JP2002297546A - Method and device for user identification - Google Patents

Abstract

PROBLEM TO BE SOLVED: To overcome such a problem that, in case of user identification, input of a complicated password is required and memorization of the password is needed, which are troublesome especially for a beginner. SOLUTION: A user registers a theme, e.g. his taste about 'a favorite flower' beforehand in a verification data storage part 20. The registration is performed about a variety of themes. A theme presentation part 14 presents themes and items to the user at a scene of requiring the identification. The items reflect the taste of the user, e.g. a variety of flower's names. The flowers selected by the user are given to a verification part 22 through an action acquisition part 16 and compared with the contents registered in the verification data storage part 20. If both are matched with the variety of themes, correctness of the user is ensured.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a user authentication technique, and more particularly to a method and apparatus for authenticating a user when using a PC (personal computer) or other information equipment.

[0002]

2. Description of the Related Art The Internet, which is supported by the development of information technology (IT), is rapidly growing. The fact that many people who use various types of information devices such as PCs and information terminals such as mobile phones that can be connected to the Internet (hereinafter simply referred to as "information devices") are beginners or inexperienced people is one of the reasons today. Is a typical phenomenon.

[0003] On the other hand, the background of the spread of users of information devices from the 1980s to the 1990s is due to the OS (Op
erating System) aimed at a user-friendly design. Along with the increase in CPU power and memory capacity, the GUI (Graphical User Interface) has provided a more familiar environment for users, and most programs can be started and operated by clicking with the mouse.

[0004]

However, when an information device is actually used, a key input operation using a keyboard is usually left. For example, when writing a text or an e-mail, it is not possible to express freely using only the mouse and the GUI. In addition, with increasing awareness of information security in recent years, the need for user authentication has increased,
At that time, for example, it is often required to input a complicated ID or password in which English characters and numbers are mixed and upper and lower case letters are asked. As a result, there is still a high technical hurdle to its establishment, with the involvement of many beginners.

[0005] The present invention has been made in view of such a situation, and an object thereof is to improve an input environment for a user. Japanese Patent Application Laid-Open No. H11-88324 discloses a method of acquiring a position of a mouse click by a user on the basis of a familiar image at the time of user authentication. However, this technique requires a new memory for the user. There is essentially no difference from remembering passwords,
It does not provide a complete solution in the sense of eliminating user anxiety or stress.

[0006]

One embodiment of the present invention relates to a user authentication method. According to this method, a theme to be used for authentication is selected for each user whose preference is different, and when the user inputs a response to the theme, a plurality of specific items reflecting the user's preference are presented to the user. Then, an item selected by the user from those items is detected and authentication is performed. Here "theme"
"" Means a subject that is divided by user, such as "flower", "town", "cooking", "music", "color", and "sports". "Items" are examples of each theme,
For example, when the theme is "flower", it is "yuri", "rose", "sunflower", and the like.

[0007] Since the preference generally depends on the user, the authentication function is performed if the user confirms, for example, a plurality of themes. In addition, preferences are somewhat permanent for each individual, reducing the effort of memorizing passwords,
Or be resolved. For example, a user who likes the flower of “lily” will specify “lily” without difficulty if asked “favorite flower”, and if the lily is displayed so as to be clickable with a mouse, the input will be troublesome. Few.

[0008] Another embodiment of the present invention also relates to a user authentication method. In this method, the theme to be used for authentication is selected for a space close to the user, the user is supposed to have a plurality of specific items to be arranged in the space, and these items are presented to the user. Of the items selected and arranged by the user from among the items described above, authentication is performed.

An example of the theme is "my room".
I am familiar with my room and usually know roughly where and what is. Therefore, if you prepare "bed", "TV", "desk", "painting" etc. as "items" and arrange them in the same way as your own room, it will be easy to do so without forcing the user to remember new memories Authentication is realized.

[0010] Another embodiment of the present invention relates to a user authentication apparatus. This apparatus has a theme presenting unit that presents to a user a theme that responds differently to each user but is expected to have a steady response for each user, and an action acquisition unit that acquires a user response to the presented theme. And a verification unit that checks the validity of the user based on the obtained response. Themes include, for example, those that are assumed to have different preferences for each user, and those that relate to the familiar space of the user. The apparatus may also include a “verification data storage unit” in which a user response is registered in advance. In that case, the verification unit can verify the user based on a comparison between the response of the user acquired by the action acquisition unit and the response of the registered user.

