JP5265166B2 - Access control device and locking / unlocking control method - Google Patents

Description

  The present invention relates to an entry / exit management device and a locking / unlocking control method for controlling entry / exit of a user to / from the area by controlling locking / unlocking of a locking means in a predetermined area.

  In the conventional entrance / exit management system, when a restricted user such as a visitor who is restricted from entering the room enters and passes through an area without entry authority, the general public such as a guide who is a company employee of the company having the area. A user opens a door when entering a room, and a restricted user enters and passes through a room without entry authority (referred to as “joint”).

  However, such an entrance / exit management system cannot distinguish between unauthorized entry by a malicious third party and entry of a restricted user under the consent of a general user. For this reason, in the prior art, an unauthorized entry is discovered at a later date by storing a history of errors that occurred as a result of an ID card authentication operation or the like by a user whose room entry authority is restricted according to company regulations, etc. Measures were taken.

  In addition, in order to grant entry authority to restricted users, it is necessary to change the user database registered in advance in the entry / exit management system or to assign another ID to the restricted user. Operation becomes complicated.

  In order to solve such a problem, in the technique disclosed in Patent Document 1, a master card and a slave card are set by a continuous ID collation operation, and the authority to enter or leave the room when entering or leaving the room is limited. By providing the ID, the access management system with improved convenience is provided.

JP 2006-251849 A

  However, in the prior art of Patent Document 1, as long as the guide user who is a general user and the visitor who is a restricted user act together, the visitor also enters the room where the guide has authority to enter the room. It will be possible. In an area with a certain security level or more, even if the guide is accompanied, there are cases where the visitor does not want to enter the room. In such a case, it is left to the discretion of the guide to determine whether or not to allow the guest to enter the room, and there is a problem in that the access management of restricted users such as visitors becomes complicated.

  Moreover, since it is left to a guider's discretion whether a visitor enters a room, there also exists a problem that security falls.

  The present invention has been made in view of the above, and provides an access management apparatus and a locking / unlocking control method capable of effectively realizing access management of restricted users and improving security. For the purpose.

In order to solve the above-described problems and achieve the object, the present invention is an entry / exit management apparatus for controlling entry / exit of a user to the area by controlling the locking / unlocking of the locking means in a predetermined area. First identification information unique to the first information storage medium possessed by the user is received from the first information storage medium, and second identification information unique to the second information storage medium possessed by the visitor is stored in the second information storage. Receiving means for receiving from a medium, and an authority table in which authority is defined for each area, which defines the authority content of whether entry is possible, companion entry is possible with accompanying the guide, or entry is not possible A first storage means for storing, an authentication means for authenticating the first identification information and the second identification information for each region, and a means for controlling the locking and unlocking of the locking means, The authority details that allow the accompanying room to be entered in the identification information The lock means of the allocated area is unlocked with respect to the visitor of the second identification information only when the authentication of the first identification information associated with the second identification information is successful. Locking / unlocking control means for performing control, authority changing means for changing the authority content of the authority corresponding to the first identification information associated with the second identification information, and the authority changing means, The authority content of the authority corresponding to the first identification information associated with the second identification information is changed to the authority content of the authority corresponding to the second identification information.

  Moreover, this invention is the locking / unlocking control method performed with the said entrance / exit management apparatus.

  According to the present invention, when the authentication of the first identification information associated with the second identification information has succeeded in the lock means of the area in which the authority information for allowing entry into the second identification information is assigned to the area. In addition, the control of unlocking the area lock means for the visitors of the second identification information is effectively realized, and the operation of access control for restricted users such as visitors is effectively realized and the security is improved. There is an effect that can be achieved.

  Exemplary embodiments of an access control device and a locking / unlocking control method according to the present invention will be explained below in detail with reference to the accompanying drawings.

