JP4779736B2 - Authentication system and authentication server - Google Patents

Description

  The present invention relates to an authentication system that authenticates whether or not access is possible when a predetermined place or facility is accessed using a wireless tag.

  The wireless tag is a non-contact medium in which a tag-specific ID (identification number) is stored in a built-in memory and communicates with a receiver wirelessly, and is generally called an RFID (Radio Frequency Identification) tag. The wireless tag includes a passive type and an active type. A passive type wireless tag is a passive type wireless tag that does not have an energy source (battery) itself and performs communication by driving an internal circuit based on electromagnetic energy obtained from a receiver in a predetermined area. On the other hand, an active wireless tag is an active wireless tag that has its own energy source (battery) and performs communication without requiring electromagnetic energy from the receiver. In the passive type, the usable area is limited, and it is necessary to hold it by hand and hold it over the receiver. However, in the active type, the ID is automatically transmitted regardless of the area, and there is a convenience that does not need to be held over. is there.

  However, in the case of an active type wireless tag, the ID is constantly transmitted, and since the transmission of this ID is performed by plain text (7 characters) transmission according to ASCII (American Standard Code for Information Interchange), the ID from the wireless tag. May be leaked or stolen and is vulnerable in terms of security. This is not a big problem for applications such as location management of people and things, but for applications such as access control, such as access control, access is made to people other than the principal by leaking or stealing IDs. As a result, the problem remains in ensuring confidentiality. For this reason, in the past, active wireless tags have been used exclusively for location management and the like, and contactless IC cards, which are a kind of passive wireless tags, have been used mainly for applications such as entrance / exit management.

  When an active wireless tag is used for entrance / exit management or the like, it may be possible to improve security by encrypting the ID. Japanese Patent Application Laid-Open No. 2004-133260 discloses a portable communication device that encrypts and transmits an ID. This portable communication device is used for a keyless entry system of an automobile, and includes a body case on which an IC card is mounted with a circuit that encrypts and transmits an ID read from the IC card. The ID transmitted from the portable communication device is received by the receiving unit, the ID is decrypted and verified, and the door is locked and unlocked based on the verification result.

  As for the encryption technique, for example, the following Patent Document 2 discloses a technique for encrypting a personal authentication number using an unpredictable code to improve confidentiality. Patent Document 3 discloses that a one-time password generation module is downloaded to a mobile terminal and user authentication is performed using the one-time password generated in the mobile terminal.

JP-A-8-97777 Japanese Patent Publication No. 6-507277 JP 2002-278929 A

  Although the security can be improved by transmitting the encrypted ID from the active wireless tag, in this case, the receiving side collates the decrypted ID with the decryption means for decrypting the encrypted ID. Verification means is required. In Patent Document 1, a receiving unit corresponding to a receiver performs decryption and verification of an ID transmitted from a portable communication device, and based on the verification result, the receiving unit changes to a control target such as a door lock control device. A lock signal or unlock signal is output.

  However, in the case of a keyless entry system for an automobile, even if there is no problem with the configuration in which the receiving unit and the control target have a one-to-one correspondence as described above, for example, there are many rooms in a building, and In a system that manages the access to the facilities and the access to the facilities in the room, if a receiver for receiving a signal from the wireless tag is provided for each access target, the system configuration becomes complicated. Also, when changing the access condition, the setting must be changed in each receiver, and the work becomes complicated. Therefore, if an authentication system that performs access management at a large number of locations adopts a configuration such as that of Patent Document 1, the security is improved, but the problem remains that the system becomes complicated and the cost increases. This countermeasure is not described in Patent Document 2 and Patent Document 3.

  The present invention solves the above-described problems, and the object of the present invention is to secure the security of the wireless tag even when performing access management at a number of locations using an active wireless tag. An object of the present invention is to provide an authentication system that can be realized with a simple configuration.

Another object of the present invention is to provide an authentication system in which the security of the wireless tag is further improved. Still another object of the present invention is to provide an authentication system that can reduce the load on the server. Still another object of the present invention is to provide an authentication system capable of properly using access management and location management with one wireless tag.

