JP2022140149A - Information processing system, portable device, cooperation server, information processing method, control method, and program - Google Patents

Abstract

To improve user's convenience.SOLUTION: An information processing system 100 includes a first acquisition unit 11, a second acquisition unit 12, and a communication unit. The first acquisition unit 11 obtains first identification information I1 related to user authentication from a portable device 2. The second acquisition unit 12 obtains second identification information I2 related to the first identification information I1. The communication unit associates, in response to the acquisition of the first identification information I1 by the first acquisition unit 11, information R0 related to an authentication result of a user H0 based on the first identification information I1 or the second identification information I2 with at least either the second identification information I2 or third identification information I3 related to the second identification information I2, and outputs it.SELECTED DRAWING: Figure 1

Description

TECHNICAL FIELD The present disclosure generally relates to an information processing system, a mobile device, a cooperation server, an information processing method, a control method, and a program. More specifically, the present disclosure relates to an information processing system, a mobile device, a cooperation server, an information processing method, a control method, and a program that process information related to user authentication.

Patent Literature 1 discloses an entrance/exit management system.

The entrance/exit management system of Patent Document 1 includes an electric lock, a wireless tag reader, a non-contact reading unit, a registration unit, a determination unit, an electric lock control unit, and a notification unit. The electric lock can lock and unlock the entrance/exit door provided in the controlled area within the facility. The wireless tag reader has wireless communication means for performing wireless communication with a wireless tag that is carried by a user and records first unique information, and has a communication range that is a predetermined range outside or inside the controlled area. The contactless reading unit reads the recording medium by contactless communication when the recording medium, which is possessed by the user and on which the second unique information is recorded, is held up to a predetermined position outside the management area. The registration unit registers correspondence data in which a plurality of first unique information and a plurality of second unique information respectively corresponding to the first unique information are associated with each other. The determination unit determines whether the first unique information read by the wireless tag reader and the second unique information read by the non-contact reading unit are different based on the wireless communication result by the wireless tag reader and the non-contact communication result by the non-contact reading unit. , determines whether or not there is a stipulated correspondence relationship associated in the registration unit. The electric lock control section unlocks the electric lock on condition that at least the second unique information read by the non-contact reading section is the regular unique information registered in the registration section. The notifying unit detects when the second unique information on the recording medium is read by the non-contact reading unit and the first unique information having a prescribed correspondence relationship with the second unique information is not read by the wireless tag reader, or when the wireless tag reader When the first unique information of the wireless tag is read by the non-contact reading unit and the second unique information having a prescribed correspondence relationship with the first unique information is not read by the non-contact reading unit, notification is performed.

JP 2014-211015 A

In a system equipped with an information processing system such as the entrance/exit management system described in Patent Document 1, there are cases where it is desired to improve user convenience.

An object of the present disclosure is to improve user convenience.

An information processing system according to one aspect of the present disclosure includes a first acquisition unit, a second acquisition unit, and a communication unit. The first acquisition unit acquires first identification information related to user authentication from the mobile device. The second acquisition unit acquires second identification information associated with the first identification information. The communication unit, in response to acquisition of the first identification information by the first acquisition unit, transmits information about the authentication result of the user based on the first identification information or the second identification information to the second identification information. and third identification information associated with the second identification information.

A mobile device according to one aspect of the present disclosure includes a mobile-side first communication unit and a mobile-side second communication unit. The mobile-side first communication unit communicates with an entrance/exit management system. The mobile-side second communication unit communicates with at least one of a cooperation server that communicates with the entrance/exit management system and the entrance/exit management system. The mobile-side first communication unit is configured to communicate with the entrance/exit management system and transmit first identification information. The mobile-side second communication unit converts information about an authentication result based on the first identification information or the second identification information associated with the first identification information to third identification information associated with the second identification information. Receive in association.

A cooperation server according to one aspect of the present disclosure includes a server-side communication unit that communicates with an entrance/exit management system. The server-side communication unit transmits information about an authentication result based on first identification information acquired from a mobile device by the entrance/exit management system or second identification information associated with the first identification information to the entrance/exit management system. is received in association with the second identification information from.

An information processing method of one aspect of the present disclosure includes a first acquisition step, a second acquisition step, and a communication step. The first obtaining step includes obtaining, from the mobile device, first identification information relating to authentication of the user. The second obtaining step includes obtaining second identification information associated with the first identification information. In the communicating step, in response to acquisition of the first identification information, information regarding a result of authentication of the user based on the first identification information or the second identification information is transmitted to the second identification information and the second identification information. including outputting in association with at least one of the third identification information associated with.

A control method according to one aspect of the present disclosure includes: a mobile-side first communication unit that communicates with an entrance/exit management system; and a second side communication unit. The control method includes a transmission step and a reception step. The transmitting step includes transmitting the first identification information by communicating with the entrance/exit management system by the portable side first communication unit. In the receiving step, the mobile-side second communication unit transmits information about an authentication result based on the first identification information or the second identification information associated with the first identification information to the second identification information and the second identification information. Receiving in association with at least one of third identification information associated with the identification information.

A control method according to one aspect of the present disclosure is a control method for a cooperation server including a server-side communication unit that communicates with an entrance/exit management system. The control method includes a receiving step. In the receiving step, information about an authentication result based on first identification information or second identification information associated with the first identification information acquired from the mobile device by the entrance/exit management system is sent by the server-side communication unit, Receiving in association with the second identification information from the entrance/exit management system.

A program according to one aspect of the present disclosure is a program for causing one or more processors to execute the information processing method.

A program according to one aspect of the present disclosure is a program for causing one or more processors to execute the control method.

According to the present disclosure, there is an advantage that it is possible to improve user convenience.

FIG. 1 is a block diagram of a system including an entrance/exit management system, a cooperation server, and a mobile device according to one embodiment. FIG. 2 is a diagram showing a first table included in the entrance/exit management system. FIG. 3 is a diagram showing a second table held by the above link server. FIG. 4 is a sequence diagram for explaining the registration method of the same system. FIG. 5 is an explanatory diagram of a first operation example of the above system. FIG. 6 is a sequence diagram of a first operation example of the above system. FIG. 7 is an explanatory diagram of a second operation example of the above system. FIG. 8 is a sequence diagram of a second operation example of the above system. FIG. 9 is an explanatory diagram of an operation example of a system including an entry/exit management system, a link server, and a mobile device according to the first modified example. FIG. 10 is a block diagram of a system including an entrance/exit management system, a cooperation server, and a mobile device according to the second modification.

Hereinafter, an information processing system, a mobile device, and a cooperation server according to embodiments will be described with reference to the drawings. Each drawing described in the following embodiments is a schematic drawing, and the ratio of the size and thickness of each component in each drawing does not necessarily reflect the actual dimensional ratio. .

(1) Overview In the present embodiment, the information processing system 100 includes the entry/exit management system 1 . The entry/exit management system 1 manages, for example, the entry and exit of people into and out of a predetermined space. The predetermined space is not particularly limited. It may be a room or the like that requires authentication by F1 (see FIGS. 7 and 9). The entry/exit management system 1 may manage entry and exit of people to and from a building and a plurality of rooms in the building, respectively.

As shown in FIG. 1, the entrance/exit management system 1 includes a first acquisition unit 11, a second acquisition unit 12, and a management-side first communication unit 18 (communication unit). The first acquisition unit 11 acquires the first identification information I1 regarding authentication of the user H0 (see FIG. 5) from the mobile device 2 . The second acquisition unit 12 acquires the second identification information I2 associated with the first identification information I1. In response to acquisition of the first identification information I1 by the first acquisition unit 11, the management-side first communication unit 18 outputs information R0 regarding the authentication result of the user H0. The authentication result of the user H0 is the result of authentication based on the first identification information I1, and can be, for example, either successful or unsuccessful authentication. The information R0 about the authentication result may be the authentication result (success or failure) itself, information derived from the authentication result, information pre-associated with the authentication result, information pointing to the authentication result, or the like. The management-side first communication unit 18 outputs the information R0 regarding the authentication result of the user H0 in association with the second identification information I2. "Outputting the information R0 related to the authentication result in association with the second identification information I2" means that the second identification information I2 is directed to a device (or system) that can recognize the second identification information I2, and the second identification information I2 is It means that the information R0 regarding the authentication result is output so that the information R0 regarding the authentication result (for example, whether or not the authentication is established) is associated with the . Here, the management-side first communication unit 18 outputs the result information including the information R0 regarding the authentication result and the second identification information I2, thereby outputting the information R0 regarding the authentication result in association with the second identification information I2. .

In the present embodiment, as shown in FIG. 1 , the management-side first communication unit 18 outputs result information including the information R0 on the authentication result and the second identification information I2 to the cooperation server 3 .

