JP2016224863A - Authentication device, authentication method, and authentication program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To register an unregistered user under a condition that a predetermined operation is performed by a registered user.SOLUTION: An authentication server includes: a first registration part 251 for registering a permitted user; an authentication information acquisition part 253 for acquiring the authentication information of a user; an authentication part 257 for, under a condition that the acquired authentication information matches the authentication information of the registered permitted user, authenticating the user; and a second registration part 255 for, when a first user is authenticated, and the same authentication information as the authentication information of the first user is acquired, and then the authentication information of a second user different from the first user is acquired, registering the second user as a temporary permitted user. The authentication part 255 is configured to, when the acquired authentication information matches the authentication information of the registered temporary permitted user, authenticate the user.SELECTED DRAWING: Figure 6

Description

  The present invention relates to an authentication device, an authentication method, and an authentication program, and more particularly to an authentication device that authenticates a user registered in advance, an authentication method and an authentication program executed by the authentication device.

  In recent years, in order to ensure confidentiality, in order to restrict entry to a building or a room in a building, an authentication device has been provided at the entrance of a building or a room in a building, and a user registered in advance by the authentication device is authenticated. Systems that allow entry into a building or a room in a building are known. In this type of system, it is necessary to register users who are allowed to enter in advance. For example, even if external users are allowed to enter temporarily, the external users must be registered. Don't be. For this reason, there exists a problem that management of the user who permits entry becomes complicated. In order to solve this problem, for example, in Japanese Unexamined Patent Application Publication No. 2010-26733, a terminal controller arranged near the entrance of the entrance restricted area inputs passer identification information via a card reader, When the identification information of the passer matches the identification information of the authorized passer, the terminal controller enters the temporary pass authorization mode, and other identification information passes through the card reader within a certain time limit. The identification information is registered with the expiry date, assuming that the identification information is that of a temporary passer who is temporarily passing under the authority of the passer. In this case, the terminal controller checks the identification information input from the card reader with the registered identification information of the temporary passer, so that the temporary Entry and exit management system to allow the passage of the ascetic have been described.

However, in the entrance / exit management system described in Japanese Patent Application Laid-Open No. 2010-26733, a temporary entry is made within the time limit if it is within the time limit after the identification information of the traffic authority having the right to pass is input. Since the identification information of the passer is registered together with the expiration date, there is a problem that even the identification information of the person who is not related to the passer with the pass authority is registered, and security may not be ensured.
JP 2010-26733 A

  The present invention has been made to solve the above-described problems, and one of the objects of the present invention is to register unregistered users on the condition of a predetermined operation by a registered user. It is to provide an authentication device.

  Another object of the present invention is to provide an authentication method capable of registering unregistered users on condition of a predetermined operation by registered users.

  Another object of the present invention is to provide an authentication program capable of registering unregistered users on condition of a predetermined operation by registered users.

  In order to achieve the above-described object, according to an aspect of the present invention, an authentication device includes a first registration unit that registers an authorized user, an authentication information acquisition unit that acquires user authentication information, and acquired authentication information. Authentication means for authenticating the user on the condition that the authentication information matches the registered authentication information of the authorized user, and after the first user is authenticated by the authentication means, the authentication information of the first user is acquired by the authentication information acquisition means Second authentication means for registering the second user as a temporary authorized user when the same authentication information is acquired, and then further, when the authentication information of a second user different from the first user is acquired, The authentication means authenticates the user when the acquired authentication information matches the registered temporary authorized user authentication information.

  According to this aspect, after the first user is authenticated, the same authentication information as the first user's authentication information is acquired, and then when the second user's authentication information is further acquired, Register the user as a temporary authorized user. Therefore, there is an operation for receiving authentication by the first user after the first user registered as an authorized user is authenticated, and then there is an operation for receiving authentication by the second user. Register the second user as a temporary authorized user. Therefore, it is possible to provide an authentication device capable of registering unregistered users on condition that the operation for receiving authentication by registered users.

  Preferably, the second registration means is the same as the authentication information of the first user after the first user is authenticated by the authentication means and before the authentication information of the second user is acquired by the authentication information acquisition means. When the authentication information is acquired, the same number of second users as the number of times the same authentication information as that of the first user is acquired is registered as a temporary authorized user.

  According to this aspect, before the second user's authentication information is acquired, the same number of second users as the first user's authentication information are registered as temporary authorized users. Therefore, the number of registered users can specify the number of users who are not registered by the number of operations for receiving authentication.

  Preferably, the authentication information acquisition unit includes a reading unit that reads related identification information as authentication information from an identification device that is carried by the user and stores related information related to the user.

  According to this aspect, it is possible to cope with authentication using an identification device that is carried by a user and stores related information related to the user.

  Preferably, the authentication information acquisition means includes biometric information acquisition means for acquiring the user's biometric information as authentication information.

  According to this aspect, authentication using biometric information can be handled.

  Preferably, the information processing apparatus further includes an identification device that is carried by the user and stores related information associated with the user, and a human body communication unit that communicates with the user's human body as a communication medium, and the authentication information acquisition unit controls the human body communication unit. Thus, the related information received by the human body communication means from the identification device is acquired as authentication information.

  According to this aspect, authentication using human body communication can be handled.

  According to another aspect of the present invention, an authentication device includes a first registration means for registering an authorized user, an identification device that is carried by the user and stores related information associated with the user, and the user's human body as a communication medium. Human body communication means for communication, authentication information acquisition means for controlling the human body communication means to acquire related information received by the human body communication means from the identification device, and related information of the authorized user in which the acquired related identification information is registered The authentication means for authenticating the user on condition that the first user is authenticated by the authentication means, and then the strength of the signal received by the human body communication means from the identification device carried by the first user A predetermined change is detected, and thereafter, further, related information is obtained by an authentication information acquisition means from an identification device carried by a second user different from the first user. A second registration means for registering the second user as a temporary authorized user, and the authentication means, when the acquired related identification information matches the related information of the registered temporary authorized user, Authenticate the user.

  According to this aspect, after the first user is authenticated, a predetermined change in the strength of the signal received from the identification device carried by the first user is detected, and then further separated from the first user. When the related information is received from the identification device carried by the second user, the second user is registered as a temporary authorized user. Therefore, it is possible to provide an authentication device capable of registering unregistered users on condition of a predetermined operation by a registered user.

  Preferably, after the first user is authenticated by the authentication unit, the second registration unit identifies the first user to carry by the communication unit before receiving the related information of the second user by the communication unit. The same number of second users as the number of predetermined changes in the radio field intensity of the signal received from the device are registered as temporary authorized users.

  According to this aspect, before the related information of the second user is received, the second number of the same number as the number of predetermined changes in the radio wave intensity of the signal received from the identification device carried by the first user. Since the user is registered as a temporarily permitted user, the registered user can designate the number of users who are not registered by the predetermined number of operations in which the radio wave intensity changes.

  According to still another aspect of the present invention, the authentication device is included as a subject in a first registration unit that registers authorized users, an imaging unit that images a subject and outputs an image, and an image output by the imaging unit. By identifying an image of a part of the user's body, user identification means for identifying the user who is the subject, and authentication means for authenticating on the condition that the user identified by the identification means is a registered authorized user And a gesture detection means for detecting a predetermined gesture by the user by detecting a change in an image of a part of the user's body included as a subject in the image data output by the imaging means, and the first user authenticates If a predetermined gesture by the first user is detected after the second user is selected, a second user other than the first user Second identification means for registering the second user as a temporary authorized user when the user identification means is identified, and the authenticating means includes a temporary authorized user registered with the user identified by the user identification means. If the user authenticates.

  According to this aspect, after the first user is authenticated, a predetermined gesture by the first user is detected, and then, if a second user other than the first user is further identified, 2 users are registered as temporary authorized users. Therefore, it is possible to provide an authentication device capable of registering unregistered users on condition of a predetermined gesture by a registered user.

  Preferably, the second registration unit registers the same number of second users as the number of times that the predetermined gesture is detected by the gesture detection unit as temporarily permitted users.

  According to this aspect, since the same number of second users as the number of predetermined gestures by the first user are registered as temporarily permitted users, the registered user registers an unregistered user by the number of gestures. You can specify the number of people to do.

  Preferably, the apparatus further comprises: a gate device installed at an entrance of a predetermined area; and an opening unit that opens the gate device in response to a user being authenticated by the authentication unit. Get authentication information for users who pass through.

  If this aspect is followed, the entrance / exit of an area can be managed.

  Preferably, the second registration unit registers as a temporary authorized user whose authentication period is limited, and the first registration unit selects a user whose number of times registered as the temporary permitted user by the second registration unit is a predetermined number or more. , Register as an authorized user with unlimited authentication period.

  According to this aspect, users who are allowed to enter the area temporarily can be registered separately from users who are allowed to enter the area with no time limit, and users who frequently enter the area can be registered. The period limit can be removed.

  Preferably, the first registration unit registers, as an authorized user, a user who has been registered as a temporary authorized user by the second registration unit for a predetermined number of times during the first period.

  If this situation is followed, the restriction | limiting of the period of a user with frequent entry into an area in a predetermined period can be eliminated.

  Preferably, the first registration unit is configured such that when the stay period from when the user registered as the temporary authorized user by the second registration unit enters the predetermined area until the user leaves is equal to or shorter than the second period, It is not included in the number of times registered as a temporary authorized user by the registration means.

  According to this aspect, by limiting the events that enter the area, it is possible to improve the accuracy of conditions for eliminating the limitation of the period during which the user is authenticated.

  Preferably, the image forming apparatus further includes authentication support means for transmitting authentication information of the temporarily authorized user registered by the second registration means to the image forming apparatus arranged in a predetermined area, and the image forming apparatus authenticates the user. An authentication unit is provided, and the device-side authentication unit authenticates the user using the authentication information of the temporarily authorized user transmitted by the authentication support unit.

  According to this aspect, the user who has entered the area can use the image forming apparatus.

Preferably, there are a plurality of predetermined areas, one of a plurality of levels is set for each of the plurality of areas, and at least one gate device is disposed in each of the plurality of areas.
Authorized users and temporarily authorized users must be registered in association with one of multiple levels, and the level of authentication associated with the user must be greater than or equal to the level set in the area where the user enters among multiple areas. And the second registration unit temporarily associates the second user with the level set in the area where the gate device opened by the first user being authenticated by the authentication unit is arranged. Register as an authorized user.

  According to this aspect, whether or not the user can enter the area is determined based on the level associated with the user and the level set for the area. It is not necessary to determine whether or not to enter, and it is easy to set whether or not to enter.

  According to still another aspect of the present invention, the authentication method is an authentication method executed by the authentication device, and includes a first registration step for registering an authorized user, an authentication information acquisition step for acquiring user authentication information, and The authentication step for authenticating the user on the condition that the acquired authentication information matches the authentication information of the registered authorized user, and after the first user is authenticated in the authentication step, When the same authentication information as the authentication information of the first user is acquired, and then the authentication information of the second user different from the first user is acquired, the second user is registered as a temporary authorized user. 2. When the authentication device executes the two registration steps, and the authentication step matches the authentication information of the temporarily authorized user registered , Including the step of authenticating the user.

  According to this aspect, it is possible to provide an authentication method capable of registering an unregistered user on condition that an operation for receiving authentication by a registered user.

  According to still another aspect of the present invention, an authentication method is an authentication method executed by an authentication device, and includes a first registration step for registering an authorized user, and related information carried by the user and associated with the user. An authentication information acquisition step of controlling the human body communication means for communicating with the identification device storing the user's human body as a communication medium, and acquiring the related information received by the human body communication means from the identification device, and the acquired related identification information An authentication step for authenticating the user on the condition that it matches the related information of the registered authorized user, and the human body communication means from the identification device carried by the first user after the first user is authenticated in the authentication step A predetermined change in the strength of the received signal is detected, and then further the information carried by a second user different from the first user is carried. When the related information is acquired from the device in the authentication information acquisition step, the authentication device is caused to execute a second registration step of registering the second user as a temporary authorized user. Authenticating the user if it matches the relevant information of the registered temporary authorized user.

  According to this aspect, it is possible to provide an authentication method capable of registering an unregistered user on condition of a predetermined operation by a registered user.

  According to still another aspect of the present invention, the authentication method is an authentication method executed by the authentication device, and is output by a first registration step of registering an authorized user and an imaging unit that images a subject and outputs an image. A user identification step for identifying a user as a subject by analyzing an image of a part of the user's body included as a subject in the image to be recognized, and an authorized user in which the user identified in the identification step is registered An authentication step for authenticating on the condition, and a gesture detection step for detecting a predetermined gesture by the user by detecting a change in an image of a part of the user's body included as a subject in the image data output by the imaging means And a predetermined gesture by the first user is detected after the first user is authenticated. If a second user different from the first user is identified in the user identification step, the authentication device is caused to execute a second registration step for registering the second user as a temporary authorized user, The step includes a step of authenticating the user when the user identified in the user identification step is a registered temporary authorized user.

  If this aspect is followed, the authentication method which can register the user who is not registered on condition of the predetermined | prescribed gesture by the registered user can be provided.

  According to still another aspect of the present invention, the authentication program is an authentication program executed by a computer that controls the authentication device, and includes a first registration step of registering an authorized user, and authentication for acquiring user authentication information. An information acquisition step, an authentication step for authenticating the user on the condition that the acquired authentication information matches the registered authentication information of the authorized user, and the authentication information after the first user is authenticated in the authentication step. In the obtaining step, when the same authentication information as the first user's authentication information is acquired, and then further, the second user's authentication information different from the first user is acquired, the second user is designated as a temporary authorized user. A second registration step of registering as a computer, and the authentication step is performed by registering the acquired authentication information. When matching the temporary permission user credentials, including the step of authenticating the user.

  According to this aspect, it is possible to provide an authentication program capable of registering an unregistered user on condition that an operation for receiving authentication by a registered user.

  According to still another aspect of the present invention, the authentication program is an authentication program executed by a computer that controls the authentication device, and includes a first registration step of registering an authorized user, carried by the user, and associated with the user. An authentication information acquisition step of controlling the identification device for storing the related information and the human body communication means for communicating with the user's human body as a communication medium, and acquiring the related information received by the human body communication means from the identification device; An authentication step for authenticating the user on condition that the related identification information matches the registered related information of the authorized user, and an identification device carried by the first user after the first user is authenticated in the authentication step A predetermined change in the strength of the signal received by the human body communication means is detected, and then further the first user When the related information is acquired in the authentication information acquisition step from an identification device carried by a second user different from the above, the computer executes the second registration step of registering the second user as a temporary authorized user, The authentication step includes a step of authenticating the user when the acquired related identification information matches the registered related information of the temporarily authorized user.

  If this aspect is followed, the authentication program which can register the user who is not registered can be provided on condition of the predetermined | prescribed operation | movement by the registered user.

  According to still another aspect of the present invention, the authentication program is an authentication program executed by a computer that controls the authentication device, and includes a first registration step of registering an authorized user, imaging a subject, and outputting an image. A user identification step for identifying a user as a subject by analyzing an image of a part of the user's body included as a subject in the image output by the imaging unit, and the user identified in the identification step are registered An authentication step for authenticating the user as a permitted user, and detecting a predetermined gesture by the user by detecting a change in the image of a part of the user's body included as a subject in the image data output by the imaging means Gesture detecting step, and after the first user is authenticated, the first user A second registration step of registering the second user as a temporary authorized user if a second user different from the first user is identified in the user identification step when a predetermined gesture by The authentication step includes authenticating the user if the user identified in the user identification step is a registered temporary authorized user.

  According to this aspect, it is possible to provide an authentication device capable of registering unregistered users on condition of a predetermined gesture by a registered user.

It is a figure which shows an example of the whole outline | summary of the entrance / exit management system in 1st Embodiment. It is a floor plan of the building managed by the entrance / exit management system. It is a block diagram which shows an example of a structure of the entrance / exit management apparatus in 1st Embodiment. It is a figure which shows an example of the position where an entrance side authentication information acquisition apparatus is arrange | positioned. It is a figure which shows an example of the hardware constitutions of an authentication server. It is a block diagram which shows an example of the function which CPU with which the authentication server in 1st Embodiment is provided has. It is a figure which shows an example of the format of an area record. It is a figure which shows an example of the format of a user record. It is a figure which shows an example of the format of a registration history record. It is a figure which shows an example of the format of an entrance / exit log | history record. 2 is a block diagram illustrating an example of a hardware configuration of an MFP. FIG. 2 is a block diagram illustrating an example of functions of a CPU provided in an MFP. FIG. It is a flowchart which shows an example of the flow of the entrance / exit management process in 1st Embodiment. It is a flowchart which shows an example of the flow of an authorized user registration process. It is a figure which shows an example of the whole outline | summary of the entrance / exit management system in one of 2nd Embodiment. It is a block diagram which shows an example of a structure of the entrance / exit management apparatus in 2nd Embodiment. It is a block diagram which shows an example of the function which CPU with which the authentication server in 2nd Embodiment is provided has. It is a flowchart which shows an example of the flow of the entrance / exit management process in 2nd Embodiment. It is a figure which shows an example of the whole outline | summary of the entrance / exit management system in one of 3rd Embodiment. It is a block diagram which shows an example of a structure of the entrance / exit management apparatus in 3rd Embodiment. It is a figure which shows an example of the position where an entrance side antenna and an exit side antenna are arrange | positioned. It is a block diagram which shows an example of the function which CPU with which the authentication server in 3rd Embodiment is provided has. It is a flowchart which shows an example of the flow of the entrance / exit management process in 3rd Embodiment. It is a figure which shows an example of the format of the area record in the modification of the entrance / exit judgment method. It is a figure which shows an example of the format of the user record in the modification of the entrance / exit judgment method.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, the same parts are denoted by the same reference numerals. Their names and functions are also the same. Therefore, detailed description thereof will not be repeated.