An authentication system according to the present invention includes an active wireless tag that stores its own tag ID and transmits information including the tag ID, and a receiver that stores its own receiver ID and receives information transmitted from the wireless tag. An authentication unit that performs predetermined authentication based on information received by the receiver, and permits or prohibits access to the access target by the owner of the wireless tag according to the authentication result of the authentication unit. there, the wireless tag has an operation means, encryption means for encrypting the tag ID, and transmission means for transmitting the tag ID encrypted by the encryption means to the receiver. Authentication means includes storage means for the tag ID and the receiver ID and the access target is stored in association, decoding means for decoding the encrypted tag ID receiver has received the tag ID decoding means has decoded the receiver based on the ID, the reference to the storage means, permission signal or inhibit signal corresponding to the determining means for determining whether to permit or inhibit access to the access target corresponding to the receiver ID, the determination means a determination result Output means for outputting. When the operation unit is operated on the wireless tag, the tag ID encrypted by the encryption unit is transmitted to the receiver by the transmission unit, and the determination unit determines whether access is permitted or prohibited in the authentication server. On the other hand, when the operation unit is not operated in the wireless tag, the plaintext tag ID that is not encrypted by the encryption unit is transmitted to the receiver by the transmission unit, and the wireless tag of the wireless tag is based on the plaintext tag ID and the receiver ID in the authentication server. Perform location management.

According to such a system, the tag ID, the receiver ID, and the access target are associated with each other in the authentication unit, and the access to the access target corresponding to the receiver ID is based on the encrypted tag ID and the receiver ID. Whether it is possible is determined. For this reason, even if a receiver is not provided for each access target, a plurality of access targets can be managed by one receiver by assigning a receiver ID to each receiver. Accordingly, even when access management is performed at a large number of bases using an active wireless tag, the system configuration is simplified while securing the tag ID security, and the work for changing access conditions is also easy. Become. In addition, it is possible to use access management and location management separately with one wireless tag.

  The authentication means is composed of an authentication server connected to the receiver via a network, for example. If authentication is performed by the authentication server, the receiver is not required to have decryption means or collation means, and the circuit configuration of the receiver can be simplified.

  The authentication means can also be configured from a receiver or a terminal device provided accompanying the receiver. If the authentication is performed by the receiver or the terminal device, the authentication process can be quickly performed without depending on the processing in the server having a large load.

  In a preferred embodiment of the present invention, in the authentication system as described above, the wireless tag encryption means encrypts the tag ID using the one-time password generated based on the time. Since this one-time password is a one-time password that changes with time, it is possible to further improve security by encrypting the tag ID.

Next, the authentication server according to the present invention, a receiver for receiving the information transmitted from the active RFID tag having an operating means, and the tag ID of the plaintext is not the encrypted tag ID or encryption of the wireless tag, Receiving means for receiving the receiver ID of the receiver, storage means for storing the tag ID, the receiver ID and the access target in association with each other, and a decoding means for decrypting the encrypted tag ID received by the receiving means from the receiver And a determination unit that determines whether to permit or prohibit access to the access target corresponding to the receiver ID with reference to the storage unit based on the tag ID and the receiver ID decoded by the decoding unit, Output means for outputting a permission signal or a prohibition signal according to the determination result of the means. Then, when the operation unit is operated, the determination unit determines whether access is permitted or prohibited based on the encrypted tag ID transmitted from the wireless tag to the receiver and the receiver ID, while the operation unit operates the operation unit. If not, location management of the wireless tag is performed based on the unencrypted plaintext tag ID transmitted from the wireless tag to the receiver and the receiver ID.

By using such an authentication server, it is determined whether or not access to the access target corresponding to the receiver ID is possible based on the encrypted tag ID and receiver ID. Even if it is not provided, a plurality of access targets can be managed by one receiver. For this reason, even when access management is performed at a large number of locations using an active type wireless tag, the system configuration is simplified while ensuring the security of the tag ID, and the authentication server can be used to change the access conditions. Since the setting only needs to be changed, the operation becomes easy. In addition, it is possible to use access management and location management separately with one wireless tag.

  Advantageous Effects of Invention According to the present invention, there is an effect that an authentication system can be realized with a simple configuration while ensuring the security of a wireless tag even when access management is performed at a number of locations using an active wireless tag.

  FIG. 1 is a diagram showing an embodiment of an authentication system according to the present invention. Here, a system that authenticates the right to enter the computer room 100 and the right to use equipment in the room is taken as an example. Reference numeral 1 denotes an active wireless tag (RFID tag) possessed by the user P, 2 a receiver that receives information transmitted from the wireless tag 1, and 3 an access permission authentication based on the information received by the receiver 2 An authentication server 4 is a computer installed in the computer room 100, and 5 is a controller for controlling the electric lock 7 and the alarm device 8 for permitting or prohibiting entry into the computer room 100. The receiver 2, the authentication server 3, the computer 4, and the controller 5 are connected by a network 6 such as Ethernet (registered trademark). The receiver 2 is provided on the ceiling or the like of the computer room 100 and includes an antenna 20 that receives information transmitted from the wireless tag 1. The authentication server 3 is installed in a management room, for example. The electric lock 7 and the alarm device 8 are provided near the door 101 of the computer room 100. Details of each device constituting the system of FIG. 1 will be described later.

