JP2001052181A - Personal authenticating method and recording medium recording personal authentication program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a personal authenticating method by which both the requests of the person himself acceptance and another person refusal are satisfied and authentication is performed while following the real environment of use. SOLUTION: The authenticated result is plural kinds of body features is stored in a table and an evaluation function expressing the reliability of each of body features is calculated by using the information of a preset security level for personal authentication and information in the table. Thus, the body feature most suitable for authentication is selected out of plural kinds of the body features, the input of the body feature is requested to a user, the body feature provided from the user and the body feature of a previously registered specified individual are collated and discriminated and when the specified individual is discriminated, authenticating processing is finished and when the specified individual is not discriminated, the authentication is performed by the evaluation function while using the body feature presented as the next candidate. Such a stepwise selection is repeated until using all plural kinds of body features.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a personal authentication method and apparatus, and more particularly to a method and apparatus for performing authentication using a plurality of physical features.

[0002]

2. Description of the Related Art A password is commonly used as a means for ensuring security in services via a communication network. However, if a password is stolen, another person can impersonate himself. In order to prevent this, there is a method that uses physical characteristics (biometrics) such as fingerprints and handwritings that can be possessed only by the person himself. However, also in this case, authentication is not always performed stably due to changes in the surrounding environment.
In addition, there is a problem that there is a risk of being simulated or imitated. For this reason, a method using a plurality of biometrics has been considered.

[0003]

The method of using a plurality of biometrics is roughly classified into the following two types. The first is the duplication of the authentication means. As shown in JP-A-10-137222, if one of the two types of biometrics cannot be authenticated, the other is authenticated. Nevertheless, they are trying to avoid being rejected. The second is improvement of authentication accuracy.
8. A weighted combination of authentication results of a plurality of biometrics as disclosed in JP-A-10-137221 is often adopted.
However, the first method facilitates the acceptance of the person, but the function of rejecting others is reduced, and the second method has a fixed weight so that a request different from that when the device was designed occurs or There is a problem that the weight cannot be adjusted when the use environment changes.

As described above, in the conventional method, there is a problem that a method of using a plurality of biometrics has not been established while the importance of accepting a person and rejecting another person differs depending on the application. In addition, there is a problem that individual customization is required to construct an authentication server corresponding to various uses, and fine tuning is required in order to further respond to changes in the environment, which is troublesome. SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and an object of the present invention is to provide a personal authentication method and an apparatus for satisfying both requests for accepting and rejecting another person, and an actual use environment. The present invention provides a personal authentication method and a personal authentication method that adapt to the following.

[0005]

In order to achieve the above object, the present invention can be configured as follows. The present invention is a personal authentication method for extracting a physical characteristic unique to an individual and performing identity verification using the physical characteristic, and storing authentication results for a plurality of types of physical characteristics in a table,
By calculating an evaluation function representing the reliability of each physical feature using the information on the security level of the personal authentication set in advance and the information of the table, it is most suitable for authentication from the plurality of types of physical features. The user selects a physical characteristic and requests the user to input the physical characteristic, and compares the physical characteristic obtained from the user with the physical characteristic of a specific individual registered in advance, and the physical characteristic is It is determined whether or not it belongs to the specific individual, and when it is determined that the specific individual, the authentication process is terminated, and when it is not determined that the specific individual, the physical function listed as the next candidate by the evaluation function The stepwise selection of authentication using features is repeatedly performed until all types of physical features are used.