<First Embodiment>
The entrance / exit management system in the first embodiment manages users who enter and leave a plurality of areas using a magnetic card or IC card carried by the user. Here, a case will be described as an example where an entrance / exit management device for restricting user entry / exit is installed at the entrance of each of the entire building and the three conference rooms included in the building.

  FIG. 1 is a diagram illustrating an example of an overall outline of an entrance / exit management system according to the first embodiment. 1, entrance / exit management system 1 includes an authentication server 200, entrance / exit management devices 100, 100A to 100C, and MFPs (Multi Function Peripherals) 300A to 300C. Here, a case where the building has three meeting rooms A, a meeting room B, and a meeting room C is shown as an example.

  The entrance / exit management device 100 manages users entering / exiting the entire building, the entrance / exit management device 100A manages users entering / exiting the conference room A, and the entrance / exit management device 100B manages users entering / exiting the conference room B. The entry / exit management device 100C manages the users who enter / exit the conference room C. MFP 300A is installed in conference room A, MFP 300B is installed in conference room B, and MFP 300C is installed in conference room C.

  The authentication server 200 is a general computer. Authentication server 200, entry / exit management devices 100, 100A to 100C, and MFPs 300A to 300C are connected to network 2 and can communicate with each other.

  FIG. 2 is a floor plan of the building managed by the entrance / exit management system. Referring to FIG. 2, building 600 includes three meeting rooms A, a meeting room B, and a meeting room C. The building 600 includes an entrance / exit 601, and a passage connected to the entrance / exit 601 is connected to the entrance / exit 611 of the conference room A, the entrance / exit 621 of the conference room B, and the entrance / exit 631 of the conference room C.

  The entrance / exit management device 100 is arranged at the entrance / exit 601 of the building 600, and the entrance / exit management device 100 detects a user entering / exiting the entire area of the building 600 through the entrance / exit 601 of the building 600. The entrance / exit management device 100A is arranged at the entrance / exit 611 of the conference room A, and the entrance / exit management device 100A detects a user entering / exiting the area of the conference room A through the entrance / exit 611 of the conference room A. The entrance / exit management device 100B is arranged at the entrance / exit 621 of the conference room B, and the entrance / exit management device 100B detects a user entering / exiting the area of the conference room B through the entrance / exit 621 of the conference room B. An entrance / exit management device 100C is arranged at the entrance / exit 631 of the conference room C, and the entrance / exit management device 100C detects a user entering / exiting the area of the conference room C through the entrance / exit 631 of the conference room C.

  The entrance / exit management devices 100, 100A, 100B, and 100C have the same hardware configuration and functions except for the areas that they manage. Here, the entrance / exit management device 100A will be described as an example.

  FIG. 3 is a block diagram illustrating an example of the configuration of the entry / exit management device according to the first embodiment. Referring to FIG. 3, an entrance / exit management device 100A includes a controller 101 that controls the entire entrance / exit management device 100A, an entrance-side authentication information acquisition device 111, an exit-side authentication information acquisition device 113, and a gate control device 115. And including. The controller 101 controls the entrance side authentication information acquisition device 111, the exit side authentication information acquisition device 113, and the gate control device 115, and is connected to the network 2 and communicates with the authentication server 200.

  Each of the entrance side authentication information acquisition device 111 and the exit side authentication information acquisition device 113 reads card identification information stored in a magnetic card or an IC card which is an identification device carried by the user. The card identification information is related information related to the user. Each of the entrance side authentication information acquisition device 111 and the exit side authentication information acquisition device 113 outputs the card identification information to the controller 101 in response to reading the card identification information. The entrance-side authentication information acquisition device 111 is disposed near the entrance / exit 611 of the conference room A outside the conference room A, which is an area where the entrance / exit management device 100A is disposed. The exit side authentication information acquisition device 113 is disposed in the vicinity of the entrance / exit 611 of the conference room A inside the conference room A, which is an area where the entrance / exit management device 100A is disposed.

  FIG. 4 is a diagram illustrating an example of a position where the entrance-side authentication information acquisition device is arranged. Referring to FIG. 4, entrance-side authentication information acquisition device 111 is a wall surface outside conference room A and is arranged beside entrance / exit 611 of conference room A.

  Returning to FIG. 3, the controller 101 transmits a set of the entrance flag and the card identification information to the authentication server 200 in response to the card identification information input from the entrance side authentication information acquisition device 111. The controller 101 may continuously receive the same card identification information from the entrance side authentication information acquisition device 111. When the same card identification information is continuously input from the entrance-side authentication information acquisition device 111, the controller 101 sets the combination of the entrance flag and the card identification information to the authentication server 200 each time the card identification information is input. Send. Further, the controller 101 transmits a set of the exit flag and the card identification information to the authentication server 200 in response to the card identification information input from the exit side authentication information acquisition device 113.

  The controller 101 receives the authentication result from the authentication server 200 in response to transmitting the set of the entrance flag and the card identification information to the authentication server 200. The controller 101 outputs an unlocking instruction to the gate control device 115 when the authentication result indicates authentication success, but does not output an unlocking instruction to the gate control device 115 when the authentication result indicates authentication failure. , Notify the user that authentication failed. For example, the notification may generate a sound, or a message may be displayed when a display device is provided. In addition, when the controller 101 transmits a combination of an exit flag, device identification information, and card identification information to the authentication server 200, the controller 101 outputs an unlocking instruction to the gate control device 115.

  The gate control device 115 switches between locking and unlocking of the lock arranged at the door of the entrance / exit 611 of the conference room A. The gate control device 115 unlocks in response to an unlocking instruction input from the controller 101, and locks when the door is opened and then closed.

  FIG. 5 is a diagram illustrating an example of a hardware configuration of the authentication server. Referring to FIG. 5, the authentication server 200 includes a CPU (Central Processing Unit) 201 for controlling the entire authentication server 200, a ROM (Read Only Memory) 202 for storing a program to be executed by the CPU 201, A RAM (Random Access Memory) 203 used as a work area of the CPU 201, a hard disk drive (HDD) 204 for storing data in a nonvolatile manner, a communication unit 205 for connecting the CPU 201 to the network 2, and a display for displaying information A unit 206, an operation unit 207 that receives an input of a user operation, and an external storage device 208.

  The CPU 201 loads a program stored in the ROM 202 or the HDD 204 into the RAM 202 and executes it. The external storage device 208 can be loaded with a CD-ROM (Compact Disk ROM) 209 storing a program. The CPU 201 can access the CD-ROM 209 via the external storage device 208. The CPU 201 can load a program recorded on the CD-ROM 209 into the RAM 202 and execute it.

  In addition, although the program recorded on ROM202, HDD204, or CD-ROM209 was demonstrated as a program which CPU201 performs, the other computer connected to the network 2 rewritten the program memorize | stored in HDD204, or It may be a new program written additionally. Further, the authentication server 200 may be a program downloaded from another computer connected to the network 2. The program here includes not only a program directly executable by the CPU 201 but also a source program, a compressed program, an encrypted program, and the like.

  The medium for storing the program executed by the CPU 201 is not limited to the CD-ROM 309, but an optical disc (MO (Magnetic Optical Disc) / MD (Mini Disc) / DVD (Digital Versatile Disc)), IC card, optical card, It may be a semiconductor memory such as a mask ROM, EPROM (Erasable Programmable ROM), or EEPROM (Electrically EPROM).

  FIG. 6 is a block diagram illustrating an example of functions of the CPU included in the authentication server according to the first embodiment. The functions shown in FIG. 6 are formed in the CPU 201 when the CPU 201 included in the authentication server 200 executes an authentication program stored in the ROM 202, the HDD 204, or the CD-ROM 209. Referring to FIG. 6, the CPU 201 included in the authentication server 200 includes a first registration unit 251, an authentication information acquisition unit 253, a second registration unit 255, an authentication unit 257, a gate control unit 259, and an authentication support unit. 261.

  The first registration unit 251 associates each of the entrance / exit management devices 100 and 100A to 100C with the area in which the four entrance areas are arranged. Here, there are four areas: the entire building and the conference room A, the conference room B, and the conference room C included in the building. Specifically, the authentication server 200 stores an area table in the HDD 204. The area table includes an area record for each area.

  FIG. 7 is a diagram illustrating an example of an area record format. The area record includes an area item and an apparatus identification information item. In the area item, area identification information for identifying the area is set. In the device identification information item, device identification information of a device arranged in the area specified by the area identification information set in the area item among the entry / exit management devices 100, 100A to 100C is set.

  Returning to FIG. 6, the first registration unit 251 registers users who are permitted to enter the area. For example, the user who operates the authentication server 200 registers whether or not the user can enter the area for each of a plurality of users. Here, one or more users are registered. Hereinafter, a user registered by the first registration unit 251 is referred to as an authorized user. The first registration unit 251 registers whether or not each of the four areas can be entered for each user. Specifically, the first registration unit 251 stores a registered user table in the HDD 204. The registered user table includes a plurality of user records corresponding to a plurality of users. The user record associates admission permission of each of the four areas for each user.

  FIG. 8 is a diagram illustrating an example of a format of a user record. Referring to FIG. 8, the user record includes a user item, an authentication information item, and an admission permission / inhibition item. The entry permission / prohibition item includes an area 1 item, an area 2 item, an area 3 item, and an area 4 item corresponding to each of the four areas. User identification information for identifying the user is set in the user item, and card identification information is set in the authentication information item. The card identification information is information stored in a magnetic card or IC card assigned to the user. The items of the four areas 1 to 4 included in the admission permission / inhibition item are associated with the entire building area, the conference room A area, the conference room B area, and the conference room C area, respectively. In the area 1 item associated with the entire building area, whether to enter the entire building area is set. In the area 2 item associated with the area of the conference room A, whether to enter the area of the conference room A is set. In the area 3 item associated with the area of the conference room B, whether to enter the area of the conference room B is set. In the item of area 4 to which the area of the conference room C is associated, whether to enter the area of the conference room C is set. For each of the four area 1 items to area 4 items, “possible” is set when admission is possible, and “impossibility” is set when admission is not possible. In addition, in the case of a temporarily authorized user, which will be described later, the date on which entry is permitted is set for each of the four area 1 items to the area 4 items. The temporarily authorized user will be described later.

  Returning to FIG. 6, the first registration unit 251 generates a user record corresponding to each user for each of a plurality of users and adds the user record to the authentication table stored in the HDD 204 to register as a permitted user. For example, the first registration unit 251 displays a registration screen on the display unit 206, and user identification information, authentication information, and four areas that can be entered by a user operating the authentication server 200 according to the registration screen. And generate a user record. Here, the authentication information is card identification information stored in a magnetic card or IC card carried by the user.

  The authentication information acquisition unit 253 controls the entrance / exit management devices 100 and 100A to 100C to acquire authentication information. Since the control of the entrance / exit management devices 100, 100A to 100C by the authentication information acquisition unit 253 is the same, here, a case where authentication information is acquired from the entrance / exit management device 100A arranged in the conference room A will be described as an example. When the entrance-side authentication information acquisition device 111 reads the card identification information stored in the magnetic card or IC card carried by the user, the entrance / exit management device 100A sets the combination of the entrance flag and the card identification information to the authentication server 200. When the exit-side authentication information acquisition device 113 reads the card identification information stored in the magnetic card or IC card carried by the user, the exit-side authentication information acquisition device 113 transmits a set of the exit flag and the card identification information to the authentication server 200. . When the communication unit 205 receives a set of an entrance flag or exit flag and card identification information from the entrance / exit management device 100A, the authentication information acquisition unit 253 acquires an entrance flag or exit flag and card identification information. The authentication information acquisition unit 253 identifies the device that has transmitted the entrance flag or the exit flag and the card identification information from among the entrance / exit management devices 100, 100A to 100C, and enters the entrance flag or the exit flag, the card identification information, The authentication request information including the device identification information of the specified device is output to the authentication unit 257 and the second registration unit 255.

  The authentication unit 257 authenticates the user specified by the card identification information included in the input authentication request information in response to the input of the authentication request information including the entrance flag from the authentication information acquisition unit 253. Specifically, in the authentication unit 257, the user specified by the card identification information included in the authentication request information is specified by the device identification information included in the authentication request information among the entry / exit management devices 100 and 100A to 100C. It is determined whether or not the user is registered as an authorized user who can enter the area where the device is located. The authentication unit 257 authenticates if the user is registered as an authorized user who can enter the area, but does not authenticate if the user is not registered as an authorized user who can enter the area.

  Specifically, the authentication unit 257 includes, in the user record included in the authentication table stored in the HDD 204 by the first registration unit 251, the same card identification information as the card identification information included in the authentication request information. Extract the user record set in the field. When extracting the user record, the authentication unit 257 acquires the admission permission set for the area specified by the device identification information included in the authentication request information in the extracted user record. Here, a case where the device identification information included in the authentication request information is the device identification information of the entry / exit management device 100A will be described as an example. The authentication unit 257 refers to the area table stored in the HDD 204 and obtains area identification information of the conference room A that is an area associated with the entrance / exit management device 100A specified by the device identification information included in the authentication request information. get. And the authentication part 257 acquires the admission permission set to the item of the area 2 corresponding to the conference room A among four items contained in the admission permission item of a user record. The authentication unit 257 is registered as an authorized user who is permitted to enter the conference room A when “permitted” is set in the item of the area 2 corresponding to the conference room A of the user record. However, if “impossible” is set, it is determined that the user is not registered as an authorized user permitted to enter the conference room A, and authentication is not performed.

  The authentication unit 257 sends the combination of the device identification information and the authentication result included in the authentication request information to the gate control unit 259 and the authentication support unit 261 regardless of whether the user is authenticated or not authenticated. Output. The authentication result may indicate that the authentication has succeeded or may indicate that the authentication has failed.

  The gate control unit 259 controls the communication unit 205 in response to the combination of the device identification information and the authentication result input from the authentication unit 257, and the authentication result input from the authentication unit 257 is the authentication unit 257. Is sent to the room entry / exit management device 100A specified by the device identification information input.

  Hereinafter, the authentication request information when the authentication unit 257 determines that the authentication request information is input from the authentication information acquisition unit 253 and is registered as an authorized user according to the authentication request information. That's it.

  The authentication unit 257 authenticates the first user as an authorized user according to the first authentication request information, and then, when one or more authentication request information that is the same as the first authentication request information is continuously input, the authentication information acquisition unit The number of the same authentication request information as the first authentication request information input from 253 is counted, and the counted number is determined as the registration number. The authentication unit 257 outputs a registration instruction to the second registration unit 255 when determining the number of registrations. The registration instruction includes the number of registrations, device identification information included in the first authentication request information, and user identification information of the first user registered as an authorized user.

  The second registration unit 255 receives authentication request information from the authentication information acquisition unit 253 and receives a registration instruction from the authentication unit 257. Hereinafter, the authentication request information input from the authentication information acquisition unit 253 to the second registration unit 255, input after the first authentication request information, and the card identification information included in the first authentication request information Authentication request information including different card identification information is referred to as second authentication request information.

  The second registration unit 255 registers the second user as a temporary authorized user based on the second authentication request information input from the authentication information acquisition unit 253. The second registration unit 255 registers the same number of second users as the temporary authorized users based on the second authentication request information continuously input from the authentication information acquisition unit 253. The second registration unit 255 includes the second user specified by the card identification information included in the second authentication request information for each of the second authentication request information for the number of registrations. Registered as a temporarily authorized user who can enter the area where the room entry / exit management device 100A specified by the device identification information is placed. Specifically, the second registration unit 255 sets the card identification information included in the second authentication request information in the authentication information item, and the four area 1 items to the area 4 items included in the admission permission / inhibition item. A user who sets the date of the day as information indicating that entry is temporarily permitted in the item of the area corresponding to the area associated with the device identification information included in the second authentication request information among the items A record is generated and the user record is added to the authentication table stored in the HDD 204. The second registration unit 255 adds a user record to the authentication table when there is a user record in which the same card identification information as the card identification information included in the second authentication request information is set in the authentication information item. In the user record, the area corresponding to the area associated with the device identification information included in the second authentication request information among the items in the four areas 1 to 4 included in the entry permission / inhibition item. When “impossible” is set in the item, the date of the day is set instead of “impossible”.

  “Allow” indicating that entry is permitted by the first registration unit 251 for each of the four area 1 items to the area 4 items included in the entry record of the user record, and “impossible” where entry is not permitted. Is set to one of the following. Furthermore, the year, month, and day indicating the date on which entry is temporarily permitted by the second registration unit 255 are set in each of the four area 1 items to the area 4 items included in the entry record of the user record. . Therefore, the user record in which the date is set in any of the four area 1 items to the area 4 items included in the user record entry availability item is the user identification information set in the user item. Unlike the permitted user registered by the first registration unit 251 for the area to which the specified user corresponds to the item in which the date is set among the items in the four areas 1 to the items in the area 4, 2 Indicates that the user is a temporarily authorized user registered by the registration unit 255. In other words, in order to distinguish the authorized user registered by the user managing the authentication server 200, the second registration unit 255 includes the four area 1 items to the area 4 items included in the entry record of the user record. Of the items, the date corresponding to the area associated with the device identification information included in the second authentication request information is set to the date, not “permitted” or “impossible”.

  Further, the second registration unit 255 stores a table in which the user identification information and the card identification information are associated with each other in advance in the HDD 204, and sets the user identification information associated with the card identification information in the user item of the user record. To do. In the user record of the second user generated by the second registration unit 255, the user item may be blank. This is because the user can be specified only from the card identification information.

  Also, the second registration unit 255 generates a registration history record and stores it in the HDD 204 when registering the second user as a temporary authorized user.

