1. Field of the Invention
The present invention relates to a wireless communication technology such as a wireless LAN, and in particular to a client terminal, an access point apparatus, and a wireless connection system for conducting wireless communications.
2. Description of the Related Art
In recent years, wireless communication apparatuses, for examples, apparatuses having a wireless LAN (Local Area Network) function have been widely available on the market and have been used at offices and at homes. However, in the wireless communications, radio waves are used as communication media and thus data can be received anywhere in the range in which radio waves can reach, and it is difficult to limit the communication destinations. Thus, security measures have been a particularly important problem.
For example, with a wireless LAN compliant with IEEE802.11 standard, for example, the main security measures can be roughly classified into three of access control based on a MAC (Media Access Control) address, access control based on SSID (Service Set Identification) and encryption of communications using an encryption key of WEP (Wired Equivalent Privacy).
The MAC address is a unique value assigned to each network card. In the MAC address access control, only client terminals each with the MAC address registered in an access point apparatus are accepted in the access point apparatus and client terminals having other MAC addresses are excluded. However, the MAC address is distributed in the radio zone in a state in which the MAC address is not encrypted and thus if a third party intercepts the MAC address, spoofing can be done easily.
The SSID is an ID added to each access point apparatus and is provided for the purpose of permitting communications to be conducted only in the SSID match combination.
Last, the encryption using an encryption key such as a WEP key is defensive means for changing the encryption key for each communication destination, thereby preventing a packet from being broken if the packet is intercepted. Although the means involves a problem of vulnerability concerning the used encryption key, it is widely known as comparatively high security means as compared with the MAC address and the SSID. To furthermore enhance safety, a more advanced encryption system, a method using authentication based on IEEE802.1X and the like are carried out and proposed.
For example, JP-A-2004-072682 proposes a connection method for making comparatively safe wireless communication connection even in a client terminal not previously possessing the account or certificate corresponding to an authentication process in a communication system wherein authentication such as IEEE802.1X is required. In this method, a wireless communication link using a comparatively low-level encryption system is once established between an access point apparatus and a client terminal and authentication data required for conducting wireless communications based on a high-level encryption system wherein an authentication process is required is transmitted to the client terminal and then the link is once discarded and again wireless communications based on the high-level encryption system using the authentication data are conducted.
Wireless connection at a high level of safety has been made possible as described above.