain permission at Step S82, Step S83, and Step S89 may be omitted.
If a response permitting connection of a new peripheral device is received from the previously connected smart device as a result of the inquiry about whether a new peripheral device can be connected (Yes at Step S83), and if no previously connected smart devices exist (no smart devices are registered in the first list 91), the peripheral device connecting module 76 delivers, at Step S84, a public key according to, for example, the Diffie-Hellman key exchange method to the new peripheral device through BLE communication. It is noted that a PIN code in place of the public key may be delivered. The foregoing step sets up a Wi-Fi wireless communication line by WPA/WPA2 in each of the new peripheral device and the communication range limiting device 1. Then, an IP address (Wi-Fi address) of the new peripheral device is automatically set, so that the new peripheral device is connected to the wireless LAN (Wi-Fi connection).
When the wireless LAN communication line is established with the new peripheral device, the peripheral device connecting module 76 of the communication range limiting device 1 transmits a RS command and receives a RA returned in response to the RS command via the NW I/F 94 to thereby acquire prefix information in the network interface. The peripheral device connecting module 76 next generates, for example, a 128-bit IPv6 address from the acquired prefix information and the interface ID based on the MAC address of the new smart device. The communication range limiting device 1 performs address collision detection for the generated IPv6 address. The communication range limiting device 1, when having detected no address collision, sets the generated IPv6 address as the IPv6 address of the new smart device. It is noted that, at Step S85, the IPv6 address may be set by DHCPv6 in response to user operation.
At Step S86, the memory control module 93 of the communication range limiting device 1 registers the IPv6 address of the new peripheral device set as described above in the second list 92. When the second list 92 is updated as a result of the IPv6 address of the new peripheral device being stored, at Step S87, the peripheral device connecting module 76 generates the transfer list 95 that contains, for example, the type, IP address, and control information of each of the peripheral devices registered in the updated second list 92. The peripheral device connecting module 76 transfers the generated transfer list 95 to each of the smart devices registered in the first list 91 via the BLE communication unit 17.
When another wireless LAN communication system connected by, for example,
VPN connection exists at a physically remote place, the peripheral device connecting module 76 transmits the updated second list 92 to the other wireless LAN communication system. The memory control module 93 of the communication range limiting device 1 of the other wireless LAN communication system updates the second list 92 of the peripheral devices controlled by the other wireless LAN communication system with the reported second list 92. The peripheral device connecting module 76 of the other wireless LAN communication system generates the transfer list 95 that contains, for example, the type, IPv6 address, and control information of each of the peripheral devices registered in the updated second list 92. The peripheral device connecting module 76 of the other wireless LAN communication system transfers the generated transfer list 95 to each of the smart devices registered in the first list 91 of the other wireless LAN communication system via the BLE communication unit 17. This step causes the transfer list 95 registered in each of the smart devices controlled by the other wireless LAN communication system to be updated and the steps of the flowchart illustrated in
The following describes an exemplary print operation performed by the smartphone 2 on a printer device 3 selected on the basis of the transfer list 95 as an example in which a smart device operates a peripheral device on the basis of the transfer list 95.
To print, for example, a desired image or text, the user operates the display unit 24 to make a print request. At Step S91, the CPU 21 of the smartphone 2 illustrated in
At Step S92, the CPU 21 reads information on the type of each peripheral device from the transfer list 95 stored in the RAM 23 and controls to display the type information on the display unit 24. The user selects a specific printer device 3 as the peripheral device suitable for the printing on the basis of the displayed type information. At Step S93, the CPU 21 reads from the transfer list 95 control information of the printer device 3 selected by the user and controls to display the control information on the display unit 24. The CPU 21 then controls to display on the display unit 24 a message that says, for example, “Select the device” at Step S94, thereby prompting the user to select the printer device 3 to be used for printing. The user, by comparing, for example, the control information of each printer device 3, selects the specific printer device 3 to be used for printing.