As shown in FIG. 1 , the cooperation server 3 includes a first server-side communication unit 38 (server-side communication unit) that communicates with the entrance/exit management system 1 . The server-side first communication unit 38 receives the information R0 regarding the authentication result of the user H0 from (the management-side first communication unit 18 of) the entrance/exit management system 1 in association with the second identification information I2. The authentication result of the user H0 is the result (succeeded or not established) of the user H0 based on the first identification information I1 acquired from the mobile device 2 by the entrance/exit management system 1, as described above. "Receiving the information R0 related to the authentication result in association with the second identification information I2" means that a device (or system) capable of recognizing the second identification information I2 can associate the second identification information I2 within the device. It means receiving information R0 about the authentication result in a possible manner. Here, the server-side first communication unit 38 receives the result information including the information R0 on the authentication result and the second identification information I2 from the entrance/exit management system 1, and converts the information R0 on the authentication result to the second identification information. It is received in association with I2.

In this manner, the entrance/exit management system 1 of the present embodiment outputs information R0 regarding the authentication result of the user H0 based on the first identification information I1 from the portable device 2 to the cooperation server 3. FIG. Therefore, in the link server 3, for example, information to be presented to the user H0 can be generated or output using the information R0 regarding the authentication result (success or failure of authentication). Therefore, the user H0 can receive information according to the result of his own authentication. As a result, according to this embodiment, it is possible to improve the convenience for the user H0.

As shown in FIG. 1 , the cooperation server 3 further includes a server-side second communication unit 39 that communicates with the mobile device 2 . The server-side second communication unit 39 outputs the information R0 regarding the authentication result to the mobile device 2 in association with the third identification information I3 associated with the second identification information I2.

The "information about authentication results R0" output by the second server-side communication unit 39 may be the same as or different from the "information about authentication results R0" output by the first management-side communication unit 18. good too. Further, the "information about authentication results R0" output by the second server-side communication unit 39 may or may not include the "information about authentication results R0" output by the first management-side communication unit 18. may For example, the management-side first communication unit 18 outputs the authentication result (successful or unsuccessful) itself as the information R0 regarding the authentication result, and the server-side second communication unit 39 outputs the authentication result as the information R0 regarding the authentication result. information may be output. The "information about authentication result R0" output by the second server-side communication unit 39 may be related to the "information about authentication result R0" output by the first management-side communication unit 18. FIG.

As shown in FIG. 1 , the mobile device 2 includes a mobile-side first communication section 28 and a mobile-side second communication section 29 . The mobile-side first communication unit 28 communicates with the entrance/exit management system 1 . The mobile-side first communication unit 28 communicates with the entrance/exit management system 1 to transmit the first identification information I1. The mobile-side second communication unit 29 communicates with the cooperation server 3 . The mobile-side second communication unit 29 receives the information R0 regarding the authentication result of the user H0 in association with the third identification information I3. As described above, the authentication result of the user H0 is the authentication result (success or failure) of the user H0 based on the first identification information I1 acquired from the mobile device 2 by the entrance/exit management system 1 .

In this way, the mobile device 2 of the present embodiment performs communication (second mobile-side communication communication with the link server 3 via the unit 29), information R0 about the authentication result can be received. Therefore, the entrance/exit management system 1 and the cooperation server 3 can transmit the information R0 about the authentication result to the portable device 2 by a communication method that is not limited to the communication method of the communication path for authentication. Therefore, for example, the entrance/exit management system 1 and the cooperation server 3 can transmit information attached to the information R0 related to the authentication result together with the information R0 related to the authentication result to the portable device without changing the communication method of the communication path for authentication. 2 can be sent. As a result, according to this embodiment, it is possible to improve the convenience for the user H0.

(2) Details Hereinafter, the entrance/exit management system 1, the portable device 2, and the link server 3 according to the embodiment will be described in more detail with reference to the drawings. The entrance/exit management system 1, the portable device 2, and the link server 3 each include a computer system having one or more processors and memories in its processing units 10, 20, and 30. FIG. At least part of the function of each of the processing units 10, 20, and 30 is realized by the processor of the computer system executing a program recorded in the memory of the computer system. The program may be recorded in a memory, provided through an electric communication line such as the Internet, or recorded in a non-temporary recording medium such as a memory card and provided.

(2.1) Entrance/Exit Management System The entrance/exit management system 1 is a system for managing the entry and exit of people to and from a predetermined space, as described above. The predetermined space managed by the entrance/exit management system 1 is hereinafter also referred to as a "management area". A management area may include multiple spaces that are separated from each other.

As shown in FIG. 1, the entrance/exit management system 1 includes a processing unit 10, a storage unit 17, a management side first communication unit 18 (communication unit), and a management side second communication unit 19. .

The storage unit 17 includes a rewritable non-volatile memory such as EEPROM (Electrically Erasable Programmable Read-Only Memory). Various information is stored in the storage unit 17 . The storage unit 17 may also be used as the memory of the processing unit 10 .

The storage unit 17 stores a plurality of first data. The plurality of first data is a data group for authenticating the user H0 entering the management area. The plurality of first data may include various different types of data. Examples of multiple first data formats may include code (identifier) formats, image formats, and the like. The first data in code format is used, for example, to authenticate the mobile device 2 or IC card storing identification information in code format. The first data in the image format is, for example, data of an image corresponding to the face of a person registered as a user of the entrance/exit management system 1, and is used to authenticate the face of the user.

The storage unit 17 stores a plurality of second data. The plurality of second data are stored in one-to-one association with the plurality of first data. The plurality of first data and the plurality of second data are stored in the storage unit 17 in the form of a data table (first table Ta1) shown in FIG. 2, for example. In addition, in FIG. 2, each of the plurality of first data is indicated by a three-digit number (“001”, “002”, . . . ) for convenience. In addition, in FIG. 2, each of the plurality of second data is indicated by an alphabet (“A”, “B”, . . . ) for convenience.

In the example of FIG. 2, among the plurality of first data, the first data "001", "002", and "003" are data in code format, and the first data "004" is data in image format. be. Among the first data "001", "002", and "003" in the code format, the first data "001" is data used for authenticating the mobile device 2, and "002", "002", " 003” is data used to authenticate the IC card. On the other hand, the plurality of second data are data in a unified format (for example, code). Therefore, the second data is easier to process when a plurality of data are collectively handled than the first data. In the example of FIG. 2, for a plurality of first data "001", "002", "003" and "004", a plurality of second data "A", "B", "C" and "D" are associated one-to-one.

The management side first communication unit 18 (communication unit) is a communication interface of the entrance/exit management system 1 . The communication method of the management-side first communication unit 18 is, for example, a communication method conforming to WiFi (registered trademark), a communication method conforming to LTE (registered trademark), or the like. The communication method of the management-side first communication unit 18 is not limited to wireless, and may be wired.

The management side first communication unit 18 communicates with the cooperation server 3 . The management-side first communication unit 18 communicates with the cooperation server 3 regarding the function of cooperation between the entrance/exit management system 1 and the cooperation server 3 . The “coordination function between entrance/exit management system 1 and cooperation server 3 ” is a function related to cooperation between entrance/exit management system 1 and cooperation server 3 .

The management-side first communication unit 18 communicates with the cooperation server 3 regarding the cooperation function between the entrance/exit management system 1 and the cooperation server 3 based on a communication method according to a predetermined format defined between the management side first communication unit 18 and the cooperation server 3 . The management-side first communication unit 18 communicates with the cooperation server 3 regarding the cooperation function between the entrance/exit management system 1 and the cooperation server 3 based on a communication method according to a predetermined format that is commonly defined with the cooperation server 3 .

The “communication method according to a predetermined format that is commonly defined with the link server 3” is, for example, a communication method using an API (Application Programming Interface). The API is a function that allows at least part of the functions of the entrance/exit management system 1 to be shared with an external system (linkage server 3). The entrance/exit management system 1 provides the cooperation server 3 with a function for executing a specific operation of the entrance/exit management system 1 by calling an API from the cooperation server 3 .

A specific operation may include acquisition of information held by the entrance/exit management system 1, for example. The information held by the entrance/exit management system 1 may include information R0 on authentication results.

A specific operation may include execution of a predetermined setting regarding the entrance/exit management system 1 . Predetermined settings relating to the entrance/exit management system 1 include, for example, a gate G1 that allows a user H0 (first identification information I1) to pass through when there are a plurality of gates G1 in the management area (which gate G1 is permitted to pass through). setting of the gate G1 in the management area (may be for each user H0 or all users), temporary suspension of use of the gate G1 in the management area (may be for each user H0) (may be all users). In short, the management-side first communication unit 18 receives settings regarding the entrance/exit management system 1 from the cooperation server 3 based on a communication method according to a predetermined format.