  FIG. 9 is a diagram illustrating an example of a format of a registration history record. Referring to FIG. 9, the registration history record includes a user item, an area item, and a registration date. In the user item, user identification information of a second user registered as a temporary authorized user is set, and in the area item, area identification information associated with the device identification information included in the second authentication request information is set. In the registration date field, the date on which the registration history record is generated is set.

  Returning to FIG. 6, after the second user is registered as a temporary authorized user by the second registration unit 255, the authentication unit 257 stores the card stored in the card carried by the second user from the authentication information acquisition unit 253. When the authentication request information including the identification information and the entrance flag is input, the second user uses the user data in which the same card identification information as the card identification information included in the authentication request information is set in the authentication information item. Authenticate. The authentication unit 257 is specified by area identification information associated with the device identification information included in the authentication request information among the four area 1 items to the area 4 items included in the entry permission / prohibition item of the user record used for authentication. If a date is set in the item corresponding to the area and the set date is the date of the day, the second user is included in the device identification information included in the authentication request information. It is determined that the user is permitted temporarily to enter the area specified by the associated area identification information, and is authenticated. The authentication unit 257 determines that the user is registered as a temporary authorized user, and sets the combination of the device identification information and the authentication result included in the authentication request information regardless of whether the user is authenticated or not authenticated. The data is output to the gate control unit 259 and the authentication support unit 261. The authentication result may indicate that the authentication has succeeded or may indicate that the authentication has failed. In addition, although the time limit for authenticating as a user registered as a temporary authorized user is the date registered by the second registration unit 255, authentication may be performed from the date of registration to a predetermined period.

  On the other hand, the authentication unit 257 is area identification information associated with the device identification information included in the authentication request information among the items of the area 1 to the area 4 included in the entry permission / prohibition item of the user record used for authentication. If the date corresponding to the specified area is not set, or if the date is set but different from the date, the device identification information included in the authentication request information It is determined that the user is not registered as a temporary authorized user who is permitted to enter the area specified by the area identification information associated with.

  When authenticating the second user registered as a temporary authorized user, the authentication unit 257 generates an entry / exit history record indicating that the second user has entered the area, and stores the entry / exit record in the HDD 204.

  FIG. 10 is a diagram showing an example of the format of the entry / exit history record. Referring to FIG. 10, the entry / exit history record includes an entry / exit flag item, a user item, an area item, and an entry / exit date / time item. In the entry / exit flag item, an entrance flag or an exit flag is set. In the user item, user identification information of the second user is set. In the area item, area identification information associated with the device identification information included in the authentication request information is set. In the entry / exit date and time item, the date of the date when the authentication request information is input from the authentication information acquisition unit 253 is set.

  Returning to FIG. 6, the authentication unit 257 sets an entrance flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and includes the authentication request information in the area item. The area identification information associated with the identification information is set, and the entry / exit history record is generated with the current date / time set in the entry / exit date / time item.

  In addition, the authentication unit 257 includes an exit request from the authentication information acquisition unit 253, and an authentication request including card identification information stored in a card carried by the second user registered as a temporary authorized user by the second registration unit 255 When the information is input, the second user is specified, and it is determined that the specified second user has left the area. When the authentication unit 257 determines that the second user has exited, the authentication unit 257 generates an entry / exit history record indicating that the second user has exited the area, and stores the entry / exit history record in the HDD 204. The authentication unit 257 sets the exit flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and sets the authentication request information input from the authentication information acquisition unit 253 in the area item. The area identification information corresponding to the included apparatus identification information is set, and an entry / exit history record is generated in which the current date / time is set in the entry / exit date / time item.

  The first registration unit 251 registers, as an authorized user, a second user whose number of times registered as a temporary authorized user by the second registration unit 255 is equal to or greater than a predetermined number during the first period. However, the first registration unit 251 has a stay time from when the second user registered as a temporary authorized user by the second registration unit 255 enters the area until leaving the area is equal to or shorter than the second time. Does not count as the number of times the second registration unit 255 has registered as a temporary authorized user.

  The first registration unit 251 uses the registration history record stored in the HDD 204 to count the number of times the second user has been registered as a temporary authorized user by the second registration unit 255 during the first period. Specifically, the first registration unit 251 extracts, from the registration history records stored in the HDD 204, a registration history record including user identification information of the user to be processed as a processing target. For each of the one or more extracted registration history records, the first registration unit 251 includes the area identification information set in the area item of the registration history record and the date set in the date field. Based on the entry history record and the exit history record set in the area item and the entry / exit date / time item, the staying time in the area specified by the area identification information is calculated. The first registration unit 251 deletes, from one or more registration history records extracted as processing targets, one or more registration history records that have a calculated stay time equal to or shorter than the second time. Excluded from the number of times registered as a temporary authorized user. As a result, only when the second user stays in the area for the second time or longer, it is included in the number of times registered as a temporary authorized user, so it is temporarily necessary to give permission to enter the area. The case where the entrance to the area is permitted can be excluded. The case of not staying in the area for the second time or more is, for example, the case of visiting a person staying in the area for greetings.

  The first registration unit 251 calculates one or more registration history records to be processed by calculating the number of registration history records having the same area identification information set in each area item. Sort by multiple areas. The first registration unit 251 sequentially selects a plurality of areas as processing targets, and, for the areas selected as processing targets, generates one or more registration history records classified into the areas, and the year when the registration history records are generated. The number of one or more registration history records is calculated for each of a plurality of sets whose date falls within the first period, and the maximum value of the calculated number is set to the number of times registered as a temporary authorized user for each of a plurality of areas. decide. When there is an area where the number of times of registration as a temporary authorized user is a predetermined number or more, the first registration unit 251 includes the user identification information of the user to be processed in the user item in the user record stored in the HDD 204. Temporarily authorized users can be set by setting “permitted” to the items corresponding to the area selected as the processing target among the items in the four areas 1 to 4 included in the entry permission / prohibition item of the set user record. Register users registered as authorized users. Thereby, a user who is not registered as an authorized user by a user who operates the authentication server 200 can be registered as an authorized user.

  The authentication support unit 261 receives device identification information and an authentication result from the authentication unit 257. When the user is authenticated by authentication unit 257, authentication support unit 261 specifies an area associated with the device identification information input from authentication unit 257 and the area table, and is specified from among MFPs 100A, 100B, and 100C. The card identification information of the authenticated user is transmitted to the device arranged in the area. For example, when the authentication support unit 261 authenticates as an authorized user or a user who is registered as a temporary authorized user in the area of the conference room A by the authentication unit 257, the MFP 300A disposed in the conference room A is identified and identified. The card identification information of the authenticated user is transmitted to MFP 300A.

  The hardware configurations and functions of MFPs 300A to 300C are the same. Here, MFP 300A will be described as an example.

  FIG. 11 is a block diagram illustrating an example of a hardware configuration of the MFP. Referring to FIG. 11, MFP 300 </ b> A includes main circuit 310, document reading unit 330 for reading a document, automatic document feeder 320 for transporting a document to document reading unit 330, and document reading unit 330. The image forming unit 340 for forming an image on a sheet or the like based on the image data output by reading the image, the sheet feeding unit 350 for supplying the image to the image forming unit 340, and the sheet on which the image is formed is processed. A post-processing unit 355 and an operation panel 360 as a user interface.

  The post-processing unit 355 executes a sorting process for sorting and discharging one or more sheets on which images are formed by the image forming unit 340, a punching process for punching holes, and a staple process for driving staple needles.

  The main circuit 310 includes a CPU 311, a communication interface (I / F) unit 312, a ROM 313, a RAM 314, a hard disk drive (HDD) 315 as a mass storage device, a facsimile unit 316, and a CD-ROM 319. An external storage device 318. CPU 311 is connected to automatic document feeder 320, document reading unit 330, image forming unit 340, paper feed unit 350, post-processing unit 355, and operation panel 360, and controls the entire MFP 300.

  The ROM 313 stores a program executed by the CPU 311 or data necessary for executing the program. The RAM 314 is used as a work area when the CPU 311 executes a program. The RAM 314 temporarily stores read data (image data) continuously sent from the document reading unit 330.

  Operation panel 360 is provided on the upper surface of MFP 300 and includes a display unit 361 and an operation unit 363. The display unit 361 is a display device such as a liquid crystal display (LCD) or an organic ELD (Electro-Luminescence Display), and displays an instruction menu for the user, information about acquired image data, and the like. The operation unit 363 includes a hard key unit 367 composed of a plurality of keys, and accepts input of various instructions, data such as characters and numbers by user operations corresponding to the keys. The operation unit 363 further includes a touch panel 365 provided on the display unit 361.

  Communication I / F unit 312 is an interface for connecting MFP 300 to LAN 3. The CPU 311 communicates with the authentication server 200 connected to the network 2 via the communication I / F unit 312 and transmits / receives data.

  The facsimile unit 316 is connected to a public switched telephone network (PSTN) and transmits facsimile data to the PSTN or receives facsimile data from the PSTN. The facsimile unit 316 stores the received facsimile data in the HDD 315 or outputs it to the image forming unit 340. The image forming unit 340 prints the facsimile data received by the facsimile unit 316 on a sheet. In addition, the facsimile unit 316 converts the data stored in the HDD 315 into facsimile data, and transmits the facsimile data to a facsimile machine connected to the PSTN.

  The authentication information acquisition device 317 reads card identification information stored in a magnetic card or IC card carried by the user. Authentication information acquisition apparatus 317 is arranged on the upper surface of MFP 300A. For example, it may be arranged on the operation panel 360. The authentication information acquisition device 317 outputs the card identification information to the CPU 311 in response to reading the card identification information.

  The external storage device 318 is loaded with a CD-ROM 319. The CPU 311 can access the CD-ROM 319 via the external storage device 318. The CPU 311 loads the program recorded on the CD-ROM 319 mounted on the external storage device 318 to the RAM 314 and executes it. The medium for storing the program executed by the CPU 311 is not limited to the CD-ROM 319, and may be a semiconductor memory such as an optical disc (MO / MD / DVD), IC card, optical card, mask ROM, EPROM, or EEPROM. Good.

  Further, the CPU 311 may load a program stored in the HDD 315 into the RAM 314 and execute it. In this case, another computer connected to the network 2 may rewrite the program stored in the HDD 315 of the MFP 300A, or may add a new program and write it. Furthermore, MFP 300A may download a program from another computer connected to network 2 and store the program in HDD 315. The program here includes not only a program directly executable by the CPU 311 but also a source program, a compressed program, an encrypted program, and the like.

  FIG. 12 is a block diagram illustrating an example of functions of the CPU provided in the MFP. The functions shown in FIG. 12 are processes executed by the CPU 301 when the CPU 301 included in the MFP 300A executes a management program. Referring to FIG. 12, MFP 300 </ b> A includes device-side authentication information acquisition unit 51, authentication information reception unit 57, and device-side authentication unit 53.

The authentication information receiving unit 57 controls the communication I / F unit 312 to output the card identification information to the device side authentication unit 53 in response to the card identification information input from the authentication server 200. The acquisition unit 51 controls the authentication information acquisition device 317 and uses the card identification information output when the authentication information acquisition device 317 reads the card identification information stored in the magnetic card or IC card carried by the user as the authentication information. get. The device-side authentication information acquisition unit 51 outputs the card identification information to the device-side authentication unit 53 in response to acquiring the card identification information.

  The device-side authentication unit 53 authenticates the user specified by the card identification information in response to the card identification information input from the device-side authentication information acquisition unit 51. MFP 300A registers in advance device users who are permitted to use MFP 300A, and stores card identification information assigned to the device users in HDD 315. If the card identification information input from the device-side authentication information acquisition unit 51 is stored in the HDD 315, the device-side authentication unit 53 authenticates the user assigned the card identification information. If the card identification information input from the device side authentication information acquisition unit 51 is not stored in the HDD 315, the device side authentication unit 53 determines that the card identification information input from the device side authentication information acquisition unit 51 is the authentication information reception unit 57. To determine whether or not it has been received from the authentication server 200. If the card identification information input from the device-side authentication information acquisition unit 51 is received from the authentication server 200 by the authentication information receiving unit 57, the device-side authentication unit 53 authenticates the user to which the card identification information is assigned. Otherwise, do not authenticate.

  When authenticating a user, the apparatus-side authentication unit 53 permits execution of a process according to an operation by the authenticated user. However, when authenticating a user, the apparatus-side authentication unit 53 does not permit execution of a process according to an operation by the authenticated user. If the CPU 311 authenticates by the device-side authentication unit 53, the CPU 311 determines that the operation received by the operation panel 360 is an operation by the authenticated user, and executes processing according to the operation received by the operation panel 360. When the authentication is not performed by the unit 53, the operation accepted by the operation panel 360 is ignored.

  Therefore, even if a user who is not registered in MFP 300A as a device user who is permitted to use MFP 300A is registered as a temporary authorized user by authentication server 200 when entering conference room A, MFP 300A is used. can do.

  FIG. 13 is a flowchart illustrating an example of the flow of entrance / exit management processing according to the first embodiment. The entrance / exit management process is a process executed by the CPU 201 when the CPU 201 included in the authentication server 200 executes an authentication program stored in the ROM 202, the HDD 204, or the CD-ROM 209. Referring to FIG. 13, CPU 201 provided in authentication server 200 determines whether or not card identification information has been received. The process waits until the card identification information is received. If the card identification information is received, the process proceeds to step S02. It is determined whether the communication unit 205 has received the card identification information from any of the entry / exit management devices 100, 100A to 100C. Here, a case where card identification information is received from the entry / exit management device 100A will be described as an example.

  In step S02, an area is specified. An area associated with the device that has transmitted the card identification information received in step S01 is specified. Here, since the card identification information is received from the entrance / exit management device 100A, the conference room A associated with the entrance / exit management device 100A is specified as an area with reference to the area table stored in the HDD 204.

  In the next step S03, it is determined whether or not the entrance flag is received together with the card identification information. The entrance / exit management device 100A that transmits the card identification information transmits either the entrance flag or the exit flag together with the card identification information. Therefore, if the communication unit 205 receives the entrance flag together with the card identification information, the process proceeds to step S04. If not, the process proceeds to step S19.

  When the process proceeds to step S19, the communication unit 205 receives the exit flag together with the card identification information. In step S19, the exit history is stored, and the process returns to step S01. Specifically, the exit flag is set in the entry / exit flag item, the user identification information of the user corresponding to the card identification information received in step S01 is set in the user item, and the area item in step S02. The area identification information of the identified area, here conference room A, is set, and an entry / exit history record is created with the current date / time set in the entry / exit date / time item, and stored in the HDD 204.

  In step S04, it is determined whether or not there is a user record including card identification information. If the user table stored in the HDD 204 includes a user record in which the card identification information received in step S01 is set in the authentication information item, the user record is read and the process proceeds to step S05. Otherwise, the process proceeds to step S18.

  In step S05, it is determined whether or not entry to the area specified in step S02 is permitted. Of the four area 1 items to area 4 items included in the entry permission item of the user record read in step S04, the item corresponding to the area specified in step S02 is set to “OK” or the day. If the date is set, admission is permitted. Otherwise, admission is not permitted. If admission is permitted, the process proceeds to step S06. If admission is not permitted, the process proceeds to step S18. In step S18, the communication unit 205 is controlled, and the authentication result indicating the authentication failure is transmitted to the device that has transmitted the card identification information received in step S01, here, the entrance / exit management device 100A, and the process is performed. Return to step S01.

  In step S06, the communication unit 205 is controlled to transmit the authentication result indicating the authentication success to the device that has transmitted the card identification information received in step S01, here, the entrance / exit management device 100A. Proceed to step S07. In step S07, the admission history is stored, and the process proceeds to step S08. Specifically, the entry flag is set in the entry / exit flag item, the user identification information of the user corresponding to the card identification information received in step S01 is set in the user item, and the area item in step S02. The area identification information of the identified area, here conference room A, is set, and an entry / exit history record is created with the current date / time set in the entry / exit date / time item, and stored in the HDD 204.

  In step S08, it is determined whether the authenticated user is a user registered as an authorized user. Of the four area 1 items to area 4 items included in the entry permission item of the user record read in step S04, “OK” is set in the item corresponding to the area specified in step S02. If the date is set, the user is determined to be a temporary permitted user. If it is determined that the user is an authorized user, the process proceeds to step S09; otherwise, the process returns to step S01.

  In step S09, communication unit 205 determines whether or not the card identification information has been received from the area permitted to enter in step S05, in this case, entry / exit management device 100A arranged in conference room A. If card identification information is received from entry / exit management device 100A, the process proceeds to step S10; otherwise, the process returns to step S01. In step S10, it is determined whether or not the card identification information received in step S09 is the same as the card identification information associated with the user permitted to enter the conference room A in step S05. The card identification information associated with the user permitted to enter the conference room A in step S05 is the same as the card identification information received in step S01. If the card identification information received in step S09 is the same as the card identification information associated with the user permitted to enter conference room A in step S05, the process proceeds to step S10. If not, the process proceeds to step S10. Proceed to S12. In step S11, the number of registered users is counted up, and the process returns to step S09. In other words, the number of registered users is the number of times the same card identification information as the card identification information associated with the user permitted to enter the conference room A in step S05 is received.