Upon detecting the operation to select the printer device 3 to be used for printing, the CPU 21 inquires about the data to be printed at Step S95. The user specifies the location at which the data to be printed is stored in the smartphone 2 and the data or file to be printed. This step allows the CPU 21 to recognize the storage location of the print data, data name, and the printer device 3 that is to perform printing. The CPU 21 then transfers, at Step S96, the data specified by the user to the printer device 3 that is to perform the printing and makes a print request for the transferred data. The smartphone 2 located within the BLE communication area 6 thus can remotely operate the printer device 3 located within the BLE communication area 6 to perform printing of the desired data.
A flowchart illustrated in
When the operation proceeds to Step S103 as a result of the determination that the type of the device that has moved out of the BLE communication area 6 is a smart device, the withdrawal detecting module 77 refers to the first list 91 of the HDD 14 via the memory control module 93. The withdrawal detecting module 77 acquires the wireless LAN IPv6 address that is assigned to the smart device identified by the BLE address that has not returned a response to the communication range information. At Step S103, the wireless LAN AP control module 78 disconnects the wireless LAN communication line for the smart device that corresponds to the acquired IPv6 address.
At Step S104, the memory control module 93 deletes all information relating to the smart device that corresponds to the acquired IPv6 address from the first list 91 to thereby update the first list 91. Specifically, the memory control module 93 deletes information on the smart device that has moved out of the BLE communication area 6 from the first list 91.
If another wireless LAN communication system connected by, for example, VPN connection exists at a physically remote place, the device connecting module 75 notifies at Step S105 the other wireless LAN communication system of the smart device that has moved out of the BLE communication area 6. Specifically, the device connecting module 75 transmits to the other wireless LAN communication system via the NW I/F 94 the first list 91 in which the information on the smart device that has moved out of the BLE communication area 6 has been deleted. This step causes the first list 91 and the transfer list 95 to be updated on the other wireless LAN communication system side. Upon completion of such a notification operation for the other wireless LAN communication system, the steps of the flowchart illustrated in
When the operation proceeds to Step S106 as a result of the determination that the type of the device that has moved out of the BLE communication area 6 is a peripheral device, the withdrawal detecting module 77 refers to the second list 92 of the HDD 14 via the memory control module 93. The withdrawal detecting module 77 acquires the wireless LAN IPv6 address that is assigned to the peripheral device identified by the BLE address that has not returned a response to the communication range information. At Step S106, the wireless LAN AP control module 78 disconnects the wireless LAN communication line for the peripheral device that corresponds to the acquired IPv6 address.
At Step S107, the memory control module 93 deletes all information relating to the peripheral device that corresponds to the acquired IPv6 address from the second list 92 to thereby update the second list 92. The peripheral device connecting module 76 uses the updated second list 92 to regenerate the above-described transfer list 95 and transfers the regenerated transfer list 95 to each of the smart devices registered in the first list 91 (notifies each of the smart devices registered in the first list 91 of the regenerated transfer list 95). This step updates the transfer list 95 of each smart device.
If another wireless LAN communication system connected by, for example, VPN connection exists at a physically remote place, the peripheral device connecting module 76 notifies at Step S108 the other wireless LAN communication system of the peripheral device that has moved out of the BLE communication area 6. Specifically, the peripheral device connecting module 76 transmits to the other wireless LAN communication system via the NW I/F 94 the second list 92 in which the information on the peripheral device that has moved out of the BLE communication area 6 is deleted. This step causes the second list 92 and the transfer list 95 to be updated on the other wireless LAN communication system side. Upon completion of such a notification operation for the other wireless LAN communication system, the steps of the flowchart illustrated in
Connecting Operation for VPN Connection with another Wireless LAN Communication System
The following describes an operation in which a first wireless LAN communication system and a second wireless LAN communication system that exists at a place physically apart from the first wireless LAN communication system are connected to each other, as illustrated in
Consider, for example, a case in which a user of a smartphone 2 controlled by the first wireless LAN communication system wants to perform, for example, remote control of a peripheral device controlled by the second wireless LAN communication system. In this case, the user refers to the transfer list 95 stored in the smartphone 2. As described previously, the transfer list 95 contains the IPv6 address of the second wireless LAN communication system and the type, IPv6 address, and control information of the peripheral device controlled by the second wireless LAN communication system. The user refers to the IPv6 address of the second wireless LAN communication system, the type information of the peripheral device controlled on the second wireless LAN communication system side, and the like and operates the smartphone 2 to thereby select the second wireless LAN communication system with which the connection is to be established. At Step S111, the smartphone 2 of this user transmits to the communication range limiting device 1 through BLE communication information that indicates the second wireless LAN communication system selected by the user and a connection request to the second wireless LAN communication system.