A specific operation may include execution of predetermined control regarding the entrance/exit management system 1 . Predetermined control related to the entrance/exit management system 1 includes opening/closing control of the gate G1 in the management area.

The management side second communication unit 19 is a communication interface of the entrance/exit management system 1 . The management-side second communication unit 19 communicates with the mobile device 2 . The communication method of the management-side second communication unit 19 is, for example, a communication method conforming to the short-range wireless communication standard, for example, a communication method conforming to NFC (Near Field Communication). For example, by holding a mobile information terminal equipped with a communication interface of a communication system conforming to NFC over the management side second communication unit 19, communication is established between the mobile information terminal and the management side second communication unit 19. done.

The entrance/exit management system 1 may include a management-side third communication unit that communicates with an external system. The management side third communication unit communicates with an external system via a network such as the Internet. The communication method of the management-side third communication unit is, for example, a communication method conforming to WiFi, a communication method conforming to LTE, or the like. The communication method of the management-side third communication unit is not limited to wireless, and may be wired. The management-side third communication unit may be shared with the management-side first communication unit 18 .

The processing unit 10 is a processor of the entrance/exit management system 1 . The processing unit 10 performs various types of processing. The processing unit 10 also controls the operations of the storage unit 17 , the first management-side communication unit 18 , and the second management-side communication unit 19 .

As shown in FIG. 1, the processing unit 10 includes a first acquisition unit 11, a second acquisition unit 12, an authentication unit 13, and an output unit .

The first acquisition unit 11 acquires authentication information for user authentication from various devices.

The first acquisition unit 11 acquires authentication information from the mobile device 2 . The first acquisition unit 11 acquires the first identification information I1 from the mobile device 2 as authentication information. Specifically, the first acquisition unit 11 acquires the first identification information I1 via the management-side first communication unit 18 from the mobile device 2 that has communicated with the management-side first communication unit 18 . In the example of FIG. 2, the first acquisition unit 11 can acquire the code corresponding to the first data "001" from the mobile device 2 as the first identification information I1 (authentication information).

In addition, the first acquisition unit 11 acquires authentication information from a device other than the mobile device 2 via the management-side first communication unit 18 or the management-side second communication unit 19 . In the example of FIG. 2, the first acquisition unit 11 can acquire the codes corresponding to the first data "002" and "003" from the IC card as the authentication information.

The first acquisition unit 11 also acquires authentication information from, for example, an imaging device that is provided near the gate G1 at the entrance of the management area and captures an image of a person passing through the gate G1. In the example of FIG. 2, the first acquisition unit 11 can acquire the image corresponding to the first data "004" as the authentication information from the imaging device.

The second acquisition unit 12 acquires second data associated with the first data.

When the first acquisition unit 11 acquires a code (authentication information: first identification information I1) corresponding to the first data "001" from the mobile device 2, the second acquisition unit 12 associates the code with the first data "001". The obtained second data “A” is acquired from the storage unit 17 . In short, the second acquisition unit 12 acquires the second identification information I2 associated with the first identification information I1 in response to acquisition of the first identification information I1 by the first acquisition unit 11 .

Further, when the first acquisition unit 11 acquires the code (authentication information) corresponding to the first data "002" from the IC card, the second acquisition unit 12 obtains the second data associated with the first data "002". “B” is acquired from the storage unit 17 .

The authentication unit 13 performs authentication in response to acquisition of the authentication information by the first acquisition unit 11, and generates an authentication result. The authentication unit 13 performs authentication based on the authentication information acquired by the first acquisition unit 11 . In particular, the authentication unit 13 performs authentication when the first acquisition unit 11 acquires the first identification information I1 (authentication information) from the mobile device 2 . The authentication unit 13 performs authentication based on the first identification information I1.

The authentication result by the authentication unit 13 can include either successful or unsuccessful authentication.

Establishment of authentication may mean that the acquired authentication information matches any of the valid first data among the plurality of first data. For example, when the authentication information is a face image, matching the authentication information with the first data may include that the authentication information is similar to the first data to the extent that it can be regarded as matching. If the authentication is successful, the entrance/exit management system 1 opens, for example, the entrance gate G1 (see FIG. 5) and permits the target person to enter the management area.

Failed authentication may mean that the acquired authentication information does not match any valid first data among the plurality of first data. As a cause of failure of authentication, for example, the validity period of the first data corresponding to the authentication information has expired. If the authentication is not established (unsuccessful), the entrance/exit management system 1 closes, for example, the entrance gate G1 to prohibit the subject from entering the management area. It should be noted that the entry/exit management system 1 does not accept the authentication information even if the authentication operation itself is not performed because the authentication information cannot be received or the first data that matches the face image captured by the imaging device does not exist. The door of the gate G1 may be closed to prohibit the subject from entering the management area.

The authentication unit 13 stores the authentication result in the storage unit 17 in association with the acquired authentication information together with the time when the authentication information was acquired, the device (gate G1, imaging device, etc.) that acquired the authentication information, the installation location of the device, and the like. Let The authentication unit 13 may cause the storage unit 17 to store information R0 regarding the authentication result instead of or in addition to the authentication result. The information R0 regarding the authentication result may be generated by the authentication unit 13, or may be generated by an element other than the authentication unit 13. FIG.

The output unit 14 outputs the result information from the management side first communication unit 18 . The result information includes information R0 on the authentication result and second data associated with the information R0 on the authentication result. That is, when the first acquisition unit 11 acquires the first identification information I1, the result information can include the information R0 regarding the authentication result and the second identification information I2. The result information may further include information on the time the authentication information was obtained, information on the device that obtained the authentication information, information on the location of the device that obtained the authentication information, and the like. Note that the result information does not include the authentication information (for example, the first identification information I1) acquired by the first acquisition unit 11 . In short, the output unit 14 outputs the information R0 on the authentication result in association with the second identification information I2 instead of the first identification information I1.

The output unit 14 causes the management-side first communication unit 18 to output the result information in response to a request from the cooperation server 3 . For example, the output unit 14 outputs the result information from the management-side first communication unit 18 to the cooperation server 3 in response to a request for information according to a predetermined format from the cooperation server 3 . The output unit 14 is realized by an API. In short, the management-side first communication unit 18 outputs the information R0 regarding the authentication result to the cooperation server 3 in association with the second identification information in response to a request for information in a predetermined format from the cooperation server 3 .

In addition, the output unit 14 causes the first management-side communication unit 18 to output the result information at an appropriate timing. For example, the output unit 14 outputs result information from the management-side first communication unit 18 to the cooperation server 3 at the timing when the authentication unit 13 generates the authentication result.

(2.2) Mobile Device The mobile device 2 is a mobile information terminal. A mobile information terminal is, for example, a smart phone or a tablet terminal.

The mobile device 2 is possessed (carried) by the user H0. When there are multiple users H0, each of the multiple users H0 can have a mobile device 2. FIG. Although one user H0 may possess a plurality of portable devices 2, in this embodiment, for convenience of explanation, it is assumed that each user H0 possesses one portable device 2. FIG.

As shown in FIG. 1, the mobile device 2 includes a processing unit 20, a display unit 25, an operation unit 26, a storage unit 27, a mobile-side first communication unit 28, a mobile-side second communication unit 29, It has

The processing unit 20 is the processor of the mobile device 2 . The processing unit 20 performs various types of processing. The processing unit 20 controls the operations of the display unit 25, the operation unit 26, the storage unit 27, the mobile-side first communication unit 28, and the mobile-side second communication unit 29, for example.

The display unit 25 includes, for example, a touch panel display. The display is, for example, a liquid crystal display or an organic EL (Electro-Luminescence) display. The display unit 25 displays various information under the control of the processing unit 20 .

The operation unit 26 is a user interface that receives operations from the outside. The operation unit 26 can be realized by, for example, a touch panel display. The operation unit 26 may include buttons, a keyboard, and the like provided on the housing of the mobile device 2 . The operation unit 26 may be detachably connected to a connector provided on the housing of the mobile device 2 .

The storage unit 27 includes a rewritable nonvolatile memory such as EEPROM (Electrically Erasable Programmable Read-Only Memory). Various information is stored in the storage unit 27 . The storage unit 27 may also be used as the memory of the processing unit 20 .

The storage unit 27 stores the third identification information I3. The third identification information I3 is here the unique identification information assigned to the user H0. The third identification information I3 may be the user ID of the user H0 in the cooperation server 3. The third identification information I3 can be any one of a plurality of third data (described later) managed by the cooperation server 3 .

The storage unit 27 stores the first identification information I1. The first identification information I1 is information that can be used as authentication information when the user H0 uses the mobile device 2 to authenticate the entrance/exit management system 1 .