  When the process proceeds to step S12, the card identification information received from the entrance / exit management device 100A arranged in the conference room A in step S09 is the card associated with the user who has permitted entry into the conference room A in step S05. This is a case where the card identification information is not the same as the identification information. In this case, the number of registered users is 0 or more. In step S12, the user specified by the card identification information received in step S09 is registered as a temporary authorized user. Specifically, the card identification information received in step S09 is set in the authentication information item, and the area specified in step S02 among the four area 1 items to the area 4 items included in the admission permission / inhibition item A user record in which the date of the day is set as information indicating that entry is temporarily permitted is generated in the item corresponding to, and the user record is added to the authentication table stored in the HDD 204. The area specified in step S02 is the conference room A here. If the user record in which the card identification information received in step S09 is set in the authentication information item exists in the authentication table stored in the HDD 204, the four areas 1 included in the entry permission / inhibition item of the record are shown. If the item corresponding to the area specified in step S02 is set to “impossible” among the items of items 4 to 4, the date of the day is used as information indicating that entry is temporarily permitted. Set the date, and if the date is set, set the date. Note that if “permitted” is set in the item corresponding to the area specified in step S02, the user is an authorized user, and the process proceeds to step S13 without changing the item.

  In step S13, the admission history is stored, and the process proceeds to step S14. Specifically, the entry flag is set in the entry / exit flag item, the user identification information of the user corresponding to the card identification information received in step S09 is set in the user item, and the area item in step S02. The area identification information of the identified area, here conference room A, is set, and an entry / exit history record is created with the current date / time set in the entry / exit date / time item, and stored in the HDD 204.

  In step S14, authentication information is transmitted, and the process proceeds to step S15. The authentication information is the card identification information received in step S09. The transmission destination of the authentication information is the MFP 100A arranged in the area specified in step S02, here, the conference room A.

  In the next step S15, the registration history is stored, and the process proceeds to step S16. Specifically, the user identification information of the user registered as a temporary authorized user in step S12 is set in the user item, and the area identified in step S02, here, the area identification information of conference room A is set in the area item. Then, a registration history record in which the date of the day is set as the item of registration date is generated and stored in the HDD 204.

  In step S16, variable N is incremented, and the process proceeds to step S17. The variable N is a variable for counting the number of users registered as temporarily authorized users, and the initial value is zero. In step S17, it is determined whether or not the variable N is larger than the number of registered users counted in step S11. If variable N is greater than the number of registered users counted in step S11, the process returns to step S01. If not, the process returns to step S09.

  FIG. 14 is a flowchart illustrating an example of the flow of permitted user registration processing. The authorized user registration process is a process executed by the CPU 201 when the CPU 201 of the authentication server 200 executes an authentication program stored in the ROM 202, HDD 204 or CD-ROM 209, and is executed in parallel with the admission management process. The Referring to FIG. 14, CPU 201 selects a user registered as a temporary authorized user (step S31). A user record in which the date is set in any of the four area 1 items to the area 4 items included in the admission availability item among one or more user records included in the user table stored in the HDD 204 Is selected for processing. The user specified by the user identification information set in the user field of the selected user record is a user registered as a temporary authorized user.

  In the next step S32, an area is specified. In step S31, the area corresponding to the item for which the date is set is selected from the four items in area 1 to item 4 included in the entry permission / prohibition item of the user record selected as the processing target. When there are a plurality of items in which the date is set among the items in the four areas 1 to 4, the area corresponding to any one item is selected.

  In the next step S33, a registration history record is extracted in order to count the number of times the selected user has been registered as a temporary authorized user in the area. Among the registration history records stored in the HDD 204, the user identification information of the user selected as the processing target in step S31 is set in the user item, and the area item is selected as the processing target in step S32. All of the registration history records in which the area identification information of the selected area is set are extracted. Then, the registration history record generated last is selected (step S34). From the extracted registration history records, the registration history record with the latest date set in the item of registration date is selected as a processing target. And it is judged whether stay time is more than threshold value T2. The staying time is calculated with reference to the entry / exit history record stored in the HDD 204. Specifically, the user identification information of the user selected in step S31 is set in the user item from the entry / exit history records stored in the HDD 204, and the area item is selected in step S32. Entry / exit history in which area identification information is set, and the date / time set in the entry date / time of the registration history record selected in step S34 is set in the entry / exit date / time item Extract records. The extracted entry / exit history record includes at least one set of an entry / exit record in which the entry / exit flag is set in the entry / exit flag field and an entry / exit record in which the entry / exit flag is set in the entry / exit flag field. . Time is calculated from the time of entry and the time of exit for each of one or more groups. The maximum value among the times calculated for each of the one or more sets is defined as the stay time. In addition, it is good also considering the minimum value or the average value among the time calculated with respect to each 1 or more group as stay time. Then, the staying time is compared with threshold value T2, and if the staying time is equal to or greater than threshold value T2, the process proceeds to step S36. If not, the process proceeds to step S38. This is to avoid counting as the number of registrations when the staying time is shorter than the threshold value T2.

  In step S36, the registration count which is a variable is incremented, and the process proceeds to step S37. The number of registrations indicates the number of times the user selected as the processing target in step S31 is registered as a temporary authorized user in the area selected in step S32, and is reset to 0 each time step S32 is executed. It is incremented every time step S36 is executed.

  In step S37, the registration history record selected as the processing target in step S34 or the registration history record whose registration date is one earlier than the registration history record selected as the processing target in step S39 described later is: It is determined whether or not the registration history record selected in step S33 exists. If such a registration history record exists, the process proceeds to step S38. If not, the process proceeds to step S40.

  In step S38, whether or not the registration history record selected as the processing target in step S37 was generated within a period preceding the first period from the date when the last registration history record selected in step S34 was generated. Judging. The date set in the item of registration date of the registration history record selected as the processing target in step S37 and the item of registration date of the last registration history record selected in step S34 are set. If the period between the date and the date on which they are generated is equal to or shorter than the first period, the process proceeds to step S39; otherwise, the process proceeds to step S40. This is for counting the number of times registered as a temporarily authorized user within the first period. In addition, although the example which counts the number of the registration history records produced | generated in the 1st period on the basis of the registration history record produced | generated last is shown here, on the basis of arbitrary registration history records, You may make it count the number of the registration history records produced | generated in the 1st period.

  In step S39, the registration history record with the previous registration date confirmed in step S37 is selected as the processing target, and the process returns to step S35.

  On the other hand, in step S40, it is determined whether the number of registrations is equal to or greater than a threshold value TN. If the number of registrations counted in step S36 is greater than or equal to threshold value TN, the process proceeds to step S41. If not, the process proceeds to step S42. In step S41, the user selected in step S31 is registered as an authorized user permitted to enter the area selected in step S32, and the process proceeds to step S42. Specifically, among the four area 1 items to the area 4 items included in the entry permission item of the user record in which the user identification information of the user selected in step S31 is set in the user item, step S32 Set “OK” to the item corresponding to the area selected in.

  In the next step S42, it is determined whether or not there is an area not selected for processing. Of the four area 1 items to area 4 items included in the entry permission item of the user record selected in step S31, the item corresponds to the area not selected as the processing target in step S32, and If there is an item for which the date is set, it is determined that there is an area that is not selected for processing. If there is an area not selected for processing, the process returns to step S32. If not, the process proceeds to step S43.

  In step S42, it is determined whether there is a next temporary authorized user. If there is a temporarily authorized user not selected as a process target in step S31, the process returns to step S31. If not, the process ends.

  As described above, in the entrance / exit management system 1 according to the first embodiment, the authentication server 200 uses the card identification information received from the magnetic card or the IC card carried by the first user. After authenticating the user, when the magnetic card or IC card carried by the first user is obtained, and then further when the card identification information is received from the magnetic card or IC card carried by the second user, the second Register the user as a temporary authorized user. For this reason, there is an operation for receiving authentication by the first user after the first user registered as an authorized user is authenticated, for example, an operation for reading a magnetic card or an IC card, and then the second user When there is an operation for receiving authentication by the user, the second user is registered as a temporary authorized user. Therefore, the second user can be registered as a temporary authorized user with a simple operation by the first user registered as an authorized user.

The authentication server 200 receives the card authentication information from the magnetic card or IC card carried by the first user before the card identification information is received from the magnetic card or IC card carried by the second user. The same number of second users are registered as temporarily authorized users. For this reason, the first user can specify the number of registered second users by the number of times of repeating the operation for receiving authentication, for example, the operation of reading the magnetic card or the IC card. .

In addition, the magnets carried by the user using the entrance / exit management devices 100, 100A, 100B, and 100C installed at the entrances and exits of the areas of the building 600, the conference room A, the conference room B, and the conference room C included in the building 600, respectively. Card identification information is read from a card or IC card, and locking and unlocking of the door are controlled, so that users who enter and leave the areas of the building 600, the conference room A, the conference room B, and the conference room C can be managed. .

  In addition, since the authentication server 200 registers a user who has been registered as a temporary authorized user a predetermined number of times or more as a permitted user, a user who is temporarily allowed to enter the area and a user who is allowed to enter the area without a time limit. It is possible to register separately from users who are allowed to enter. In addition, it is possible to eliminate the restriction on the period of users who frequently enter the area.

  In addition, since the authentication server 200 registers, as a permitted user, a user who has been registered as a temporarily permitted user in the first period as a permitted user, the period of a user who frequently enters the area during the predetermined period is registered. Limits can be removed.

  In addition, the authentication server 200 does not include the number of times registered as a temporary permitted user when the stay period from the time when a user registered as a temporary authorized user enters the area to the time when the user leaves is equal to or shorter than the second period. By restricting the events that enter the area, it is possible to improve the accuracy of the conditions for removing the restriction of the period during which the user is authenticated. For example, an event that has entered the area to greet other users in the area can be eliminated.

  For example, when the authentication server 200 is registered as a temporary authorized user permitted to enter the conference room A, the authentication server 200 transmits the card identification information of the magnetic card or IC card carried by the user to the MFP 100A. When MFP 100A reads the card identification information of a magnetic card or IC card carried by a user registered as a temporarily authorized user, MFP 100A authenticates the temporarily authorized user and authorizes its use. Therefore, a user who has permitted entry into conference room A can use MFP 100A.

<Modification of the first embodiment>
The entrance / exit management system 1 in the first embodiment uses the card identification information stored in the magnetic card or IC card carried by the user as authentication information, but the entrance / exit management in the modification of the first embodiment The system 1 uses user biometric information as authentication information. The entrance / exit management system 1 in the modification of the first embodiment manages users who enter / exit in a plurality of areas by authenticating using the user's biometric information. Hereinafter, the entrance / exit management system 1 in the modification of the first embodiment will be described mainly with respect to differences from the entrance / exit management system 1 in the first embodiment.

  Referring to FIG. 3, entrance / exit management system 1 in the modification of the first embodiment obtains entrance-side authentication information provided in each of entrance / exit management devices 100, 100 </ b> A to 100 </ b> C in order to use authentication information as biometric information. The device 111 and the exit side authentication information acquisition device 113 acquire the user's biometric information. The biometric information may be any of fingerprints, irises, and vein patterns. Specifically, each of the entrance side authentication information acquisition device 111 and the exit side authentication information acquisition device 113 can use a camera for reading biometric information. In this case, the biological information is an image captured by the camera.

  Further, the authentication server 200 in the modification of the first embodiment receives and processes the authentication information transmitted from each of the entry / exit management devices 100, 100A to 100C. The only difference from the authentication server 200 in the first embodiment is that the authentication information is card identification information stored in a magnetic card or IC card carried by the user in that authentication information is biometric information.

  As described above, the entrance / exit management system 1 in the modification of the first embodiment uses the user's biometric information as authentication information. For this reason, in the entrance / exit management system 1 in the modification of the first embodiment, the authentication server 200 authenticates the first user using the biometric information of the first user, and then the biometric of the first user. If the information is acquired and then the second user's biometric information is acquired, the second user is registered as a temporary authorized user. For this reason, there is an operation for receiving authentication by the first user after the first user registered as an authorized user is authenticated, for example, an operation for reading biometric information, and then authentication by the second user. If there is an operation for receiving the user, the second user is registered as a temporary authorized user. Therefore, the second user can be registered as a temporary authorized user with a simple operation by the first user registered as an authorized user.

  In addition, the authentication server 200 according to the modification of the first embodiment has the same number of second users as the number of times the first user's biometric information is received before acquiring the second user's biometric information. Register as a temporary authorized user. For this reason, the first user can specify the number of registered second users who are not registered by the number of times of repeating an operation for receiving authentication, for example, an operation for reading biometric information.

<Second Embodiment>
The entrance / exit management system 1A according to the second embodiment authenticates a user by using a face authentication method as an authentication method, and manages users entering and exiting a plurality of areas. Hereinafter, in the entrance / exit management system 1A in the second embodiment, the same members as those in the entrance / exit management system 1 in the first embodiment are denoted by the same reference numerals, and different points will be mainly described. The entrance / exit management system 1A according to the second embodiment manages the entrance / exit of the user in the building 600 shown in the floor plan shown in FIG.

  FIG. 15 is a diagram illustrating an example of an overall outline of an entrance / exit management system according to one of the second embodiments. Referring to FIG. 15, an entrance / exit management system 1A according to the second embodiment includes an authentication server 200A, entrance / exit management devices 400, 400A to 400C, and MFPs 300A to 300C.

  The entrance / exit management device 400 is installed at the entrance / exit 601 of the building 600 and detects a user who enters / exits the entire area of the building 600 through the entrance / exit 601 of the building 600. The entrance / exit management device 400A is installed at the entrance / exit 611 of the conference room A, and detects a user who enters / exits the area of the conference room A through the entrance / exit 611 of the conference room A. The entrance / exit management device 400B is installed at the entrance / exit 621 of the conference room B, and detects a user who enters / exits the area of the conference room B through the entrance / exit 621 of the conference room B. The entrance / exit management device 400C is installed at the entrance / exit 631 of the conference room C, and detects a user who enters / exits the area of the conference room C through the entrance / exit 631 of the conference room C. MFP 300A is installed in conference room A, MFP B is installed in conference room B, and MFP 300C is installed in conference room C.

  The authentication server 200A is a general computer. Authentication server 200A, entrance / exit management devices 400, 400A to 400C, and MFPs 300A to 300C are connected to network 2 and can communicate with each other.

  The entrance / exit management devices 400, 400A, 400B, and 400C have the same hardware configuration and functions except for the areas where they are arranged. Here, the entrance / exit management device 400A will be described as an example.

  FIG. 16 is a block diagram illustrating an example of a configuration of an entry / exit management device according to the second embodiment. Referring to FIG. 16, an entrance / exit management device 400A includes a controller 401 that controls the entire entrance / exit management device 400A, an entrance-side authentication information acquisition device 411, an exit-side authentication information acquisition device 413, and a gate control device 115. And including.

  The controller 401 controls the entrance side authentication information acquisition device 411, the exit side authentication information acquisition device 413, and the gate control device 115, and is connected to the network 2 and communicates with the authentication server 200A.

  The entrance-side authentication information acquisition device 411 is disposed in the vicinity of the entrance / exit 611 of the conference room A outside the conference room A, which is an area where the entrance / exit management device 400A is disposed. The exit side authentication information acquisition device 413 is disposed in the vicinity of the entrance / exit 611 of the conference room A inside the conference room A, which is an area where the entrance / exit management device 100A is disposed. Each of the entrance-side authentication information acquisition device 411 and the exit-side authentication information acquisition device 413 includes a camera, captures the user's face with the camera, and outputs the captured image to the controller 401.

  The controller 401 analyzes an image input from either the entrance-side authentication information acquisition device 411 or the exit-side authentication information acquisition device 413, and detects a human face from the image. For example, when detecting the shape of eyes, nose and mouth included in a face from the image, the controller 401 detects a human face in the image. When the controller 401 detects a face from an image input from the entrance-side authentication information acquisition device 411, the controller 401 transmits a set of an entrance flag and an image input from the entrance-side authentication information acquisition device 411 to the authentication server 200A. When the controller 401 detects a face from the image input from the exit side authentication information acquisition device 413, the controller 401 transmits a set of the exit flag and the image input from the exit side authentication information acquisition device 413 to the authentication server 200A.

  The controller 401 receives the authentication result from the authentication server 200A in response to transmitting the set of the entrance flag and the image to the authentication server 200A. When the authentication result indicates that the authentication is successful, the controller 401 outputs an unlock instruction to the gate control device 115. However, if the authentication result indicates that the authentication is unsuccessful, the controller 401 does not output an unlock instruction to the gate control device 115. , Notify the user that authentication failed. For example, the notification may generate a sound, or a message may be displayed when a display device is provided.

  Further, the controller 401 transmits the combination of the exit flag and the image to the authentication server 200 in response to the combination of the exit flag and the image input from the exit side authentication information acquisition device 413, and the gate control device 115. The unlock instruction is output to.

  The gate control device 115 switches between locking and unlocking of the lock arranged at the door of the entrance / exit 611 of the conference room A. The gate control device 115 unlocks in response to an unlocking instruction input from the controller 401, and locks when the door is opened and then closed.

  When the controller 401 receives an authentication result indicating a successful authentication from the authentication server 200 </ b> A, the controller 401 analyzes an image input from the entrance-side authentication information acquisition device 411 and detects a gesture by the user. A gesture is a predetermined change in facial expression. For example, the gesture is an operation of blinking eyes by the user and an operation of opening and closing the mouth by the user. The controller 401 analyzes the image input from the entrance-side authentication information acquisition device 411 and counts the number of gestures. For example, the number of times of blinking eyes and the number of times of opening and closing the mouth are counted. Each time a gesture is detected, the user is notified that the gesture has been detected with a buzzer sound or the like, and when the next gesture is detected within a predetermined time from the notification, the second and subsequent gestures are detected. When a predetermined time has elapsed from the notification after detecting the gesture, the controller 401 ends the detection of the gesture and transmits the number of gestures detected so far to the authentication server 200.