At Step S112, the peripheral device connecting module 76 of the communication range limiting device 1 illustrated in
If a response that the VPN connection cannot be established is received from the gateway control module 99 of the second wireless LAN communication system (No at Step S113), the peripheral device connecting module 76 transmits through BLE communication to the smartphone 2 of the user an error message that says that no communication line can be established with the second wireless LAN communication system at Step S114 and the steps of the flowchart illustrated in
In contrast, if a response that the VPN connection can be established is received from the gateway control module 99 of the second wireless LAN communication system (Yes at Step S113), the peripheral device connecting module 76 establishes a VPN connection between gateway modules of the first and second wireless LAN communication systems at Step S115. Specifically, the NW I/F 94 of the communication range limiting device 1 includes a gateway module that is achieved by hardware or software. The peripheral device connecting module 76 establishes a VPN connection between the gateway modules of the first and second wireless LAN communication systems through the gateway control module 99 and the gateway module of the NW I/F 94 of each wireless LAN communication system. This step establishes a connection through a virtual dedicated line between the wireless LAN communication systems connected by a shared line such as the Internet 100.
Then at Step S116, the device connecting module 75 and the peripheral device connecting module 76 transmit the first list 91 and the second list 92 to the second wireless LAN communication system through the VPN. The memory control module 93 of the second wireless LAN communication system uses the received first list 91 and second list 92 to update the old (existing) first list 91 and second list 92 stored in the HDD 14. Additionally, the peripheral device connecting module 76 of the second wireless LAN communication system generates a new transfer list 95 using the received second list 92. The peripheral device connecting module 76 of the second wireless LAN communication system transfers the new transfer list 95 to each of the smart devices controlled in the second wireless LAN communication system. This step updates the transfer list 95 of each smart device in the second wireless LAN communication system.
At Step S117, the device connecting module 75 and the peripheral device connecting module 76 acquire the first list 91 and the second list 92 from the second wireless LAN communication system through the VPN. The memory control module 93 updates the old (existing) first list 91 and second list 92 stored in the HDD 14 using the first list 91 and the second list 92 acquired from the second wireless LAN communication system.
Then at Step S118, the peripheral device connecting module 76 generates a new transfer list 95 from the updated second list 92 and transfers the new transfer list 95 to each of the smart devices controlled by the wireless LAN communication system to which the peripheral device connecting module 76 belongs. This step updates the transfer list 95 of each of the smart devices in the wireless LAN communication system to which the peripheral device connecting module 76 belongs and the steps of the flowchart illustrated in
Disconnecting Operation for VPN Connection with another Wireless LAN Communication System
The following describes, with reference to a flowchart illustrated in
The communication range limiting device 1, having received the request for disconnecting the VPN connection line, requests the communication range limiting device 1 of the second wireless LAN communication system via the NW I/F 94 to disconnect the VPN communication line at Step S122.
At Step S123, the communication range limiting device 1 of each of the first and second wireless LAN communication systems deletes from the first list 91 and the second list 92 information on the smart device and the peripheral device that carry the IPv6 address of the other wireless LAN communication system. More specifically, the communication range limiting device 1 of the first wireless LAN communication system deletes from the first list 91 and the second list 92 information on the smart device and the peripheral device that carry the IPv6 address of the second wireless LAN communication system to thereby update the first list 91 and the second list 92. Alternatively, the communication range limiting device 1 of the second wireless LAN communication system deletes from the first list 91 and the second list 92 information on the smart device and the peripheral device that carry the IPv6 address of the first wireless LAN communication system to thereby update the first list 91 and the second list 92.