(Embodiment 1)
FIG. 1 is a schematic diagram illustrating a state of an area (region) managed by the access management apparatus according to the first embodiment. As shown in FIG. 1, there are a total of five areas managed by the access control device, and an electric lock 221 and an IC card reader 222 are installed on the door of each area.

  The IC card reader 222 and the electric lock 221 are connected to the main body of the access management apparatus 200 set outside the area by wire or wirelessly.

  The IC card reader 222 receives the ID recorded on each IC card from the IC card possessed by the guide and the IC card lent to the visitor, and sends it to the main body of the access management apparatus 200.

  The electric lock 221 is provided in the vicinity of the door of the area, and locks and unlocks the door according to a command from the access control device 200.

  FIG. 2 is a block diagram illustrating a functional configuration of the access control apparatus according to the first embodiment. As shown in FIG. 2, the access control apparatus 200 according to the present embodiment includes an input / output control unit 211, an authentication unit 212, a locking / unlocking control unit 213, an abnormality notification unit 217, a storage unit 216, and the above-described configuration. The IC card reader 222 and the electric lock 221 are mainly provided.

  The input / output control unit 211 accepts input of the ID of the IC card received by the IC card reader 222 and instructs various outputs.

  The authentication unit 212 receives the ID of the IC card received by the IC card reader 222 via the input / output control unit 211, and for each area, refers to the association table 214 to authenticate the ID, that is, the user possessing the IC card. Authentication.

  The abnormality reporting unit 217 reports an abnormality to a monitoring center (not shown) or issues an alarm in the area when an abnormality occurs in the area.

  The storage unit 216 is a storage medium such as a hard disk drive (HDD) or a memory, and stores an association table 214 and an authority table 215.

  The association table 214 is a table that associates the guider ID with the authority, associates the visitor ID with the authority, and associates the guider ID with the visitor ID.

  FIG. 3 is an explanatory diagram showing an example of the association table 214. In the association table 214, as shown in FIG. 3, the guider ID and one or more visitor IDs are associated with each other. Associated with authority. Here, the authority determines whether or not the user can enter the area for each area.

  Returning to FIG. 2, the authority table 215 is a table that defines the contents of the authority. FIG. 4 is an explanatory diagram showing an example of the authority table 215. In the authority table 215, as shown in FIG. 4, authorities A, B, etc. that define the authority contents for each area are registered. The contents of authority include admission to allow entry into the area, admission into the area accompanied by the guide, and entry into the area without permission to enter the area. This authority A, B, etc. is given to each of the guider ID and visitor ID in the association table described above.

  Returning to FIG. 2, the locking / unlocking control unit 213 controls locking / unlocking of the electric lock 221. In the present embodiment, only when the authority of the accompanying guest can be entered in the area, the authority of the accompanying guest is assigned, and the authentication of the guide ID associated with the visitor ID is successful. An unlock signal is sent to the electric lock 221 in the area. As a result, the electric lock 221 is unlocked for the visitor having the ID associated with the ID of the guide who has been successfully authenticated, and the visitor can enter the area.

  Next, the lock / unlock control process of the electric lock 221 by the access control apparatus 200 of Embodiment 1 configured as described above will be described. 5 and 6 are flowcharts illustrating the procedure of the locking / unlocking control process according to the first embodiment. Note that the following locking / unlocking control processing is executed in each area shown in FIG.

  Here, when the visitor visits a company having the area and accepts the visit, an IC card is given to the visitor. At this time, the person who received the request or the system administrator, etc., inputs the ID of the guide to be visited by the visitor and the ID and authority of the IC card given to the visitor on the system management screen of the entrance / exit management device. By doing so, both IDs are associated and registered together with the authority to be given to the association table shown in FIG.

  The association between the visitor ID and the guider ID is not limited to this. For example, when the IC card is a writable storage medium, an ID associated with the IC card and an authority to be assigned may be written by an IC card reader / writer, and the entry / exit management system may read the information. Moreover, you may comprise so that both ID may be linked | related by making an authentication apparatus authenticate a visitor's IC card and a guider's IC card simultaneously.