  FIG. 17 is a block diagram illustrating an example of functions of a CPU included in the authentication server according to the second embodiment. The functions shown in FIG. 17 are formed in the CPU 201 when the CPU 201 included in the authentication server 200A according to the second embodiment executes an authentication program stored in the ROM 202, the HDD 204, or the CD-ROM 209. Referring to FIG. 17, CPU 201 provided in authentication server 200A includes first registration unit 251A, authentication information acquisition unit 253A, second registration unit 255A, authentication unit 257A, gate control unit 259, and authentication support unit. 261. Since gate control unit 259 and authentication support unit 261 are the same as gate control unit 259 and authentication support unit 261 in the first embodiment, description thereof will not be repeated here.

  Similarly to the first registration unit 251 in the first embodiment, the first registration unit 251A associates each of the entrance / exit management devices 400, 400A to 400C with the area in which it is arranged among the four areas.

  The first registration unit 251A registers users who are allowed to enter the area. For example, the user who operates the authentication server 200A registers whether or not the user can enter the area for each of a plurality of users. Here, one or more registered users are registered. Therefore, the first registration unit 251A registers whether or not each of the four areas can be entered for each registered user. Specifically, the first registration unit 251A stores a registered user table in the HDD 204. The registered user table includes a plurality of user records corresponding to a plurality of registered users. The user record associates user identification information for identifying the user, authentication information of the user, and whether or not each of the four areas can be entered. The first registration unit 251A stores, for each of a plurality of registered users, a user record that associates user identification information for identifying the registered user, authentication information, and whether or not each of the four areas can be entered in the HDD 204. Register registered users by adding them to the authentication table. The format of the user record is the same as the format shown in FIG. For example, the first registration unit 251A displays a registration screen on the display unit 206, and a user operating the authentication server 200A inputs user identification information and authentication information input to the operation unit 207 according to the registration screen. And generate a user record. Here, the authentication information is an image of the user's face.

  The authentication information acquisition unit 253A controls the entrance / exit management devices 400, 400A to 400C, and acquires authentication information from any of the entrance / exit management devices 400, 400A to 400C. Since the control of the entrance / exit management device 400, 400A to 400C by the authentication information acquisition unit 253A is the same, here, a case where authentication information is acquired from the entrance / exit management device 400A will be described as an example. When the entrance side authentication information acquisition device 411 captures the user's face, the entrance / exit management device 400A transmits a set of an entrance flag and an image obtained by capturing the user's face to the authentication server 200A to acquire exit side authentication information. When the device 413 images the user's face, the device 413 transmits a set of an exit flag and an image obtained by capturing the user's face to the authentication server 200A. When the communication unit 205 receives a set of an entrance flag or an exit flag and an image from the entrance / exit management device 400A, the authentication information acquisition unit 253A acquires an entrance flag or an exit flag and an image. The authentication information acquisition unit 253A specifies the device that has transmitted the set of the entrance flag or the exit flag and the image from the entrance / exit management devices 400, 400A to 400C, and specifies the entrance flag or the exit flag and the image. Authentication request information including the device identification information of the device is output to authentication unit 257A and second registration unit 255A.

  The authentication unit 257A authenticates the user specified by the image included in the authentication request information in response to the input of the authentication request information including the entrance flag from the authentication information acquisition unit 253A. Specifically, the authentication unit 257A analyzes the image included in the authentication request information, extracts the face included in the image, and the user of the extracted face is stored in the entrance / exit management devices 400, 400A to 400C. It is determined whether or not the user is registered as an authorized user who can enter the area where the device specified by the device identification information included in the authentication request information is located. Authentication unit 257A authenticates if the user is registered as an authorized user who can enter the area, but does not authenticate if the user is not registered as an authorized user who can enter the area.

  Specifically, authentication unit 257A includes a face that is the same as or similar to the face in the image included in the authentication request information in the user record included in the authentication table stored in HDD 204 by first registration unit 251A. User records whose images are set in the authentication information field are extracted. When extracting the user record, the authentication unit 257A acquires the admission permission set for the area specified by the device identification information included in the authentication request information in the extracted user record. Here, a case where the device identification information included in the authentication request information is the device identification information of the entry / exit management device 100A will be described as an example. The authentication unit 257A refers to the area table stored in the HDD 204 and obtains the area identification information of the conference room A, which is the area associated with the entrance / exit management device 100A specified by the device identification information included in the authentication request information. get. And authentication part 257A acquires the admission permission set to the item of area 2 corresponding to meeting room A among four items contained in the admission permission item of a user record. The authentication unit 257A is registered as an authorized user who is permitted to enter the conference room A when “permitted” is set in the item of the area 2 corresponding to the conference room A of the user record. However, if “impossible” is set, it is determined that the user is not registered as an authorized user permitted to enter the conference room A, and authentication is not performed.

  The gate control unit 259 controls the communication unit 205 in response to the combination of the device identification information and the authentication result input from the authentication unit 257A, and displays the authentication result input from the authentication unit 257A as the authentication unit 257A. Is transmitted to the room entrance / exit management device 400A specified by the device identification information input from.

  Hereinafter, the authentication request information when the authentication unit 257A determines that the authentication request information is input from the authentication information acquisition unit 253A and is registered as an authorized user in accordance with the authentication request information. That's it.

  After authenticating the first user as an authorized user based on the first authentication request information, the authentication unit 257A determines the number of gestures from the entrance / exit management device 400A specified by the device identification information included in the first authentication request information. May be received. When receiving the number of gestures from the entrance / exit management device 400A, the authentication unit 257A determines the number of gestures as the number of registrations. When determining the registration number, the authentication unit 257A outputs the same number of registration instructions as the registration number to the second registration unit 255A.

  The second registration unit 255A receives authentication request information from the authentication information acquisition unit 253A, and receives a registration instruction from the authentication unit 257A. Hereinafter, the authentication request information input from the authentication information acquisition unit 253A to the second registration unit 255A, input after the first authentication request information, and included in the image included in the first authentication request information Authentication request information including an image of a face different from that is referred to as second authentication request information. The second registration unit 255A registers the second user as a temporarily authorized user based on the second authentication request information input from the authentication information acquisition unit 253A. When the second registration unit 255A registers the second user as a temporary authorized user, the second registration unit 255A outputs a registration completion signal indicating registration to the authentication unit 257A.

  The authentication unit 257A receives an image obtained by capturing the face of the second user registered as a temporary authorized user by the second registration unit 255A from the authentication information acquisition unit 253A after the registration completion signal is input from the second registration unit 255A. When authentication request information including an entrance flag is input, the user data in which an image that is the same as or similar to the face portion included in the image included in the authentication request information is set in the authentication information item is used for the second. Authenticate users. If the authentication unit 257A succeeds in authentication, and the number of registration instructions output to the second registration unit 255A is less than the registration number, the authentication unit 257A outputs a registration instruction to the second registration unit 255A. As a result, the same number of second users as the registered number are registered as temporarily authorized users.

  The second registration unit 255A extracts the face portion from the image included in the second authentication request information, and identifies the second user specified by the extracted image as the device identification included in the second authentication request information. The user is registered as a temporary authorized user who can enter the area where the entrance / exit management device 100A specified by the information is arranged. Specifically, the second registration unit 255A sets the face portion extracted from the image included in the second authentication request information as an item of authentication information, and device identification information included in the second authentication request information. The user record in which the date of the day is set as information indicating that entry is temporarily permitted in the entry permission / prohibition item corresponding to the area specified by the user ID is generated, and the user record is stored in the HDD 204. Add to table. When the second registration unit 255A includes a user record in which an image that is the same as or similar to the face extracted from the image included in the second authentication request information is set in the authentication information item in the authentication table, If “impossible” is set in the entry permission / prohibition item corresponding to the area specified by the device identification information included in the second authentication request information in the user record without adding the user record, “ Instead of “impossible”, the date of the day is set.

  “Permitted” indicating that entry is permitted by the first registration unit 251A to each of the four items of area 1 to area 4 included in the item of whether or not the user record is permitted to enter, and “not permitted” where entry is not permitted. Is set to one of the following. Furthermore, the year, month, and day indicating the date on which entry is temporarily permitted by the second registration unit 255A are set in each of the items in area 4 to area 4 included in the entry record of the user record. . Therefore, the user record in which the date is set in any of the four area 1 items to the area 4 items included in the user record entry availability item is the user identification information set in the user item. Unlike the authorized user registered by the first registration unit 251A for the area corresponding to the item for which the date is set among the items in the four areas 1 to the items in the area 4, 2 Indicates that the user is a temporary authorized user registered by the registration unit 255A. In other words, the second registration unit 255 </ b> A includes the items in the four areas 1 to 4 included in the entry permission / prohibition item of the user record in order to distinguish from the authorized user registered by the user who manages the authentication server 200 </ b> A. Of the items, the date corresponding to the area associated with the device identification information included in the second authentication request information is set to the date, not “permitted” or “impossible”.

  In addition, the second registration unit 255A stores a table in which the user identification information and the face image are associated with each other in advance in the HDD 204, and sets the user identification information associated with the face image in the user item of the user record. To do. In the user record of the second user generated by the second registration unit 255A, the user item may be blank. This is because the user can be specified only from the face image set in the authentication information item.

  Also, the second registration unit 255A generates a registration history record and stores it in the HDD 204 when registering the second user as a temporary authorized user. The format of the registration history record is the same as the format shown in FIG. 9, and is included in the user item and second authentication request information in which the user identification information of the second user registered as a temporary authorized user is set. It includes an area item in which area identification information of the area specified by the device identification information is set, and a registration date item in which the date of generation of the registration history record is set.

  The authentication unit 257A includes an authentication request information including an image obtained by capturing the face of the second user from the authentication information acquisition unit 253A and an entrance flag after the second user is registered as a temporary authorized user by the second registration unit 255A. Is input, the second user is authenticated using the user data in which the image that is the same as or similar to the face portion included in the image included in the authentication request information is set in the authentication information item. The authentication unit 257A is specified by area identification information associated with the device identification information included in the authentication request information among the four items of area 1 to area 4 included in the entry permission / prohibition item of the user record used for authentication. If a date is set in the item corresponding to the area and the set date is the date of the day, the second user is included in the device identification information included in the authentication request information. It is determined that the user is permitted temporarily to enter the area specified by the associated area identification information, and is authenticated. In addition, although the time limit for authenticating as a user registered as a temporary authorized user is the date registered by the second registration unit 255A, authentication may be performed from the date of registration to a predetermined period.

  On the other hand, the authentication unit 257A is area identification information associated with the device identification information included in the authentication request information among the items in the four areas 1 to 4 included in the entry permission / prohibition item of the user record used for authentication. If the date corresponding to the specified area is not set, or if the date is set but different from the date, the device identification information included in the authentication request information It is determined that the user is not registered as a temporary authorized user permitted to enter the area specified by the area identification information associated with, and is not authenticated.

  When authenticating the second user registered as a temporary authorized user, the authenticating unit 257A generates an entry / exit history record indicating that the second user has entered the area, and stores the entry / exit record in the HDD 204. The format of the entry / exit history record is the same as the format shown in FIG. Authentication unit 257A sets an entrance flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and an area corresponding to the device identification information included in the authentication request information in the area item An entry / exit history record is generated in which identification information is set and the current date / time is set in the entry / exit date / time item.

  Further, the authentication unit 257A receives the authentication request information including the exit flag from the authentication information acquisition unit 253A and the image of the second user's face registered as the temporary authorized user by the second registration unit 255A. 2 users are identified, and it is determined that the identified second user has left the area. When determining that the second user has left the authentication unit 257A, the authentication unit 257A generates an entry / exit history record indicating that the second user has left the area, and stores the entry / exit history record in the HDD 204. The authentication unit 257A sets the exit flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and sets the authentication request information input from the authentication information acquisition unit 253 in the area item. The area identification information corresponding to the included apparatus identification information is set, and an entry / exit history record is generated in which the current date / time is set in the entry / exit date / time item.

  During the first period, the first registration unit 251A registers, as an authorized user, a second user whose number of times registered as a temporary authorized user by the second registration unit 255A is a predetermined number or more. However, the first registration unit 251A has a stay time from the time when the second user registered as a temporary authorized user by the second registration unit 255A enters the area until the user leaves the area is less than or equal to the second time. Does not count as the number of times registered as a temporary authorized user by the second registration unit 255A.

  The first registering unit 251A has the same function as the first registering unit 251 in the first embodiment for registering the second user registered as a temporary permitted user by the second registration unit 255A as an authorized user. is there. Further, the function of the authentication support unit 261 is the same as the function of the authentication support unit 261 in the first embodiment. Therefore, description is not repeated here.

  The authentication information acquisition device 317 included in each of the MFPs 300A, 300B, and 300C according to the second embodiment includes a camera, captures the user's face with the camera, and outputs the captured image to the CPU 311. The CPU 311 included in each of the MFPs 300A, 300B, and 300C has the same function as that shown in FIG. The device-side authentication information acquisition unit 51 controls the authentication information acquisition device 317, and the authentication information acquisition device 317 acquires an image output by imaging the user's face as authentication information. The device-side authentication unit 53 In response to the input of the image from the side authentication information acquisition unit 51, the user specified by the face portion in the image is authenticated. MFPs 300 </ b> A, 300 </ b> B, and 300 </ b> C authenticate the user if the same face image as the face included in the image input from apparatus-side authentication information acquisition unit 51 is stored in HDD 315. If the face image that is the same as or similar to the face included in the image input from the device-side authentication information acquisition unit 51 is not stored in the HDD 315, the device-side authentication unit 53 inputs from the device-side authentication information acquisition unit 51. It is determined whether or not a face image that is the same as or similar to the face in the image being received is received from the authentication server 200A by the authentication information receiving unit 57. The device-side authentication unit 53 authenticates the user if the card identification information input from the device-side authentication information acquisition unit 51 is received from the authentication server 200A by the authentication information receiving unit 57, but does not authenticate otherwise. .

  Therefore, for example, even if a user who is not registered in MFP 300A as a device user permitted to use MFP 300A is registered as a temporary authorized user by authentication server 200A when entering conference room A, MFP 300A Can be used.

  FIG. 18 is a flowchart illustrating an example of the flow of entrance / exit management processing according to the second embodiment. The entrance / exit management process in the second embodiment is different from the entrance / exit management process in the first embodiment shown in FIG. 13 in that step S01 is changed to step S01A, step S09 to step S11. Is the point changed from step S21 to step S23. Other processing is the same as the processing shown in FIG. 13, and therefore description thereof will not be repeated here.

  Referring to FIG. 18, CPU 201 provided in authentication server 200 </ b> A in the second embodiment determines whether a face image is received. It is determined whether the communication unit 205 has received a face image obtained by capturing the user's face from any of the entrance / exit management devices 100, 100A to 100C. Here, a case where a face image is received from the entry / exit management device 100A will be described as an example.

  In step S21, the communication unit 205 determines whether or not the number of gestures has been received from the area permitted to enter in step S05, here the entrance / exit management device 100A disposed in the conference room A. If the number of gestures is received from entry / exit management device 100A, the process proceeds to step S22; otherwise, the process returns to step S01A. In step S22, the number of registered users is determined as the number of gestures received, and the predetermined process proceeds to step S23.

  In step S23, the communication unit 205 determines whether or not a face image has been received from the area permitted to enter in step S05, here, the entrance / exit management device 100A disposed in the conference room A. The process waits until a face image is received. If a face image is received, the process proceeds to step S12.

  In step S12, the user specified by the face image received in step S23 is registered as a temporarily permitted user. Specifically, the face image received in step S23 is set as an item of authentication information, and the area specified in step S02 among the items of area 1 to area 4 included in the entry permission / prohibition item is set. A user record in which the date of the day is set as information indicating that entry is temporarily permitted is generated in the corresponding item, and the user record is added to the authentication table stored in the HDD 204. The area specified in step S02 is the conference room A here. Further, when the user record in which the face image received in step S23 is set in the authentication information item exists in the authentication table stored in the HDD 204, the four areas 1 included in the entry permission / prohibition item of the record are stored. If the item corresponding to the area specified in step S02 among the items of items to area 4 is set to “impossible”, the date of the day as information indicating that entry is temporarily permitted If the date is set, the date is set for that day. Note that if “permitted” is set in the item corresponding to the area specified in step S02, the user is an authorized user, and the process proceeds to step S13 without changing the item.

  As described above, the entrance / exit management system 1A according to the second embodiment differs from the entrance / exit management system 1 according to the first embodiment in that face authentication is adopted as an authentication method. The entrance / exit management system 1A in the first embodiment has the following effects in addition to the effects of the entrance / exit management system 1 in the first embodiment.

  In the entrance / exit management system 1 according to the third embodiment, when the authentication server 200A detects a predetermined gesture by the first user after authenticating the first user, the authentication server 200A is further referred to as the first user thereafter. When the second user is identified from an image obtained by capturing another second user's face, the second user is registered as a temporary authorized user. For this reason, a user who is not registered as an authorized user can be registered as a temporary authorized user on the condition that the user is registered as an authorized user. The gesture is, for example, a wink operation for opening and closing the mouth.

  In addition, the authentication server 200A in the second embodiment registers as many second users as temporary authorized users as the number of gestures by the first user registered as authorized users. For this reason, a user registered as an authorized user can designate the number of users who are not registered as an authorized user by the number of gestures.

<Third Embodiment>
The entrance / exit management system 1B according to the third embodiment authenticates a user by performing human body communication with a portable device carried by the user, and manages users entering / exiting a plurality of areas. Hereinafter, in the entrance / exit management system 1B according to the third embodiment, the same members as those in the entrance / exit management system 1 according to the first embodiment are denoted by the same reference numerals, and different points will be mainly described. The entrance / exit management system 1B according to the third embodiment manages user entry / exit in the building 600 shown in the floor plan shown in FIG.

