Conventionally, peripheral devices that can each be connected to an information processing device such as a smartphone via an contactless interface such as Bluetooth (registered trademark) are known. In the Bluetooth standard, profiles that define protocols for respective types of devices have been established. If devices that are to communicate with each other have the same profile, communication using the function of the profile is allowed. For example, when the peripheral device is a keyboard, if both the peripheral device and the information processing device have a profile called HID (Human Interface Device Profile), connection can be established between the devices, which enables text entry and the like to the information processing device by use of the keyboard. For example, when the peripheral device is a headphone, if both the peripheral device and the information processing device have a profile called A2DP (Advanced Audio Distribution Profile), connection can be established between them, whereby sound can be transmitted from the information processing device to the headphone.
Meanwhile, in conventional technologies, when a peripheral device using Bluetooth described above is to be used at an information processing device, authentication of the peripheral device is not performed. That is, as long as a peripheral device has a profile as described above, any peripheral device can be connected to and used at an information processing device.
Therefore, an object of the present disclosure is to provide a system and the like that can authenticate a peripheral device as described above when the peripheral device is to be used at an information processing device.
In order to attain the above object, the following configuration examples can be conceived, for example.
One example of a configuration example is an information processing system including a server, a communication terminal communicable with the server via the Internet, and a peripheral device capable of performing short-range wireless communication with the communication terminal. The peripheral device includes an identification information transmission section configured to transmit, to the server, device identification information which is information capable of uniquely identifying the peripheral device. The server includes a device information confirmation section and a permission information transmission section. The device information confirmation section is configured to determine, on the basis of the transmitted device identification information, whether the peripheral device is a peripheral device whose connection to the communication terminal is permissible. The permission information transmission section is configured to, when it has been determined that the peripheral device is a peripheral device whose connection to the communication terminal is permissible, transmit connection permission information indicating that the connection to the communication terminal is permitted, to the peripheral device having transmitted the device identification information. Further, the peripheral device includes a setting processing section configured to execute a setting process for enabling the connection to the communication terminal on the basis of the connection permission information. The connection permission information may be valid period information indicating a valid period for which the peripheral device is allowed to be connected to the communication terminal.
According to the above configuration example, when the peripheral device is to be used from a predetermined communication terminal, use of the peripheral device can be enabled after the connection permission for the peripheral device is checked. Thus, safety in use of the peripheral device can be enhanced. In addition, by providing the valid period for which connection is permitted, safety can be further increased.
Further, as another configuration example, transmission/reception of data between the peripheral device and the server may be performed via the communication terminal.
According to the above configuration example, the peripheral device itself need not have a communication function (for example, function of connecting to the Internet) for communicating with the server, and thus, manufacturing cost can be reduced. In addition, it becomes possible to providing the peripheral device with versatility, thereby allowing the peripheral device to be used in combination with various types of communication terminals.
Further, as another configuration example, communication between the peripheral device and the communication terminal may be performed in the form of Bluetooth communication.
According to the above configuration example, while using a highly versatile wireless communication standard, periodic execution of the authentication processes for the peripheral device can be realized. In addition, while enhancing convenience, safety in use of the peripheral device can be ensured.
Further, as another configuration example, the peripheral device may further include: a valid period storing section configured to store therein, as valid period information, a valid period of bonding information which is information to be used when the peripheral device is to be re-connected to a predetermined communication terminal to which the peripheral device has been connected once; and a valid period determination section configured to determine whether the valid period of the bonding information has elapsed, before communication of the peripheral device with the communication terminal is started. Then, when the valid period determination section has determined that the valid period has elapsed, the process by the identification information transmission section of the peripheral device and the processes by the device information confirmation section and the permission information transmission section of the server may be executed again.
According to the above configuration example, it is possible to set a valid period to the bonding information, and when the valid period has expired, it is possible to cause the process of connection permission checking to be performed again.
Further, as another configuration example, data transmitted/received between the peripheral device and server may have been encrypted.
According to the above configuration example, safety in executing the connection permission checking process for the peripheral device can be increased.
Further, as another configuration example, the communication terminal may further include: a request reception section configured to receive a transmission request for a client certificate from the server; and a certificate transmission section configured to transmit the client certificate stored in a storage section of the predetermined communication terminal, to the server in response to the transmission request. Further, the server may further include a client verification section configured to execute a verification process for verifying authenticity of the communication terminal, on the basis of the client certificate transmitted by the certificate transmission section.
