JP2000145219A - Lock management system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To improve safety severely judging a deserver by collating an inputted person proof data with an identical person certificated data of an IC card to unlatch and by using the IC card wherein the identical person certificated data of users is memorized as a key. SOLUTION: A key card publishing house 1 is provided with a host computer 11, a data input device 12, an input device 13 for a person proof data, and a reader and writer 14 for publishing a key IC card. By a key card publishing house 1, a rental safe is specified, an ID for admitting utilization of the safe and an identical person certificated data of a user acquired with the input device 13 for a person proof data are stored in an IC card, the IC card is published as a key card 2, and the IC card is rented to a user. After a safe deposit box 3 is once locked, only when the person proof data wherein a user himself inputs in the scene is corresponded with the identical person certificated data read from the key card 2 which the user presents within a range admitted in collating theory, the safe is unlatched through an unlatching processor 31. Accordingly, the high safety of holdbacks can be secured.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a lock control system which allows only authorized persons such as safes and storages to open and close, and assures the security of stored important items, chemicals and poisons. More particularly, the present invention relates to a lock management system in which a person authorized in advance opens and closes the lock without an administrator.

[0002]

2. Description of the Related Art Conventionally, in a locker or the like, a key is prepared for each locker and lent out, so that even if the owner of the key is different from the original user, the locker can be opened and closed. Can be stolen by others,
Security is not enough. Some safeguards provide more advanced protection, such as the key provided when lending the safe and the key of the administrator so that the lock can be unlocked for the first time. Even with a rare or duplicated key, it can be unlocked and the security is not sufficient.

[0003] There is also a safe provided with a dial or keyboard for inputting to a lock so that the lock cannot be unlocked unless the same code is entered and the same code is input when locking. These safes do not require the user to carry the key, and are unlocked based on the encryption set by the user each time they are used, which is simple but highly secure, but can be unlocked by prying eyes or analogy. Sex remains. In addition, there are lock control systems such as laboratories, data storage rooms, medicine storage rooms, etc., which limit the people who can enter and exit to ensure security, and unlock only when they have passed authentication with a card issued to a qualified person, In this system, if the management of the card is poor, there is a fear that an unqualified person can use the card to enter and leave freely.

[0004] Since the required security varies depending on the lock to be accessed, it is inevitable to require the user to perform complicated procedures in pursuit of high security. For example, opening a shelf for managing highly toxic substances requires a certain amount of complicated and reliable authentication, but a simple check is sufficient to take out enough ordinary medicine by controlling the amount taken out. The level of security assurance required differs depending on whether a safe deposit box stores valuables or expensive goods that cannot be changed, and stores an unlimited number of items.

[0005]

The problem to be solved by the present invention is to provide a highly secure lock management system by strictly judging qualified persons. An object of the present invention is to provide a lock control system capable of setting the depth of authentication of a qualified person.

[0006]

In order to solve the above problems, a lock management system according to the present invention uses, as a key, an IC card in which personal identification data of a user is recorded, and stores the inputted personal identification data and the IC card in the IC card. It is characterized in that the recorded personal authentication data is collated and unlocked when the authentication is passed.

In the lock management system of the present invention, personal authentication data of a person who is authorized to use the lock is stored in an IC card, and the IC card is given to the user as a key card.
When unlocking the lock, a key card is presented and personal identification data is input. The personal identification data is collated with the data recorded on the key card, and the lock is opened only when it matches within the allowable range. The lock cannot be opened unless the personal identification data of the person trying to access matches the recorded personal data, so that the lock can only be unlocked by an authorized person.

[0008] Such a system gives an authorized individual the right to unlock and authenticates with a key card whether or not he / she has the qualification. The key card is one of key functions. Just a department. Therefore, even if another person can pick up the key card, steal or copy and use the key card, the lock cannot be opened unless the person is the person himself / herself, and the safety of the lock is extremely high. Further, since the personal information is stored in the key card, it is not necessary to provide a large amount of database storing information on all the prospective users on the lock device side, and it is not necessary to obtain the information from the host device by high-speed communication. However, it goes without saying that higher security can be ensured by storing a part of the personal information in the storage device on the lock side and using both of them in combination.

[0009] As the personal authentication data recorded on the key card, biometric information data owned by the user or information data created by the user can be used. The biometric information data refers to data relating to information such as a fingerprint, a voiceprint, and an iris, which are provided in a human body and represent characteristics unique to an individual. Since such data is difficult for another person to impersonate and present, by performing personal authentication based on the biometric information data, the security of the lock becomes higher.