  FIG. 19 is a diagram illustrating an example of an overall outline of an entrance / exit management system according to one of the third embodiments. Referring to FIG. 19, an entrance / exit management system 1B according to the third embodiment includes an authentication server 200B, entrance / exit management devices 500, 500A to 500C, and MFPs 300A to 300C.

  The entrance / exit management device 500 is installed at the entrance / exit 601 of the building 600 and detects a user who enters / exits the entire area of the building 600 through the entrance / exit 601 of the building 600. The entrance / exit management device 500A is installed at the entrance / exit 611 of the conference room A, and detects a user who enters / exits the area of the conference room A through the entrance / exit 611 of the conference room A. The entrance / exit management device 500B is installed at the entrance / exit 621 of the conference room B, and detects a user who enters / exits the area of the conference room B through the entrance / exit 621 of the conference room B. The entrance / exit management device 500C is installed at the entrance / exit 631 of the conference room C, and detects a user who enters / exits the area of the conference room C through the entrance / exit 631 of the conference room C. MFP 300A is installed in conference room A, MFP B is installed in conference room B, and MFP 300C is installed in conference room C.

  The authentication server 200B is a general computer. Authentication server 200B, entry / exit management devices 500, 500A to 500C, and MFPs 300A to 300C are connected to network 2 and can communicate with each other.

  The entrance / exit management devices 500, 500A, 500B, and 500C have the same hardware configuration and functions except for the areas where they are arranged. Here, the entrance / exit management device 500A will be described as an example.

  FIG. 20 is a block diagram illustrating an example of a configuration of an entry / exit management device according to the third embodiment. Referring to FIG. 20, an entrance / exit management device 500A includes a controller 501, an authentication information acquisition device 511, an entrance side antenna 513, an exit side antenna 515, and a gate control device that control the entire entrance / exit management device 500A. 115.

  The controller 501 controls the authentication information acquisition device 511 and the gate control device 115, is connected to the network 2, and communicates with the authentication server 200B.

  The entrance-side antenna 513 is disposed near the entrance / exit 611 of the conference room A outside the conference room A, which is an area where the entrance / exit management device 500A is disposed. The exit-side antenna 515 is disposed in the vicinity of the entrance / exit 611 of the conference room A inside the conference room A, which is an area where the entrance / exit management device 100A is disposed.

  FIG. 21 is a diagram illustrating an example of a position where the entrance antenna and the exit antenna are arranged. Referring to FIG. 21, the entrance-side antenna 513 is disposed on the outside floor surface of the conference room A and next to the entrance / exit 611 of the conference room A. The exit-side antenna 515 is a floor surface inside the conference room A and is disposed beside the entrance / exit 611 of the conference room A.

  Returning to FIG. 20, the authentication information acquisition device 511 is connected to the entrance-side antenna 513 or the exit-side antenna 515, and there is a user who carries the mobile device on the entrance-side antenna 513 or the exit-side antenna 515. Communicates with the portable device using the entrance side antenna 513 or the exit side antenna 515 and the user's human body as a communication medium. The technique for human body communication is a well-known technique, and there are two transmission methods, a current method and an electric field method. Here, a case where the electric field method is used will be described as an example.

  The authentication information acquisition device 511 communicates with a mobile device carried by the user and receives authentication information stored in the mobile device. The authentication information stored in the portable device is related information associated with the user, and may be information that can identify the user. Here, a case where authentication information is terminal identification information for identifying a mobile terminal will be described as an example.

  The authentication information acquisition device 511 outputs a set of an entrance flag and terminal identification information to the controller 501 in response to receiving terminal identification information from the portable device via the entrance-side antenna 513. In response to receiving terminal identification information from the portable device via the exit antenna 515, the authentication information acquisition device 511 outputs a set of an exit flag and terminal identification information to the controller 501.

  The controller 501 transmits the combination of the entrance flag and the terminal identification information to the authentication server 200B in response to the combination of the entrance flag and the terminal identification information being input from the authentication information acquisition device 511. The controller 501 receives the authentication result from the authentication server 200B in response to transmitting the set of the entrance flag and the terminal identification information to the authentication server 200B. The controller 501 outputs an unlocking instruction to the gate control device 115 when the authentication result received from the authentication server 200B indicates authentication success, but when the authentication result indicates authentication failure, the controller 501 opens the gate control device 115. Notify the user that authentication failed without outputting the lock instruction. For example, the notification may generate a sound, or a message may be displayed when a display device is provided.

  Further, the controller 501 transmits a combination of the exit flag and the terminal identification information to the authentication server 200B in response to the combination of the exit flag and the terminal identification information input from the authentication information acquisition device 511, and gate control. An unlocking instruction is output to the device 115.

  The gate control device 115 switches between locking and unlocking of the lock arranged at the door of the entrance / exit 611 of the conference room A. The gate control device 115 unlocks in response to an unlocking instruction input from the controller 101, and locks when the door is opened and then closed. The gate control device 115 unlocks in response to an unlocking instruction input from the controller 101, and locks when the door is opened and then closed.

  When the controller 501 transmits the set of the entrance flag and the terminal identification information to the authentication server 200B and then is authenticated by the authentication server 200B, the door is unlocked by the gate control device 115. Can enter. In this case, since the user walks on the exit-side antenna 515, the authentication information acquisition device 511 receives the terminal identification information from the portable device via the exit-side antenna 515, and sends the exit flag and the terminal identification information to the controller 501. And a pair. In this case, the controller 501 does not transmit the combination of the exit flag and the terminal identification information to the authentication server 200B even if the combination of the exit flag and the terminal identification information is input from the authentication information acquisition device 511. Similarly, when the controller 501 transmits a set of an exit flag and terminal identification information to the authentication server 200B, the gate can be unlocked by the gate control device 115, so that the user can exit the conference room A. In this case, since the user walks on the entrance-side antenna 513, the authentication information acquisition device 511 receives the terminal identification information from the portable device via the entrance-side antenna 513, and enters the controller 501 with the entrance flag and the terminal identification information. And a pair. In this case, the controller 501 does not transmit the combination of the entrance flag and the terminal identification information to the authentication server 200B even if the combination of the entrance flag and the terminal identification information is input from the authentication information acquisition device 511.

  Further, when the controller 501 receives the authentication result indicating the authentication success from the authentication server 200B after transmitting the combination of the entrance flag and the terminal identification information to the authentication server 200B, the controller 501 issues a signal detection instruction to the authentication information acquisition apparatus 511. Output. After the signal detection instruction is input, the authentication information acquisition apparatus 511 outputs the intensity of the signal received by the entrance-side antenna 513 from the portable apparatus to the controller 501. Here, since the authentication information acquisition device 511 communicates with the portable device via the entrance-side antenna 513 in an electric field mode, the authentication information acquisition device 511 outputs the strength of the electric field detected by the entrance-side antenna 513.

  The controller 501 counts the number of times that the user authenticated as the authorized user steps on the spot based on the temporal change in the electric field strength input from the authentication information acquisition device 511. When the user steps on the entrance antenna 513, the intensity of the electric field detected by the entrance antenna 513 changes. The controller 401 detects an operation by the user based on a change in electric field strength input from the authentication information acquisition apparatus 511. The user's action detects, for example, a stepping action. For example, the controller 501 detects an event in which the intensity of the electric field is equal to or higher than the upper threshold TU and an event that is equal to or lower than the lower threshold TD. When an event that is less than or equal to the threshold value TD is detected, one stepping action is detected. The controller 501 counts the number of stepping actions by the user. For example, every time when the controller 501 detects one stepping action, the controller 501 notifies the user that the stepping action has been detected with a buzzer sound, etc., and detects the next stepping action within a predetermined time from the notification. The stepping action after the second time is detected. When a predetermined time has elapsed from the notification after the detection of the stepping action, the controller 501 ends the detection of the stepping action and transmits the number of the stepping actions detected so far to the authentication server 200B. The controller 401 detects the user's stepping action, but it may be any user action that can be detected based on the change in the strength of the electric field input from the authentication information acquisition apparatus 511. For example, an operation of jumping on the entrance side antenna 513 and an operation of entering and exiting the entrance side antenna 513 may be used.

  FIG. 22 is a block diagram illustrating an example of functions of a CPU included in the authentication server according to the third embodiment. The functions shown in FIG. 22 are formed in the CPU 201 when the CPU 201 included in the authentication server 200B according to the third embodiment executes an authentication program stored in the ROM 202, the HDD 204, or the CD-ROM 209. Referring to FIG. 22, CPU 201 provided in authentication server 200B includes first registration unit 251B, authentication information acquisition unit 253B, second registration unit 255B, authentication unit 257B, gate control unit 259, and authentication support unit. 261. Since gate control unit 259 and authentication support unit 261 are the same as gate control unit 259 and authentication support unit 261 in the first embodiment, description thereof will not be repeated here.

  The first registration unit 251B associates each of the entrance / exit management devices 500, 500A to 400C with the area in which the four entrance areas are arranged. Here, there are four areas: a conference room A, a conference room B, a conference room C, and a floor on which they are gathered. Specifically, the area table is stored in the HDD 204. The area table includes an area record including area identification information for identifying an area and device identification information of a device arranged in that area among the entry / exit management devices 500 and 500A to 500C. The format of the area record is the same as the format shown in FIG.

  The first registration unit 251B registers users who are allowed to enter the area. For example, the user who operates the authentication server 200B registers whether or not the user can enter the area for each of a plurality of users. Here, one or more registered users are registered. Therefore, the first registration unit 251B registers whether or not each of the four areas can be entered for each registered user. Specifically, the first registration unit 251B stores a registered user table in the HDD 204. The registered user table includes a plurality of user records corresponding to a plurality of registered users. The user record associates user identification information for identifying the user, authentication information of the user, and whether or not each of the four areas can be entered. The first registration unit 251A stores, for each of a plurality of registered users, a user record that associates user identification information for identifying the registered user, authentication information, and whether or not each of the four areas can be entered in the HDD 204. Register registered users by adding them to the authentication table. The format of the user record is the same as the format shown in FIG. For example, the first registration unit 251B displays a registration screen on the display unit 206, and the user identification information and authentication information that the user who operates the authentication server 200B inputs to the operation unit 207 according to the registration screen can enter each of the four areas. And generate a user record. Here, the authentication information is terminal identification information stored in the portable device assigned to the user.

  The authentication information acquisition unit 253B controls the entry / exit management devices 500, 500A to 500C, and acquires terminal identification information from any of the entry / exit management devices 500, 500A to 500C. Since the control of the entrance / exit management devices 500, 500A to 500C by the authentication information acquisition unit 253B is the same, here, a case where terminal identification information is acquired from the entrance / exit management device 500A will be described as an example. When the authentication information acquisition device 511 receives the terminal identification information from the portable device carried by the user via the entrance side antenna 513, the entrance / exit management device 500A authenticates the set of the entrance flag and the received terminal identification information. When the terminal identification information is received from the portable device carried by the user via the exit-side antenna 515 and transmitted to the server 200B, a set of the exit flag and the received terminal identification information is transmitted to the authentication server 200B. When the communication unit 205 receives a set of the entrance flag or the exit flag and the terminal identification information from the entrance / exit management device 500A, the authentication information acquisition unit 253B acquires the entrance flag or the exit flag and the terminal identification information. The authentication information acquisition unit 253B identifies the device that has transmitted the set of the entrance flag or the exit flag and the terminal identification information from among the entrance / exit management devices 500 and 500A to 500C, and enters the entrance flag or the exit flag and the terminal identification information. And authentication request information including the device identification information of the identified device is output to the authentication unit 257B and the second registration unit 255B.

  The authentication unit 257B authenticates the user specified by the terminal identification information included in the authentication request information in response to the input of the authentication request information including the entrance flag from the authentication information acquisition unit 253B. Specifically, in the authentication unit 257B, the user specified by the terminal identification information included in the authentication request information is specified by the device identification information included in the authentication request information among the entrance / exit management devices 500 and 500A to 500C. It is determined whether or not the user is registered as an authorized user who can enter the area where the device is located. The authentication unit 257B authenticates if the user is registered as an authorized user who can enter the area, but does not authenticate if the user is not registered as an authorized user who can enter the area.

  Specifically, the authentication unit 257B includes, in the user record included in the authentication table stored in the HDD 204 by the first registration unit 251B, the same terminal identification information as the terminal identification information included in the authentication request information. Extract the user record set in the field. When extracting the user record, the authentication unit 257B acquires the admission permission set for the area specified by the device identification information included in the authentication request information in the extracted user record. Here, a case where the device identification information included in the authentication request information is the device identification information of the entry / exit management device 100A will be described as an example. The authentication unit 257B refers to the area table stored in the HDD 204 and obtains the area identification information of the conference room A that is an area associated with the entrance / exit management device 100A specified by the device identification information included in the authentication request information. get. And the authentication part 257B acquires the admission permission set to the item of the area 2 corresponding to the conference room A among the four items contained in the item of admission permission of a user record. The authentication unit 257B is registered as an authorized user who is permitted to enter the conference room A when “permitted” is set in the item of the area 2 corresponding to the conference room B of the user record. However, if “impossible” is set, it is determined that the user is not registered as an authorized user permitted to enter the conference room A, and authentication is not performed.

  The gate control unit 259 controls the communication unit 205 in response to the combination of the device identification information and the authentication result input from the authentication unit 257B, and the authentication result input from the authentication unit 257B is the authentication unit 257B. Is sent to the room entry / exit management device 500A specified by the device identification information input from.

  Hereinafter, the authentication request information when the authentication unit 257B determines that it is authentication request information input from the authentication information acquisition unit 253B and is registered as an authorized user according to the authentication request information is the first authentication request information. That's it.

  After authenticating the first user as an authorized user based on the first authentication request information, the authentication unit 257B counts the number of steps taken from the entrance / exit management device 500A specified by the device identification information included in the first authentication request information. May be received. When the authentication unit 257B receives the number of steps from the entry / exit management device 500A, the authentication unit 257B determines the number of steps as the registered number. When the number of registrations is determined, the authentication unit 257B outputs the same number of registration instructions as the number of registrations to the second registration unit 255B.

  The second registration unit 255B receives authentication request information from the authentication information acquisition unit 253B and receives a registration instruction from the authentication unit 257B. Hereinafter, authentication request information input from the authentication information acquisition unit 253B to the second registration unit 255B, which is input after the first authentication request information and is different from the terminal identification information included in the first authentication request information. Authentication request information including terminal identification information is referred to as second authentication request information. The second registration unit 255B registers the second user as a temporary authorized user based on the second authentication request information input from the authentication information acquisition unit 253B. When the second registration unit 255B registers the second user as a temporary authorized user, the second registration unit 255B outputs a registration completion signal indicating registration to the authentication unit 257B.

  After the registration completion signal is input from the second registration unit 255A, the authentication unit 257B receives the terminal identification information and the entrance flag of the second user registered as a temporary authorized user by the second registration unit 255B from the authentication information acquisition unit 253B. When the authentication request information including the authentication request information is input, the second user is authenticated using the user data in which the same terminal identification information as the terminal identification information included in the authentication request information is set in the authentication information item. When the authentication is successful, if the number of registration instructions output to the second registration unit 255B is less than the number of registrations, the authentication unit 257B outputs a registration instruction to the second registration unit 255B. As a result, the same number of second users as the registered number are registered as temporarily authorized users.

  The second registration unit 255B identifies the second user specified by the terminal identification information included in the second authentication request information, and the entrance / exit management device 100 specified by the device identification information included in the second authentication request information. Register as a temporary authorized user who can enter the area where is located. Specifically, the second registration unit 255B sets the terminal identification information included in the second authentication request information in the authentication information item, and is an area specified by the device identification information included in the second authentication request information. A user record in which the date of the day is set as information indicating that entry is temporarily permitted is generated in the admission permission / inhibition item corresponding to, and the user record is added to the authentication table stored in the HDD 204. The second registration unit 255B adds a user record to the authentication table when there is a user record in which the same authentication information as the terminal identification information included in the second authentication request information is set in the authentication information item. In the user record, if “impossible” is set in the entry permission / prohibition item corresponding to the area specified by the device identification information included in the second authentication request information, “impossible” is substituted. Set the date of the day.

  “Permitted” indicating that entry is permitted by the first registration unit 251B for each of the four items in area 1 to area 4 included in the item of admission permission / inhibition of the user record, and “impossibility” in which entry is not permitted. Is set to one of the following. Furthermore, the year, month, and day indicating the date on which entry is temporarily permitted by the second registration unit 255B are set in each of the items in area 4 to area 4 included in the entry record of the user record. . Therefore, the user record in which the date is set in any of the four area 1 items to the area 4 items included in the user record entry availability item is the user identification information set in the user item. Unlike the permitted user who is registered by the first registration unit 251B for the area corresponding to the item in which the date is set among the items in the four areas 1 to the items in the area 4, 2 Indicates that the user is a temporarily authorized user registered by the registration unit 255B. In other words, the second registration unit 255B includes the four areas 1 to 4 included in the entry field of the user record in order to distinguish the authorized user registered by the user who manages the authentication server 200B. Of the items, the date corresponding to the area associated with the device identification information included in the second authentication request information is set to the date, not “permitted” or “impossible”.

  Further, the second registration unit 255B stores a table in which the user identification information and the terminal identification information are associated with each other in advance in the HDD 204, and sets the user identification information associated with the terminal identification information in the user item of the user record. To do. In the user record of the second user generated by the second registration unit 255B, the user item may be blank. This is because the user can be specified only from the terminal identification information set in the authentication information item.

  Further, the second registration unit 255B generates a registration history record and stores it in the HDD 204 when registering the second user as a temporary authorized user. The format of the registration history record is the same as the format shown in FIG. 9, and is included in the user item and second authentication request information in which the user identification information of the second user registered as a temporary authorized user is set. It includes an area item in which area identification information of the area specified by the device identification information is set, and a registration date item in which the date of generation of the registration history record is set.

