1. Field of the Invention
The present invention relates to a radio network system, a radio network management method, and a radio network management program executable on a computer, and more particularly, to a technique to be used for managing devices in a radio network system in which communications are protected by authentication or encryption.
2. Description of the Related Art
In recent years, in conjunction with the advance of the LAN (Local Area Network) technique. The networking in the office environment has been developed mainly in forms of connections among PCs (Personal Computers). While such wired LANs are spreading, the use of the wireless LAN in which a part of the wired LAN is replaced by radio is also in progress. For example, a radio base station is connected to the wired LAN and a plurality of portable PCs are connected to this base station by radio. When a file of a desk-top PC connected to the wired LAN by Ethernet is edited from the portable PC, the radio access to the wired LAN is realized. Also, when portions of the base station and the portable PC are extracted, these portions form a wireless LAN. The advantages of such a wireless LAN are that there is no need to lay cables because radio waves or infrared rays are used as transmission paths, and that a new construction or a layout change of the network is easy.
The introduction of such a wireless LAN is becoming popular due to the standardization of IEEE 802.11. In IEEE 802.11, the 2.4 GHz band wireless LAN specification was completed in 1997, and the 5 GHz band wireless LAN specification was completed in 1999. The transmission rate of the 2.4 GHz band wireless LAN specification is either 1 to 2 Mbps or 11 Mbps, and the specification with the transmission rate over 20 Mbps is currently under the discussion. Recently, products compatible with this 2.4 GHz band specification have been released by many companies so that the base station and the radio PC card are now priced in an affordable range of general users. On the other hand, the 5 GHz band wireless LAN specification can realize the transmission rate of 20 to 30 Mbps. Also, unlike the 2.4 GHz band, 5 GHz band is currently almost unused frequency band in which faster transmission rates can be expected easily, so that it has a prospect of becoming the next generation wireless LAN specification. With the appearance of some venture company that plans to sell one chip at $35 in 2001, 5 GHz band is now becoming familiar.
In addition, there is a trend to install the Bluetooth on all kinds of devices in a variety of fields including those of portable telephones, home electronics and PCs. This Bluetooth is also a 2.4 GHz band radio system, and it is expected to spread worldwide due to its low cost of about $5 for one chip, its wide acceptance by approximately 2000 companies in a variety of fields and its standardization activity that has been made in direct connection with the product developments.
From the circumstances described above, as radio devices are spread, the range of application of these techniques is expected to cover not just the office environment but also the general homes as well. In particular, the fact that there is no need to lay cables in the home is even greater advantage than the case of the office environment.
However, despite of the fact that the operation by radio is easy, its feature that it does not use an explicit connection such as that used in the case of the cable connection or the like tends to give rise to the problem of security and privacy. There is a possibility for having the radio device controlled from outside the home without consent, or a possibility for having the personal information stolen or destroyed. The internet connection is now shifting from a part time basis to a tall time basis, but when it becomes popular to keep the power of the PC having a radio network interface constantly on as a result, there is also a possibility for allowing an intrusion into the PC via the radio network interface by evading the firewall.
Also, the general home users are likely to experience some vague anxiety because of the circumstances in which the hone users can learn some knowledge about the presence of threats related to the security such as eavesdropping and pretending, through news related to the computer virus from the PC industry or TV programs. Under the business environment, it is relatively easy to take measures against these threats by hiring a specialist, and it is possible to implement the IPSEC or firewall and continually updating such software. However, under the home environment, it is expected to be rather difficult for many users to take such measures in general.
In order to enable the users to use the network of radio devices in the home without anxiety, there are attempts to use a method for distributing secret information to be used for the authentication from an authentication server installed in the home. However, if a radio device that received the secret information once is allowed to use the same secret information indefinitely, the user cannot hand over the radio device to someone else or discard the radio device without anxiety. Also, when one radio device is stolen, there is a possibility for having all the radio communications in the home eavesdropped by using the secret information maintained by that device.
When the communications within the network are to be protected by the above described method, it is presupposed that there is only one authentication server. However, when there is only one authentication server, there arises a problem that all the information regarding the radio devices can be lost when this authentication server fails. It is possible to prevent the information from being lost even when one authentication server falls if two or more authentication servers are provided and the information regarding the radio devices is shared among them. However, in the radio communications, there are many cases where the communications become temporarily impossible due to various conditions, so that it is not necessarily always possible to synchronize the information among the authentication servers. For this reason, it is difficult to guarantee that the information is always the same among the authentication servers.