The information created by the user is information intentionally created by the user, such as a signature, handwriting, or an arbitrary figure or character string. The signature is not provided in the human body from the beginning, but it is difficult for others to imitate its characteristics like biometric information, and is useful for correctly authenticating the person. The character string is stored on the key card and used in the same manner as the personal identification number. However, since the storage capacity of the IC card is large, the degree of freedom such as the length and the type of character used is expanded so that others cannot easily guess. be able to.

Further, there may be a plurality of types of personal authentication data that can be recorded on the key card, and the data may be selectively recorded. Even if someone tries to steal the key IC card,
If the type of authentication data handled by the key card cannot be specified, it cannot be used unless you know whether you are using a fingerprint, voiceprint, signature, encryption, etc. Damage is also reduced.

[0012] Further, input means for personal identification data corresponding to a plurality of personal authentication data types may be installed at a lock-use location so that a user can select the lock. When a plurality of authentication data types can be used as described above, the thief needs to know which type of authentication data is used, and a lock with high security can be obtained. Of course, a plurality of pieces of information may be used in combination, and if none of them passes, unlocking may not be possible.

Note that there may be a plurality of locks that can be unlocked by one key card, and the type of personal authentication data to be applied to each lock may be selected.
The cost can be reduced as compared to issuing a key card for each lock, and the number of cards carried by the user can be reduced, and the trouble of selecting and presenting a corresponding card for each lock can be eliminated.

Such a key card is useful, for example, when a lock at the entrance and a lock at the journal shelf in the store are shared in the store. When a cabinet with a normal medicine and a medicine cabinet with different management levels are installed in a cabinet, it is possible to prevent the medicine cabinet from being opened only by the authority to open the cabinet door. Personnel information and accounting information are both stored in the storage, but it can also be used in a case where only relevant persons can access each.

[0015] In such a situation, if a function is provided to warn when an access other than a qualified person is made, safety is improved. For this reason, it is possible to provide a sensor for detecting access by a person on a cabinet in the refrigerator. Since the sensor does not need to operate when a qualified person accesses the sensor, the alarm output is prohibited for the sensor circuit in the management section that has passed the authentication.

When an unqualified person accesses, a warning may be given to the management room, and the door of the storage may be closed to prevent the escape of the access person. Further, since the lock management system of the present invention has a function of recognizing a person who has accessed the lock as an individual, the use status record of the storage can be automatically created by accumulating the information.

The lock control system of the present invention can be provided in a safe for storing valuables to ensure safety. In particular, by using it for a safety deposit box, it becomes a safe deposit facility that is sufficiently safe even without the presence of an administrator. In addition, the user of the safe deposit box can determine the security depth according to the value of the stored items and use the security in accordance with the security depth.

[0018]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The details of the present invention will be described below based on embodiments with reference to the drawings. FIG. 1 is a block diagram showing a configuration of one embodiment of a lock control system of the present invention, and FIG. 2 is a block diagram showing a configuration of another embodiment.

[0019]

[Embodiment 1] The lock management system of this embodiment is used for safe deposit box management, and can provide high security by performing personal authentication using authentication data registered in an IC card. . Referring to FIG. 1, a key card issuing office 1 issues a predetermined IC card as a key card 2 to a person who wants to use a safe box, and a safe box 3 reads the key card 2 and the user's own authentication data and passes the authentication. Then, the safe designated by the key card 2 is unlocked.

The key card issuing office 1 includes a host computer 11, a data input / output device 12 including a display and a keyboard, a personal identification data input device 13, and a reader / writer 14 for issuing a key IC card. When a person who wants to borrow a safe applies for use, the personal identification data input device 13 of the key card issuing office 1 is used to input personal identification data used for user authentication.

The host computer 11 is equipped with key card issuing software, key management software, and authentication data registration software as software. Key management software manages the status of safes, decides which safe to use for the key card, manages the security level of the lock and specifies the type of authentication information, and manages and returns the status of issuing and returning the key card. Delete the recorded contents of the key card. The data input / output device 12 includes a display, a keyboard, a printer, and the like, which are generally required in a computer system.

The personal identification data input device 13 includes a fingerprint reader that extracts and classifies a fingerprint pattern when a finger is pressed,
It is a device for inputting information that can be individually identified by a user, such as a voiceprint acquisition device including a microphone and a voiceprint analysis device, and a tablet for writing a signature or code. In a simple case, a keyboard for inputting character string encryption may be used. The key card issuing reader / writer 14 includes an IC card reader / writer and an IC card reader / writer command.

The key card issuing office 1 designates a safe to rent,
The authentication ID that authorizes the use of the safe and the personal authentication data of the user acquired by the personal identification data input device 13 are stored in a memory area managed by the CPU in the IC card, and are issued as the key card 2 and used. Lend to the person. The key card 2 is an IC card having a CPU and a built-in memory.

