The present invention relates to a device and a communication method by which an information apparatus connected to a network inside a firewall and another information apparatus connected to a network outside the firewall make communication with each other securely.
In recent years, the IP protocol which is a standard protocol of the Internet is practically a de facto standard protocol in communication among information apparatuses, and the IP protocol is also used domestically. Such an example is disclosed in JP-A-11-187061. In consideration of the starvation of numbers, the security, and so on, in a network inside a firewall and safe in terms of information security (hereinafter, referred to as “in-home network”), a local address is assigned to each of connected information apparatuses (hereinafter, referred to as “in-home apparatuses”) so as to be identified. To make communication with an information apparatus (hereinafter, “out-of-home apparatus”) connected to a network outside the firewall (hereinafter, referred to “out-of-home network”), the local address is converted to a global address in the firewall.
In addition, a security communication protocol typified by IPsec (IP Security) operates between terminals making communication with each other.
In addition, all the in-home information apparatuses are connected to the in-home network.
According to such a technique, the address of the in-home apparatus may change whenever communication is made. Thus, it is impossible to start communication from the out-of-home apparatus.
In addition, in order to perform communication securely, a security communication function is required to be mounted, and in order to keep the in-home network secure, all the in-home apparatuses that make communication with the out-of-home apparatus are required to have such a security communication function.
In addition, any PC is so sophisticated that it can operate various connection means or other apparatuses. Accordingly, even if unauthorized access from the outside is excluded by the firewall, there is a fear that the in-home apparatuses are damaged once the PC is infected with a virus.
In addition, when the Internet service provider is changed, the assigned address is changed. It is therefore necessary to reset the addresses of all the in-home apparatuses. Further, in order that each in-home apparatus knows the network to which the apparatus as a source of a received message belongs, it is necessary to mount a function of investigating the path history of the message.