[0011] The theme presenting unit is dependent on the user and can be easily remembered by the user, such as "What is your favorite flower?", "Please reproduce the state of your room". Present the subject.

The action obtaining unit obtains a response to the theme, that is, the input result of the user, such as “Lily” for a favorite flower, and “Desk is on the near right” for reproducing a room. Note that the theme presentation unit may include a question in a process of completing an image, such as “Please insert a favorite flower in the vase of the screen” instead of directly asking for a favorite flower. In this case, since the authentication work is completed while providing the entertainment, the stress on the user is further easily reduced.

[0013] When the user places an item, the verification unit may also detect a route along which the item has been moved to confirm the legitimacy of the user. For example, when inserting a “lily” into a vase, it moves linearly, moves once while drawing a circle, and whether the “bed” passes before or after the “TV”. Get out. By confirming the difference, the authentication accuracy is improved. For this reason, the verification unit may display and suggest some of the routes that can be selected by the user using images.

The verification unit may further consider the order in which the items were selected. For example, if you ask a question in a form that naturally determines the order, such as "Move the things in your room in order from the largest" or "Move in the order from your favorite", the effectiveness of this aspect is Increase.

The theme presentation unit instructs the user to select one item for each of the plurality of themes, and the verification unit registers the combination of the presented theme and the icon selected for the theme in advance by the user. When all of the combinations match, the user may be regarded as a valid user. For example, selecting one of ten items for each of four themes effectively replaces a four-digit password.

As another aspect, the verification unit may regard the user as legitimate when the combinations match at least a predetermined rate (hereinafter, referred to as “correct answer rate”). Even in the case of this apparatus, the user sets a correct answer rate for passing in consideration of a case where it is not always possible to always give completely the same response to many themes, and some errors are tolerated. . The accuracy rate may be determined experimentally or empirically in relation to the degree of security.

Any combination of the above components,
What replaced the components and expressions of the present invention among methods, devices, systems, computer programs, recording media, and the like is also effective as an aspect of the present invention.

[0018]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiment 1 FIG. 1 shows a configuration of a user authentication device 10 according to the first embodiment. This configuration is, in terms of hardware, an arbitrary computer CPU,
It can be realized by a memory or another LSI, and can be realized by a program having an authentication function loaded into the memory in software. However, those skilled in the art can understand the degree of freedom of the combination. Also, the parts realized by the program also have a high degree of freedom in design, for example, depending on the OS or firmware of the information equipment, or realizing the whole on the application program side. Furthermore, there are various examples of realizing such a function only in a local environment on the information device side, substituting a part or all of the function on a server or host side via a network, and allocating functions. Hereinafter, it is assumed that the user authentication device 10 is realized in a local environment on the user side.

The theme / item storage unit 12 holds themes to be presented to the user for authentication, and various items to be presented to the user for each theme. The theme presentation unit 14 reads out a theme and an item from the theme / item storage unit 12 when authentication is required, for example, when the user activates the information device or activates a predetermined program, and presents it to the user. Hereinafter, a scene requiring authentication is simply represented by “login”.

The action acquisition section 16 is provided with the theme presentation section 1
4. Obtain the user's response to the theme and item presented by 4. When the user uses the user authentication device 10 for the first time, this response is sent to the registration unit 18. The registration unit 18 records the response to the verification data storage unit 20 as the user's initial registration information. The response recorded in the verification data storage unit 20 (hereinafter, also referred to as “verification data” depending on the scene) is used to authenticate the user in the future.

When the user who has completed the initial registration requests login, after the theme presentation unit 14 displays the theme and items, a response input by the user is acquired by the action acquisition unit 16 and sent to the verification unit 22. You.
The verification unit 22 compares the response with the verification data recorded in the verification data storage unit 20, and if the two match, considers the user as valid and permits login. The outline of the processing of the user authentication device 10 has been described above.

FIG. 2 shows the internal configuration of the theme / item storage unit 12 of the user authentication device 10. The theme / item storage unit 12 includes a theme column 30 and an item column 32. In the theme column 30, “T1: vase” and “T2: dish” are themes.
Others are described, each "select and insert your favorite flower"
It means "put your favorite dish on a plate." The meaning is shown to the user on an input screen described later. On the other hand, a specific candidate corresponding to each theme is described in the item column 32, and “T1: vase” is “1: rose, 2: lily,
3: tulips, 4: cherry blossoms ... ".