The first identification information I1 is validated from an external system other than the entrance/exit management system 1 and stored in the storage unit 27, for example, by performing a predetermined procedure for validation. The external system here can be, for example, a server system managed by a public institution, a server system managed by an operating company that manages public infrastructure, or the like.

Thus, the first identification information I1 is information issued from an external system. Therefore, in order to use the first identification information I1 as authentication information, it is necessary to register the first identification information I1 (as first data) in the entry/exit management system 1 in advance. A method of registering the first identification information I1 in the entrance/exit management system 1 will be described in the section "(2.4) Registration method".

The storage unit 27 stores applications (programs) for the mobile device 2 to implement various functions. The storage unit 27 stores at least an application for performing a function of outputting the first identification information I<b>1 to the entrance/exit management system 1 . In short, the mobile device 2 is a mobile information terminal capable of executing an application for performing the function of outputting the first identification information I1.

The mobile-side first communication unit 28 is a communication interface of the mobile device 2 . The mobile-side first communication unit 28 communicates with the entrance/exit management system 1 . The communication method of the mobile-side first communication unit 28 is, for example, a communication method conforming to the short-range wireless communication standard, for example, a communication method conforming to NFC.

The mobile-side second communication unit 29 is a communication interface of the mobile device 2 . The mobile-side second communication unit 29 communicates with the cooperation server 3 . The mobile-side second communication unit 29 communicates with an external system (server system). The mobile-side second communication unit 29 communicates with the cooperation server 3 and an external system via a network such as the Internet. The communication method of the mobile-side second communication unit 29 is, for example, a communication method conforming to WiFi, a communication method conforming to LTE, or the like.

(2.3) Cooperation Server As shown in FIG. 1, the cooperation server 3 includes a processing unit 30, a storage unit 37, a first server-side communication unit 38, and a second server-side communication unit 39. there is

The storage unit 37 includes a rewritable nonvolatile memory such as EEPROM (Electrically Erasable Programmable Read-Only Memory). Various information is stored in the storage unit 37 . The storage unit 37 may also be used as the memory of the processing unit 30 .

The storage unit 37 stores a plurality of third data. The third data is data (user ID) associated one-to-one with the user H0. A plurality of third data may be data in a unified format (for example, code).

The storage unit 37 stores a plurality of second data. The plurality of second data are stored in association with the plurality of third data. The plurality of third data and the plurality of second data are stored in the storage unit 37 in the form of a data table (second table Ta2) shown in FIG. 3, for example. In addition, in FIG. 3, each of the plurality of third data is indicated by three alphabetic characters (“XXX”, “YYY”, . . . ) for convenience.

As shown in FIG. 3, one third data may be associated with only one second data, or may be associated with a plurality of second data. In the example of FIG. 3, the second data "A" and "B" are associated with the third data "XXX", the second data "C" is associated with the third data "YYY", The second data "D" is associated with the third data "ZZZ". That is, one or more second data can be associated with one third data (one user H0). In short, the third data includes group data of a group including a plurality of second data (a plurality of pieces of identification information). For example, in the example of FIG. 3, the third data "XXX" is group data of a group including two second data "A" and "B". It should be noted that there may be third data for which there is no associated second data.

Here, the first data "001" corresponding to the first identification information I1 of the mobile device 2 is associated with the second data "A" in the entrance/exit management system 1 (first table Ta1) (Fig. 2 reference). Therefore, the first data "001" corresponding to the first identification information I1 of the portable device 2 is transferred to the third data "XXX" (third identification information I2) via the second data "A" (second identification information I2). I3).

The server-side first communication unit 38 is a communication interface of the cooperation server 3 . The communication method of the server-side first communication unit 38 is, for example, a communication method conforming to WiFi, a communication method conforming to LTE, or the like. The communication method of the server-side first communication unit 38 is not limited to wireless, and may be wired.

The server-side first communication unit 38 communicates with the entrance/exit management system 1 . The server-side first communication unit 38 communicates with the entrance/exit management system 1 regarding the cooperation function between the entrance/exit management system 1 and the cooperation server 3 .

The server-side first communication unit 38 communicates with the entrance/exit management system 1 based on a communication method according to a predetermined format defined between the entrance/exit management system 1 and the cooperation server. 3 and perform communication related to the cooperation function. The server-side first communication unit 38 communicates with the entrance/exit management system 1 and the cooperation server 3 regarding the cooperation function based on a communication method according to a predetermined format that is commonly defined with the entrance/exit management system 1. conduct. The "communication method according to a predetermined format that is commonly defined with the entry/exit management system 1" is, for example, a communication method using an API.

The server-side second communication unit 39 is a communication interface of the cooperation server 3 . The server-side second communication unit 39 communicates with the mobile device 2 . The server-side second communication unit 39 communicates with the mobile device 2 via a network such as the Internet. The communication method of the server-side second communication unit 39 is, for example, a communication method conforming to WiFi, a communication method conforming to LTE, or the like. The communication method of the server-side second communication unit 39 is not limited to wireless, and may be wired. The first server-side communication unit 38 and the second server-side communication unit 39 may be shared.

The cooperation server 3 may include a server-side third communication unit that communicates with an external system. The server-side third communication unit communicates with an external system via a network such as the Internet. The communication method of the server-side third communication unit is, for example, a communication method conforming to WiFi, a communication method conforming to LTE, or the like. The communication method of the server-side third communication unit is not limited to wireless, and may be wired. The server-side third communication unit may be shared with the server-side first communication unit 38 or the server-side second communication unit 39 .

The processing unit 30 is a processor of the cooperation server 3 . The processing unit 30 performs various types of processing. The processing unit 30 controls operations of the storage unit 37 , the first server-side communication unit 38 , and the second server-side communication unit 39 .

As shown in FIG. 1 , the processing unit 30 includes an input unit 31 , a generation unit 32 (output information generation unit), and an output unit 33 .

The input unit 31 acquires the result information from the entrance/exit management system 1 via the server-side first communication unit 38 . For example, the input unit 31 requests information from the entrance/exit management system 1 according to a predetermined format, and acquires result information from the entrance/exit management system 1 in response to the request. In short, the server-side first communication unit 38 receives the information R0 regarding the authentication result from the entrance/exit management system 1 in association with the second identification information I2 based on the communication method according to the predetermined format. Further, the input unit 31 acquires from the entrance/exit management system 1 the result information output by the entrance/exit management system 1 at the timing when the authentication unit 13 generates the authentication result. The input unit 31 is realized by an API.

The generator 32 generates output information. Output information may include various information that is output to the mobile device 2 . The output information may include information based on the result information acquired from the entrance/exit management system 1 .

The output information may include information R0 regarding authentication results.

The information R0 about the authentication result can include the authentication result (successful or unsuccessful).

The information R0 related to the authentication result included in the output information may include appropriate information related to the authentication result.

The information R0 regarding the authentication result can include appropriate information that can be useful to the user H0 when the authentication result is established. The information R0 on the authentication result may include, for example, information on congestion in the management area. The information R0 on the authentication result may include information on the current time, for example.

When the authentication result is unsuccessful, the information R0 on the authentication result can include information on at least one of the cause of the unsatisfactory and countermeasures. The information about the cause of failure is, for example, information indicating that the expiration date of the first data corresponding to the authentication information has passed. Information related to unsuccessful countermeasures includes, for example, information that prompts renewal of the expiration date, information that indicates where to update the expiration date, and the like.

The output information may further include suitable information unrelated to the authentication result. Information unrelated to the authentication result may include information acquired by the cooperation server 3 from an external system.

The output unit 33 outputs output information via the server-side second communication unit 39 . The output unit 33 outputs the output information including the information R0 regarding the authentication result in association with the third identification information I3. The third identification information I3 is for the second identification information I2 (the second data "A" in the example of FIG. 3) included in the result information together with the information R0 regarding the authentication result among the plurality of third data. This is the third data (third data “XXX” in the example of FIG. 3) associated in the second table Ta2. "Outputting the information R0 related to the authentication result in association with the third identification information I3" means that the third identification information I3 is directed to a device (or system) that can recognize the third identification information I3, and the third identification information I3 is It means that the information R0 on the authentication result is output so that the information R0 on the authentication result (successful or unsuccessful in the authentication) is associated with each other. Here, the output unit 33 causes the server-side second communication unit 39 to output the output information including the information R0 regarding the authentication result and the third identification information I3, thereby transferring the information R0 regarding the authentication result to the third identification information I3. Output in association.

The output unit 33 causes the server-side second communication unit 39 to output the output information at an appropriate timing. For example, the output unit 33 outputs the output information at the timing when the input unit 31 acquires the result information from the entrance/exit management system 1 and the generation unit 32 generates the output information based on the result information. output from 39. The output unit 33 may output information related to the current time, for example, when the current time reaches a predetermined time.