The safe deposit box 3 is provided with an unlocking processing device 31 having an IC card reader / writer and a personal identification data input device, and a plurality of locker-type safes 32. Unlocking device 31
Has a safe control interface and is equipped with authentication data collation software. The safe 32 has an electric controller and can be locked and unlocked by remote control. In addition, if a sensor that detects an abnormality and a reporting device that generates an alarm when an abnormality is provided are provided, safety can be ensured even when the vehicle is unmanned.

The user of the safe deposit box stores and locks the object in the designated safe 32 of the safe 3. Once locked, only if the personal identification data entered by the user on the spot and the authentication data read from the key card 2 presented by the user match within the range permitted by the verification logic. ,
The safe is unlocked via the unlocking processing device 31.

According to the present management system, even if the key card 2 is genuine, the key card 2 cannot be unlocked unless the person carrying it is a genuine user. Needless to say, a guarantee by the attendance of a manager is also used. Therefore, it is possible to operate the safe deposit box by unmanned management or similar management.

By using a plurality of types of authentication information, it is possible to select and set the security level of the safe deposit box. In the case where the security level can be selected, the user of the safe selects the authentication information to be used in consideration of the importance and convenience of the items stored in the safe. When the user requests high security, the identity of the user may be confirmed by a signature, or a character string may be used for a request that emphasizes simplicity.

Further, it is possible to make the safe extremely safe by combining two or more kinds of information to be collated. Further, if a safe to be used at the time of issuing the key card 2 is determined and an ID corresponding to the safe is entered in the IC card, there is little danger of the unissued IC card being stolen even if it is stolen.

The same lock management system can be used for a storage device accessed by a plurality of persons, such as a centralized safety box or locker, or a key box in building management.

[0030]

[Embodiment 2] The lock control system of this embodiment is used for management of a storage, and performs identity verification by collation with an IC card and a handwritten signature, and detects important substances, medicines, deleterious substances, and poisons in the storage. This is a system that safely stores such items and allows authorized persons to take out only authorized items. In addition, the sensor detects and reports when an unauthorized person accesses, and the circuit configuration is designed to lock the system to the safe side against external attacks, such as to secure the security and reliability of the storage. It has a function to enhance it sufficiently.

FIG. 2 is a block diagram of a lock management system applied to a storage. The storage 5 has a plurality of storage rooms 51,
The storage room 51 further includes a plurality of small rooms or storage shelves 54, 55, and 56. Each of the plurality of storage rooms and the small rooms has a different security level, and the storage rooms and the small rooms can be selectively used according to the confidentiality of the articles to be stored.

As a specific example, for example, a company has a storage 5 and a first storage 51 is a room for storing highly confidential documents that can be handled only by some persons in the company. Only allow specific people to enter and leave. Further, documents requiring the highest confidentiality are stored in the first small room 54 in the first storage room 51, and even those who are allowed to enter and leave the first storage room 51 may enter the first small room 54 further. Only authorized persons have access. Also, for example, the second small room 5
Reference numeral 5 denotes a room for storing personnel-related materials. Only a person in charge of personnel can access the room, and a third small room 56 is a room for storing accounting documents so that only a person in charge of the accounting department can enter and exit. I do.

The second storage room 52 is a room for storing development-related materials. It is necessary to prevent the stored information from leaking to the outside, and only a person in charge of the department in charge can enter or leave the room. On the other hand, the third storage room 53 is a room for storing documents of low importance, and any employee can enter and leave, but a record of entering and leaving remains. In addition, an independent storage like the safety box 57 can be managed by the same system.

In the storage management system of the present embodiment, similarly to the first embodiment, a qualification is determined for each storage room and each small room, and a key card created with an IC card for employees who match the qualifications. 2 will be paid. Only employees who have been qualified by personal authentication based on the key card 2 can unlock the recognized room. That is, in the key card 2, information designating a lock to be permitted to access and personal authentication data obtained by the personal identification data input device and subjected to predetermined information processing are stored in a memory area managed by the CPU in the IC card. .

The storage 5 has a control unit 41 for exchanging information with an IC card reader / writer 42 for reading the key card 2 and a tablet 43 as a personal identification data input device, and an interface for controlling locks in each storage section. A lock management device 4 including a lock 44 is provided. An electric lock that can be remotely operated is provided in the storage rooms 51, 52, 53, the small rooms 54, 55, 56, and the door of the safety box 57, and the lock management device 4 controls locking and unlocking. Each door is provided with an abnormality detection sensor 58, which detects that there is access to the room and transmits a signal to the lock control device 4. Also, an indicator lamp may be provided and lit at the door where access has been permitted to notify the accessor.