  FIG. 2 is a diagram showing a signal flow in the system of FIG. The wireless tag 1 has a function of generating a password and a function of encrypting its own tag ID using the generated password, and transmits the password and the encrypted tag ID. Here, a one-time password (hereinafter referred to as “OTP”) generated based on the current time is taken as an example of the password. When the receiver 2 receives the OTP and the encrypted tag ID from the wireless tag 1, the receiver 2 adds its own receiver ID and reception time to these and sends them to the authentication server 3.

  The authentication server 3 has an OTP generation function, and compares the OTP received from the receiver 2 with the OTP generated by itself, and if the result is normal, the encrypted server received from the receiver 2 Decode the tag ID. Based on the decrypted tag ID and the receiver ID received from the receiver 2, each ID is collated with reference to a table described later, and the location (computer room 100) and equipment (computer 4) corresponding to the receiver ID. ) Is determined whether access is permitted or prohibited. Details of this will be described later. If the access is permitted as a result of the determination, the authentication server 3 transmits an access permission signal to the computer 4 and the controller 5. When the access is prohibited, the authentication server 3 transmits an access prohibition signal to the computer 4 and the controller 5.

  When the computer 4 receives the access permission signal from the authentication server 3, the computer 4 performs a process such as login for enabling the computer, and when receiving the access prohibition signal from the authentication server 3, does not perform the process for enabling the computer. Further, when the controller 5 receives the access permission signal from the authentication server 3, the controller 5 outputs an unlock signal to the electric lock 7, and the electric lock 7 performs the unlocking operation by this unlock signal. As a result, the user P can enter the computer room 100 through the door 101 and use the computer 4. Note that a plurality of computers 4 are provided, and all the computers may be used, or only a specific computer may be used.

  On the other hand, when receiving an access prohibition signal from the authentication server 3, the controller 5 outputs a locking signal to the electric lock 7 and outputs an alarm signal to the alarm device 8. The electric lock 7 performs a locking operation in response to the locking signal, whereby the user P cannot enter the computer room 100 from the door 101. The alarm device 8 generates an alarm in response to the alarm signal. The alarm device 8 includes an alarm lamp, a buzzer, and the like.

  2, the authentication server 3 is connected to a plurality of rooms other than the computer room 100 via a network, and is connected to receivers and equipment (not shown) provided in each room. Thus, the same information exchange as in the computer room 100 described above is performed.

  FIG. 3 is an external view showing an example of the wireless tag 1. The wireless tag 1 is a remote control type tag, and an operation button 1b is exposed on the upper surface of the main body 1a. A switch for detecting that the operation button 1b has been pressed, a circuit unit, a battery, and the like are built in the main body 1a (not shown).

  FIG. 4 is an external view showing another example of the wireless tag. The wireless tag 60 is a tag that also serves as a card holder, and includes a case 61 and a cover 62 that covers the case 61. On the side opposite to the cover 62 of the case 61, a recess 70 is provided in which a card 80 such as a magnetic card or an IC card is mounted. The cover 62 is integrally provided with an operation button 63. The operation button 63 is provided with elasticity by providing a notch groove 64 around the operation button 63. When the operation button 63 is pressed with a finger, the operation button 63 is pressed into the cover 62 to operate a switch 69 which will be described later. Return to.

  5A is a plan view of the wireless tag 60, FIG. 5B is a front view of the case 61 when FIG. 5A is viewed from below with the cover 62 removed, and FIG. The rear view of case 61 at the time of seeing Fig.5 (a) from upper direction is shown. As shown in FIG. 5B, the case 61 is provided with a substrate storage portion 65 including a surrounding wall, and the substrate 66 is stored in the substrate storage portion 65. A battery 67, a circuit unit 68, and a switch 69 are mounted on the substrate 66. The switch 69 is a switch for detecting that the operation button 63 is pressed. Note that the wireless tag 1 shown in FIG. 3 also includes a board similar to the board 66 on which the components 67 to 69 shown in FIG. 5B are mounted. As shown in FIG. 5 (c), the card 80 is mounted in the recess 70 of the case 61 in a state like a one-dot chain line. 71 is a protrusion for holding the card 80 so as not to be detached from the recess 70, and 72 is a switch for detecting that the card 80 is mounted in the recess 70.