At Step S124, the communication range limiting device 1 of each of the first and second wireless LAN communication systems uses the updated second list 92 to generate a new transfer list 95 and transfers the new transfer list 95 to the smart devices controlled by the corresponding wireless LAN communication system. This step replaces the transfer list 95 of each smart device with the new transfer list 95 in which the information on the peripheral devices of the other VPN-connected wireless LAN communication system has been deleted.
At Step S125, the communication range limiting device 1 of each of the first and second wireless LAN communication systems causes the router control module 98, the gateway control module 99, and the gateway module of the NW I/F 94 to disconnect the VPN connection. This step terminates the flowchart illustrated in
The above example has been concerned with the user's making a request for disconnection of the VPN communication line. Nonetheless, the communication range limiting device 1 may determine that the VPN communication line with another wireless LAN communication system is no longer necessary and may be disconnected when all smart devices move out of the BLE communication area 6 and no more smart devices registered in the first list 91 are available.
The following describes a case in which a projector device 4 controlled by a VPN-connected first wireless LAN communication system and a projector device 4 controlled by a VPN-connected second wireless LAN communication system are both remotely operated by a smartphone 2 controlled by the first wireless LAN communication system. It is assumed that the projector device 4 in each of the first wireless LAN communication system and the second wireless LAN communication system is located within the BLE communication area 6 and has been registered in the second list 92.
In this case, the user first prepares a list of projector devices 4 to be controlled (controlled object list). A flowchart illustrated in
When the selection is completed, the user operates the smartphone 2 to perform a selection completion operation that indicates that the selection has been completed. At Step S131, the CPU 21 of the smartphone 2 monitors whether the selection is completed. Before detecting the selection completion operation (No at Step S131), the CPU 21 accepts an operation to select a desired peripheral device at Step S132. When the selection completion operation is detected (Yes at Step S131), the operation proceeds to Step S133.
At Step S133, the CPU 21 prepares the controlled object list of the projector devices 4 selected by the user and controls to display the controlled object list on the display unit 24.
A flowchart illustrated in
At Step S142, the CPU 11 determines whether another projector device 4 exists on the controlled object list. If no more projector device 4 to be controlled exists, the CPU 11 directly terminates the steps of the flowchart illustrated in
If a projector device 4 that is controlled by another wireless LAN communication system, for example, exists as the projector device 4 to be controlled next, the CPU 11 accesses the other wireless LAN communication system connected by VPN connection via the NW I/F 94. The CPU 11 then inquires whether the projector device 4 to be next controlled can be controlled. If a response that the projector device 4 to be next controlled cannot be controlled is received, the CPU 11 determines whether still another projector device 4 to be next controlled exists on the third controlled object list.
In contrast, if a response that the projector device 4 to be next controlled can be controlled is received, the CPU 11 returns the operation to Step S141 and controls projection of the second projector device 4 that is controlled by the other wireless LAN communication system.
As described above, the CPU 11 sequentially controls the projector devices and the like to be controlled in accordance with the controlled object list. This arrangement enables control of, for example, causing a projector device of a wireless LAN communication system located in Tokyo and a projector device of a wireless LAN communication system located in Osaka to project an identical image simultaneously.
As evident from the foregoing descriptions, the wireless LAN communication system in the embodiment is applied to a configuration in which a plurality of wireless LAN communication systems exist at places that are physically apart from each other, each of the wireless LAN communication systems enabling use of wireless LAN communication only for devices that are located in the BLE communication area 6 within the wireless LAN communication area 5. In this environment, a unique address such as the IPv6 address having a specific prefix is distributed to each of these wireless LAN communication systems and the VPN connection is established between the wireless LAN communication systems. When the VPN connection is established, the wireless LAN communication systems exchange the first list 91 and the second list 92 that indicate the devices located in the BLE communication area 6 of the respective wireless LAN communication systems. Each of the wireless LAN communication systems performs communication control of the devices using the first list 91 and the second list 92 of the devices located in the BLE communication area 6 of the host wireless LAN communication system and the first list 91 and the second list 92 acquired from the remote wireless LAN communication system.
