1. Field of the Invention
The present invention relates to a service providing device, a client station, a service providing system including these device and station, and a service providing method, all of which provide a predetermined service over a communication medium.
2. Description of the Related Art
Recently, a protocol called Universal Plug and Play (UPnP, trade mark) has been developed to allow personal computers, peripherals thereof, and consumer electronics products at home to communicate with each other.
On the other hand, service providing devices that accept a request for a service from a client station and provide the service to the client station have been known. Also, in accordance with the widespread use of communication by the Internet, a variety of networked devices has been developed in addition to personal computers. For example, user interactive devices including personal digital assistants (PDAs) and cell phones, image processing apparatuses including scanners, printers, copiers, and digital cameras, and even consumer electronics products including TV sets, air conditioners, and refrigerators, have been rapidly networked.
In accordance with this situation, in order to improve usability and operability of the networked devices, a variety of protocols has been proposed to provide an automatic network address setting unit, a searching unit for searching for networked devices providing a service, and an automatic setup unit of application software, utility software, and operating systems for controlling the network devices. Examples of such protocols include the above-described UPnP (trade mark), the development of which Microsoft Corporation primarily fosters, BMLinks which the Japan Business Machine and Information System Industries Association (JBMIA) has developed, and Renedzvous supported in OS X, which Apple Computer, Inc. has developed.
However, in the current messaging specification of UPnP (trade mark), a device notifies all control points that send a request to the device of the URL for receiving information (hereinafter, the URL is referred to as a control URL). In such a specification, the device notifies all the control points of the control URL without access limitations. Since the control URL allows a malicious third party to access a control server and to access device commands, there is a possibility of the device being subjected to Denial-of-Service (DoS) attacks by the third party. That is, if the device notifies an unauthorized station of the control URL, the unauthorized station can easily connect to the networked device, thus causing a security problem.