(2.4) Registration method As described above, in order to use the first identification information I1 as authentication information in the entrance/exit management system 1, the first identification information I1 (as the first data) is sent to the entrance/exit management system 1. Must be registered. A method of registering the first identification information I1 will be described below with reference to the sequence diagram of FIG.

When registering the first identification information I1 in the entrance/exit management system 1, for example, the user H0 of the mobile device 2 operates the operation unit 26 of the mobile device 2 to issue a registration request for registering the first identification information I1. is output from the portable device 2 . Here, a radio signal including a registration request is transmitted from the mobile-side second communication unit 29 of the mobile device 2 to the server-side second communication unit 39 of the cooperation server 3 (ST1). The registration request includes third identification information I3 as a user ID unique to user H0 in addition to first identification information I1.

The cooperation server 3 receives the registration request from the mobile device 2 . The cooperation server 3 (fourth acquisition unit 34) acquires the first identification information I1 and the third identification information I3 included in the registration request from the registration request (ST2). Note that if authentication information (first data) for an authentication method other than the mobile device 2 (for example, face authentication) is already registered in the entrance/exit management system 1, the cooperation server 3 stores the third identification information of the user H0. Third data corresponding to I3 may be registered in advance in association with the second data associated with the first data.

Upon receiving the registration request, the cooperation server 3 outputs a registration instruction to the entrance/exit management system 1 (ST3). The registration instruction includes the first identification information I1 to be registered.

The entrance/exit management system 1 (third acquisition unit 15) acquires a registration instruction including the first identification information I1. The entrance/exit management system 1 acquires the first identification information I1 from the registration instruction (ST4).

The entrance/exit management system 1 (creation unit 16) creates the second identification information I2 in association with the first identification information I1 (ST5). In addition, the entrance/exit management system 1 converts the obtained first identification information I1 and the generated second identification information I2 into a first table Ta1 in the storage unit 17 as a set of mutually associated first data and second data. (ST6).

As a result, the first identification information I1 is registered as the authentication information in the entrance/exit management system 1 .

After generating the second identification information I2, the entrance/exit management system 1 outputs a registration response to the cooperation server 3 (ST7). The registration response includes the generated second identification information I2. The registration response may further include the first identification information I1.

The cooperation server 3 acquires the second identification information I2 from the registration response (ST8). The linking server 3 (registration unit 35) associates the second identification information I2 acquired from the entrance/exit management system 1 with the third identification information I3 acquired from the mobile device 2 to generate a set of mutually associated second data. and registered in the second table Ta2 of the storage unit 37 as third data (ST9).

As a result, the second identification information I2 is registered in association with the third identification information I3 in the cooperation server 3 .

Thus, the processing unit 30 of the cooperation server 3 further includes the fourth acquisition unit 34 . The fourth acquisition unit 34 acquires the third identification information I3 associated one-to-one with the user H0 from the mobile device 2 .

The processing unit 10 of the entrance/exit management system 1 further includes a third acquisition unit 15 . The third acquisition unit 15 acquires a registration instruction including the first identification information I1 in order to register the first identification information I1.

The processing unit 10 of the entrance/exit management system 1 further includes a generation unit 16 . The generation unit 16 generates the second identification information I2 in association with the first identification information I1 included in the registration instruction.

Further, the processing unit 30 of the cooperation server 3 further includes a registration unit 35 . The registration unit 35 registers the second identification information I2 generated by the generation unit 16 . The registration unit 35 registers the second identification information I2 in association with the third identification information I3.

In short, the cooperation server 3 (hereinafter also referred to as "first system") and entrance/exit management system 1 (hereinafter also referred to as "second system") perform the following registration processing. The first system acquires a registration request including first identification information I1 and third identification information I3 from an external device (portable device 2). The first system transmits a registration instruction including the acquired first identification information I1 to the second system. The second system generates the second identification information I2 in association with the first identification information I1 included in the registration instruction. The second system registers the generated second identification information I2 in association with the first identification information I1. The second system transmits the second identification information I2 to the first system. The first system registers the second identification information I2 generated by the second system and acquired from the second system in association with the third identification information I3 included in the registration request.

The third identification information I3 is, for example, information (user ID) associated one-to-one with the user H0.

(2.5) Operation Examples Hereinafter, some operation examples of the present embodiment will be described with reference to the drawings.

(2.5.1) First Operation Example A first operation example will be described with reference to FIGS.

The first operation example relates to the operation when the user H0 uses the portable device 2 to perform authentication for entering the management area.

As shown in FIG. 5, when the user H0 holds the portable device 2 over the gate of the entrance/exit management system 1, the management-side second communication unit 19 communicates with the portable device 2, thereby allowing the entrance/exit management system 1 to The first identification information I1 is acquired from the device 2 (ST101). The entrance/exit management system 1 performs authentication based on the acquired first identification information I1 (ST102).

If the authentication is successful, the entrance/exit management system 1 permits the user H0 to enter the management area. The entry/exit management system 1 also outputs the result information to the cooperation server 3 (ST103). The result information includes information R0 regarding the authentication result (for example, information indicating that authentication has been established) and second identification information I2.

When the link server 3 acquires the result information, it generates output information (ST104), and outputs the generated output information to the mobile device 2 (ST105). In short, the cooperation server 3 associates the information R0 regarding the authentication result with the third identification information I3 and outputs it to the portable information terminal (portable device 2). The portable device 2 presents the received output information to the user H0 by displaying it on the display unit 25, for example (ST106).

The output information presented on the mobile device 2 may include information R0 regarding the authentication result. The output information presented on the mobile device 2 may include the authentication result (successful authentication). The output information presented at the mobile device 2 may include information derived from the authentication results. In the example of FIG. 5, the output information is information R0 (information derived from the authentication result) about the authentication result, which is information indicating the congestion status in the management area (characters of "XX space is busy today"). column). Also, in the example of FIG. 5, the output information includes information related to the current time (character string "I'm currently doing XX at XX.") in the management area.

On the other hand, if the authentication fails, the entrance/exit management system 1 does not permit the user H0 to enter the management area. For example, the entrance/exit management system 1 prohibits the user H0 from entering the management area by closing the door of the gate G1. The entry/exit management system 1 also outputs the result information to the cooperation server 3 (ST103). The result information includes information R0 regarding the authentication result (for example, information indicating that authentication has failed) and second identification information I2.

When the link server 3 acquires the result information, it generates output information (ST104), and outputs the generated output information to the mobile device 2 (ST105). The portable device 2 presents the received output information to the user H0 by displaying it on the display unit 25, for example (ST106).

The output information presented on the mobile device 2 may include information R0 regarding the authentication result. The output information presented on the mobile device 2 may include the authentication result (authentication failure). The output information presented by the mobile device 2 may include information on at least one of the cause of failure and countermeasures. In short, when the authentication result is unsuccessful, the cooperation server 3 outputs the information R0 regarding the authentication result and the information regarding at least one of the cause of the unsatisfactory and countermeasures.

In this operation example, the linking server 3 sends the information R0 about the authentication result to the portable information terminal (portable device) in at least one of the authentication results being established and the authentication result being unsuccessful, more specifically in both cases. 2). In other words, the output information is output not only when the authentication result is unsuccessful but also when it is established.

By outputting the output information to the mobile device 2 in response to the authentication by the mobile device 2 in this way, it is possible to improve the convenience for the user H0.

(2.5.2) Second Operation Example A second operation example will be described with reference to FIGS. 7 and 8. FIG.

The second operation example relates to operations when a predetermined condition (hereinafter also referred to as "output condition") is satisfied.

Output conditions may include, for example, that the user H0 leaves the management area, that the current time reaches a predetermined time, and the like. Leaving the management area of the user H0 can be determined using, for example, a communication function between the authentication device F1 and the mobile device 2, a GPS (Global Positioning System) function of the mobile device 2, or the like. In this operation example, the output condition is that the current time is a predetermined time (here, noon).

First, user H0 authenticates using portable device 2 (ST201) and enters the management area. Since step ST201 is the same as steps ST101 to ST106 in the first operation example, description thereof is omitted.

Subsequently, when the output condition is satisfied (ST202), link server 3 generates output information (ST203) and outputs the generated output information to portable device 2 (ST204). The portable device 2 presents the received output information to the user H0 by displaying it on the display unit 25, for example (ST205).

The output information presented on the mobile device 2 may include information R0 regarding the authentication result. The output information presented at the mobile device 2 may include information derived from the authentication results. The output information presented on the mobile device 2 may include information related to predetermined conditions. In the example of FIG. 7, the output information includes information on shops existing in the management area (a character string of "Time sale is going on at XX!") as information R0 (information derived from the authentication result) about the authentication result. contains. In the example of FIG. 7, the output information is information related to the current time ("today's XX lunch is XX It contains a string of

By outputting the output information to the portable device 2 at appropriate timing according to the authentication result in this way, it is possible to improve convenience for the user H0.