  After the visitor's ID and the guide's ID are associated in this way, the visitor tries to enter the area. When the IC card reader 222 receives the visitor's ID from the visitor's IC card (step S11), the authentication unit 212 receives the visitor ID via the input / output control unit 211, and refers to the association table 214. ID authentication is performed (step S12). And when authentication of a visitor's ID fails (step S13: No), a visitor's ID is received again.

  On the other hand, when the authentication of the visitor ID is successful (step S13: Yes), the locking / unlocking control unit 213 displays the authority (for example, authority A etc.) associated with the visitor ID from the authority table 215. Read (step S14). Then, the locking / unlocking control unit 213 reads the guider ID associated with the visitor ID from the association table 214 (step S15).

  Next, the locking / unlocking control unit 213 examines the authority content corresponding to the area from the authority of the read visitor ID (step S16). When the authority content of the area of the visitor can be accompanied, the IC card reader 222 receives the guider's ID from the guider's IC card (step S17). The authentication unit 212 receives the ID of the guider via the input / output control unit 211, authenticates the ID with reference to the association table 214, and refers to the guide with reference to whether the authentication is successful. It is checked whether the ID is correctly associated with the received visitor ID (step S18).

  And when authentication of a guider's ID fails, or when a guider's ID is not ID linked | related correctly with the received visitor's ID (step S18: No), again, guideer's ID is set. Receive.

  On the other hand, when the guide ID is successfully authenticated and the guide ID is correctly associated with the received visitor ID (step S18: Yes), the locking / unlocking control unit 213 guides the guide. The authority (for example, authority A etc.) associated with the person's ID is read from the authority table 215 (step S22).

  Next, the locking / unlocking control unit 213 examines the authority content corresponding to the area from the authority of the read guide ID (step S23). When the authority content of the area is admitted, an unlock signal is sent to the electric lock 221 (step S24). As a result, the electric lock 221 is unlocked for entry of the guide and a visitor who has authority to enter the room when accompanied by the guide. On the other hand, when the authority content of the area is not allowed to enter the room, the locking / unlocking control unit 213 does not send the unlocking signal to the electric lock 221, and therefore the electric lock 221 is not unlocked.

  Returning to step S16, if the authority content of the area of the visitor is admitted, the locking / unlocking unit 213 sends an unlocking signal to the electric lock 221 (step S19). As a result, the electric lock 221 is unlocked for the guest to enter the room. On the other hand, in step S16, when the authority content of the area cannot enter the room, the electric lock is not unlocked. Then, in these two cases, the locking / unlocking process for entering the guide is performed next.

  In the locking / unlocking process for entering the guider, when the IC card reader 222 receives the ID of the guider from the IC card of the guider (step S20), the authentication unit 212 receives the guider's ID via the input / output control unit 211. The ID is received, and the ID is authenticated with reference to the association table 214. And when authentication of a guider's ID fails (step S21: No), ID of a guider is received again.

  On the other hand, when the authentication of the guider ID is successful (step S21: Yes), the locking / unlocking control unit 213 determines the authority (for example, authority A etc.) associated with the guider ID from the authority table 215. Read (step S22). Thereafter, the processes of steps S23 and S24 described above are performed.

  In the above process, the authority of the visitor's area is allowed to enter the room and the electric lock is unlocked, or after it is determined that the room cannot be entered, authentication of the guider and lock / unlock control are performed. However, the present invention is not limited to this. For example, when there is only a visitor and there is no guide, what is necessary is just to comprise so that authentication of a guider's ID and locking / unlocking control may not be performed. Further, in the above processing, the locking / unlocking control processing at the time of entering the area has been described. However, when leaving the area and entering another area, considering the entry into the other area, The same process is performed.