FIG. 3 shows the internal configuration of the verification data storage unit 20 registered by the user. Verification data storage unit 20
Indicates a user column 34, a theme column 36, and a registered item column 3
8 inclusive. When only one user uses this apparatus, the user column 34 is not particularly necessary. However, when a plurality of users use this device, authentication can be performed for each user by providing the user column 34. In the drawing, as an example, verification data relating to the user having the identification number “001” is recorded,
For example, for “T1: vase” shown in the theme column 36, this user has registered “3: tulip” in the registration item column 38.

The authentication operation according to the above configuration will be described with reference to FIG. FIG. 4 shows a screen 50 that appears when the user logs in. The screen 50 includes a theme area 52 and an item area 54.

Now, in the theme area 52, the area of "vase" is highlighted as the first theme by the theme presentation section 14, and the question "What is to be inserted in the vase?" In addition, ten kinds of flowers are displayed in the item area 54. The user clicks on one of these flowers to select it. In this example, when the previously registered “3: tulip” is clicked, this is displayed in the action acquisition unit 16.
And compared with the contents registered by the verification unit 22.
It is confirmed that it was the right choice. As a result, this user breaks through the “first barrier” as it were.

The theme presenting section 14 then highlights "dish" and asks, for example, "please serve favorite dishes." In this state, the item area 54 is renewed, and “1: ramen” and “2: curry” (not shown)
"3: grilled meat", "4: sushi", etc. are newly displayed. Here, if the user correctly selects a pre-registered one, the "second gateway" can be broken through, and thereafter, this process is repeated several times to complete the authentication. About one theme 10
Is prepared, the user is authenticated as a valid user by presenting the theme n times and selecting a correct one from 10 ⁿ ways.

When it is assumed that a correct user may give a wrong answer or a misunderstanding, the verification unit 22 may determine the “correct answer rate”. For example, if 10 items are 6
In the case of presenting one theme, even if there is an error in one of the themes, if the other five are correct, it can be regarded as a valid user.

The concept of the correct answer rate is valid also in the second and subsequent embodiments. It is particularly useful in operations that ask about the movement route of items as described later. This is because, in addition to a mere difference in memory, when there is a deviation in the path for moving the item, it may be determined to be incorrect.

As described above, according to the first embodiment, since the user only has to express his / her own preference when registering an item, the user is free from complicated work such as memorizing a password or inputting a complicated authentication character string. You. In addition, even in the case of actual authentication, it is sufficient to select one's own preference, and a series of operations can be performed smoothly, and in particular, beginners can reduce resistance.

Embodiment 2 FIG. In the first embodiment, one item is selected in each of a plurality of themes. In the second embodiment, one theme is hierarchized in such a manner that it is gradually dug down, and scenes for selecting items are hierarchized. FIG. 5 schematically shows an authentication process according to the second embodiment. The user asks a first question Q1 about a certain theme T1.
Of the three items I ₁₁ , I ₁₂ and I ₁₃ . If this is a correct item, then 3 for the second question Q2 on the same theme T1
One of the items I ₂₁ , I ₂₂ , and I ₂₃ is selected. When the same process is repeated arbitrarily and a correct item is selected for all questions, or when a predetermined correct answer rate is exceeded, the validity of the user is recognized. In the latter case, even if there is an incorrect answer, the next question is asked as it is, and finally the correct answer rate may be calculated.

The configuration of the user authentication device 10 of the second embodiment may be the same as that of the first embodiment. FIG. 6 shows an internal configuration of the theme / item storage unit 12 according to the second embodiment. Hereinafter, differences from the first embodiment will be described. The theme / item storage unit 12 has a theme column 30 and an item column 32. Unlike the first embodiment, the items are hierarchized for one theme. For example, for the theme of “T1: vase”, the item column 32 is divided into three layers. First
The “name”, which is the hierarchy, is the same as the theme / item storage unit 12 of the first embodiment, and describes the names of 10 kinds of flowers. The “color” of the second hierarchy describes a color candidate that the user prefers for the flower, such as “1: blue, 2: red, 3: yellow, 4: purple,...”. The “number”, which is the third hierarchy, specifies how many flowers the user can have in the vase.