(2.5.3) Third Operation Example In a third operation example, a plurality of second data (a plurality of pieces of identification information including the second identification information I2) are generated for the third identification information I3 unique to the user H0. This relates to the operation when they are associated (see third data "XXX" in second table Ta2 in FIG. 3).

That is, in this operation example, the third identification information I3 includes group identification information. The group identification information is identification information of a group including a plurality of pieces of identification information including the second identification information I2. In other words, the plurality of identification information included in the group includes the second identification information I2 and identification information different from the second identification information.

Then, when authentication that satisfies a predetermined condition is performed for a plurality of pieces of identification information included in the group, the cooperation server 3 associates the information about the authentication with the third identification information I3 and outputs it to the mobile device 2 .

Predetermined conditions include, for example, that a contradiction regarding authentication occurs. A specific example of the predetermined condition is that authentication of a plurality of pieces of identification information associated with the third identification information I3 of the single user H0 is performed at two or more distant locations at close times. .

2 and 3, the third data "XXX" corresponding to the third identification information I3 unique to one user H0 is stored in the second table Ta2 as two second data "A ”, and “B” are associated. Also, the two second data "A" and "B" are associated with the first data "001" and "002" in the first table Ta1, respectively. The first data "001" is data used to authenticate the mobile device 2, and the first data "002" is data used to authenticate the IC card.

In this case, for example, the authentication information corresponding to the first data "001" and the authentication information corresponding to the second data "002" may be separated in a short time (for example, within 10 minutes) at a distant location (for example, 500 km or more). location), the entrance/exit management system 1 or the cooperation server 3 determines that a contradiction regarding authentication has occurred. For example, such a contradiction may occur when the user H0 loses the IC card and another person who picks up the IC card uses the IC card without permission. When it is determined that a contradiction regarding authentication has occurred, the cooperation server 3 outputs information regarding authentication (information indicating that a contradiction regarding authentication has occurred) to the mobile device 2 . As a result, for example, the user H0 can be made aware of the possibility of loss of the IC card, and convenience for the user H0 can be improved.

(3) Modifications The embodiment described above is merely one of various embodiments of the present disclosure. The above-described embodiment can be modified in various ways according to design and the like, as long as the object of the present disclosure can be achieved.

Modifications of the above embodiment are listed below. Modifications described below can be applied in combination as appropriate.

(3.1) First Modification The linking server 3 may output the output information to a mobile device 2 other than the mobile device 2 used for authentication of the entry/exit management system 1 . For example, as shown in FIG. 9, when a certain user H1 authenticates using the mobile device 2, information indicating that the user H1 has authenticated the mobile device 2 of another user H2 (" XX has returned to his room.") may be output. In this case, the output information presented by the mobile device 2 includes information pre-associated with the authentication result as the information R0 on the authentication result. For example, even if the first identification information I1 of the mobile device 2 held by a certain user H1 is associated with the third identification information I3 of the mobile device 2 held by another user H2 via the second identification information I2 good. Alternatively, the third identification information I3 may be identification information that includes user IDs of a plurality of users H0 (H1, H2) instead of being associated with one user H0.

(3.2) Second Modification As shown in FIG. 10 , the information processing system 100 may further include a link server 3 .

In this case, the information processing system 100 includes a server-side second communication section 39 as a communication section. In response to acquisition of the first identification information I1 by the first acquisition unit 11, the server-side second communication unit 39 transfers the information R0 regarding the authentication result of the user H0 based on the first identification information I1 to the third identification information I3. Output in association. The server-side second communication unit 39 also outputs the information R0 regarding the authentication result to the portable information terminal (portable device 2) in association with the third identification information I3. Further, the server-side second communication unit 39 outputs information R0 regarding the authentication result to the portable information terminal (portable device 2) when at least one of the authentication result is successful and the authentication result is unsuccessful. Further, when the authentication result is unsuccessful, the server-side second communication unit 39 outputs information R0 regarding the authentication result and information regarding at least one of the cause of the unsatisfactory and countermeasures. Further, when authentication satisfying a predetermined condition is performed for a plurality of pieces of identification information included in the group, the server-side second communication unit 39 associates the information about authentication with the third identification information I3 and the mobile device 2 . Output to

The information processing system 100 also includes a fourth acquisition unit 34 and a registration unit 35 .

(3.3) Other Modifications The functions similar to those of the information processing system 100 (entrance/leaving management system 1), the mobile device 2, or the linking server 3 are an information processing method or a control method, a (computer) program, or a program. It may be embodied in a recorded non-temporary recording medium or the like.

An information processing method according to one aspect includes a first acquisition step, a second acquisition step, and a communication step. The first obtaining step includes obtaining, from the mobile device 2, first identification information I1 relating to authentication of the user H0. The second obtaining step includes obtaining the second identification information I2 associated with the first identification information I1. In the communicating step, in response to acquisition of the first identification information I1, the information R0 regarding the authentication result of the user H0 based on the first identification information I1 or the second identification information I2 is transferred to the second identification information I2 and the second identification information I2. and outputting in association with at least one of the third identification information I3 associated with.

The control method according to one aspect communicates with the mobile side first communication unit 28 that communicates with the entrance/exit management system 1, and at least one of the cooperation server 3 that communicates with the entrance/exit management system 1 and the entrance/exit management system 1. and a mobile-side second communication unit 29. The control method includes a transmission step and a reception step. The transmission step includes transmitting the first identification information I1 by communicating with the entrance/exit management system 1 by the mobile-side first communication unit 28 . In the receiving step, the mobile-side second communication unit 29 transmits the information R0 on the authentication result based on the first identification information I1 or the second identification information I2 associated with the first identification information I1 to the second identification information I2 and the second identification information I2. Receiving in association with at least one of the third identification information I3 associated with the identification information I2.

A control method according to one aspect is a control method for the cooperation server 3 that includes a server-side communication unit (server-side first communication unit 38 ) that communicates with the entrance/exit management system 1 . In the control method, the server-side communication unit transmits information R0 regarding the authentication result based on the first identification information I1 acquired from the mobile device 2 by the entrance/exit management system 1 or the second identification information I2 associated with the first identification information I1. from the entrance/exit management system 1 in association with the second identification information I2.

A program according to one aspect is a program for causing one or more processors to execute the information processing method described above. A program according to one aspect is a program for causing one or more processors to execute the control method described above. The program may be recorded on a non-temporary recording medium.

In the entrance/exit management system 1, the portable device 2, and the link server 3 according to the present disclosure, the processing units 10, 20, 30, etc. include computer systems. A computer system is mainly composed of a processor and a memory as hardware. The functions of the processing units 10, 20, 30, etc. in the present disclosure are realized by the processor executing programs recorded in the memory of the computer system. The program may be recorded in advance in the memory of the computer system, may be provided through an electric communication line, or may be recorded in a non-temporary recording medium such as a computer system-readable memory card, optical disk, or hard disk drive. may be provided. A processor in a computer system consists of one or more electronic circuits, including semiconductor integrated circuits (ICs) or large scale integrated circuits (LSIs). The integrated circuit such as IC or LSI referred to here is called differently depending on the degree of integration, and includes integrated circuits called system LSI, VLSI (Very Large Scale Integration), or ULSI (Ultra Large Scale Integration). In addition, a field-programmable gate array (FPGA) that is programmed after the LSI is manufactured, or a logic device capable of reconfiguring the bonding relationship inside the LSI or reconfiguring the circuit partitions inside the LSI may also be adopted as the processor. can be done. A plurality of electronic circuits may be integrated into one chip, or may be distributed over a plurality of chips. A plurality of chips may be integrated in one device, or may be distributed in a plurality of devices. A computer system, as used herein, includes a microcontroller having one or more processors and one or more memories. Accordingly, the microcontroller also consists of one or more electronic circuits including semiconductor integrated circuits or large scale integrated circuits.

In addition, it is not an essential configuration for the present disclosure that a plurality of functions of the processing units 10, 20, 30, etc. are integrated in one housing. may be provided dispersedly in the housing. Furthermore, at least some functions of the entrance/exit management system 1, the portable device 2, and the linking server 3 may be realized by the cloud (cloud computing) or the like.

Conversely, in the embodiment, at least some of the functions of the entry/exit management system 1, the mobile device 2, and the link server 3, which are distributed among multiple devices, may be integrated into one housing.

In a modified example, the server-side second communication unit 39 communicates with the mobile device 2 based on a communication method according to a predetermined format defined between the mobile device 2 and the cooperation server 3 . You may perform communication about the cooperation function with. For example, the server-side second communication unit 39 transmits the information R0 about the authentication result to the second identification information I2 and the third identification information I3 associated with the second identification information I2 based on a communication method according to a predetermined format. It may be configured to output to the mobile device 2 in association with at least one of them. The “communication method according to a predetermined format that is commonly defined with the mobile device 2” is, for example, a communication method using an API (Application Programming Interface).