  Here, an example in which the guide (ID = 0001) is assigned authority A and the visitor (ID = 0010) is assigned authority D will be described. FIG. 7 is a schematic diagram illustrating an example in which a guide is assigned authority A and a visitor is assigned authority D.

  As shown in FIG. 4, authority A has authority contents allowing entry into all areas 1 to 5. In addition, the authority D is an authority content that allows the areas 1 and 2 to enter the room, an authority content that the area 3 can enter, and an authority content that the areas 4 and 5 cannot enter the room. For this reason, the visitor can enter the areas 1 and 2 alone, but cannot enter the area 3 unless accompanied by a guide as shown in FIG. In addition, areas 4 and 5 cannot be entered even if a guide is accompanied.

  As described above, in the entrance / exit management device according to the first embodiment, when the authority contents for allowing entry into the guest room are assigned to the area, the authentication of the guider ID associated with the visitor ID is performed. Since the control of unlocking the area's electric lock is performed only when the visitor has succeeded, the entrance / exit management of the visitors who are restricted from entering the room is effectively realized, and security is also achieved. Can be improved.

(Embodiment 2)
The entrance / exit management apparatus according to the second embodiment can change all or part of the authority of the guide.

  FIG. 8 is a block diagram of a functional configuration of the access control apparatus according to the second embodiment. As shown in FIG. 8, the access management apparatus 800 according to the second embodiment includes an input / output control unit 211, an authentication unit 212, a locking / unlocking control unit 213, an abnormality notification unit 217, a storage unit 216, and an authority change. A main unit 814, an IC card reader 222, and an electric lock 221. Here, the input / output control unit 211, the authentication unit 212, the locking / unlocking control unit 213, the abnormality notification unit 217, the storage unit 216, the IC card reader 222, and the electric lock 221 have the same functions and configurations as in the first embodiment. doing.

  The authority changing unit 814 changes the authority content of the authority registered in the authority table 215 and assigned to the guider ID. Specifically, the authority changing unit 814 changes the authority content of the authority corresponding to the guider ID associated with the visitor ID to the authority content of the authority corresponding to the visitor ID. For example, when there is an area to which the authority content that cannot be entered is assigned among the authority contents of the authority assigned to the visitor ID, the authority changing unit 814 assigns the authority assigned to the guideer ID for the area. Change the authority contents of to no entry.

  The authority content is changed by the authority changing unit 814 at the timing when the visitor and the guider try to enter the same area.

  Next, the lock / unlock control process of the electric lock 221 by the access control apparatus 800 according to the second embodiment configured as described above will be described. FIG. 9 is a flowchart illustrating the procedure of the locking / unlocking control process according to the second embodiment. From the reception of the visitor ID in step S31 to the determination process of the authority content of the visitor ID in S36 is performed in the same manner as the locking / unlocking control process in the first embodiment.

  In step S36, when the authority content of the area of the authority assigned to the received visitor ID is companion entry possible and entry is possible, the same process as the locking / unlocking process of the first embodiment Is done.

  On the other hand, in step S36, when the authority content of the area of the authority assigned to the received visitor ID cannot be entered, the authority content of the area of the authority assigned to the guide in the authority table 215 is displayed. As in the case of the visitor, the entry is made impossible so that the authority table 215 is rewritten (step S40). As a result, the authority content of the authority assigned to the guide is changed to the authority content of the authority similar to the visitor for the area, and the guide cannot enter the area where the visitor cannot enter. The subsequent processing is performed in the same manner as the locking / unlocking processing of the first embodiment.

  Here, an example in which the guide (ID = 0001) is assigned authority A and the visitor (ID = 0010) is assigned authority D will be described. FIG. 10 is a schematic diagram showing an example where the guide is assigned authority A and the visitor is assigned authority D.