To use the storage 5, the user inserts the key card 2 into the card reader / writer 42 and inputs the code determined at the time of registration into the tablet 43.
The control unit 41 confirms that the key card 2 is a genuine IC card, and confirms which lock corresponds to the lock from the recorded contents provided via the CPU of the key card 2. Next, personal identification information such as a signature input from the tablet 43 is collated with personal authentication data provided from the key card 2 to determine whether or not they are the same. When the authentication data collation software confirms that both match, it determines that the lock specified by the key card 2 is a person who has access right and unlocks the specified lock.

When the user accesses a place other than the permitted management area, the sensor is activated to generate an alarm. When an unauthorized access occurs, the lock may be automatically locked so that the unauthorized access person is locked in the room. In addition, when unlocking based on the key card 2 is permitted, the permitted object is displayed by turning on the indicator light provided on the lock or in the room or the shelf, and a mischievous person makes an incorrect access. May be prevented.

The required authentication depth can be determined in advance according to the security level of the target room.
Simply presenting the key card 2 may be a level that permits access, and may require that the previously input code and the shape, stroke order, and writing pressure match. Further, it may be a higher level that requires a combined guarantee such as a password and a signature. Note that a plurality of pieces of authentication information may be stored in one key card 2 corresponding to these different levels of security, and the corresponding authentication data may be read out and collated for each lock accessed.

Further, a plurality of different personal identification data input means may be provided on the side of the storage 5 so that they can be selectively used depending on the required authentication level. In general, authentication information corresponding to a high security level requires time and effort to input personal identification data, so that locks requiring only a low level of security can prioritize user convenience by using a simpler authentication method. In addition, by allowing the user to select accurate authentication information from a plurality of types, unauthorized access can be easily eliminated. If the user is allowed to select which kind of personal identification data and how to combine the personal identification data, it is more difficult to impersonate another person and the security is further improved.

In the present management system, since the individual who accesses the lock can be clearly grasped, it is possible to automatically record when and who accesses which storage room (or storage shelf). When a power failure occurs or the power cable is disconnected, the system is locked on the security side. It is preferable to provide a mechanism for alerting the management room when an abnormality occurs in the storage, including vandalism. It is preferable to provide an authentication level for an administrator who can release the lock in an emergency. In the description of the present embodiment, the management of documents is described. However, the same embodiment can be applied to a request for a medicine store, a medicine shelf, a locker, or the like that manages medicines according to the degree of risk.

[0041]

As described in detail above, the lock control system of the present invention is a system in which only a previously authorized person himself / herself can unlock a lock. In order to correctly authenticate an authorized person, A high degree of safety of the stored items can be secured. By applying this system, it is possible to construct a storage management system and a safe deposit box management system with higher security than before.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a first embodiment of a lock management system according to the present invention.

FIG. 2 is a block diagram illustrating a lock management system according to a second embodiment of the present invention.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Key card issuing place 11 Host computer 12 Data input / output device 13 Personal identification data input device 14 Reader / writer for key IC card issuance 2 Key card 3 Safe deposit box 31 Unlock processing unit 32 Safe 5 Storage box 51, 52, 53 Storage room 54, 55, 56 Small room 57 Safety box 58 Abnormality detection sensor 4 Lock control device 41 Control unit 42 IC card reader / writer 43 Tablet 44 Interface

Claims (8)

[Claims] 1. An IC card reader comprising an IC card reader and a personal identification data input device, wherein an IC card in which user identification data is recorded is read by the IC card reader, and personal identification data input from the personal identification data input device is read. A lock management system characterized in that the personal authentication data recorded on the IC card is collated, and when the authentication is passed, the corresponding lock is unlocked. 2. The lock control system according to claim 1, wherein the personal authentication data recorded on the IC card is biometric information data owned by a user or information data created by the user. 3. The lock management system according to claim 1, wherein there are a plurality of types of personal authentication data that can be recorded on the IC card, and the data can be selectively recorded. 4. The lock control system according to claim 3, wherein said personal identification data input device is installed corresponding to at least two or more types of said selectable personal authentication data. 5. The lock management system according to claim 3, wherein there are a plurality of locks that can be unlocked by the IC card, and a type of personal authentication data to be applied to each lock can be selected. 6. The lock management system according to claim 1, wherein the lock is provided in a safe. 7. The lock according to claim 3, wherein said lock is provided for each management section of a storage which is divided into a plurality of management sections, and personal authentication data to be applied to each management section can be selected. The lock control system described in Crab. 8. The lock management system according to claim 7, wherein foreign matter intervention detection means is provided in the management section, and the operation of the detection means in the management section having passed the authentication is stopped.