In a modified example, the authentication unit 13 may authenticate the user H0 based on the second identification information I2. For example, if an expiration date or the like is set for the second data, authentication can be performed based on the second identification information I2.

In a modified example, the mobile device 2 is not limited to a mobile information terminal. The portable device 2 may be a device other than a portable information terminal such as an IC card.

In one variant, the user H0 may have multiple mobile devices 2 . In this case, the linking server 3 outputs the output information to the portable device 2 (second portable device) different from the portable device 2 (first portable device) that has authenticated with the entrance/exit management system 1. good too. For example, common third identification information I3 (group identification information) may be associated with the first mobile device and the second mobile device.

In a modified example, even if the user H0 is authenticated using authentication information other than the first identification information I1 of the mobile device 2 (for example, a face image), the linking server 3 You may output the output information to. For example, when the second data associated with the authenticated authentication information (first data) is received from the entry/exit management system 1, the cooperation server 3 associates the received second data (in the second table Ta2) with the second data associated with the authentication information (first data). The output information may be output in association with the third identification information I3.

In a modified example, when registering the first identification information I1 as authentication information, the user H0 may cause a device other than the portable device 2 to transmit a registration request.
(4) Summary As described above, the information processing system (100) of the first aspect includes the first acquisition unit (11), the second acquisition unit (12), the communication unit (management-side first communication unit 18, and a server-side second communication unit 39). A first acquisition unit (11) acquires first identification information (I1) relating to authentication of a user (H0) from a mobile device (2). A second acquisition unit (12) acquires second identification information (I2) associated with the first identification information (I1). In response to acquisition of the first identification information (I1) by the first acquisition unit (11), the communication unit obtains the authentication result of the user (H0) based on the first identification information (I1) or the second identification information (I2). information (R0) related to the second identification information (I2) and the third identification information (I3) associated with the second identification information (I2) in association with at least one of the second identification information (I2) and output.

According to this aspect, it is possible to improve convenience for the user (H0).

In the information processing system (100) of the second aspect, in the first aspect, the mobile device (2) is a mobile information terminal capable of executing an application for performing the function of outputting the first identification information (I1). be.

According to this aspect, it is possible to improve convenience for the user (H0).

In the information processing system (100) of the third aspect, in the second aspect, the communication unit (server-side second communication unit 39) associates the information (R0) regarding the authentication result with the third identification information (I3). Output to a portable information terminal.

According to this aspect, the user (H0) can check the information (R0) regarding the authentication result on the portable information terminal, and it is possible to improve the convenience of the user (H0).

In the information processing system (100) of the fourth aspect, in the third aspect, the communication unit, in at least one of cases where the authentication result is established and where the authentication result is not established, provides information (R0) about the authentication result is output to the portable information terminal.

According to this aspect, the user (H0) can confirm the information (R0) about the authentication result on the mobile information terminal not only when the authentication is not successful but also when the authentication is successful. It is possible to improve convenience.

In the information processing system (100) of the fifth aspect, in the third or fourth aspect, when the authentication result is unsuccessful, the communication unit provides information (R0) about the authentication result and at least one of the cause of the failure and countermeasures. Outputs information about and

According to this aspect, the user (H0) can confirm at least one of the cause of failure and countermeasures on the mobile information terminal, thereby improving convenience for the user (H0).

In the information processing system (100) of the sixth aspect, in any one of the first to fifth aspects, the communication unit outputs the information (R0) regarding the authentication result in association with the third identification information (I3) . The third identification information (I3) includes group identification information of a group including a plurality of identification information including the second identification information (I2).

According to this aspect, it is possible to improve convenience for the user (H0).

In the information processing system (100) of the seventh aspect, in the sixth aspect, the plurality of identification information included in the group are second identification information (I2) and identification information different from the second identification information (I2). including information;

According to this aspect, it is possible to improve convenience for the user (H0).

In the information processing system (100) of the eighth aspect, in the seventh aspect, the communication unit provides information about authentication when authentication satisfying a predetermined condition is performed for a plurality of pieces of identification information included in the group. is associated with the third identification information (I3) and output to the portable device (2).

According to this aspect, the user (H0) can confirm the information on the portable device (2) when the authentication that satisfies the predetermined conditions is performed, resulting in convenience for the user (H0). can be improved.

In the information processing system (100) of the ninth aspect, in any one of the first to eighth aspects, the communication unit (management side first communication unit 18) cooperates with the cooperation server (3) Based on a communication method according to a predetermined format defined between the information processing system (100) and the cooperation server (3), communication regarding the cooperation function is performed. In response to a request for information in a predetermined format from the cooperation server (3), the communication unit outputs the information (R0) on the authentication result to the cooperation server (3) in association with the second identification information (I2).

According to this aspect, there is an advantage that it is easy to set the function related to the request for information from the cooperation server (3).

In the information processing system (100) of the tenth aspect, in the ninth aspect, the communication unit receives settings related to the information processing system (100) from the cooperation server (3) based on a communication method according to a predetermined format. do.

According to this aspect, it is easy to set functions related to settings related to the information processing system (100).

The information processing system (100) of the eleventh aspect, in any one of the first to tenth aspects, further comprises a third acquisition section (15) and a generation section (16). A third acquisition unit (15) acquires a registration instruction including the first identification information (I1) in order to register the first identification information (I1). A generator (16) generates second identification information (I2) in association with the first identification information (I1) included in the registration instruction.

According to this aspect, it is possible to register the first identification information (I1).

The information processing system (100) of the twelfth aspect, in the eleventh aspect, further comprises a fourth acquisition section (34) and a registration section (35). A fourth acquisition unit (34) acquires third identification information (I3) associated one-to-one with the user (H0) from the mobile device (2). A registration unit (35) registers the second identification information (I2) generated by the generation unit (16). A registration unit (35) registers the second identification information (I2) generated by the generation unit (16) in association with the third identification information (I3) obtained by the fourth acquisition unit (34).

According to this aspect, it is possible to register the first identification information (I1) in association with the third identification information (I3).

The mobile device (2) of the thirteenth aspect comprises a mobile-side first communication unit (28) and a mobile-side second communication unit (29). A mobile-side first communication unit (28) communicates with the entrance/exit management system (1). The mobile-side second communication unit (29) communicates with at least one of the access control system (1) and the cooperation server (3) that communicates with the access control system (1). The mobile-side first communication unit (28) communicates with the entrance/exit management system (1) to transmit the first identification information (I1). The mobile-side second communication unit (29) transmits information (R0) about the authentication result based on the first identification information (I1) or the second identification information (I2) associated with the first identification information (I1) to the second It is received in association with the third identification information (I3) associated with the identification information (I2).

According to this aspect, it is possible to improve convenience for the user (H0).

The cooperation server (3) of the fourteenth aspect includes a server-side communication unit (server-side first communication unit 38) that communicates with the entrance/exit management system (1). The server-side communication unit uses the first identification information (I1) acquired from the mobile device (2) by the entrance/exit management system (1) or the second identification information (I2) associated with the first identification information (I1). The information (R0) on the authentication result based on the identification information (R0) is received from the entrance/exit management system (1) in association with the second identification information (I2).

According to this aspect, it is possible to improve convenience for the user (H0).

In the linking server (3) of the fifteenth aspect, in the fourteenth aspect, the server-side communication unit communicates with the entrance/exit management system (1), and is defined between the entrance/exit management system (1) Based on a communication method according to a predetermined format, communication relating to the cooperation function between the cooperation server (3) and the entrance/exit management system (1) is performed. The server-side communication unit receives information (R0) on the authentication result from the entrance/exit management system (1) in association with the second identification information (I2) based on a communication method according to a predetermined format.

According to this aspect, there is an advantage that it is easy to set the function related to the reception of the information (R0) regarding the authentication result.

In the cooperation server (3) of the sixteenth aspect, in the fourteenth or fifteenth aspect, the server-side communication unit is the first server-side communication unit (38). The cooperation server (3) includes a server-side second communication unit (39) that communicates with the mobile device (2). A server-side second communication unit (39) communicates with the cooperation server (3) based on a communication method according to a predetermined format defined between the mobile device (2) and the mobile device (2). It communicates with the mobile device (2) regarding the cooperation function. The server-side second communication unit (39) converts the information (R0) about the authentication result to the third identification information (I3) associated with the second identification information (I2) based on the communication method according to the predetermined format. It associates and outputs to a portable device (2).

According to this aspect, there is an advantage that it is easy to set the function related to the reception of the information (R0) regarding the authentication result.