  After the second user is registered as a temporary authorized user by the second registration unit 255B, the authentication unit 257B receives authentication request information including the terminal identification information of the second user and an entrance flag from the authentication information acquisition unit 253B. In this case, the second user is authenticated using user data in which the same terminal identification information as the terminal identification information included in the authentication request information is set in the authentication information item. The authentication unit 257B is specified by area identification information associated with the device identification information included in the authentication request information among the four area 1 items to the area 4 items included in the entry permission / prohibition item of the user record used for authentication. If a date is set in the item corresponding to the area and the set date is the date of the day, the second user is included in the device identification information included in the authentication request information. It is determined that the user is permitted temporarily to enter the area specified by the associated area identification information, and is authenticated. In addition, although the time limit for authenticating as a user registered as a temporary authorized user is the date registered by the second registration unit 255B, authentication may be performed from the date of registration to a predetermined period.

  On the other hand, the authentication unit 257B is area identification information associated with the device identification information included in the authentication request information among the items of the area 1 to the area 4 included in the entry permission / prohibition item of the user record used for authentication. If the date corresponding to the specified area is not set, or if the date is set but different from the date, the device identification information included in the authentication request information It is determined that the user is not registered as a temporary authorized user who is permitted to enter the area specified by the area identification information associated with.

  When authenticating the second user registered as a temporary authorized user, the authentication unit 257B generates an entry / exit history record indicating that the second user has entered the area, and stores the entry / exit record in the HDD 204. The format of the entry / exit history record is the same as the format shown in FIG. The authentication unit 257B sets an entry flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and an area corresponding to the device identification information included in the authentication request information in the area item An entry / exit history record is generated in which identification information is set and the current date / time is set in the entry / exit date / time item.

  Further, the authentication unit 257B receives the authentication request information including the exit flag from the authentication information acquisition unit 253B and the terminal identification information of the second user registered as the temporary authorized user by the second registration unit 255B. 2 users are identified, and it is determined that the identified second user has left the area. If the authentication unit 257B determines that the second user has exited, the authentication unit 257B generates an entrance / exit history record indicating that the second user has exited the area, and stores the entry / exit history record in the HDD 204. The authentication unit 257B sets the exit flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and sets the authentication request information input from the authentication information acquisition unit 253 in the area item. The area identification information corresponding to the included apparatus identification information is set, and an entry / exit history record is generated in which the current date / time is set in the entry / exit date / time item.

  During the first period, the first registration unit 251B registers, as an authorized user, a second user whose number of times registered as a temporary authorized user by the second registration unit 255B is a predetermined number or more. However, the first registration unit 251 </ b> B has a case where the second user who is registered as a temporary authorized user by the second registration unit 255 </ b> B enters the area and leaves the area for a stay time equal to or shorter than the second time. Does not count as the number of times registered as a temporary authorized user by the second registration unit 255B.

  The first registration unit 251B has the same function as the first registration unit 251 in the first embodiment for registering the second user registered as the temporary authorized user by the second registration unit 255B as the authorized user. is there. Further, the function of the authentication support unit 261 is the same as the function of the authentication support unit 261 in the first embodiment. Therefore, description is not repeated here.

  Note that the authentication information acquisition device 317 included in each of the MFPs 300A, 300B, and 300C in the third embodiment includes the same antenna as the entrance-side antenna 513 or the exit-side antenna 515, and has the same function as the authentication information acquisition device 511. The terminal identification information is received from the portable device through human body communication with the portable device carried by the user via the antenna, and the received terminal identification information is output to the CPU 311. The CPU 311 included in each of the MFPs 300A, 300B, and 300C has the same function as that shown in FIG. The device-side authentication information acquisition unit 51 controls the authentication information acquisition device 317, the authentication information acquisition device 317 acquires the terminal identification information received from the portable device carried by the user as authentication information, and the device-side authentication unit 53 The user is authenticated using the terminal identification information input from the device-side authentication information acquisition unit 51. MFPs 300 </ b> A, 300 </ b> B, and 300 </ b> C each authenticate a user if the same terminal identification information as the terminal identification information input from apparatus-side authentication information acquisition unit 51 is stored in HDD 315. If the same terminal identification information as the terminal identification information input from the device side authentication information acquisition unit 51 is not stored in the HDD 315, the device side authentication unit 53 and the terminal identification information input from the device side authentication information acquisition unit 51 It is determined whether or not the same terminal identification information is received from the authentication server 200B by the authentication information receiving unit 57. The device-side authentication unit 53 authenticates the user if the terminal identification information input from the device-side authentication information acquisition unit 51 is received from the authentication server 200B by the authentication information receiving unit 57, but does not authenticate otherwise. .

  Therefore, for example, even if a user who is not registered in MFP 300A as a device user permitted to use MFP 300A is registered as a temporary authorized user by authentication server 200B when entering conference room A, MFP 300A Can be used.

  FIG. 23 is a flowchart illustrating an example of the flow of entrance / exit management processing according to the third embodiment. The entrance / exit management process in the third embodiment is different from the entrance / exit management process in the first embodiment shown in FIG. 13 in that step S01A, step S21 to step S23 are step S01B, step S21B- This is a point changed to step S23B.

  In step S01B, it is determined whether terminal identification information has been received. The communication unit 205 determines whether or not the terminal identification information stored in the portable device carried by the user is received from any of the entry / exit management devices 100 and 100A to 100C. Here, a case where terminal identification information is received from the entry / exit management device 100A will be described as an example.

  In step S21B, the communication unit 205 determines whether or not the number of steps has been received from the area permitted entry in step S05, here, the entrance / exit management device 100A arranged in the conference room A. If the number of steps is received from entry / exit management device 100A, the process proceeds to step S22B. If not, the process returns to step S01B. In step S22B, the number of registered users is determined as the number of steps received, and the predetermined process proceeds to step S23B.

  In step S23B, communication unit 205 determines whether or not terminal identification information has been received from the area permitted entry in step S05, in this case, entry / exit management device 100A arranged in conference room A. The process waits until the terminal identification information is received. If the terminal identification information is received, the process proceeds to step S12.

  In step S12, the user specified by the terminal identification information received in step S23B is registered as a temporary authorized user. Specifically, the terminal identification information received in step S23B is set in the item of authentication information, and the area specified in step S02 among the items in area 4 to area 4 included in the entry permission / inhibition item A user record in which the date of the day is set as information indicating that entry is temporarily permitted is generated in the item corresponding to, and the user record is added to the authentication table stored in the HDD 204. The area specified in step S02 is the conference room A here. If the user record in which the terminal identification information received in step S23B is set in the authentication information item exists in the authentication table stored in the HDD 204, the four areas 1 included in the entry permission / inhibition item of the record If the item corresponding to the area specified in step S02 is set to “impossible” among the items of items 4 to 4, the date of the day is used as information indicating that entry is temporarily permitted. Set the date, and if the date is set, set the date. Note that if “permitted” is set in the item corresponding to the area specified in step S02, the user is an authorized user, and the process proceeds to step S13 without changing the item.

  As described above, the entrance / exit management system 1B according to the third embodiment uses the human body communication to receive the terminal identification information stored in the portable device carried by the user, and thus the magnetic card carried by the user. Or it differs from the entrance / exit management system 1 in 1st Embodiment which reads card identification information from an IC card. The entrance / exit management system 1B in the second embodiment has the following effects in addition to the effects of the entrance / exit management system 1 in the first embodiment.

  In the entrance / exit management system 1B according to the second embodiment, the authentication server 200B authenticates the first user and then detects a predetermined change in the intensity of the signal received from the portable device carried by the first user. Thereafter, when the terminal identification information of the portable device is received from a portable device carried by a second user different from the first user, the second user is registered as a temporary authorized user. Since human body communication uses a user's human body as a communication medium, the user and the antenna need to be in contact with each other. For this reason, when the user steps on, the intensity of the radio wave output from the portable device carried by the user changes. A pattern of a change in the intensity of the radio wave due to the stepping action can be determined in advance to detect the stepping action. For this reason, a user who is not registered as an authorized user can be registered on the condition that a stepping action by a user registered as an authorized user is performed.

  Further, the authentication server 200B determines the number of predetermined changes in the radio field intensity of the signal received from the identification device carried by the first user before receiving the terminal identification information from the portable device carried by the second user. Register the same number of second users as temporarily authorized users. Therefore, the number of users who are not registered as authorized users can be specified by the number of times a user registered as an authorized user steps.

<Modification of Third Embodiment>
In the third embodiment, in the entrance / exit management device 500A, the controller 501 transmits a set of an entrance flag and terminal identification information to the authentication server 200B, and then receives an authentication result indicating authentication success from the authentication server 200B. In this case, the number of times the user authenticated as the authorized user steps on the spot is counted based on the temporal change in the electric field strength input from the authentication information acquisition device 511. In the modification of the third embodiment, in the entrance / exit management device 500A, the controller 501 does not count the number of times that a user authenticated as an authorized user steps on the spot. In this case, in the entrance / exit management device 500A, the controller 501 transmits the pair of the entrance flag and the terminal identification information to the authentication server 200B, and then receives the authentication result indicating the authentication success from the authentication server 200B. Similar to the embodiment, in response to the combination of the entrance flag and the terminal identification information being input from the authentication information acquisition device 511, the pair of the entrance flag and the terminal identification information is transmitted to the authentication server 200B. In other words, when a user who has been authenticated as an authorized user steps on the spot, the same number of pairs of entrance flags and terminal identification information as the number of times of stepping are transmitted to the authentication server 200B.

  Specifically, the authentication information acquisition device 511 provided in the entrance / exit management device 200A can communicate with the portable information device when the intensity of the electric field detected by the entrance antenna 513 is equal to or higher than a predetermined value, The terminal identification information is received from the portable device through communication. The authentication information acquisition device 511 outputs a set of an entrance flag and terminal identification information to the controller 501 in response to receiving the terminal identification information from the portable device. Therefore, when the user steps on the entrance side antenna 513, the user and the entrance side antenna 513 are repeatedly contacted and non-contacted, so that the intensity of the electric field detected by the entrance side antenna 513 changes, and the authentication information The acquisition device 511 repeats a state where communication with the portable device is possible and a state where communication is impossible. Since the authentication information acquisition device 511 communicates with the mobile device and receives terminal identification information every time the user contacts the entrance antenna 513, the controller 501 has the same number of entrance flags and terminals as the number of times the user steps. A pair with the identification information is transmitted to the authentication server 300B. In the modification of the third embodiment, the CPU 201B included in the authentication server 200B may have the same function as that shown in FIG.

<Modification of entry / exit judgment method>
In the first to third embodiments, each of the authentication servers 200, 200A, and 200B defines authentication information for each user by the user record in the format shown in FIG. 8, and whether or not each of the four areas can be entered. And authenticating the user using the authentication information, and determining whether or not to enter the area where the user tries to enter based on whether or not each of the four areas can enter. The authentication information is card identification information stored in a magnetic card or an IC card carried by the user in the first embodiment, and is biometric information of the user in the modification of the first embodiment. In the second embodiment, it is an image of a user's face, and in the third embodiment, it is terminal identification information stored in a portable device carried by the user.

  In the modified example of the entrance / exit determination method, the entrance / exit management systems 1, 1A in the first to third embodiments are used in that authentication is performed using the same authentication information as the authentication information in the first to third embodiments. , 1B, but the first to third embodiments in that it is determined whether or not entry is possible for each of a plurality of areas by comparing the levels given to the user and each of the plurality of areas. Different from the authentication servers 200, 200A, and 200B in FIG. In the authentication servers 200, 200A, and 200B in the first to third embodiments, the entry / exit determination methods in the modification examples of the entry / exit determination method are all the same, so here, in the authentication server 200 in the first embodiment A modification of the entry / exit determination method will be described.

  The functions of the CPU 201 included in the authentication server 200 in the modification example of the entry / exit determination method are the same as those shown in FIG. 6 except for the first registration unit 251, the authentication unit 257, and the second registration unit 255, and other functions are the same. It is. Hereinafter, the functions of the CPU 201 included in the authentication server 200 in the modification example of the entry / exit determination method will be mainly described with reference to FIG. 6, and differences from the functions illustrated in FIG. 6.

  The first registration unit 251 in the modification example of the entry / exit determination method registers whether or not a user operating the authentication server 200 can enter a plurality of areas for each of a plurality of users. Here, as shown in FIG. 2, the plurality of areas are the entire building, conference room A, conference room B, and conference room C. Also, one or more users are registered. Therefore, by assigning a level to each of the four areas and assigning a level to each of one or more users, the admission permission for each of the four areas is registered for each of the one or more users.

  More specifically, the authentication server 200 in the modified example of the entry / exit determination method stores an area table in the HDD 204. The area table includes an area record for each area.

  FIG. 24 is a diagram illustrating an example of the format of an area record in a modification of the entry / exit determination method. The area record in the modification example of the entry / exit determination method includes an area item, an apparatus identification information item, and a level item. In the area item, area identification information for identifying the area is set. In the device identification information item, device identification information of a device arranged in the area specified by the area identification information set in the area item among the entry / exit management devices 100, 100A to 100C is set. In the level item, a level given to the area specified by the area identification information set in the area identification information item is set. The level can be determined by an arbitrary scale, but here, a higher level is given to a highly confidential area.

  The first registration unit 251 in the modified example of the entry / exit determination method registers a user who can enter the area for each of the four areas. The 1st registration part 251 registers the user who can enter the area by giving a user the level more than the level attached | subjected to the area. The first registration unit 251 in the modified example of the entry / exit determination method stores a registered user table in the HDD 204. The registered user table includes a plurality of user records corresponding to a plurality of users. The user record associates authentication information, a level, and a temporary permission flag for each user.

  FIG. 25 is a diagram illustrating an example of a format of a user record in a modification of the entry / exit determination method. Referring to FIG. 25, the user record includes a user item, an authentication information item, a level item, and a temporary permission flag item. In the user item, user identification information for identifying the user is set. In the authentication information item, card identification information is set in the first embodiment, biometric information is set in the modification of the first embodiment, and a face image is set in the second embodiment. In the third embodiment, terminal identification information is set. In the level item, a level given to the user is set. When the temporary permission flag is registered, a flag indicating that the temporary permission user is registered is set. Here, the flag set in the item of the temporary permission flag is the date registered as a temporary permission user. This is to limit the period for registration as a temporary authorized user.

  For example, when registering as an authorized user, a level is set in the level item, and a blank is set in the temporary permission flag item. When registering as a temporarily permitted user, the level is set in the level item, and the date of registration as the temporarily permitted user is set in the temporary permission flag item. If neither the authorized user nor the temporarily authorized user is set, a blank is set in the level item and the temporarily authorized flag item.

  Referring to FIG. 6, first registration unit 251 included in CPU 201 included in authentication server 200 in the modification example of the entry / exit determination method generates a user record corresponding to each user and stores the user record in HDD 204. Registered as an authorized user by adding to the authenticated table. For example, the first registration unit 251 in the modification example of the entry / exit determination method displays a registration screen on the display unit 206, and the user identification information and authentication information that the user operating the authentication server 200 inputs to the operation unit 207 according to the registration screen Accepts the level to be given to the user and generates a user record.

  The authentication unit 257 in the modification example of the entry / exit determination method uses the authentication information in response to the entry flag, device identification information, and authentication information being input from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method. Authenticate the identified user. Specifically, the authentication unit 257 in the modification example of the entry / exit determination method includes the user specified by the authentication information included in the authentication request information included in the authentication request information among the entrance / exit management devices 100, 100A to 100C. It is determined whether or not the user is registered as an authorized user who can enter the area where the device specified by the device identification information is arranged. The authentication unit 257 authenticates if the user is registered as an authorized user who can enter the area, but does not authenticate if the user is not registered as an authorized user who can enter the area.

  More specifically, the authentication unit 257 in the modification example of the entry / exit determination method performs authentication from user records included in the authentication table stored in the HDD 204 by the first registration unit 251 in the modification example of the entry / exit determination method. A user record in which the same authentication information as the authentication information included in the request information is set in the authentication information item is extracted. When extracting the user record, the authentication unit 257 in the modification example of the entry / exit determination method acquires the level set in the level item in the extracted user record. Here, a case where the device identification information included in the authentication request information is the device identification information of the entry / exit management device 100A will be described as an example. The authentication unit 257 in the modified example of the entry / exit determination method is an area associated with the entry / exit management device 100 </ b> A identified by the device identification information included in the authentication request information with reference to the area table stored in the HDD 204. The area identification information and level of the conference room A are acquired. Then, the authentication unit 257 in the modification example of the entry / exit determination method determines the level of the user specified by the authentication information in the area where the entrance / exit management device 100 specified by the device identification information is arranged, in this case, the conference room A. Compare with level. The authentication unit 257 in the modification example of the entrance / exit determination method determines that the user is registered as an authorized user permitted to enter the conference room A when the level of the user is equal to or higher than the level of the conference room A, Authentication is performed, but if the level of the user is less than that of the conference room A, it is determined that the user is not registered as an authorized user permitted to enter the conference room A, and authentication is not performed.

  The authentication unit 257 in the modification example of the entry / exit determination method performs gate control on a set of the device identification information and the authentication result included in the authentication request information regardless of whether the user is authenticated or the user is not authenticated. Output to the unit 259. The authentication result may indicate that the authentication has succeeded or may indicate that the authentication has failed.

  Hereinafter, the authentication unit 257 in the modification example of the entry / exit determination method is authentication request information input from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method, and is registered as an authorized user according to the authentication request information. The authentication request information when it is determined that it is present is referred to as first authentication request information.