  As shown in FIG. 4, authority A has authority contents allowing entry into all areas 1 to 5. In addition, the authority D is an authority content that allows the areas 1 and 2 to enter the room, an authority content that the area 3 can enter, and an authority content that the areas 4 and 5 cannot enter the room. For this reason, the authority content of the areas 4 and 5 of the guider is changed to prohibit entry into the room, similar to the authority contents of the areas 4 and 5 of the visitor. For this reason, as shown in FIG. 10, the guider cannot enter the areas 4 and 5 like the visitor.

  As described above, in the entrance / exit management device 800 according to the second embodiment, the authority content of the authority registered in the authority table and assigned to the guide is made inaccessible as the authority content of the area assigned to the visitor. Since it has been changed, the security can be further improved.

  The authority changing unit 814 may be configured to change only the authority content of a specific area among the authority contents of the authority assigned to the guider ID. For example, consider a case where a guide (ID = 0001) is assigned authority A and a visitor (ID = 0010) is assigned authority D. FIG. 11 is a schematic diagram illustrating an example when only the authority content of a specific area is changed. In this case, among the authority contents of authority A shown in FIG. 4, by changing the room 5 entry permission to the room entry impossible, the guide can enter only the area 4 as shown in FIG. The highest area 5 can be prevented from entering.

  Moreover, in this Embodiment, the timing which changes the authority content was performed at the timing when a visitor and a guide person try to enter the same area, However, It is not limited to this. For example, it is possible to change the authority content of the authority assigned to the guider ID when the visitor is received and the guider ID and the visitor ID are associated with each other.

  Further, the authority changing unit 814 can be configured to change the authority contents of the authority assigned to the guide when the guide and the visitor enter the same area. For example, consider a case where a guide (ID = 0001) is assigned authority A and a visitor (ID = 0010) is assigned authority D. In this case, as shown in FIG. 12, the authority of the guide of the area 5 when the guide enters the area 3 from the area 5 in a state where a visitor who can enter only the area 3 enters the area 3 alone. The content can be changed to disable entry.

  In addition, when the visitor and the guide are not in the same area, or when the visitor is in an area other than the area with the highest security level in the authority content, The authority content of the guide may be changed. For example, consider a case where a guide (ID = 0001) is assigned authority A and a visitor (ID = 0010) is assigned authority D. Further, as described above, it is assumed that the authority content for the area 5 of the guide has been changed so as not to enter the room. In this case, as shown in FIG. 13, the areas where visitors can enter are areas 1 and 2, and the area where guests can enter is area 3. Here, as shown in FIG. 7, the area 3 has the highest security level among the areas 1 to 3. For this reason, when the guide returns from the area 3 to the areas 1 and 2, the authority contents of the guide for the area 5 can be changed from being unable to enter the room to being allowed to enter the room. By configuring in this way, it is possible to prevent a guide having authority to enter / exit an area with a high security level from entering the area where entry / exit is not permitted by “joint” visitors.

  In the first and second embodiments, it is assumed that the visitor and the guide are associated with each other. However, when the employee wants to temporarily enter an area with a high security level, the employee IDs are assigned to each other. In association therewith, the locking / unlocking control process may be performed. These various aspects can improve the security of the area.

  It should be noted that the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the above embodiments. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, constituent elements over different embodiments may be appropriately combined.

It is a schematic diagram which shows the state of the area which the entrance / exit management apparatus concerning Embodiment 1 manages. 2 is a block diagram illustrating a functional configuration of the access control apparatus according to Embodiment 1. FIG. It is explanatory drawing which shows an example of an association table. It is explanatory drawing which shows an example of an authority table. 4 is a flowchart illustrating a procedure of locking / unlocking control processing according to the first embodiment. 6 is a flowchart showing a procedure (continued) of locking / unlocking control processing according to the first embodiment. It is a schematic diagram which shows an example in case a guide is assigned authority A and a visitor is assigned authority D, respectively. It is a block diagram which shows the functional structure of the access control apparatus concerning Embodiment 2. FIG. 10 is a flowchart illustrating a procedure of locking / unlocking control processing according to the second embodiment. It is a schematic diagram which shows an example in case a guide is assigned authority A and a visitor is assigned authority D, respectively. It is a schematic diagram which shows the example at the time of changing only the authority content of a specific area. It is a schematic diagram which shows an example of the change timing of the authority content. It is a schematic diagram which shows the other example of the change timing of authority content.