The information processing method of the seventeenth aspect includes a first acquisition step, a second acquisition step, and a communication step. The first obtaining step comprises obtaining from the mobile device (2) first identification information (I1) relating to the authentication of the user (H0). The second obtaining step comprises obtaining a second identity (I2) associated with the first identity (I1). In the communicating step, in response to acquisition of the first identification information (I1), the information (R0) regarding the authentication result of the user (H0) based on the first identification information (I1) or the second identification information (I2) is transmitted to the second 2 identification information (I2) and third identification information (I3) associated with the second identification information (I2).

According to this aspect, it is possible to improve convenience for the user (H0).

The control method of the eighteenth aspect includes a mobile-side first communication unit (28) that communicates with the entrance/exit management system (1), a cooperation server (3) that communicates with the entrance/exit management system (1), and the entrance/exit management system. A control method for a portable device (2) comprising a portable side second communication unit (29) that communicates with at least one of (1). The control method includes a transmission step and a reception step. The transmission step includes transmitting the first identification information (I1) by communicating with the entrance/exit management system (1) by the mobile side first communication unit (28). In the receiving step, information (R0) about the authentication result based on the first identification information (I1) or the second identification information (I2) associated with the first identification information (I1) is received by the mobile-side second communication unit (29) in association with at least one of the second identification (I2) and a third identification (I3) associated with the second identification (I2).

According to this aspect, it is possible to improve convenience for the user (H0).

A control method according to a nineteenth aspect is a control method for a cooperation server (3) having a server-side communication unit that communicates with an entrance/exit management system (1). In the control method, the first identification information (I1) acquired from the mobile device (2) by the entrance/exit management system (1) or the second identification information associated with the first identification information (I1) by the server-side communication unit It includes receiving information (R0) on the authentication result based on (I2) in association with the second identification information (I2) from the entrance/exit management system (1).

According to this aspect, it is possible to improve convenience for the user (H0).

A program of the twentieth aspect is a program for causing one or more processors to execute the information processing method of the seventeenth aspect.

According to this aspect, it is possible to improve convenience for the user (H0).

A program of the twenty-first aspect is a program for causing one or more processors to execute the control method of the eighteenth or nineteenth aspect.

According to this aspect, it is possible to improve convenience for the user (H0).

The registration process of the twenty-second aspect includes the following steps. That is, the registration process includes the first system obtaining a registration request including the first identification information (I1) and the third identification information (I3) from the external device. The registration process includes the first system sending a registration instruction including the obtained first identification information (I1) to the second system. The registration process includes the second system generating a second identification (I2) in association with the first identification (I1) included in the registration instruction. The registration process includes the second system registering the generated second identification information (I2) in association with the first identification information (I1). The registration process includes the second system sending a second identification (I2) to the first system. The registration process includes the first system registering the second identification information (I2) generated by the second system and obtained from the second system in association with the third identification information (I3) included in the registration request. .

1 entrance/exit management system 11 first acquisition unit 12 second acquisition unit 15 third acquisition unit 16 generation unit 18 management side first communication unit (communication unit)
2 mobile device 28 mobile-side first communication unit 29 mobile-side second communication unit 3 cooperation server 34 fourth acquisition unit 35 registration unit 38 server-side first communication unit (server-side communication unit)
39 Server-side second communication unit (communication unit)
H0 User I1 First identification information I2 Second identification information I3 Third identification information R0 Information on authentication result

Claims (21)

a first acquisition unit that acquires first identification information related to authentication of a user from a mobile device;
a second acquisition unit that acquires second identification information associated with the first identification information;
information on the authentication result of the user based on the first identification information or the second identification information in response to acquisition of the first identification information by the first acquisition unit, the second identification information and the second identification; a communication unit that outputs in association with at least one of the third identification information associated with the information;
comprising
Information processing system. The mobile device is a mobile information terminal capable of executing an application for performing the function of outputting the first identification information.
The information processing system according to claim 1. The communication unit outputs information about the authentication result to the portable information terminal in association with the third identification information.
The information processing system according to claim 2. The communication unit outputs information about the authentication result to the portable information terminal when at least one of the authentication result is successful and the authentication result is unsuccessful.
The information processing system according to claim 3. When the authentication result is unsuccessful, the communication unit outputs information about the authentication result and information about at least one of the cause of the failure and countermeasures.
The information processing system according to claim 3 or 4. The communication unit outputs information about the authentication result in association with the third identification information,
The third identification information includes group identification information of a group that includes a plurality of identification information including the second identification information.
The information processing system according to any one of claims 1 to 5. The plurality of identification information included in the group includes the second identification information and identification information different from the second identification information,
The information processing system according to claim 6. The communication unit associates the information about the authentication with the third identification information and outputs the information about the authentication to the mobile device when the plurality of pieces of identification information included in the group are authenticated satisfying a predetermined condition. ,
The information processing system according to claim 7. The communication unit communicates with the cooperation server based on a communication method according to a predetermined format defined between the information processing system and the cooperation server regarding a cooperation function between the information processing system and the cooperation server,
The communication unit outputs the information about the authentication result to the cooperation server in association with the second identification information in response to a request for information according to the predetermined format from the cooperation server.
The information processing system according to any one of claims 1 to 8. The communication unit receives settings related to the information processing system from the cooperation server based on a communication method according to the predetermined format.
The information processing system according to claim 9. a third acquisition unit for acquiring a registration instruction including the first identification information in order to register the first identification information;
a generation unit that generates the second identification information in association with the first identification information included in the registration instruction;
further comprising
The information processing system according to any one of claims 1 to 10. a fourth acquisition unit that acquires the third identification information associated with the user one-to-one from the mobile device;
a registration unit that registers the second identification information generated by the generation unit;
further comprising
The registration unit registers the second identification information generated by the generation unit in association with the third identification information obtained by the fourth acquisition unit.
The information processing system according to claim 11. a mobile-side first communication unit that communicates with the entrance/exit management system;
a mobile-side second communication unit that communicates with at least one of a cooperation server that communicates with the entrance/exit management system and the entrance/exit management system;
with
The portable side first communication unit is configured to communicate with the entrance/exit management system and transmit first identification information,
The mobile-side second communication unit converts information about an authentication result based on the first identification information or the second identification information associated with the first identification information to third identification information associated with the second identification information. receive in association with
portable device. Equipped with a server-side communication unit that communicates with the entrance/exit management system,
The server-side communication unit transmits information about an authentication result based on the first identification information acquired from the mobile device by the entrance/exit management system or the second identification information associated with the first identification information to the second identification information. Received from the entrance/exit control system in association with
Collaborative server. The server-side communication unit communicates with the entrance/exit management system based on a communication method according to a predetermined format defined between the entrance/exit management system and the cooperation server and the entrance/exit management system. Communicate about the linkage function of
The server-side communication unit receives information about the authentication result from the entrance/exit management system in association with the second identification information based on a communication method according to the predetermined format.
The cooperation server according to claim 14. The server-side communication unit is a server-side first communication unit,
The cooperation server includes a server-side second communication unit that communicates with the mobile device,
The server-side second communication unit relates to a cooperation function between the cooperation server and the mobile device based on a communication method according to a predetermined format defined between the mobile device and the mobile device. communicate and
The server-side second communication unit outputs information about the authentication result to the portable device in association with third identification information associated with the second identification information based on a communication method according to the predetermined format. ,
The cooperation server according to claim 14 or 15. a first obtaining step of obtaining, from the mobile device, first identification information relating to authentication of the user;
a second obtaining step of obtaining second identification information associated with the first identification information;
In response to acquisition of the first identification information, information on the authentication result of the user based on the first identification information or the second identification information is sent to the second identification information and the second identification information associated with the second identification information. 3 a communication step of outputting in association with at least one of the identification information;
including,
Information processing methods. A mobile device comprising: a mobile-side first communication unit that communicates with an entrance/exit management system; and a mobile-side second communication unit that communicates with at least one of a cooperation server that communicates with the entrance/exit management system and the entrance/exit management system A device control method comprising:
a transmission step of transmitting the first identification information by communicating with the entrance/exit management system by the mobile-side first communication unit;
the mobile-side second communication unit associates information about an authentication result based on the first identification information or the second identification information associated with the first identification information with the second identification information and the second identification information; a receiving step of receiving in association with at least one of the third identification information;
including,
control method. A control method for a cooperation server including a server-side communication unit that communicates with an entrance/exit management system,
By the server-side communication unit, information about the authentication result based on the first identification information acquired from the mobile device by the entrance/exit management system or the second identification information associated with the first identification information is transmitted to the entrance/exit management system. a receiving step of receiving in association with the second identification information from
control method. A program for causing one or more processors to execute the information processing method according to claim 17. A program for causing one or more processors to execute the control method according to claim 18 or 19.

Images