Field
Aspects of the present invention generally relate to an information processing apparatus that communicates with communication relay apparatuses such as access points (APs).
Description of the Related Art
An information device connected to an in-house network is preferably operated in accordance with a previously set information security policy. The information security policy is a basic principle concerning a cross-enterprise information security and is created by organizing a principle for using information and a principle for avoiding intrusion from an external part or information leakage. The information security policy is established by an administrator who deals with the security.
For example, one of security policies for enhancing the security is “prohibiting the use of a weak encryption”. National Institute of Standards and Technology (NIST) issues SP800-57 as Special Publication (SP) series. To satisfy a standard of the security predefined in this SP800-57, according to the policy “prohibiting the use of a weak encryption”, the use of a vulnerable encryption is prohibited. It should be noted that, according to the present specification, an encryption method of a communication shorter than or equal to a 1024-bit key length is simply described as a “weak encryption”. With the application of this security policy, the use of a weak encryption is prohibited in internal processing of the information device.
In the information device, an encrypted communication is used in a wired communication or a wireless communication. Hereinafter, an example of the wireless communication will be described. As one of use methods of the encrypted communication in the wireless communication, a wireless local area network (LAN) is exemplified. With regard to the wireless LAN, a plurality of protocols exist which have different security strengths or different used encryptions which are predefined by Wi-Fi Alliance. A majority of information devices and the APs having a wireless LAN function support a plurality of protocols and appropriately use the protocol in accordance with a use purpose or a demanded security.
The protocols of the wireless LAN include Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and Wi-Fi Protected Access2 (WPA2). WPA and WPA2 can select an encryption method to be used. Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES) is used as the encryption method. For example, a method using AES in WPA2 is denoted by WPA2-AES or the like and is used as a security setting of the wireless LAN.
In a case where the wireless LAN is used by way of WEP from the information device, a WEP key previously set in the communication relay apparatus needs to be input. Normally, the above-described communication relay apparatus is referred to as an access point (hereinafter, will be referred to as an AP). It should be noted that the WEP key is an alphanumeric character string used as a key for the encryption of the communication. Similarly, in a case where the wireless LAN is used by way of WPA or WPA2 from the information device, a pre-shared key (PSK) previously set in the AP needs to be input. The PSK is an alphanumeric character string used as a key for the encryption of the communication.
Among those, only WPA-AES and WPA2-AES are settings in which the weak encryption is not used.
As an assisting unit for the setting of the wireless LAN connection, a setting unit of a wireless LAN based on an access point selection exemplified in FIGS. 10A and 10B has been proposed. In FIGS. 10A and 10B, electric wave intensities 101 of the APs are displayed by way of a plurality of bars having mutually different lengths on an AP selection screen 100. As the number of bars displayed on the electric wave intensity 101 is higher, the more stable communication can be performed. A service set identifier (SSID) 102 indicates an identification name of the AP. For example, in a case where a connection to an SSID “AP1” of the AP is attempted, the SSID 102 may be selected on the AP selection screen 100.
FIG. 10B illustrates an input screen 171 of the PSK. In a case where the encryption method of the communication in the security setting of the AP selected in FIG. 10A is WPA or WPA2, the input screen 171 is displayed. In FIG. 10B, a character string input on a PSK input column 172 is represented by * to avoid password leakage caused by peeking or the like. In a case where the PSK input at this time is matched with the PSK previously set in the AP selected on the AP selection screen 100, the wireless LAN communication is permitted.
In a wireless LAN communication in a network where the use of a weak encryption is prohibited as the security policy, when the communication is attempted by way of the security setting in which the weak encryption is used, an error occurs, and the communication is not permitted.
For this reason, if the user selects the AP using the weak encryption on the AP selection screen 100 of FIG. 10A, an communication error occurs, and an operation for selecting a connection destination again needs to be performed, which is troublesome. In addition, to select the AP that does not use the weak encryption, the user needs not only knowledge about the weak encryption but also knowledge about the encryption used in the wireless LAN. Therefore, it is difficult for a large number of users to select an appropriate AP in the first place.