1. Field of the Invention
The present invention relates to a network system supporting network communication among mobile computers through a temporarily formed network and file sharing among computers.
2. Description of the Background Art
Conventionally, a file sharing scheme for sharing files among a plurality of computers has been realized in a form of a distributed file system, etc. by forming a distributed system in which the computers are connected through a network. In a case where a plurality of mobile computers participate in such a network and share data among these mobile computers, the following procedure is necessary.
(1) Connection of each mobile computer to the network
(2) Authentication of each mobile computer/user on the network
(3) Disclosure of files with respect to the other users
In the following, the conventional method and its problems for each of these steps (1) to (3) in the above procedure will be described.
(1) Connection of each mobile computer to the network
The most typical computer network is the so called home network for connecting fixed computers, in which a logical address is allocated to each computer and an address table registering a correspondence between a physical address of each computer and an allocated logical address is formed. In such a home network, the procedure for a certain user U1 on a computer M1 to communicate with another computer M2 is as follows.
(a) The user U1 specifies a logical address IP2 of the computer M2.
(b) The operating system (OS) of the computer M1 checks the physical address E2 corresponding to the logical address IP2 from the address table, and transmits messages through the network by specifying the physical address E2.
In the step (a) of this procedure, means for obtaining a logical address of a host from a host name is often provided, and in such a case, the user U1 can make the communication by specifying the host name of the computer M2.
Now, it is preferable for the mobile computer such as a portable computer terminal to be capable of being connected to a temporal network which is a network other than the home network to which it normally belongs. As an exemplary conventional scheme for realizing such a connection, there is a protocol called VIP as disclosed in Fumio Teraoka, Kim Claffy, and Mario Tokoro: "Design, Implementation, and Evaluation of Virtual Internet Protocol", Proc. of the 12th International Conference on Distributed Computing System, June 1992.
This VIP is a protocol for supporting a mobile computer on the internet, in which the mobile computer has an IP address corresponding to the conventional logical address, and a VIP address as a host identifier independent of the network to which it belongs, such that the migration transparency of the computer is realized by using the VIP address as the logical address. By means of this protocol, the mobile computer itself can be set in a state similar to a case in which it is on the home network, but it is impossible to carry out the collaborative work such as a sharing of files with the other computers on the temporal network.
Also, as another conventional scheme for realizing a connection to the temporal network, there is a scheme using a protocol called DHCP as disclosed in Network Working Group: "Dynamic Host Configuration Protocol", RFC (Request for comments) 1531, October, 1993. According to DHCP, it is possible to dynamically change the network setting of the connected computer at a time of connection, so that the connected computer can operate as a computer on the temporal network. However, there is a drawback that the setting of the computer is going to be changed every time it is connected to a different temporal network. In addition, this DHCP itself only provides an information necessary for connecting the computer to the network, so that in order to actually connect the computer, there is a need to provide a software for changing the setting of the computer according to the network information obtained from the DHCP.
Also, in the field of the internet, there has been a proposition for an address switching IP router which switches an address of a message at a portion called router for connecting two networks. In view of this, it is possible to consider a scheme in which a plurality of address switching IP routers are provided on the temporal network and each mobile computer is connected to the temporal network through one of these address switching IP routers. However, as this address switching IP router carries out the address switching by looking up a statically defined address table, there is a drawback that it is necessary to change this static address table every time each mobile computer is to be connected to the temporal network.
(2) Authentication of each mobile computer/user on the network
Most of the conventional distributed file systems realize the file sharing by using a user authentication function and a host identification function provided by a name service on the network. For example, in the NFS (Network File System), the function provided by the NIS (Network Information Service) is used for the identification of the user and the host. This NIS manages the information such as a host table (host name, IP address), a net group (net group name, host name), a user table (user name+pass word, user ID+group ID), and carries out the authentication at a time of the user log in by using the user name and the pass word.
On the other hand, in the distributed file system, the disclosure of files subordinate to a certain directory is carried out by specifying host names or net group names to which the files are to be disclosed such that only the permitted hosts can use the disclosed data. Also, the access right is set up for each file such that an access to each file by a certain user is possible only when such an access is judged to be permitted to that certain user by checking the user ID/group ID of that certain user.
There has also been a method for carrying out the authentication of the host and the user without using the network name service, by managing the host table, the net group, and the user table at each computer. In this case, each management information is recorded as a file possessed by each computer.
In such a manner, the conventional distributed file system realizes the file sharing among computers, but this is realized with respect to a network formed by fixed computers such as a home network, and it is necessary to allocate an address to a computer temporarily connected to the network by means of the DHCP, etc. Here, however, the allocated address is a dynamically allocated one, so that the authentication of each computer cannot be carried out, and there is no means for determining which data are to be disclosed.
(3) Disclosure of files with respect to the other users
In addition, in a case of disclosing the files subordinate to a certain directory (referred hereafter as a disclosure root directory) with respect to the users so as to share these files with the other users, these files become accessible for the other users as the other users mount that disclosure root directory. Here, the disclosure root directory has some other directories (referred hereafter as disclosure sub-directories) and some files subordinate to it, so that it becomes possible for the other users to know their existence. As for the files, they are accessible when the access rights are given. Also, if an access right is given to the disclosure sub-directory, it is possible for the other users to know the existence of the files and directories subordinate to that disclosure sub-directory.
Now, in a case of setting up a certain disclosure directory on the dynamically generated network such as the temporal network, it is preferable to be able to hide the existence of particular files subordinate to that disclosure directory. However, in a conventional distributed file system, when the files subordinate to a certain directory are disclosed, the existence of all the files subordinate to that certain directory is going to be disclosed, and the existence of the files subordinate to the disclosure sub-directories to which the accesses are permitted is also going to be disclosed.