1. Field of the Invention
The present invention relates to a remote control relay device for handling information specific to a user or equipment when operating a specific device from a remote location.
2. Description of Related Art
Web servers, routers, gateways, and other network devices are examples of equipment enabling two-way remote operation such as for changing settings by communicating with an external device in a remote location. These network devices are Web-enabled for accessing the Internet (World Wide Web (also “Web” below)) and can be controlled from an external device with a Web browser function using HTTP (Hypertext Transfer Protocol) or other protocol.
Web-enabled as used herein means a function enabling reading data from a device in a remote location (a “remote device”) or for operating that remote device.
A Web browser function means a function for displaying data read from a remote device over the network.
Web-enabled remotely-controlled devices are increasingly incorporated into a variety of products for recording and playing back various kinds of information. The IP (Internet protocol) address uniquely identifying the remotely-controlled device and external device, and an ID and password uniquely identifying the user are needed to control this remotely-controlled device from an external device over a network, and this information can be viewed and changed using a Web browser. See, for example, Japanese Laid-Open Patent Publication No. 2000-217167.
Public file recovery systems for replacing the content of a public file with the content of the same file stored internally when the content of the public file accessible via the network has been illicitly changed are also known. See, for example, Japanese Laid-Open Patent Publication No. 2000-222264.
A remotely-controlled device according to the prior art is described next below with reference to FIG. 11. FIG. 11 is a schematic block diagram showing the configuration of a remotely-controlled device according to the prior art. A Web-enabled recording/playback device (referred to below as a “data player”) is used by way of example as the remotely controlled device. The remotely-controlled device 60 has a communication controller 61, display memory 63, data storage memory 64, Web controller 62, and power supply 66.
The functions of these component parts are described next. The communication controller 61 communicates with an external device 50 that can display and manipulate a Web browser over a network. Data is buffered to the display memory 63, and data is stored to the data storage memory 64. The Web controller 62 controls communication controller 61, display memory 63, and data storage memory 64, and communicates with the external device 50 and displays Web content over the network.
The external device 50 could be a Web-enabled cell phone or a personal computer with Web access, and has a communication controller 51 for communicating with the remotely-controlled device 60 over a network, and a Web control unit 52 able to display Web content.
FIG. 12 is a flow chart of the operation of the Web controller 62.
(1) In step S51 the remotely-controlled device 60 is turned on.
(2) In step S52 various default settings of the remotely-controlled device 60 are initialized.
(3) In step S53 data stored in the data storage memory 64 is copied to the display memory 63.
(4) Step S55 is a verification step for determining if the external device 50 or the user of the external device 50 is an authorized user.
(5) Step S56 is a reference request detection step for detecting requests from the external device 50 to reference data.
(6) Step S57 is a data transmission step for sending data in display memory 63 to the external device 50 when a data reference request from the external device 50 is detected.
(7) Step S58 is a change request detection step for detecting a request from the external device 50 to change data.
(8) Step S59 is a change-data step for changing data in the display memory 63 when there is a change-data request from the external device 50.
(9) Step S60 is a storage request detection step for detecting requests from the external device 50 to save data.
(10) Step S61 is a data storage step for storing data in the display memory 63 to the data storage memory 64 when a data storage request is detected from the external device 50.
Operation of this remotely-controlled device is further described below with reference to FIG. 12.
(a) First, in the power-on step S51, the remotely-controlled device is turned on.
(b) Next, in step S52 various default settings required for operation of the remotely-controlled device 60 are set to specific initial values.
(c) Next, data stored in the data storage memory 64 is read and stored to the display memory 63 (S53).
(d) After the remotely-controlled device 60 is thus set up and then accessed from an external device 50, step S55 confirms if the protocol received from the external device 50 can be used with the remotely-controlled device 60, and if it can then a user verification process is run to confirm whether the external device 50 or the external device 50 user is an authorized user recognized by the remotely-controlled device 60 (S55). This assures the security of data stored in the remotely-controlled device 60.
Protocol verification and user authentication are done by reading control data from the data storage memory 64 to the communication controller 61, and comparing this read control data with data such as the user ID and password received from the external device 50.
This control data means data used to enable communication with the device attempting communication (access), i.e., data essential to the communication protocol. For example, this control data is typically a user ID, password, or other data unique to a specific user, and the IP address or other data unique to the device. Data other than this control data is differentiated herein as “display data.”
If the protocol from the external device 50 is determined incompatible (unusable) by the remotely-controlled device 60 in step S55, or if the external device 50 user cannot be authenticated, the user is unable to access and use the Web controller 62 of the remotely-controlled device 60. Authenticated users can access and operate the Web controller 62 of the remotely-controlled device 60.
Next, if verification and authentication are successful in step S55 and the Web controller 62 can be used from the external device 50, what the protocol from the external device 50 is requesting of the remotely-controlled device 60 is determined and the Web controller 62 operates according to the request. The external device 50 user can thus perform the following three operations with the remotely-controlled device 60.
(e) First, data stored in the display memory 63 can be referenced. Requests from the external device 50 to reference data are passed through the communication controller 61 to the Web controller 62. These requests are detected in the reference request detection step (S56). Then in the data transmission step (S57), the Web controller 62 controls reading the data requested by the external device 50 from the display memory 63 to the communication controller 61, and sending the data from the communication controller 61 to the external device 50.
(f) Second, data stored in the display memory 63 can be changed. Requests from the external device 50 to change data are passed through the communication controller 61 to the Web controller 62. These requests are detected in the change request detection step (S58). The Web controller 62 then controls writing the changed data or new data to the display memory 63 through the communication controller 61 and Web controller 62 in step S59. The changed data or new data that is written may include control data.
(g) Third, data in the display memory 63 can be copied to the data storage memory 64. Data storage requests from the external device 50 are passed through the communication controller 61 to the Web controller 62. These requests are detected in the storage request detection step (S60). Next, in the data storage step (S61) data in the display memory 63 is copied to the data storage memory 64 by the Web controller 62. Data stored at this time could also include control data.
(h) When operation by the user of the external device 50 ends, the remotely-controlled device 60 waits for a next access from the external device 50, and the Web controller 62 stops operating if the remotely-controlled device 60 power is turned off.
A problem with this conventional system described above is that if an unauthorized user passes authentication, the unauthorized user can change data, including control data, in the data storage memory 64 by way of changing data in the display memory 63 of the remotely-controlled device 60 from the external device 50. This means that a falsely authenticated unauthorized user can freely change control data in the data storage memory 64 before the authorized user becomes aware of the unauthorized access. Control data in the data storage memory 64 is used for authentication in the verification step S55. Therefore, if data in the data storage memory 64 is changed by an unauthorized user, an authorized user may fail authentication and become unable to operate the remotely-controlled device 60 from the external device 50. This is an obvious security problem.