Explanation of symbols

200,800 Access control device 211 Input / output control unit 212 Authentication unit 213 Locking / unlocking control unit 214 Association table 215 Authority table 216 Storage unit 217 Abnormality notification unit 221 Electric lock 222 IC card reader 814 Authority changing unit

Claims (6)

An entry / exit management device for controlling entry / exit of the user into the area by controlling locking / unlocking of the locking means in a predetermined area,
First identification information unique to the first information storage medium possessed by the guide is received from the first information storage medium, and second identification information unique to the second information storage medium possessed by the visitor is the second information. Receiving means for receiving from a storage medium;
A first storage means for storing an authority table in which authority is set for each area, the authority defining whether the room is allowed to enter; ,
Authentication means for authenticating the first identification information and the second identification information for each area;
A means for controlling the locking and unlocking of the lock means, wherein the lock means in the area to which the authority content that allows the accompanying room to be entered is assigned to the second identification information is associated with the second identification information. Only when the authentication of the first identification information is successful, the locking / unlocking control means for performing the control for unlocking the visitor of the second identification information;
Authority changing means for changing the authority content of the authority corresponding to the first identification information associated with the second identification information;
With
The authority changing means changes the authority content of the authority corresponding to the first identification information associated with the second identification information to the authority content of the authority corresponding to the second identification information. Feature entry / exit management device. The authority changing means, when there is an area to which authority content that cannot be entered is assigned among the authority contents of the authority assigned to the second identification information, the authority of the first identification information for the area. The entrance / exit management device according to claim 1, wherein the authority content is changed so that the room cannot be entered. The access control apparatus according to claim 1 , wherein the authority changing unit changes a part of the authority content of the authority corresponding to the first identification information associated with the second identification information. A second storage for associating the first identification information with the authority, associating the second identification information with the authority, and further storing an association table associating the first identification information with the second identification information Further comprising means,
The locking / unlocking control means determines the association between the second identification information and the first identification information based on the association table, and whether or not the authority for allowing the accompanying room to be entered is assigned to the second identification information. The entrance / exit management apparatus according to claim 1, wherein the access control apparatus determines whether or not the A locking / unlocking control method executed by an access management apparatus that controls the user's access to the area by controlling the locking / unlocking of the locking means in a predetermined area,
The entrance / exit management device stores an authority table in which authority is set for each of the areas, the authority defining whether the room can be entered, accompanied by the guide, can enter the room, or cannot enter the room. First storage means for
The receiving means receives first identification information unique to the first information storage medium possessed by the guide from the first information storage medium, and receives second identification information unique to the second information storage medium possessed by the visitor. Receiving from the second information storage medium;
An authentication step for authenticating the first identification information and the second identification information for each area;
Locking / unlocking control means is a step of controlling the locking / unlocking of the locking means, wherein the locking means in the area to which the authority content allowing the accompanying entry is assigned to the second identification information, An unlocking / unlocking control step for controlling the unlocking of the second identification information only when the authentication of the first identification information associated with the identification information is successful;
An authority changing step for changing the authority content of the authority corresponding to the first identification information associated with the second identification information;
Only including,
In the authority changing step, the authority changing means indicates the authority content of the authority corresponding to the first identification information associated with the second identification information, and the authority of the authority corresponding to the second identification information. The locking / unlocking control method characterized by changing to contents . In the authority changing step, when there is an area to which the authority content that cannot be entered is assigned, among the authority contents of the authority assigned to the second identification information, the authority changing means includes 6. The locking / unlocking control method according to claim 5, wherein the authority content of the authority of one identification information is changed to the entry impossible.

Images