  FIG. 6 is a block diagram showing an electrical configuration of the wireless tag 1. Reference numeral 10 denotes a button press detection switch that detects that the operation button 1b is pressed, and is provided at a position facing the operation button 1b. The switch 10 outputs a button ON signal when the operation button 1b is pressed, and outputs a button OFF signal when the operation button 1b is not pressed. A memory 11 stores a tag ID 12 unique to the wireless tag 1, and the tag ID 12 is stored in plaintext of 7 digits. Reference numeral 13 denotes a clock unit that counts the current time, and reference numeral 14 denotes a password generation unit that periodically generates an OTP (one-time password) based on the current time counted by the clock unit 13. An encryption processing unit 15 encrypts the tag ID 12 using the OTP generated by the password generation unit 14. 16 is a modulation unit that modulates the tag ID 12, 17 is a transmission control unit that performs transmission control of the modulated wave output from the modulation unit 16, and 18 is an antenna that transmits the modulated wave based on the control of the transmission control unit 17. It is. Reference numeral 19 denotes a power supply unit composed of a battery, which constantly supplies power to each unit. Note that the wireless tag 60 shown in FIG. 4 also includes a circuit similar to that shown in FIG. In this case, the battery 67 in FIG. 5B corresponds to the power supply unit 19, the circuit unit 68 corresponds to the blocks 11 to 18, and the switch 69 corresponds to the button press detection switch 10.

  In the above, the authentication server 3 constitutes one embodiment of the authentication means in the present invention, the encryption processing unit 15 constitutes one embodiment of the encryption means in the present invention, and the operation button 1b is the operation means in the present invention. The clock unit 13 constitutes one embodiment of the time measuring means in the present invention, the password generation unit 14 constitutes one embodiment of the generation means in the present invention, the modulation unit 16, and the transmission The control unit 17 and the antenna 18 constitute one embodiment of the transmission means in the present invention.

  Next, the operation of the wireless tag 1 will be described based on FIG. The wireless tag 1 is an active wireless tag as described above. The clock unit 13 constantly receives power from the power source unit 19 and measures the current time, and the password generation unit 14 periodically (for example, every 30 minutes) OTP based on the current time counted by the clock unit 13. Is generated. The generated OTP is given to the encryption processing unit 15.

  When the operation button 1b is pressed, a button ON signal is output from the button press detection switch 10, and the tag ID 12 read from the memory 11 in response to this is given to the encryption processing unit 15. The encryption processing unit 15 uses the OTP generated by the password generation unit 14 to perform encryption processing on the tag ID 12 by a known method. In this encryption process, the tag ID12 code itself may be encrypted, or for example, the last four digits of the code may be encrypted. As the tag ID 12, a manufacturer code assigned at the time of production may be used. The tag ID encrypted by the encryption processing unit 15 is given to the modulation unit 16. The modulation unit 16 performs modulation processing on the OTP and the encrypted tag ID by a known method, and generates a modulated wave in which these pieces of information are superimposed on the carrier wave. The modulated wave is transmitted from the antenna 18 after the transmission control unit 17 controls the transmission period and the like. When the operation button 1b is pressed, information indicating the button press is added to the signal transmitted from the antenna 18.

  On the other hand, when the operation button 1b is not pressed, a button OFF signal is output from the button press detection switch 10, and the tag ID 12 read from the memory 11 in response to this is given to the modulation unit 16 in plain text. The modulation unit 16 modulates the plaintext tag ID 12 that is not encrypted by a known method to generate a modulated wave in which the ID information is superimposed on the carrier wave. The modulated wave is transmitted from the antenna 18 after the transmission control unit 17 controls the transmission period and the like.

  As described above, in this embodiment, when the operation button 1b is pressed, the tag ID 12 is encrypted and transmitted, and when the operation button 1b is not pressed, the tag ID 12 is transmitted without being encrypted. I have to. Therefore, as described later, in the authentication server 3, access management is performed when the operation button 1b is pressed, and location management is performed when the operation button 1b is not pressed.

  FIG. 7 is a block diagram showing an electrical configuration of the receiver 2. 20 is an antenna that receives information transmitted from the wireless tag 1, 21 is a receiving unit that performs processing such as amplification on the signal received by the antenna 20, and 22 is demodulated with respect to the signal output from the receiving unit 21 It is a demodulator that performs processing. A memory 23 stores a receiver ID 24 unique to the receiver 2, and the receiver ID 24 is stored in plain text. Reference numeral 25 denotes a clock unit that counts the current time, and reference numeral 26 denotes a communication control unit that performs communication with the authentication server 3 and the like via the network 6.

  A signal transmitted from the wireless tag 1 is received by the antenna 20, amplified by the receiving unit 21, demodulated by the demodulating unit 22, and original information is extracted from the modulated wave. Thereafter, the receiver ID 24 read from the memory 23 and the reception time counted by the clock unit 25 are added to the information such as the OTP and the tag ID demodulated by the demodulation unit 22. Then, information in which these are set is sent from the communication control unit 26 to the authentication server 3 via the network 6.