  After authenticating the first user as an authorized user according to the first authentication request information, the authentication unit 257 in the modification example of the entry / exit determination method continuously inputs one or more authentication request information that is the same as the first authentication request information. In this case, the number of the same authentication request information as the first authentication request information input from the authentication information acquisition unit 253 in the modified example of the entry / exit determination method is counted, and the counted number is determined as the registered number. When determining the number of registrations, the authentication unit 257 in the modification example of the entry / exit determination method outputs a registration instruction to the second registration unit 255 in the modification example of the entry / exit determination method. The registration instruction includes the number of registrations, device identification information included in the first authentication request information, and user identification information of the first user registered as an authorized user.

  The second registration unit 255 in the modification example of the entry / exit determination method receives the authentication request information from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method, and the registration instruction from the authentication unit 257 in the modification example of the entry / exit determination method. Is entered. Hereinafter, the authentication request information input from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method to the second registration unit 255 in the modification example of the entry / exit determination method, which is input after the first authentication request information. The authentication request information including authentication information different from the authentication information included in the first authentication request information is referred to as second authentication request information.

  The second registration unit 255 in the modification example of the entry / exit determination method designates the second user as a temporary authorized user based on the second authentication request information input from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method. Register as The second registration unit 255 in the modification example of the entry / exit determination method is the same number as the number of registrations based on the second authentication request information continuously input from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method. Is registered as a temporary authorized user. The second registration unit 255 in the modification example of the entry / exit determination method sets the second user specified by the authentication information included in the second authentication request information for each of the second authentication request information of the registered number. 2 is registered as a temporary authorized user who can enter the area where the entrance / exit management device 100 specified by the device identification information included in the authentication request information 2 is arranged. Specifically, the second registration unit 255 in the modification example of the entry / exit determination method sets the authentication information included in the second authentication request information in the item of authentication information, and the device included in the second authentication request information Set the same level as the level assigned to the area specified by the area identification information associated with the identification information in the level item, and the date of the day as a flag indicating that the user is a temporary permitted user in the temporary permission flag item A user record in which the date is set is generated, and the user record is added to the authentication table stored in the HDD 204. The second registration unit 255 in the modification example of the entry / exit determination method has a user record in the authentication table in which the same authentication information as the authentication information included in the second authentication request information is set in the authentication information item. If blank is set in the temporary permission flag field of the user record and the value set in the level field is smaller than the level assigned to the area, a user record different from that user record is generated. Add to the authentication table. This is because the user record in which blank is set in the temporary permission flag field is a user record for the authorized user, and stores a user record for the temporarily authorized user separately from the user record for the authorized user.

  The second registration unit 255 in the modification example of the entry / exit determination method has a user record in the authentication table in which the same authentication information as the authentication information included in the second authentication request information is set in the authentication information item. If a blank is set in the temporary permission flag field of the user record and the value set in the level field is equal to or higher than the level assigned to the area, no user record is generated for the temporary permitted user. This is because the user record for the authorized user is sufficient.

  The second registration unit 255 in the modification example of the entry / exit determination method has a user record in the authentication table in which the same authentication information as the authentication information included in the second authentication request information is set in the authentication information item. When a date different from the date of registration as a temporary authorized user is set in the item of the temporary permission flag of the user record, the device including the item of the level of the user record in the second authentication request information Update at the level assigned to the area specified by the area identification information associated with the identification information, and update the item of the temporary permission flag with the date of the day.

  In addition, the second registration unit 255 in the modification example of the entry / exit determination method stores a table in which the user identification information and the authentication information are associated with each other in the HDD 204 in advance, and the user identification information associated with the authentication information is stored in the user record. Set to the user's item. Note that the user record of the second user generated by the second registration unit 255 in the modified example of the entry / exit determination method may have a blank user item. This is because the user can be specified only from the card identification information.

  In addition, the second registration unit 255 in the modified example of the entry / exit determination method generates a registration history record and stores it in the HDD 204 when registering the second user as a temporary authorized user.

  The authentication unit 257 in the modification example of the entry / exit determination method performs authentication in the modification example of the entry / exit determination method after the second registration unit 255 in the modification example of the entry / exit determination method registers the second user as a temporary authorized user. When the authentication request information including the second user authentication information and the entrance flag is input from the information acquisition unit 253, the user data in which the same authentication information as the authentication information included in the authentication request information is set in the authentication information item Is used to authenticate the second user. The authentication unit 257 in the modification example of the entry / exit judgment method has the date set in the temporary permission flag of the user record used for authentication, and the level set in the item of the user record level is the authentication To the area specified by the area identification information associated with the device identification information included in the authentication request information when the second user is above the level assigned to the area associated with the device identification information included in the request information It is determined that the user is allowed to enter temporarily and is authenticated. The time limit for authenticating a user registered as a temporary authorized user is the date registered by the second registration unit 255 in the modification example of the entry / exit determination method. You may make it authenticate.

  On the other hand, in the modified example of the entry / exit determination method, the authentication unit 257 sets the date in the temporary permission flag of the user record used for authentication. If the date is different from the date, the user requests the authentication. It is determined that the user is not registered as a temporary authorized user permitted to enter the area specified by the area identification information associated with the device identification information included in the information, and is not authenticated.

  When authenticating the second user registered as a temporary authorized user, the authentication unit 257 in the modification example of the entry / exit determination method generates an entry / exit history record indicating that the second user has entered the area, The exit record is stored in the HDD 204. The format of the entry / exit history record is the same as the format shown in FIG.

  The authentication unit 257 in the modification example of the entry / exit determination method sets the entry flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and is included in the authentication request information in the area item The area identification information associated with the device identification information is set, and the entry / exit history record is generated in which the current date / time is set in the entry / exit date / time item.

  Further, the authentication unit 257 in the modification example of the entry / exit determination method uses the exit flag from the authentication information acquisition unit 253 in the modification example of the entry / exit determination method, and the temporarily authorized user by the second registration unit 255 in the modification example of the entry / exit determination method. When the authentication request information including the second user authentication information registered as is input, the second user is specified, and it is determined that the specified second user has left the area. If the authentication unit 257 in the modified example of the entry / exit determination method determines that the second user has exited, the authentication unit 257 generates an entrance / exit history record indicating that the second user has exited the area, and stores the entry / exit history record in the HDD 204. The authentication unit 257 in the modification example of the entry / exit determination method sets the exit flag in the entry / exit flag item, sets the user identification information of the second user in the user item, and the authentication information acquisition unit 253 in the area item. The area identification information corresponding to the apparatus identification information included in the authentication request information input from is set, and an entry / exit history record is generated in which the current date / time is set in the entry / exit date / time item.

  The first registration unit 251 in the modification example of the entry / exit determination method has the number of times registered as the temporary authorized user by the second registration unit 255 in the modification example of the entry / exit determination method during the first period is equal to or more than a predetermined number of times. Register the second user as an authorized user. The first registration unit 251 in the modification example of the entry / exit determination method has the function of registering the second user registered as the temporary authorized user by the second registration unit 255 in the modification example of the entry / exit determination method as the authorized user. This is the same as the function of the first registration unit 251 in the first embodiment.

  The authentication server 200 in the modification example of the entry / exit determination method determines whether or not the user can enter the area based on the level associated with the user and the level set in the area. In this case, it is not necessary to determine whether or not to enter for each of a plurality of areas, and it is easy to set whether or not to enter.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

1,1A, 1B entrance / exit management system, 2 networks, 100, 100A, 100B, 100C entrance / exit management device, 200, 200A, 200B authentication server, 300A, 300B, 300C MFP, 51 device side authentication information acquisition unit, 53 device Side authentication unit, 57 authentication information reception unit, 101 controller, 111 entrance side authentication information acquisition device, 113 exit side authentication information acquisition device, 115 gate control device, 201 CPU, 202 ROM, 203 RAM, 204 HDD, 205 communication unit, 206 display unit, 207 operation unit, 208 external storage device, 209 CD-ROM, 251, 251A, 251B first registration unit, 253, 253A, 253B authentication information acquisition unit, 255, 255A, 255B second registration unit, 257, 257A, 257B Authentication section, 259 gate system Unit, 261 authentication support unit, 400, 400A, 400B, 400C entrance / exit management device, 401 controller, 411 entrance side authentication information acquisition device, 413 exit side authentication information acquisition device, 500, 500A, 500B, 500C entrance / exit management device, 501 controller, 511 authentication information acquisition device, 513 entrance antenna, 515 exit antenna, 600 building, 601 building entrance, 611 conference room A entrance, 621 conference room B entrance, 631 conference room C entrance.

Claims (21)

A first registration means for registering authorized users;
Authentication information acquisition means for acquiring user authentication information;
Authentication means for authenticating a user on condition that the acquired authentication information matches the authentication information of the registered authorized user;
After the first user is authenticated by the authentication means, the same authentication information as the authentication information of the first user is acquired by the authentication information acquiring means, and then a second different from the first user is further acquired. Second authentication means for registering the second user as a temporary authorized user when the authentication information of the user is acquired,
The authentication unit authenticates a user when the acquired authentication information matches the registered temporary authorized user authentication information.   The second registration unit authenticates the first user after the first user is authenticated by the authentication unit and before the second user authentication information is acquired by the authentication information acquisition unit. The authentication apparatus according to claim 1, wherein the same number of second users as the number of times authentication information identical to the information is acquired is registered as a temporary authorized user.   The authentication device according to claim 1, wherein the authentication information acquisition unit includes a reading unit that reads the related identification information as the authentication information from an identification device that is carried by the user and stores related information related to the user. .   The authentication apparatus according to claim 1, wherein the authentication information acquisition unit includes a biometric information acquisition unit that acquires a user's biometric information as the authentication information. An identification device that is carried by the user and stores related information associated with the user and a human body communication means for communicating with the human body of the user as a communication medium
The authentication apparatus according to claim 1, wherein the authentication information acquisition unit controls the human body communication unit to acquire related information received by the human body communication unit from an identification device as the authentication information. A first registration means for registering authorized users;
An identification device that is carried by a user and stores related information associated with the user, and a human body communication means for communicating with the human body of the user as a communication medium;
Authentication information acquisition means for controlling the human body communication means and acquiring related information received by the human body communication means from the identification device;
Authentication means for authenticating a user on the condition that the acquired related identification information matches the registered related information of the authorized user;
After the first user is authenticated by the authentication means, a predetermined change in the strength of the signal received by the human body communication means from the identification device carried by the first user is detected, and then further, the first user A second registration unit for registering the second user as a temporary authorized user when related information is acquired by the authentication information acquisition unit from an identification device carried by a second user different from the first user. ,
The authentication unit authenticates a user when the acquired related identification information matches the registered temporary authorized user related information.   The second registration unit may be configured such that after the first user is authenticated by the authentication unit and before the related information of the second user is received by the communication unit, the first user by the communication unit. The authentication device according to claim 6, wherein the second user is registered as a temporary authorized user in the same number of times as the predetermined number of changes in the radio field intensity of the signal received from the identification device carried by the user. A first registration means for registering authorized users;
Imaging means for imaging a subject and outputting an image;
User identification means for identifying a user as a subject by analyzing an image of a part of a user's body included as a subject in an image output by the imaging means;
Authentication means for authenticating on condition that the user identified by the identification means is the registered authorized user;
Gesture detection means for detecting a predetermined gesture by the user by detecting a change in an image of a part of the user's body included as a subject in the image data output by the imaging means;
When the predetermined gesture by the first user is detected after the first user is authenticated, a second user other than the first user is identified by the user identifying means, Second registration means for registering the second user as a temporary authorized user,
The authentication unit authenticates a user when the user identified by the user identification unit is a registered temporary authorized user.   9. The authentication apparatus according to claim 8, wherein the second registration unit registers as many second users as the number of times that the predetermined number of times the predetermined gesture is detected by the gesture detection unit. A gate device installed at the doorway of a given area;
An opening means for opening the gate device in response to the user being authenticated by the authentication means,
The authentication apparatus according to claim 1, wherein the authentication information acquisition unit acquires authentication information of a user who passes through the gate device. The second registration means registers as a temporary authorized user whose authentication period is limited,
The authentication apparatus according to claim 10, wherein the first registration unit registers a user who has been registered as a temporary authorized user by the second registration unit a predetermined number of times or more as an authorized user whose authentication period is not limited. .   12. The authentication apparatus according to claim 11, wherein the first registration unit registers, as a permitted user, a user whose number of times registered as a temporary authorized user by the second registration unit is a predetermined number or more during the first period.   The first registration unit is configured such that when a user who is registered as a temporary authorized user by the second registration unit enters the predetermined area and then leaves the user, the first registration unit The authentication device according to claim 11 or 12, wherein the authentication device is not included in the number of times registered as a temporary authorized user by the two registration means. An authentication support means for transmitting authentication information of the temporarily authorized user registered by the second registration means to the image forming apparatus disposed in the predetermined area;
The image forming apparatus includes an apparatus-side authentication unit that authenticates a user,
The authentication apparatus according to claim 10, wherein the apparatus-side authentication unit authenticates a user using authentication information of a temporarily authorized user transmitted by the authentication support unit. There are a plurality of the predetermined areas, and any one of a plurality of levels is set for each of the plurality of areas.
At least one of the gate devices is disposed in each of the plurality of areas;
The authorized user and the temporarily authorized user are registered in association with any of the plurality of levels,
The authentication means authenticates on the condition that the level associated with the user is equal to or higher than the level set in the area where the user enters among the plurality of areas,
The second registration unit registers the second user as a temporary authorized user associated with a level set in an area in which the gate device opened when the first user is authenticated by the authentication unit is arranged. The authentication device according to any one of claims 10 to 14. An authentication method executed by an authentication device,
A first registration step of registering authorized users;
An authentication information acquisition step for acquiring user authentication information;
An authentication step of authenticating a user on the condition that the acquired authentication information matches the authentication information of the registered authorized user;
After the first user is authenticated in the authentication step, the same authentication information as the authentication information of the first user is acquired in the authentication information acquisition step, and then a second different from the first user is further acquired. When the authentication information of the user is acquired, the authentication device is caused to execute a second registration step of registering the second user as a temporary authorized user,
The authentication step includes an authentication method including authenticating a user when the acquired authentication information matches the registered temporary authorized user authentication information. An authentication method executed by an authentication device,
A first registration step of registering authorized users;
The identification device that is carried by the user and stores the relevant information associated with the user and the human body communication means that communicates using the user's human body as a communication medium, and obtains the relevant information that the human body communication means receives from the identification device Authentication information acquisition step,
An authentication step of authenticating a user on the condition that the acquired related identification information matches the registered related information of the authorized user;
After the first user is authenticated in the authentication step, a predetermined change in the strength of the signal received by the human body communication means from the identification device carried by the first user is detected, and then further, the first user A second registration step of registering the second user as a temporary authorized user when related information is acquired in the authentication information acquisition step from an identification device carried by a second user different from the user Let the authentication device execute,
The authentication method includes a step of authenticating a user when the acquired related identification information matches the registered temporary authorized user related information. An authentication method executed by an authentication device,
A first registration step of registering authorized users;
A user identification step for identifying a user as a subject by analyzing an image of a part of the user's body included as a subject in an image output by an imaging unit that captures the subject and outputs the image;
An authentication step for authenticating on the condition that the user identified in the identification step is the registered authorized user;
A gesture detection step of detecting a predetermined gesture by the user by detecting a change in an image of a part of the user's body included as a subject in the image data output by the imaging means;
If the predetermined gesture by the first user is detected after the first user is authenticated, a second user other than the first user is identified in the user identification step; A second registration step of registering the second user as a temporarily authorized user, causing the authentication device to execute,
The authentication method includes a step of authenticating a user when the user identified in the user identification step is the registered temporary authorized user. An authentication program executed by a computer that controls the authentication device,
A first registration step of registering authorized users;
An authentication information acquisition step for acquiring user authentication information;
An authentication step of authenticating a user on the condition that the acquired authentication information matches the authentication information of the registered authorized user;
After the first user is authenticated in the authentication step, the same authentication information as the authentication information of the first user is acquired in the authentication information acquisition step, and then a second different from the first user is further acquired. When the authentication information of the user is acquired, the computer executes the second registration step of registering the second user as a temporary authorized user,
The authentication program includes a step of authenticating a user when the acquired authentication information matches the registered temporary authorized user authentication information. An authentication program executed by a computer that controls the authentication device,
A first registration step of registering authorized users;
The identification device that is carried by the user and stores the relevant information associated with the user and the human body communication means that communicates using the user's human body as a communication medium, and obtains the relevant information that the human body communication means receives from the identification device Authentication information acquisition step,
An authentication step of authenticating a user on the condition that the acquired related identification information matches the registered related information of the authorized user;
After the first user is authenticated in the authentication step, a predetermined change in the strength of the signal received by the human body communication means from the identification device carried by the first user is detected, and then further, the first user A second registration step of registering the second user as a temporary authorized user when related information is acquired in the authentication information acquisition step from an identification device carried by a second user different from the user Let the computer run,
The authentication program includes a step of authenticating a user when the acquired related identification information matches the registered temporary authorized user related information. An authentication program executed by a computer that controls the authentication device,
A first registration step of registering authorized users;
A user identification step for identifying a user as a subject by analyzing an image of a part of the user's body included as a subject in an image output by an imaging unit that captures the subject and outputs the image;
An authentication step for authenticating on the condition that the user identified in the identification step is the registered authorized user;
A gesture detection step of detecting a predetermined gesture by the user by detecting a change in an image of a part of the user's body included as a subject in the image data output by the imaging means;
If the predetermined gesture by the first user is detected after the first user is authenticated, a second user other than the first user is identified in the user identification step; Causing the computer to execute a second registration step of registering the second user as a temporary authorized user;
The authentication program includes a step of authenticating a user when the user identified in the user identification step is the registered temporary authorized user.

Images