Open System Interconnection (OSI) is a standard in which a design policy of a network architecture for realizing data communication between different types of devices is defined. This standard has been standardized by the International Organization for Standardization (ISO). OSI defines an OSI basic reference model in which a network is hierarchically built, in order to verify interconnection between networks.
A communication device including a communication interface for communication on a local area network (LAN) identifies an opponent when performing communication on a data link layer in the OSI basic reference model. A media access control (MAC) address is used for this identification. The MAC address is a unique identifier (ID) number assigned to each communication interface or each card-type communication interface card of the communication device. Communication interfaces in the world are assigned unique numbers by the MAC addresses. Communication between devices on the LAN is performed based on the MAC addresses. The MAC address is managed and assigned by the Institute of Electrical and Electronic Engineers (IEEE). The MAC address is a combination of a unique number for each manufacturer and a number assigned by the manufacturer.
In general, a communication device permanently uses a value of an initially assigned MAC address. However, the MAC address is not necessarily limited to such a form. For example, the case in which a plurality of communication interfaces are virtually realized with one physical communication interface is considered. In this case, MAC addresses other than the initially assigned MAC address are assigned, and a plurality of MAC addresses are used for operation. This primarily is the case in which virtual devices are configured so that one physical communication device operates as a plurality of devices. There is another case in which, for example, a redundant system is built using a server.
The MAC address is assigned in advance when a communication device is manufactured. For this reason, the MAC address is less likely to be duplicatively assigned in a management environment. Therefore, when it is assumed that a communication device is manufactured under the thus managed mechanism, it can be said that the MAC address guarantees that a communication interface is unique. However, the MAC address is likely to be duplicated between communication devices, for example, due to troubles generated in a manufacture process.
In recent years, various wireless communication devices beginning with wireless LAN devices have been mounted on personal computers, peripheral devices, portable telephones, game machines, home electric appliances, and so on. For communication in such a wireless environment, encryption at a communication path in a wireless section, authentication upon communication initiation, and the like are used and communication contents are protected.
Meanwhile, for identification of an opponent in communication, a MAC address of a communication device is used as a destination. This MAC address is not encrypted. For this reason, a third party can identify the MAC address used for communication. This is not desirable from the perspective of privacy.
There is another situation in which a MAC address is changed. For example, service in which an Internet service provider is notified in advance of a MAC address of a communication device connected to the Internet to restrict the access to the Internet from other communication devices is assumed. A communication device of a person receiving such service is assumed to have failed and be unable to connect to the Internet. In this case, even though another communication device is used instead of the communication device incapable of communication, the other communication device cannot connect to the Internet due to a different MAC address. Here, in order to resolve this trouble, a contractor with the Internet service provider temporarily changes a MAC address of a communication device used as a substitute into a registered MAC address to connect to the Internet.
As described above, even though the MAC address of the communication interface is permanently used for the communication device, there are several situations in which the MAC address is changed.
When the MAC address is changed, the MAC address may be duplicated between different communication devices. When a plurality of communication devices having the same MAC address are present on the network as a LAN structure, it is impossible to identify the communication devices. That is, it is impossible to specify an opponent to communicate. For this reason, MAC address duplication is a severe issue.
Here, there are various mechanisms of discriminating MAC address duplication, as related techniques. Among them, in a first related technique, it is monitored whether a MAC address to be used in a state in which a communication device is connected to a network is already being used on the network based on a transmission source address for the received data. In the first related technique, it is necessary to continuously perform monitoring for a certain time in order to discriminate whether a MAC address to be used is already being used. Even when such a duplicated MAC address is present, it is not guaranteed that data as a determination criterion arrives at a communication device as a duplication detection object.
For example, it is assumed that a switching hub is used in a network. The switching hub parses data transmitted from a communication device to detect a destination, and transmits data only to a terminal at a destination. As a result, even when a duplicated MAC address is detected, this detection result is likely not to be transmitted to a communication device as a duplication detection object. As a result, it takes time to discriminate whether the MAC address is duplicated.
A second related technique that is the same mechanism as the mechanism of discriminating such address duplication is also known. In the second related technique, Internet protocol (IP) address duplication is checked in a network layer. A method called “gratuitous address resolution protocol (ARP)” is a method of checking IP address duplication. In this method, an ARP protocol used to obtain a MAC address from an IP address is applied (e.g., see Non-Patent Document 1).
Normally, an IP address with which a communication device desires to communicate is set in a destination IP address. On the other hand, in Non-Patent Document 1, an IP address of a communication device or an IP address for which duplication is to be checked is set in the destination IP address. When such an ARP request is broadcast and a response is received, it is determined that a communication device having the IP address is present on the network. However, the second related technique cannot realize MAC address duplication check.
Unlike the ARP, a reverse ARP (RARP) is a protocol for acquiring an IP address from a MAC address. In the ARP, it is common for a communication device having the IP address to respond. On the other hand, in the RARP, when a previously set RARP server is present, there is a response when the MAC address is broadcast. Further, there is a response when a MAC address and an IP address are caused to correspond to each other irrespective of whether the relevant communication device is present on the network. Accordingly, when the RARP is used, it is impossible to check whether the communication device of the broadcast MAC address is present.