The VPN connection established between the wireless LAN communication systems that exist at places that are physically apart from each other enables enhanced security to be maintained of each wireless LAN communication system. The VPN connection further enables communication between devices existing in the wireless LAN communication systems at places that are physically apart from each other, while securing security of the communication path of each wireless LAN communication system. In addition, when no printer devices exist in a first wireless LAN communication system, a smart device disposed in the first wireless LAN communication system can operate a printer device disposed in a second wireless LAN communication system to, for example, perform printing on the printer device disposed in the second wireless LAN communication system. This capability achieves enhanced convenience of the wireless LAN communication system.
The IPv6 address that is an aggregatable global unicast address and a unique local address is distributed as a network address to each wireless LAN communication system. Because the IPv6 address can generate a plurality of unique addresses, collision of network addresses can be avoided even when VPN connection is established between wireless LAN communication systems.
Although the invention has been described with respect to a specific embodiment for a complete and clear disclosure, the appended claims are not to be thus limited but are to be construed as embodying all modifications and alternative constructions that may occur to one skilled in the art that fairly fall within the basic teaching herein set forth.
For example, in the above descriptions of the embodiment, the BLE communication area 6 using Bluetooth communication is created as the second communication range within the wireless LAN communication area 5. Ultrasonic waves having predetermined frequencies (voice) such as, for example, the ultrasonic wave of a frequency close to those of audible waves may nonetheless be used instead of the Bluetooth communication. In this case, each device outputs ultrasonic waves via a speaker and collects the ultrasonic waves output from other devices.
In this case, the second communication range can be easily adjusted by adjusting the output level of the ultrasonic wave (voice). Additionally, the ultrasonic wave (voice) can be easily shielded. Hence, extremely low possibility of sniffing by third persons.
Optical communication using light having a prescribed wavelength, such as infrared rays and visible rays, may be used in place of the Bluetooth communication. In this case, each device emits light having a prescribed wavelength via a light emitting portion and receives light from other devices via a light receiving portion. In this case, too, the second communication range can be easily adjusted by adjusting the output level of light emitted by the light emitting portion. Additionally, the light can be easily shielded. Hence, extremely low possibility of sniffing by third persons.
The accompanying claims and their equivalents are intended to cover such forms or modifications as would fall within the scope and spirit of the invention.
1 Communication range limiting device
2 Smartphone
3 Printer device
4 Projector device
5 Wireless LAN communication area
6 BLE communication area
6′ BLE communication area
7 Wireless LAN communication-disabled area
15 Input/output I/F
16 Wireless LAN AP unit
17 BLE communication unit
31 Wireless LAN communication unit
32 BLE communication unit
47 Wireless LAN communication unit
48 BLE communication unit
67 Wireless LAN communication unit
68 BLE communication unit
75 Device connecting module
76 Peripheral device connecting module
77 Withdrawal detecting module
78 Wireless LAN AP control module
79 BLE communication control module
81 Print request module
82 Wireless LAN communication control module
83 BLE communication control module
85 Print module
86 Wireless LAN communication control module
87 BLE communication control module
91 First list
92 Second list
93 Memory control module
94 NW I/F
95 Transfer list
96 Memory control module
98 Router control module
99 Gateway control module
100 Internet
150 Management server device
PTL 1: Japanese Laid-open Patent Publication No. 2002-351766
Number | Date | Country | Kind |
---|---|---|---|
2015-040357 | Mar 2015 | JP | national |
2015-235991 | Dec 2015 | JP | national |
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/JP2016/001081 | 2/29/2016 | WO | 00 |