1. Technical Field
The present invention relates to a communication system, a communication device, and a communication method, in which communication is performed on the basis of a set security policy.
2. Related Art
A communication device such as a PC (Personal Computer) or a printer performs, for example, communication on a network using data as an IP (Internet Protocol) packet.
In recent years, an IPsec (Security Architecture for Internet Protocol) has become known as a protocol securing security in communication on a network. In a communication device capable of using IPsec, it is determined whether or not there is a security policy applicable to communication. When there is an applicable security policy, an encryption process is performed according to the security policy applicable to a packet of a transmission target or a decryption process is performed according to a security policy applicable to a received communication packet (IPsec Packet).
As a technique relating to the IPsec, for example, a technique of applying a different security policy for every phase in device control protocols is disclosed (for example, JP-A-2005-101741).
In a communication device capable of using the IPsec, when there is a security policy applicable to communication, an encryption process or the like is performed according to the security policy. However, when there is no applicable security policy, communication is performed according to a preset default security policy.
In the default security policy, whether the packet used in communication is allowed to pass (the packet is transmitted at the time of transmitting the packet, and the packet is input to the inside of the device at the time of receiving the packet) or the packet is blocked is set.
To perform encryption communication using a communication device when the communication device capable of using such an IPsec is newly connected to a network, it is necessary to set the security policy applicable to communication with a communication target device in detail. Accordingly, it is difficult for an unskilled user to set the security policy, and effort is taken up.