The present invention relates to a distributed network computing system for connecting a plurality of terminals and, more particularly, to a distributed network computing system having a security function for providing an application service such as an inventory control service to various terminals such as PDAs, personal computers (PCs), and portable PCs having different processing capabilities and connected to a plurality of communication networks including a public network, a wired LAN (Local Area Network), and a wireless LAN.
The present invention also relates to data exchange apparatus having a security function.
A centralized processing system is the mainstream of conventional data processing using computers in which a plurality of terminals are connected to one main computer. On the contrary, in a distributed processing system, a plurality of computers are connected with each other to form a network so that computers may share their resources with each other to perform efficient processing. An environment for allowing distributed processing of an application among the computers of different types is called a distributed computing environment.
In the distributed computing environment, an user need not be aware of a location of a program or data. Logically, since the entire network acts as if it were one computer system, the user can utilize desired data or function in the network.
Assume a system for providing an application service such as an inventory control service to each terminal in the network. The user terminals have different processing capabilities which is, hereinafter, called a terminal attribute, the meaning of which includes the capability of the CPU, the display screen size and the memory capacity. To adjust and absorb the difference, a manual processing of data must be performed on the terminal side or on the server side.
Each terminal is connected to different communication networks, such as a public telephone or data network and a wired or wireless LAN (Local Area Network). Therefore, the data transmission rate, the transmission volume, and the transmission quality vary with each communication network as a communication infrastructure.
Generally, assuming that a personal computer (PC) has a high-level processing capability as a general-purpose device, a PDA has an intermediate-level processing capability and other terminals have a low-level processing capability. With respect to the communication infrastructures, the transmission volume and quality of a wired or wireless LAN are maintained at a high level. Those of an ISDN (Integrated Services Digital Network) are maintained at an intermediate level, and those of an analog wired network, or an analog or digital wireless network are maintained at a low level.
In the network environment, the processing capability varies from a terminal to terminal and the communication capability varies among communication infrastructures. Therefore, it is very difficult to uniformly provide an application service to various terminals in such an environment.
Generally, the attribute of each terminal used in the system is determined at a time of system designing, and the application service is provided in accordance with the attribute. For this reason, even when a terminal having a new attribute has been developed, the terminal can hardly be introduced into the system for use.
To provide a service while adjusting the difference in processing capability among the terminals or the difference in communication capability among the communication infrastructures, cumbersome processing must be performed. Accordingly, a large server computer having an adequate capability is required.
An establishment such as a company or a factory must be equipped with an exchange system for performing exchange/connection between extension telephones and between an extension telephone and a subscriber telephone line (main wire). Generally, a private exchange system or private exchange equipment is referred to as a PBX (Private Branch exchange) and, particularly, a digital private exchange system is called as a digital PBX. The digital PBX converts an analog speech signal into a digital signal and processes the converted digital signal. When OA devices such as a personal computer, a word processor, and other types of computers used in the office are connected to the digital PBX, data and speech signals can be uniquely and efficiently processed. In addition, when various network functions are added to the digital PBX, a wide area network can be constructed by an intra office communication network.
When a LAN is constructed for the first time, several computing devices are connected to one Ethernet cable (coaxial cable) in many cases. However, as the network expands and the number of connected devices increases, the physical length of the cable reaches the limit. A router is used as a means for physically and logically expanding the network beyond the limit of the cable.
The router can construct a network having a closed loop. The router determines an optimum route (routing) and allow only necessary packets passes therethrough. The router determines the route by a network number in an internet protocol (network layer) and then determines the route by a node number there by determining the final destination.
Since the internet protocol in the network layer is defined differently by different protocols such as TCP/IP OSI etc., the router basically supports one protocol. In other words, the router can select an only network corresponding to the selected protocol from backbone networks including a plurality of protocols. For this reason, the router can be effectively used to meet a requirement for a decrease in load factor from the Ethernet to the public line due to the speed.
Conventionally, however, no system has been proposed yet to provide the service while adjusting the difference in processing capability among the terminals or the difference in communication capability among the communication infrastructures on a network connection apparatus such as an exchange system or a router.
Moreover, it is necessary to complete a various kinds of security functions under the network computing environment. Conventionally, research and development on encryption technology has been done with respect to security of data. For example, research and development on encryption of data on a communication line has been done conventionally as well as on verification technology. Taking the network computing environment in which terminals such as portable PCs (clients) are used into consideration, any measures specific to such environment must be taken against an accidental leaving or being stolen of the portable PCs. The problems are, however, not been solved by the simple encryption technology on the communication line. It has been, thus, very inconvenient that no effective means have not been provided conventionally.
On the other hand, a system for managing a large quantity of data is necessary. In the WWW (World Wide Web) which is becoming popular on the internet, a structuring language (tag language) called HTML (Hyper Text Markup Language) is used. As a structuring language other than HTML, SGML (Standard Generalized Markup Language) may be widely used along with the spread of CALS (Continuous Acquisition and Lifecycle Support).
To display a document written in the structuring language, a function (browser) of analyzing and displaying the structuring language is required on the terminal side. In other words, data described in the structuring language cannot be provided to a terminal without the browser function.
When data described in the structuring language is directly transmitted on the network, a large quantity of data is transmitted even through a line having a low transmission capability, and this transmission takes a long time. These problems also apply to a component data format such as OLE (Object Linking and Embedding) in addition to HTML.