  In the demodulator 22, information indicating the state of the wireless tag 1 is added to the demodulated tag ID. For example, when a signal from the wireless tag 1 is detected, “0” indicating detection is added, and the signal disappears when the signal is not re-detected after a certain period of time after the signal from the wireless tag 1 is interrupted. “F” is added, and when the operation button 1b is pressed, “3” is added. In the case of loss (F), the receiver 2 does not transmit data on the network 6. When the signal from the wireless tag 1 is detected again, the receiver 2 transmits data on the network 6. In this way, load control is performed by the receiver 2 so as not to transmit more data than necessary. It should be noted that the state of the signal from the wireless tag 1 is monitored in this way, and the “state monitoring mode” in which data is transmitted only when the state has changed, and the received data is transmitted as it is when received from the wireless tag 1 “ The receiver 2 may have “always monitor mode” so that one of the modes can be selected.

  FIG. 8 is a block diagram showing an electrical configuration of the authentication server 3. A communication control unit 30 communicates with the receiver 2, the computer 4, and the controller 5 via the network 6. Reference numeral 31 denotes a memory constituted by a ROM, a RAM, etc., 32 a CPU as an arithmetic processing unit, and 33 a storage unit constituted by a hard disk. The storage unit 33 includes a receiver setting table 34, a tag setting table 35, a log recording unit 36, and the like. 37 is a decryption processing unit that performs decryption processing on the encrypted tag ID received from the receiver 2, 38 is a clock unit that counts the current time, and 39 is periodically based on the current time measured by the clock unit 38. It is a password generation part which produces | generates OTP.

  In the above, the communication control unit 30 constitutes an embodiment of the receiving means and the output means in the present invention, the storage unit 33 constitutes an embodiment of the storage means in the present invention, and the decoding processing unit 37 One embodiment of the decrypting means in the invention is constituted, and the CPU 32 constitutes one embodiment of the judging means in the present invention.

  FIG. 9 shows an example of the receiver setting table 34 in the storage unit 33. The receiver setting table 34 stores a receiver ID, an installation location where each receiver 2 is installed, a level at which access is permitted, and related devices (equipment) provided in the installation location. The receiver ID is an ID corresponding to the receiver ID 24 stored in the memory 23 of FIG. The level is authority information indicating in which range the access is permitted to the level set in the tag setting table 35 described below. For example, in the case of the level “2-3”, the level 2 person and the level 3 is permitted access, and in the case of level “4”, only level 4 person is permitted access.

  FIG. 10 shows an example of the tag setting table 35 in the storage unit 33. The tag setting table 35 stores a tag ID, the name of the tag owner, a level at which access is permitted, and priorities. The tag ID is an ID corresponding to the tag ID 12 stored in the memory 11 of FIG. The level is authority information set for each individual, and access to an access target (location, facility) exceeding the set level cannot be made. For example, since Mr. A's level is “3”, access to the computer room at level “4” in the receiver setting table 34 of FIG. 9 is prohibited. Priorities represent exceptions to the level. For example, since Mr. B's level is “3”, access to the computer room at level “4” is originally prohibited, but access is permitted because the computer room is set as a priority. .

Next, details of the authentication processing in the authentication server 3 will be described with reference to FIGS. In FIG. 8, information transmitted from the receiver 2 via the network 6 is received by the communication control unit 30. When the operation button 1b of the wireless tag 1 is pressed, the communication control unit 30 receives the following four pieces of information (see FIG. 2).
(1) OTP
(2) Encrypted tag ID
(3) Receiver ID
(4) Reception time

  When these pieces of information are received, the CPU 32 collates (matches) the OTP received from the receiver 2 with the OTP generated by the password generation unit 39. As a result, if the received OTP is normal, the decryption processing unit 37 decrypts the encrypted tag ID.

  Next, the CPU 32 collates the receiver ID received from the receiver 2 with the receiver setting table 34, and collates the decoded tag ID with the tag setting table 35, and installs the receiver at the place where the receiver is installed. Judge whether access to the existing facilities is possible. For example, if the receiver ID is “001” and the tag ID is “200001”, the access level corresponding to the receiver ID is “2-3” from FIG. 9, and the access level corresponding to the tag ID is Since it is “3” from 10, it is determined that access to the first design unit where the receiver is installed is possible. If the receiver ID is “004” and the tag ID is “2000006”, the access level corresponding to the receiver ID is “3” from FIG. 9, and the access level corresponding to the tag ID is from FIG. Since it is “2”, it is determined that access to the first manufacturing department where the receiver is installed is not possible. The above collation and determination results are recorded in the log recording unit 36 of the storage unit 33.

  If it is determined that access is possible, the authentication server 3 transmits an access permission signal from the communication control unit 30 to the computer 4 and the controller 5 via the network 6. On the other hand, when it is determined that access is impossible, the authentication server 3 transmits an access prohibition signal from the communication control unit 30 to the computer 4 and the controller 5 via the network 6 (see FIG. 2).