According to the above configuration example, in the server, safety of the communication terminal that is to serve as the communication counterpart can be verified. Thus, safety in executing the connection permission checking process for the peripheral device can be increased.
Further, as another configuration example, the peripheral device may further include: an encrypted data transmission section configured to encrypt predetermined data with a common key and transmit the encrypted predetermined data to the server; a decrypted data reception section configured to receive, from the server, the predetermined data decrypted in the server; and a determination section configured to determine authenticity of the server, by determining whether the predetermined data before having been encrypted matches the predetermined data received by the decrypted data reception section.
According to the above configuration example, authenticity of the server can be confirmed on the peripheral device side, and thus, safety in executing the connection permission checking process for the peripheral device can be further increased.
One example of another configuration example is an information processing system including a server, a communication terminal communicable with the server via the Internet, and a peripheral device capable of performing short-range wireless communication with the communication terminal. The peripheral device includes a first transmission section configured to transmit, to the server, device identification information which is information capable of uniquely identifying the peripheral device. The communication terminal includes a second transmission section configured to transmit, to the server, user identification information indicating a user who uses the peripheral device in combination with the communication terminal. The server includes a storage section, a determination section, and a process execution section. The storage section is configured to store therein the device identification information in association with at least one piece of user identification information. The determination section is configured to determine whether the number of pieces of user identification information associated with one piece of device identification information exceeds a predetermined value. The process execution section configured to, when the determination section has determined that the number of pieces of user identification information associated with one piece of device identification information has exceeded the predetermined value, execute a predetermined process for preventing use of the peripheral device indicated by the device identification information.
According to the above configuration example, the number of users who are permitted to use one peripheral device can be managed. For example, when the number of such users is an unnaturally large number, it is possible to prohibit the use for ensuring safety, considering that some illegal operation is made on the peripheral device.
One example of another configuration example is an information processing system including a server, a communication terminal communicable with the server via the Internet, and a peripheral device having a storage section and capable of performing short-range wireless communication with the communication terminal. The communication terminal includes an application ID transmission section configured to, upon activation of an application that uses the peripheral device, transmit an application ID for identifying the application, to the peripheral device. The peripheral device includes an application ID storing section, a verification section, and an authentication processing section. The application ID storing section is configured to store the application ID in the storage section, as a result of an authentication process using the server. The verification section is configured to determine whether the application ID received from the communication terminal matches the application ID stored in the storage section. The authentication processing section is configured to enable use of the peripheral device from the application, when the application ID received from the communication terminal matches the application ID stored in the storage section, as a result of the determination by the verification section. It should be noted that, as a result of the determination by the verification section, when the application ID received from the communication terminal does not match the application ID stored in the storage section, the authentication processing section may execute an authentication process for authenticating authenticity of the application, the authentication process using the server.
According to the above configuration example, it is possible to confirm authenticity of the application that uses the peripheral device and that operates on the communication terminal. Thus, safety in using the peripheral device can be ensured.
One example of another configuration example is an information processing system including a server, a communication terminal communicable with the server via the Internet, and a peripheral device having a storage section and capable of performing short-range wireless communication with the communication terminal. The communication terminal includes a first transmission section configured to transmit, to the server, an application ID for identifying an application that uses the peripheral device. The server includes: an application ID verification section configured to receive the application ID transmitted from the communication terminal and then to verify authenticity of the application ID; and a second transmission section configured to transmit, to the peripheral device, the application ID whose authenticity has been confirmed as a result of the verification. The peripheral device includes an application ID storing section configured to store, in the storage section, the application ID transmitted by the second transmission section. Further, the server may further include a request transmission section configured to transmit an application ID request for requesting the communication terminal to transmit the application ID. Then, the first transmission section transmits the application ID to the server in response to the request from the request transmission section.
According to the above configuration example, safety in using the peripheral device is increased through verification of the application ID. In addition, by storing the application ID in the peripheral device, convenience in using the peripheral device can be enhanced.
One example of another configuration example is an information processing system including a server, a communication terminal communicable with the server via the Internet, and a peripheral device capable of performing short-range wireless communication with the communication terminal, wherein an authentication process regarding whether connection between the communication terminal and the peripheral device is permitted is executed in the server. When the authentication process is executed, transmission/reception of data between the peripheral device and the server may be performed via the communication terminal.