Another method of checking IP address duplication includes a method using duplicated address detection (DAD) included in Internet protocol version 6 (IPv6). In this method, a communication device that checks the duplication transmits a DAD message to a communication device on the network in order to discriminate whether the same IP address is being used. If a communication device using the IP address is present on the network, since this communication device responds to the DAD message response, it is possible to discriminate whether the same IP address is being used.
As an automatic IP address generation function in IPv6, there is a method of generating an IP address by combining a prefix portion included in a router notification message advertised by a router with a MAC address of the communication device. Accordingly, it may be possible to check the MAC address duplication.
However, automatic IP address generation based on a MAC address in IPv6 cannot be used in all environments. Accordingly, it is difficult to identify a MAC address from an IP address, and it is impossible to substitute IP address duplication check with MAC address duplication check.
Meanwhile, as a third related technique, a technique in which a base station receives a first MAC layer connection message from a mobile terminal and checks whether the same MAC address as that of the mobile terminal is present in the same sub-network has been proposed (e.g., see Patent Document 1). In the third related technique, a connection request on a data link layer is made from a communication terminal to a base station in an IPv6 environment, and a MAC address of the communication terminal is notified of together. The base station retrieves a neighbor list table and checks if the same MAC address is used within the same sub-network. The result of checking MAC address duplication is returned to the communication device.
Thus, in the third related technique, the base station checks MAC address duplication upon a connection on the data link layer. For this reason, when it is determined that the MAC address is duplicated, the base station generates a temporary MAC address having the same length as that of the MAC address. The base station similarly checks MAC address duplication on this temporary MAC address. Thus, when the base station generates a non-duplicated MAC address, the base station combines a prefix with the generated MAC address to generate a 128-bit IPv6 address.
However, in the third related technique, when it is determined that the MAC address is duplicated, a communication terminal that is using the MAC address is likely to suffer from communication failure. This is because it is difficult to perform duplication check before the MAC address is used. Also, it is because the MAC address is used upon connection on the data link layer, before the MAC address duplication is checked.
For example, it is assumed that communication terminals having the same MAC address are present in the same network. In this case, when a connection request on the data link layer is made from the above-described communication terminal to the base station, it is difficult to discriminate an existing communication device having the same MAC address. In particular, when the communication device is performing wireless communication, existing communication is likely to be interrupted in the worst case. Even in this case, it is necessary for the base station to recognize all MAC addresses of communication devices on the network. Accordingly, it is difficult to monitor or manage the MAC addresses.
Further, it is easy to identify whether any communication device uses any application by each communication device continuously using the MAC address. Accordingly, it is necessary to change the MAC address at some timing. However, it is difficult to specify the timing at which the process is to be performed.
It is also necessary to check the MAC address duplication before the MAC address is changed in order to avoid MAC address duplication with a communication device on the network. However, it takes a time to check the MAC address duplication. Accordingly, a temporal loss occurs from a time when a communication application is instructed to start up to a time when the communication application is actually executed. This degrades user convenience.
When it is assumed that a wireless communication terminal is capable of changing a MAC address, the following issue is generated. That is, for example, when use in an enterprise is assumed, user management is performed based on the MAC address in many cases. For example, in a wireless LAN connection, access restriction based on a MAC address is performed or when dynamic IP address assignment using dynamic host configuration protocol (DHCP) is used, the IP address is assigned as a fixed one to a user by causing the MAC address and the IP address to correspond to each other.
Thus, the MAC address of the wireless communication terminal is dynamically changed and used, whereas there is a situation in which the MAC address is used as a fixed one. In such a situation, there are various issues in how to switch the MAC address.
A first problem is associated with a communication device having a communication interface, in which the MAC address of the communication interface is changed. In such a communication device, it is necessary to provide a MAC address management device equivalent to a server, on a network, in order to check MAC address duplication with a communication device on the network. This is because such a server manages the MAC address of the communication device on the network. Also, it is because there is no method of spontaneously checking the MAC address duplication in the communication device.
A second problem is associated with a communication device trying to check MAC address duplication with a communication device on a network. When a communication device having the same MAC address is present on the network, MAC address duplication check may cause communication of an existing communication device to be interrupted. This is because the duplication check is performed using a MAC address to be checked before the MAC address duplication check is completed.
A third problem will be described. A communication device that is performing data communication checks a time when the communication device is connected to a network checks whether the MAC address is duplicated at an initial timing. If the MAC address is processed once in this confirmation, the same MAC address continues to be used during communication connection. While the time when the communication device is connected to the network and a solution to the case in which the MAC address is duplicated at the initial timing are considered as described above, a subsequent change is not considered. Therefore, a privacy issue relating to a relationship between applications is not considered. In particular, the privacy issue is severe in a wireless terminal connected to a wireless network from the perspective of a likelihood of terminal specifying due to the MAC address being known to a third party.
A fourth problem is associated with a wireless communication terminal including a wireless device to perform wireless communication. Such a wireless communication terminal may use a MAC address set as a fixed one or a dynamically changed MAC address according to a network to which the wireless communication terminal is connected and a use situation. However, there is no mechanism for changing the MAC address. This is because only a solution to the MAC address being duplicated is considered, similar to the third problem.
Non-Patent Document 1: “4.7 Gratuitous ARP,” detailed TCP/IP, TCP/IP Illustrated, Volume 1: The Protocols, W. Richard Stevens, pp 69-70
Patent Document 1: Japanese Patent Application Publication No. 2006-512877 (Paragraphs 0049 and 0050 and FIG. 7)