  The above is the case where the operation button 1b of the wireless tag 1 is operated. However, when the operation button 1b is not operated, the tag ID 12 encrypted from the wireless tag 1 is not transmitted as described above, and the authentication server 3 receives the plaintext tag ID, the receiver ID, and the reception time from the receiver 2, and manages the location of the wireless tag 1 based on these. That is, the person information obtained from the tag ID, the position information obtained from the receiver ID, and the time information obtained from the reception time are stored in a predetermined area of the storage unit 33 to manage who is when and where. This management information is sent to an upper server (not shown) as necessary.

  FIG. 11 is a block diagram showing an electrical configuration of the computer 4. 40 is a communication control unit connected to the network 6, 41 is a memory composed of ROM, RAM, etc., 42 is a CPU as an arithmetic processing unit, 43 is an input unit consisting of a keyboard, mouse, disk drive, etc., 44 is a monitor The display unit 45 is a storage unit composed of a hard disk. When the communication control unit 40 receives an access permission signal from the authentication server 3 via the network 6, the computer 4 performs processing such as login as described above.

  FIG. 12 is a block diagram showing an electrical configuration of the controller 5. 50 is a communication control unit connected to the network 6, 51 is a memory composed of ROM, RAM, etc. 52 is a CPU as an arithmetic processing unit, 53 is a door opening / closing control unit for controlling the opening and closing of the door, 54 is an alarm signal Is an alarm unit that outputs. When the communication control unit 50 receives an access permission signal from the authentication server 3 via the network 6, the door opening / closing control unit 53 outputs an unlock signal to the electric lock 7 (FIG. 2). Upon receiving this unlock signal, the electric lock 7 unlocks the door and permits entry into the room. On the other hand, when the communication control unit 50 receives an access prohibition signal from the authentication server 3, the door opening / closing control unit 53 outputs a locking signal to the electric lock 7 (FIG. 2). When the electric lock 7 receives this locking signal, it locks the door and prohibits entry into the room. The alarm unit 54 outputs an alarm signal to the alarm device 8 (FIG. 2), turns on an alarm lamp, or sounds a buzzer.

  FIG. 13 is a flowchart showing the overall operation of the authentication system. The wireless tag 1 transmits the plain text tag ID 12 read from the memory 11 at a predetermined cycle (step S1). The transmission cycle is set to 1.1 seconds, for example. In order to extend the life of the battery, the transmission cycle may be lengthened. In the wireless tag 1, the password generation unit 14 generates a password (OTP) at regular time intervals (step S2). While the operation button 1b is not pressed (step S3: NO), steps S1 to S3 are repeated, and during this time, the location management based on the tag ID is performed by the authentication server 3 (step S8).

  When the operation button 1b of the wireless tag 1 is pressed (step S3: YES), the encryption processing unit 15 encrypts the tag ID using the generated OTP (step S4), and the OTP and the encrypted tag ID Is transmitted to the receiver 2 (step S5). The receiver 2 adds the reception time and the receiver ID to the information received from the wireless tag 1, and transmits these information to the authentication server 3 (step S6).

  By the way, although omitted in the description so far, in the authentication by OTP, exchange of “challenge” and “response” is performed between the server and the client (terminal). The challenge is a value that changes every time generated by the server. The client performs an operation by combining the challenge received from the server with the secret key, and transmits the result to the server as a response. The server also performs the same operation as that of the client, and collates with the response sent from the client to determine whether authentication is possible.

  Therefore, also in the present embodiment using OTP, a challenge is generated by the authentication server 3 (step S9). Here, the OTP generated based on the time corresponds to the challenge. The authentication server 3 sends this challenge to a terminal device such as the computer 4 or the controller 5 via the network 6, and based on this, a response is generated at the terminal device (step S7). The authentication server 3 identifies the receiver based on the receiver ID transmitted from the receiver 2 in step S6 (step S10), and collates the response generated by the terminal device in step S7 (step S11). If the response from the terminal device linked to the specified receiver is correct (step S12: YES), the process proceeds to step S13, and the access permission / prohibition determination process described above is executed based on the information received from the receiver 2. (Step S13). As a result of the determination, if access is permitted (step S14: YES), an access permission signal is output from the authentication server 3 (step S15). If access is prohibited (step S14: NO), access is made from the authentication server 3. A prohibition signal is output (step S16). If the response from the terminal device is not correct in step S12 (step S12: NO), the process proceeds to step S16 and access is prohibited. Finally, the collation and determination results are stored in the log recording unit 36 of the storage unit 33 (step S17), and the process returns to the first step S1.

