Communication relay device, communication network, and communication relay method
First Claim
1. A communication relay that is situated between a corresponding communication node and a bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus, the communication relay comprising:
- a memory configured to store therein pieces of identification information that are likely to be included in message data transmitted by the corresponding communication node, each of pieces of the identification information identifying a type of the message data transmitted by the corresponding communication node;
a processor configuredto perform first authentication processing between the communication relay and a manager that is connected to the bus, the manager managing the plurality of communication nodes and a plurality of communication relays each corresponding to a respective one of the plurality of communication nodes, andto perform second authentication processing according to a result of comparing identification information, which is included in message data received from the corresponding communication node and which identifies a type of the message data received from the corresponding communication node, with the pieces of identification information stored in the memory; and
a transceiver configured to report, to the manager, a result of the second authentication processing when the first authentication processing has been successful.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication relay device that is situated between a corresponding communication node and a bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus. A storage configured to store therein pieces of identification information that are likely to be included in data transmitted by the corresponding communication node. A processor configured to perform first authentication processing between the communication relay device and a management device that is connected to the bus, and to perform second authentication processing according to a result of comparing identification information included in data transmitted by the corresponding communication node with the pieces of identification information stored in the storage. A transceiver configured to report, to the management device, a result of the second authentication processing when the first authentication processing has been successful.
9 Citations
10 Claims
-
1. A communication relay that is situated between a corresponding communication node and a bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus, the communication relay comprising:
-
a memory configured to store therein pieces of identification information that are likely to be included in message data transmitted by the corresponding communication node, each of pieces of the identification information identifying a type of the message data transmitted by the corresponding communication node; a processor configured to perform first authentication processing between the communication relay and a manager that is connected to the bus, the manager managing the plurality of communication nodes and a plurality of communication relays each corresponding to a respective one of the plurality of communication nodes, and to perform second authentication processing according to a result of comparing identification information, which is included in message data received from the corresponding communication node and which identifies a type of the message data received from the corresponding communication node, with the pieces of identification information stored in the memory; and a transceiver configured to report, to the manager, a result of the second authentication processing when the first authentication processing has been successful. - View Dependent Claims (2, 3)
-
-
4. A non-transitory computer-readable recording medium having stored therein a communication relay program for causing a communication relay to execute a process, wherein the communication relay is situated between a corresponding communication node and a bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus, the process comprising:
-
performing first authentication processing between the communication relay and a manager that is connected to the bus, the manager managing the plurality of communication nodes and a plurality of communication relays each corresponding to a respective one of the plurality of communication nodes; storing in a memory, pieces of identification information that are likely to be included in message data transmitted by the corresponding communication node, each of pieces of the identification information identifying a type of the message data transmitted by the corresponding communication node; performing second authentication processing according to a result of comparing identification information, which is included in message data received from the corresponding communication node and which identifies a type of the message data received from the corresponding communication node, with the pieces of identification information stored in the memory; and reporting a result of the second authentication processing to the manager when the first authentication processing has been successful. - View Dependent Claims (5, 6)
-
-
7. A communication relay method comprising:
-
performing, by a communication relay, first authentication processing between the communication relay and a manager that is connected to a bus, the communication relay being situated between a corresponding communication node and the bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus, the manager managing the plurality of communication nodes and a plurality of communication relays each corresponding to a respective one of the plurality of communication nodes; storing, in a memory, by the communication relay, pieces of identification information that are likely to be included in message data transmitted by the corresponding communication node, each of pieces of the identification information identifying a type of the message data transmitted by the corresponding communication node; performing, by the communication relay, second authentication processing according to a result of comparing identification information, which is included in message data received from the corresponding communication node and which identifies a type of the message data received from the corresponding communication node, with the pieces of identification information stored in the memory; and reporting, by the communication relay device, a result of the second authentication processing to the manager when the first authentication processing has been successful. - View Dependent Claims (8, 9)
-
-
10. A system comprising:
-
a communication relay configured to be situated between a corresponding communication node and a bus in a communication network in which a plurality of communication nodes mutually perform a data communication through the bus; and a manager connected to the bus and configured to manage the plurality of communication nodes and a plurality of communication relays each corresponding to one of the plurality of communication nodes, wherein the communication relay performs first authentication processing between the communication relay and the manager, stores, in a memory, pieces of identification information that are likely to be included in message data transmitted by the corresponding communication node, each of pieces of the identification information identifying a type of the message data transmitted by the corresponding communication node, performs second authentication processing according to a result of comparing identification information, which is included in message data received from the corresponding communication node and which identifies a type of the message data received from the corresponding communication node, with the pieces of identification information stored in the memory, and reports a result of the second authentication processing to the manager when the first authentication processing has been successful, wherein the manager determines, from among the plurality of communication nodes, a communication node whose result of the second authentication processing is not successful to be a maliciously replaced communication node.
-
Specification