1. Field of the Invention
The present invention relates to authentication method and communication control method in a wireless communication system comprising a plurality of wireless communication apparatuses.
2. Description of the Related Art
Recently, data communication and control are performed between various types of information devices, for example information terminals such as cellular phones, PDAs (Personal Digital Assistants), personal computers and peripheral devices of personal computers such as printers. In the data communication and control between the information devices, use of wireless communication connection has been sharply increased. Further, in addition to the above described information devices, various devices are being adapted to support wireless communication function, for example image sensing apparatuses such as digital cameras, home electric appliances and accessories. On the other hand, wireless use of USB (Universal Serial Bus), which has been widespread as a wired communication connection method, is promoted.
Wireless communication connection standards which are now generally used include Bluetooth (registered trademark), IEEE 802.11 standard and so-called Wireless LAN, etc. In Bluetooth (registered trademark), an ad hoc mode which is suitable to peer-to-peer connection is mainly used, it is possible to form piconet for network connection of a plurality of information devices in an ad hoc mode. In IEEE 802.11 standard, there are the ad hoc mode which is suitable to peer-to-peer connection, and an infrastructure mode which is suitable to connection to existing LANs.
In performing wireless communication connection and wireless data communication by wireless communication apparatuses, a procedure of authentication is often performed so as not to connect to unspecified apparatuses or unintended apparatuses. In the authentication, a PIN (personal Identification Number) code or an ESSID (Extended Service Set Identifier) is exchanged between the wireless communication apparatuses as one of authentication information. Additionally, a WEP key (Wired Equivalent Privacy Key) or the like may be used. Two specific wireless communication apparatuses, which have exchanged the above described authentication information, make one-to-one correspondence using the authentication information to ensure authentication security of wireless communication.
The authentication information must not be disclosed to a third party. If the authentication information leaks to a third party, the third party can access documents, address books, electronic mails, personal information, image data and so on, which are stored in the apparatuses, using the leaked authentication information. In addition, a wireless communication system, a billing system or a printing system can be used by the third party without proper authentication. Under these circumstances, security measures for wireless communication apparatuses receive attention.
Several methods of inputting authentication information for mutual authentication of wireless communication apparatuses are provided: for example, a method of manual input by users, a method of inserting SIM (Subscriber Identify Module) cards into the apparatuses, a method for authentication using infrared communication and a method for authentication using connection cables. In addition, there is a method in which two wireless communication units are provided in the apparatus and authentication is performed with one of the wireless communication units, for example.
The authentication information, such as communication parameters and address identifiers, example of which are the PIN code, the ESSID or the WEP key, is stored in storage units in both wireless communication apparatuses after mutual authentication of the wireless communication apparatuses is completed. When data communication is performed, a wireless data communication path is established using the stored authentication information.
The following method is proposed as a method for authentication of wireless communication apparatuses with security measures. A first communication device and a second communication device, which have a first communication part capable of wireless communication and a second communication part different from the first communication part, mutually connect their second communication parts with a cable to determine communication parameters for wireless communication between the two devices. In this way, setting of the communication parameters required for wireless communication by the user can be eliminated (see Japanese Patent Laid-Open No. 2002-359623, for example).
In addition, for wireless communication between two communication apparatuses which are a digital camera and a communication partner device, the following method is proposed. First, the communication partner device displays on an image display unit bar code information used for attaining permission of communication, and the digital camera obtains and analyzes the bar code information displayed on the image display unit of the communication partner device by an image sensing element. Then, the digital camera stores the analyzed information as an authentication password for wireless communication with the communication partner device (see Japanese Patent Laid-Open No. 2004-178187, for example).
The authentication information associating the specific two wireless communication apparatuses with each other has a high-security strength as its word length is random and long. However, when the user manually inputs the information, the operation is cumbersome for the user. Therefore, the authentication information which is manually input by the user has often a short word length and therefore the code is easy to guess by the third party. In addition, in the method for authentication with infrared communication, it is inconvenient that the user has to perform cumbersome operations or care about the narrow directivity. Further, in the method described in Japanese Patent Laid-Open No. 2002-359623, it is necessary to connect devices to each other with a cable, which is also cumbersome.
In the method disclosed in Japanese Patent Laid-Open No. 2004-178187, wire connection with the communication partner device is not required, which allows easy authentication. However, management of the authentication information after the authentication is performed and communication control in the case of a plurality of wireless communication apparatuses being authenticated with each other are not considered. Therefore, it is difficult to practically use the method.
In particular, if too many communication apparatuses are allowed to communicate with a communication apparatus, the occupation time of the communication apparatus by other communication apparatuses is too long.
As described above, in the conventional authentication method and communication control method of wireless communication apparatuses, the authentication information such as communication parameters and address identifiers cannot easily set. Therefore, a system such as a wireless communication system or a printing system which is easy to use by the user cannot be provided.