  According to the authentication system as described above, in the authentication server 3, the tag ID, the receiver ID, and the access target are associated with each other by the receiver setting table 34 and the tag setting table 35, and the encrypted tag ID, receiver ID, Based on the above, it is determined whether or not access to the access target corresponding to the receiver ID is possible. For this reason, even if a receiver is not provided for each access target, a plurality of access targets can be managed by one receiver by assigning a receiver ID to each receiver. In the example of FIG. 1, the access target is a place called a computer room 100 and individual computers 4 installed therein, and the electric lock 7 that restricts entry and exit of the computer room 100 and each computer 4 are receivers. 2, the access target can be managed by one receiver 2. Therefore, even when access management is performed at a number of locations using the active wireless tag 1, the system configuration is simplified while ensuring the security of the tag ID. Further, when changing the access condition, it is only necessary to change the settings of the receiver setting table 34 and the tag setting table 35 in the authentication server 3, so that the operation becomes easy. Furthermore, by authenticating with the authentication server 3, the receiver 2 does not need a decryption means or a collation means, and the circuit configuration of the receiver 2 can be simplified.

  Further, in the wireless tag 1, the tag ID is encrypted using a one-time password generated based on the time, and this one-time password is a one-time password, so that the security is further improved. Can do.

  When the operation button 1b of the wireless tag 1 is pressed, the tag ID 12 is encrypted and transmitted to the receiver 2, and the authentication server 3 determines whether access is permitted or prohibited, and the operation button 1b of the wireless tag 1 is pressed. If not, the tag ID 12 is transmitted to the receiver 2 in plain text without being encrypted, and the location management of the wireless tag 1 based on the tag ID 12 is performed by the authentication server 3, so that one wireless tag 1 accesses Management and location management can be used properly.

  In the example of FIG. 13 described above, the tag ID 12 is encrypted for the first time when the operation button 1b of the wireless tag 1 is pressed. However, the tag ID 12 is periodically encrypted regardless of whether or not the operation button 1b is pressed. The encrypted tag ID may be read and transmitted when the operation button 1b is pressed. According to this, since the time for encryption processing is not required after the operation button 1b is pressed, the encrypted tag ID can be transmitted simultaneously with the pressing of the operation button 1b. FIG. 14 is a flowchart in this case, and steps S3 and S4 are interchanged as compared with FIG. Since other than that is the same as that of FIG. 13, description is abbreviate | omitted.

  Further, in the examples of FIGS. 13 and 14, OTP is used as a password for encryption. However, the present invention is not limited to OTP, but when encryption is performed using a normal fixed password (PIN code). Is also applicable. In this case, since the challenge and response processing is not required, the flowchart is as shown in FIG. In FIG. 15, steps S7 and S9 to S12 of FIG. 14 are omitted. Since other than that is the same as that of FIG. 14, description is abbreviate | omitted.

In the embodiment, the operation button 1b is provided on the wireless tag 1, but the operation means is not limited to the operation button, and an operation lever or the like can be used .

  In the above-described embodiment, the authentication server 3 authenticates whether access is possible. However, the receiver 2 may authenticate access permission. In this case, the part related to the authentication function in the authentication server 3 may be transferred to the receiver 2, and the receiver 2 also serves as the authentication means (the receiver 2 receives the encrypted tag ID received from the wireless tag 1 and its own The receiver ID is not transmitted to the authentication server 3). Alternatively, instead of the receiver 2, it is possible to authenticate whether or not access is possible with a terminal device (for example, the controller 5) provided along with the receiver 2. In this case, the portion related to the authentication function in the authentication server 3 may be transferred to the terminal device, and the terminal device also serves as the authentication means (in this case, the receiver 2 receives the encrypted tag ID received from the wireless tag 1 and the self Is transmitted to the terminal device). If both location management and access management are performed by the authentication server 3, the load on the server increases and it takes time for the authentication process. However, if authentication is performed by the receiver 2 or the terminal device as described above, the load is reduced. The authentication process can be quickly performed without relying on a large server.

  In the above description, the wireless tag 1 of FIG. 3 has been described as an example. However, when the wireless tag 60 of FIG. 4 is used instead of the wireless tag 1, the above-described embodiments can be applied as they are. Since the wireless tag 60 also serves as a card holder and can be loaded with the card 80, the two media of the tag and the card can be physically integrated, and the handling is convenient. .

  When the wireless tag 60 of FIG. 4 is used, as shown in FIG. 5C, a switch 72 for detecting that the card 80 is inserted is provided, so that the switch 72 detects the card 80. The circuit unit 68 may be activated on the condition that this is done. In addition, when a reading unit (not shown) that reads the recorded information of the card 80 is provided, whether or not the card 80 is the card of the owner of the wireless tag 60 based on the read information, and is the card of the person Alternatively, the circuit unit 68 may be activated. In this way, even when the wireless tag 60 and the card 80 are separated, unauthorized use of the wireless tag 60 by another person can be prevented.

