Along with the widespread use of data communication networks in recent years, a so-called home network in which household electrical appliances, computers, and other peripheral devices are connected via a network, so that communication is made possible among the devices, has been spreading even within households. The home network provides convenience and comfort to users, for example, sharing the data processing function of each device and performing transmission and reception of content among devices by performing communication among network-connected devices, and it is predicted that, in the future, the home network will become increasingly common.
As a protocol suitable for the configuration of such a home network, a universal plug-and-play (UPnP: Universal Plug and Play) is known. The universal plug-and-play (UPnP) makes it possible to easily construct a network without involving complex operation, and makes it possible to receive services provided by each connected device in the network-connected device without involving complex operation and settings. Furthermore, UPnP does not depend on the OS (operating system) of the device, and has the advantage in that devices can be easily added.
UPnP exchanges a definition file in compliance with XML (eXtensible Markup Language) among connected devices and performs mutual recognition among devices. The overview of UPnP is as described below.    (1) An addressing process for obtaining its own device ID, such as the IP address.    (2) A discovery process for searching each device on the network, receiving a response from each device, and obtaining information, such as the device type, functions, etc., contained in the response.    (3) A service requesting process for requesting services to each device on the basis of the information obtained in the discovery process.
As a result of performing the above-mentioned processing procedure, reproduction and reception of services using a network-connected device becomes possible. The device which is newly connected to the network acquires the device ID by the above-mentioned addressing process, acquires the information of the other network-connected devices by another discovery process, and thus making a request for services to the other devices becomes possible based on the obtained information.
On the other hand, however, in this type of network, countermeasures against unauthorized access need to be considered. In the device, for example, the server, within the home network, private content, and content requiring copyright management such as chargeable content, are often stored.
Content stored in the server within such a home network becomes accessible from another network-connected device. For example, it becomes possible for the device in which the above-described UPnP connection, which is a simple device connection configuration, is performed, to obtain content. In a case where content is movie data or music data, if a TV or a player is connected as a network-connected device, it becomes possible to view a movie or listen to music.
Access by a device connected by a user having a content usage right is permitted. However, in the network configuration such as that described above, it is easy for a user not having a right for using content, etc., to invade the network. For example, in the case of a network configured by a wireless LAN, a situation can also occur in which, with respect to the server within one's home, someone illegally enters the network by using a communication device from outdoors or from the house next door, and content is exploited. A configuration in which such unauthorized access is permitted causes secrecy to leak, and also, becomes a serious issue from the viewpoint of managing content copyright.
In order to eliminate unauthorized access such as that described above, for example, a configuration has been proposed in which the server is made to store a list of clients for whom access is permitted, so that, when a request for accessing the server from the client is made, a process for verifying against the list at the server is performed to eliminate unauthorized access.
For example, MAC address filtering in which a MAC (Media Access Control) address, which is a physical address specific to a network-connected device, is set as an access permission device list is known. The “MAC address filtering” is such that MAC addresses for permitting access are registered in advance in a router or a gateway which separates the internal network (subnet) such as the home network from an external network, so that the MAC address of the received packets is verified against the registered MAC address, and access from a device having a MAC address which is not registered is rejected. This type of technology is disclosed in, for example, Japanese Unexamined Patent Application Publication No. 10-271154.
However, in order to perform a MAC address registration process for the purpose of limiting access, it is necessary to examine all the MAC addresses of the devices which are connected in the network. Therefore, a process such that an operator inputs all the obtained MAC addresses (48 bits) of the devices in order to create a list becomes necessary. When a secure environment, for example, a specific company, organization, etc., is requested to be constructed, such a process can also be performed under a predetermined manager. However, for example, in a home network environment set up in an ordinary household, requesting an ordinary user to create and store a MAC list is not practical.
In the home network, a situation in which a process for newly adding devices is performed occurs frequently. During such a device addition process, if the user needs to check the MAC addresses of the devices one by one and to perform a registration process, the ease of the network construction is hindered.
On the other hand, also, in an ordinary household, as a result of a network configuration including not only PCs, but also household electrical devices being constructed, a commonly called ubiquitous environment in which access to a network is possible from any device is being constructed. Furthermore, with widespread use of a wireless LAN, etc., it has become easy for a communicable device to externally invade a wireless LAN. In such a network environment, unauthorized access to a network-connected device has become liable to occur, and the possibility that secret information is exploited by unauthorized access and content is illegally read has become increasingly high. In such circumstances, there has been a demand for easily realizing an appropriate access control configuration without imposing burden on an ordinary user.