According to the above configuration example, when the peripheral device is to be used from a predetermined communication terminal, the use of the peripheral device can be allowed after the connection permission for the peripheral device is checked. In addition, since the authentication process is performed in the server, safety in using the peripheral device can be further increased.
One example of another configuration example is an information processing system including a server, a communication terminal communicable with the server via the Internet, and a peripheral device capable of performing short-range wireless communication with the communication terminal. The peripheral device includes a transmission section configured to transmit, to the server, device identification information which is information capable of uniquely identifying the peripheral device. The server includes a white list storage section, a checking section, and a use permission process execution section. In the white list storage section, a white list comprising the device identification information is previously stored. The checking section is configured to check, against the white list, the device identification information transmitted from the peripheral device. The use permission process execution section is configured to, as a result of the checking, when the device identification information transmitted from the peripheral device is included in the white list, execute a process for enabling use, from the communication terminal, of the peripheral device indicated by the device identification information.
According to the above configuration example, when a peripheral device is to be used, authenticity of the peripheral device can be confirmed.
One example of another configuration example is a peripheral device capable of performing data communication in the form of short-range wireless communication with a communication terminal capable of performing short-range wireless communication, the peripheral device including a transmission section, a permission information setting section, and a connection section. The transmission section is configured to transmit, to a predetermined server, device identification information which is information capable of uniquely identifying the peripheral device. The a permission information setting section is configured to set connection permission information which is information indicating whether connection of the peripheral device to the communication terminal is permitted, on the basis of data transmitted from the server as a result of an authentication process executed in the server on the basis of the device identification information. The connection section is configured to connect the peripheral device to the communication terminal after confirming that the connection permission information has a content indicating that the connection to the communication terminal is permitted. The connection permission information may be valid period information indicating a valid period for which the peripheral device is allowed to be connected to the communication terminal. The peripheral device may further include: a valid period storing section configured to store therein, as the valid period information, a valid period of bonding information which is information to be used when the peripheral device is to be re-connected to a predetermined communication terminal to which the peripheral device has been connected once; and a valid period determination section configured to determine whether the valid period of the bonding information has elapsed, before communication of the peripheral device with the communication terminal is started. Then, when the valid period determination section has determined that the valid period has elapsed, the processes by the transmission section and the permission information setting section may be executed again.
According to the above configuration example, when the peripheral device is to be used from a predetermined communication terminal, use of the peripheral device can be allowed after the connection permission for the peripheral device is checked. In addition, since the valid period is provided to a period for which the use is allowed, it is also possible to periodically check the connection permission.
One example of another configuration example is a wireless communication chip capable of performing Bluetooth® communication, the wireless communication chip including: a storage section having stored therein key data to be used in encrypted communication with a predetermined communication device, address data which is a device address capable of uniquely identifying the wireless communication chip, and digital signature data of the address data.
According to the above configuration example, for example, when the peripheral device is to be used by connecting the peripheral device to a communication device, it is possible to provide a wireless communication chip which allows execution of a process for checking the connection permission thereof (use permission).
One example of another configuration example is a computer-readable non-transitory storage medium having stored therein an application program to be executed by a computer of a communication terminal which is communicable with a server via the Internet and which is capable of performing short-range wireless communication with a peripheral device, the application program causing the computer to perform operations comprising: receiving, from the server, key data to be used in encrypted communication with a predetermined peripheral device; and performing encrypted communication with the peripheral device by using the received key data. It should be noted that the computer-readable storage medium here includes, for example, a flash memory, a magnetic media such as ROM and RAM, and optical media such as CD-ROM, DVD-ROM, and DVD-RAM.
According to the above configuration example, when the peripheral device is to be used from a predetermined communication terminal, encrypted communication process with the peripheral device can be allowed after permission has been received from the server (key data has been received). In other words, it is possible to provide an application that requires use permission from the server when the peripheral device is to be used. Accordingly, safety in use of the peripheral device can be increased.
According to the exemplary embodiments, when the peripheral device is to be used from a predetermined communication terminal, use of the peripheral device can be allowed after the connection permission for the peripheral device is checked. Accordingly, safety in use of the peripheral device can be increased.