It is a figure which shows one Embodiment of the authentication system which concerns on this invention. It is the figure which showed the flow of the signal in the system of FIG. It is an external view which shows an example of a wireless tag. It is an external view which shows the other example of a wireless tag. FIG. 5 is a plan view, a front view, and a rear view of the wireless tag in FIG. 4. It is a block diagram which shows the electric constitution of a wireless tag. It is a block diagram which shows the electric constitution of a receiver. It is a block diagram which shows the electrical structure of an authentication server. It is a figure which shows an example of a receiver setting table. It is a figure which shows an example of a tag setting table. It is a block diagram which shows the electric constitution of a computer. It is a block diagram which shows the electrical structure of a controller. It is a flowchart showing the whole operation | movement of an authentication system. It is a flowchart showing the whole operation | movement of the authentication system by other embodiment. It is a flowchart showing the whole operation | movement of the authentication system by other embodiment.

Explanation of symbols

1 wireless tag 1b operation button 2 receiver 3 authentication server 4 computer 5 controller 6 network 7 electric lock 8 alarm device 12 tag ID
13 Clock unit 14 Password generation unit 15 Encryption processing unit 16 Modulation unit 17 Transmission control unit 18 Antenna 30 Communication control unit 32 CPU
33 Storage Unit 34 Receiver Setting Table 35 Tag Setting Table 37 Decoding Processing Unit 60 Wireless Tag 63 Operation Button 100 Computer Room 101 Door

Claims (6)

An active wireless tag that stores its own tag ID and transmits information including the tag ID;
A receiver that stores its own receiver ID and receives information transmitted from the wireless tag;
Authentication means for performing predetermined authentication based on information received by the receiver,
An authentication system that permits or prohibits access to an access target by an owner of the wireless tag according to an authentication result of the authentication unit,
The wireless tag includes an operation unit, and encryption means for encrypting the tag ID, and transmission means for transmitting the tag ID encrypted by the encryption unit to the receiver,
The authentication unit includes a storage unit for the tag ID and the receiver ID and the access target is stored in association, decoding means for decoding the encrypted tag ID the receiver receives the tag said decoding means has decoded based on the ID and receiver ID, by referring to the storage means, and judging means for judging whether to permit or inhibit access to the access target corresponding to the receiver ID, according to the determination result of said determining means Output means for outputting a permission signal or a prohibition signal ,
When the operation unit is operated in the wireless tag, the tag ID encrypted by the encryption unit is transmitted to the receiver by the transmission unit, and the determination unit in the authentication server permits the access or Make a ban decision,
When the operation unit is not operated in the wireless tag, the plaintext tag ID that is not encrypted by the encryption unit is transmitted to the receiver by the transmission unit, and the plaintext tag ID and the receiver ID are transmitted by the authentication server. And performing location management of the wireless tag based on the above . The authentication system according to claim 1,
The authentication means comprises an authentication server connected to the receiver via a network,
The authentication system, wherein the receiver transmits the encrypted tag ID received from the wireless tag and its own receiver ID to the authentication server. The authentication system according to claim 1,
The authentication unit includes the receiver or a terminal device provided in association with the receiver. In the authentication system according to any one of claims 1 to 3,
The wireless tag encryption means encrypts a tag ID using a one-time password generated based on a time. The authentication system according to claim 1,
The receiver transmits the reception time when the information transmitted from the wireless tag is received to the authentication unit together with the tag ID and the receiver ID,
The authentication means includes personal information obtained from the plaintext tag ID, position information obtained from the receiver ID, and time information obtained from the reception time when the operation means is not operated on the wireless tag. An authentication system that performs location management of the wireless tag based on the authentication. Reception for receiving an encrypted tag ID of the wireless tag or an unencrypted plaintext tag ID and a receiver ID of the receiver from a receiver that receives information transmitted from an active wireless tag having an operation means Means,
Storage means for storing the tag ID, the receiver ID, and the access target in association with each other;
Decryption means for decrypting the encrypted tag ID received by the reception means from the receiver;
A determination unit that determines whether to permit or prohibit access to an access target corresponding to the receiver ID with reference to the storage unit based on the tag ID and the receiver ID decoded by the decoding unit;
Output means for outputting a permission signal or a prohibition signal according to the determination result of the determination means ,
Based on the encrypted tag ID transmitted from the wireless tag to the receiver when the operation unit is operated, and the receiver ID, the determination unit determines whether to permit or prohibit the access,
An authentication server that performs location management of the wireless tag based on the plaintext tag ID that is transmitted from the wireless tag to the receiver and the receiver ID when the operation unit is not operated. .

Images