1. Technical Field
The present invention relates to network communication methods and the like using the Simple Network Management Protocol (SNMP), and in particular, the invention relates to a network communication method and the like which enables realization of an exclusive access, and further, enables improvement of communication security by means of relatively easy processing.
2. Related Art
To date, the Simple Network Management Protocol (SNMP) has been widely employed as a network management protocol, and management information communication using the SNMP protocol is performed between a management apparatus (an SNMP manager) and a managed apparatus (an SNMP agent) existing on a network. By using the SNMP, the SNMP manager accesses a management information database, i.e., a Management Information Base (MIB), included in the SMNP agent, and through this access, the SNMP manager can perform acquisition or setting of management information included in the MIB. For example, operations for printer management are sometimes performed in such a way that a host computer functioning as an SNMP manager accesses a printer functioning as an SNMP agent to perform setting of printing conditions or perform acquisition of status information, such as error status information.
As described above, the SNMP protocol is employed as a means for a remote access to management information, such as status information and setting values, included in each of network devices, such as a printer. The version 1 of the SNMP protocol (i.e., the SNMPv1 protocol) and the version 2c of the SNMP protocol (i.e., the SNMPv2c protocol) have been in widespread use.
With respect to the SNMPv1 protocol and the SNMPv2c protocol, unfortunately, there is a problem in that, in order to restrict accesses to management information, the SNMPv1 protocol and the SNMPv2c protocol each provide a basic authentication function using community names; however, it is easy to interpret the community names because the community names are transmitted over networks in plain text, so that it is difficult to fully prevent unauthorized accesses to the management information from malicious third parties.
Moreover, according to the SNMPv1 protocol and the SNMPv2c protocol, the communicated management information itself is also transmitted over networks in plain text, and thus, the management information is vulnerable to a leak of information resulting from eavesdropping of information transmitted over the networks.
Furthermore, the SNMPv1 protocol and the SNMPv2c protocol each are not provided with a function of accessing the management information exclusively, and thus, there is a concern in that occurrence of discrepancies in the management information and the like due to simultaneous accesses from a plurality of users (SNMP managers) makes it difficult for the SNMP managers to each perform acquisition or setting of intended information.
With respect to such problems on the SNMPv1 protocol and the SNMPv2c protocol, in JP-T-2009-522702, an authentication method which enables solution of a problem in that invaders can easily access the management data just by using community names has been proposed.
Furthermore, the version 3 of the SNMP protocol (the SNMPv3 protocol), which is an upper version of the SNMP protocol, provides an advanced authentication function and an encryption function.
However, the method having been proposed in JP-T-2009-522702 cannot solve the foregoing problems due to the eavesdropping of information transmitted over networks, and the simultaneous accesses.
Further, there is a problem in that the SNMPv3 protocol is specified so as to deal with a wide range of threats on information security, so that required processing is excessive for some devices. Moreover, the SNMPv3 protocol does not deal with the foregoing problem due to the simultaneous accesses.
Therefore, in the SNMPv1 protocol and the SNMPv2c protocol, it is desired to realize an authentication function and an encryption function each requiring a relatively light load process, as well as an exclusive access function.