FIG. 7 shows the verification data storage unit 2 by the user.
0 indicates the verification data registered. This user "00
"1" is the theme T1, that is, "3:
"Tulip" is selected, "3: yellow" is selected as the color, and "2: 2" is selected as the number.

FIG. 8 shows a screen 60 that appears when the user actually logs in. This screen 60 includes an image area 62 completed as the user selects the correct item for the question, and an item selection area 64. Here, the user has already been asked about three questions, that is, “number”, and shows a state in which the button 66 indicating “two” has been clicked. The vase has two tulips correctly and in the specified color. In the present embodiment, when the user breaks through the theme T1 relating to flowers, another theme T2 is hierarchized again and presented to the user,
A configuration for improving the authentication accuracy of the user may be employed.

Embodiment 3 In the first and second embodiments, an authentication methodology is assembled focusing on user preferences. In the third embodiment, the user is confirmed by inputting the arrangement of items related to the space close to the user. Hereinafter, differences from the first embodiment will be described.

FIG. 9 shows the internal configuration of the theme / item storage unit 12 according to the third embodiment. Again the theme column 30
And the item column 32, “My Room” is listed as the theme T1 of the theme column 30. That is,
The user asserts the legitimacy as a user by arranging items such as a desk and a clock in his room on the log-in screen imitating his room. At this time, as an optional function, the verification unit 22 can also verify the order in which the user selects the items and the features of the route when moving to place the items.

As shown in FIG. 9, the item for the theme T1 is divided into three layers in the item column 32, and the “name” of the item is “1: TV, 2: desk, 3: bed, 4: Painting ". The second layer is “arrangement”. Here, the login screen is displayed as r1 to r16.
Are divided into regions of the action acquisition unit 16. The third layer is a "path", in which a linear movement relatively easily discriminated is "A", a movement obtained by adding one rotation is "B", and a horizontal movement is once climbed to the top of the screen. "C" to move from
It is named.

FIG. 10 shows verification data registered in the verification data storage unit 20 by the user. User "001"
Has registered items for the theme T1, that is, "my room" in the order of "1: TV", "4: painting",
It is registered that the television is to be arranged in an area r6 near the center left, and the painting is to be arranged in an area r5 at the center left end. The television has registered “A” as a movement route, that is, a linear movement, and the painting has registered “B”, that is, a movement obtained by adding one rotation.

FIG. 11 shows a screen 70 for login in the third embodiment. This screen 70 includes an area 72 for displaying an image of a room that is gradually completed by the user, and an area 74 for displaying an item to be selected by the user. In the figure, most of the items have already been selected and arranged, and the television 76 is arranged in an area of about r6 near the center left of the screen, and the painting 78 is arranged in an area of about r5 at the upper left end from the center of the screen. In the determination of the arrangement in the verification unit 22, the area where the item is treated as an object and the area registered by the user, that is, r1 to r16
Various mitigation measures can be provided, such as a pass if any of the regions has an overlap.

Similarly, the route is regarded as “A” even if the movement is somewhat curved, or “B” if the movement curve intersects itself, or 50% or more of the movement curve is displayed on the screen. "C" when passing within 10% of
For example, an allowable range of an operational error may be set. The path may be determined using an existing character recognition technology or a combination of the existing character recognition technology and geometric graph theory.

The present invention has been described based on the embodiments. This embodiment is an exemplification, and it is understood by those skilled in the art that various modifications can be made to the combination of each component and each processing process, and that such modifications are also within the scope of the present invention. . Hereinafter, such modified examples will be described.

In the embodiment, the theme presentation section 14 selects a theme and presents it to the user. It is not always necessary for the theme presenting unit 14 to present the same theme in the same order every time. Rather, it is desirable from the viewpoint of security that the user registers in advance a considerable number of themes and randomly selects and presents the theme each time. .

In the embodiment, the selection of the item by the user is limited to once in each scene. However, in the case of an incorrect answer, the number of times to allow a retry may be provided to prompt the user to select again.

Naturally, the methods of Embodiments 1 to 3 may be arbitrarily combined, or the combination may be developed or modified to provide the user with the pleasure of clearing the screen like a game. Good.

In the third embodiment, a scene in which flowers are arranged in a vase is assumed, but a theme may be selected according to the attributes of the user. For example, when the user is a male, setting a scene in which a user selects a favorite car and drives a favorite course than arranging flowers may provide a more friendly environment. If the user is a child, adjustments such as selecting a favorite TV program character can be made.

In the third embodiment, "my room" is given as an example of a familiar space. In addition, if it is a space where the user does not have difficulty in tracing the memory, such as "my walking path", "my school", "neighborhood shop", etc., it can sufficiently be put to practical use.

[0046]

According to the present invention, user authentication can be realized in an environment that is more friendly and easy to handle.

[Brief description of the drawings]

FIG. 1 is a configuration diagram of a user authentication device common to an embodiment.

FIG. 2 is an internal configuration diagram of a theme / item storage unit according to the first embodiment.

FIG. 3 is an internal configuration diagram of a verification data storage unit according to the first embodiment.

FIG. 4 is a diagram showing a login screen according to the first embodiment.

FIG. 5 is a diagram showing how one theme is hierarchized in the second embodiment.

FIG. 6 is an internal configuration diagram of a theme / item storage unit according to the second embodiment.

FIG. 7 is an internal configuration diagram of a verification data storage unit according to the second embodiment.

FIG. 8 is a diagram showing a login screen according to the second embodiment.

FIG. 9 is an internal configuration diagram of a theme / item storage unit according to the third embodiment.

FIG. 10 is an internal configuration diagram of a verification data storage unit according to a third embodiment.

FIG. 11 is a diagram showing a login screen according to the third embodiment.

[Explanation of symbols]

Reference Signs List 10 user authentication device, 12 theme / item storage unit, 14 theme presentation unit, 16 action acquisition unit, 18 registration unit, 20 verification data storage unit, 2
2 Verification unit, 50, 60, 70 Screen for login.

Claims (11)

[Claims] 1. A theme to be used for authentication is selected for each user whose preference is different, and when the user inputs a response to the theme, a plurality of specific items reflecting the user's preference are presented to the user. And performing the authentication by detecting an item selected by the user from those items. 2. The theme to be used for authentication is selected for a space close to the user, the user is supposed to present a plurality of specific items to be arranged in the space, and presented to the user. A user authentication method, wherein the authentication is performed by detecting an object selected and arranged by a user from among them. 3. A theme presenting unit for presenting to a user a theme that responds differently to each user but for which a steady response is expected for each user, and an action for acquiring a user response to the presented theme. A user authentication device, comprising: an obtaining unit; and a verifying unit that checks the validity of the user based on the obtained response. 4. The theme presenting section presents, to the user, a plurality of specific items that reflect the preferences of the theme that is assumed to have different preferences for each user. The user authentication apparatus according to claim 3, wherein the user authentication unit detects an item selected by the user from the presented items, and the verification unit checks the validity of the user based on the selected item. . 5. The theme presenting section, assuming a familiar space of the user as the theme, presenting a plurality of specific items to be arranged in the space to the user, wherein the action acquiring section presents The user authentication device according to claim 3, wherein an item selected by the user is detected from the items, and the verification unit checks the validity of the user based on the selected item. 6. The user authentication apparatus according to claim 5, wherein, when the user places the item, the verification unit also detects a route along which the item has been moved and checks the validity of the user. . 7. The theme presenting unit instructs a user to select one item for each of a plurality of themes, and the verification unit determines that a combination of the presented theme and an icon selected for the theme is selected. 7. The user authentication device according to claim 3, wherein the user is regarded as a valid user when all of the combinations registered in advance by the user are matched. 8. The theme presenting unit instructs a user to select one item for each of a plurality of themes, and the verification unit determines that a combination of the presented theme and an icon selected for the theme is selected. 7. The user authentication device according to claim 3, wherein the user is regarded as a valid user when the combination matches a combination registered in advance by the user at a predetermined rate or more. 9. The user authentication device according to claim 7, wherein the verification unit also detects the order of item selection by a user and confirms the validity. 10. A theme for presenting a plurality of specific items reflecting the preference to a user with respect to a theme assumed to be different for each user, and a theme selected by the user from the presented items. A computer program characterized by causing a computer to execute a function of detecting a user, and a function of confirming the validity of a user based on a selected item. 11. A function of assuming a user's familiar space as a theme, presenting a plurality of specific items to be arranged in the space to the user, and selecting a selected item from the presented items by the user. A computer program for causing a computer to execute a function of detecting and a function of confirming the validity of a user based on a selected item.