According to the present invention, it is possible to select an optimal physical characteristic.
Authentication can be performed more reliably than a method of randomly selecting a physical feature as in the case of 0. The present invention can also be configured as follows. The present invention relates to a personal authentication method for extracting a physical characteristic peculiar to an individual and performing identity verification using the physical characteristic, wherein a user-side terminal is connected to a center-side device via a communication network; This is a method in which the side device or the user sequentially selects physical characteristics to be used from among a plurality of types of physical characteristics and uses the selected physical characteristics for authentication. By storing the authentication result of the physical feature in a table and calculating an evaluation function representing the reliability of each physical feature using the information on the security level of the personal authentication set in advance and the information of the table. From the plurality of types of physical characteristics, a physical characteristic most suitable for authentication is selected and the name of the physical characteristic is transmitted to the user side terminal. The physical information is input, the physical characteristics are extracted, and the extracted physical characteristics are transmitted to the center-side device. In the center-side device, the physical characteristics transmitted from the user-side terminal and the physical characteristics of the specific individual registered in advance. It is determined whether or not the physical characteristic is that of the specific individual by comparing the characteristic with the specific individual. If the physical individual is determined, the authentication process is terminated.If the physical individual is not determined, the selection is performed. In the case where the user repeatedly performs the stepwise selection of authenticating using the physical characteristics listed as the next candidate until all of the plurality of types of physical characteristics are used, and the user selects the physical characteristics, The user inputs physical information specified by himself, extracts physical characteristics and transmits the extracted physical characteristics to the center-side device, and the center-side device registers in advance with the physical characteristics transmitted from the user-side terminal. Specific individuals It is determined whether the physical characteristic belongs to the specific individual by comparing the physical characteristic with the specific individual.If the specific individual is determined, the authentication process is terminated.If the specific individual is not determined, The stepwise selection of performing authentication using the physical characteristics listed as the next candidate by the designation is repeatedly performed until all of the plurality of types of physical characteristics are used.

Further, the present invention can be configured as follows. The present invention relates to a personal authentication method for extracting a physical characteristic peculiar to an individual and performing identity verification using the physical characteristic, wherein a user-side terminal is connected to a center-side device via a communication network; An individual whose side device or user selects a physical feature to be used from among a plurality of types of physical features in order and uses it for authentication, and the process related to authentication is divided into two processes, a pre-process and a post-process. In the authentication method, when the center-side device selects a physical feature, authentication results for a plurality of types of physical features are stored in a table, and information on a security level of preset personal authentication and By calculating an evaluation function representing the reliability of each physical feature using the information of the table, the physical feature most suitable for authentication from among a plurality of types and the processing method of the preceding process are determined by the terminal. Transmitting, the terminal inputs the physical information designated by the center-side device by the pre-process, extracts a physical feature, and transmits the extracted physical feature to the center-side device. When the physical characteristics transmitted from the terminal and the physical characteristics of the specific individual registered in advance are compared to determine whether the physical characteristics belong to the specific individual, and the physical characteristics are determined to be the specific individual Ends the authentication process, and when not determined to be the specific individual, performs the stepwise selection of performing authentication using the physical feature listed as the next candidate by the selection, using all of the plurality of types of physical characteristics. Repeat until
When determining the physical characteristics to be used by the user, the user-side terminal inputs the physical information specified by the user by the pre-process processing method transmitted from the authentication server and outputs the physical characteristics. Is extracted and transmitted to the center-side device, and the center-side device checks the physical characteristics transmitted from the terminal by post-processing with the physical characteristics of a specific individual registered in advance in the center-side device. Is determined as to whether or not it belongs to the specific individual, and if it is determined to be the specific individual, the authentication process is terminated; if it is not determined to be the specific individual, the physical candidate listed as the next candidate by the designation The stepwise selection of authentication using features is repeatedly performed until all of the plurality of types of physical features are used.

[0008] According to these inventions, it is also possible to select an optimal physical characteristic.
Authentication can be performed more reliably than the method of randomly selecting physical characteristics as shown in 53540. Further, since the user can select an appropriate physical feature, convenience is further improved. In the above configuration, communication between the center-side device and the user-side terminal may be performed by a public key cryptosystem.

Further, the contents of the table may be updated according to a determination result obtained each time authentication is performed. According to this, it is possible to select an optimal physical characteristic even in an environment involving a change with time while maintaining the designated priority. The present invention can also be configured as the following recording medium. That is, the present invention is a recording medium recording a personal authentication program for causing a computer to execute a process of performing authentication using one physical characteristic from among a plurality of types of physical characteristics, and stores the authentication result in a table. The procedure of storing, the procedure of setting a security level for personal authentication, and calculating an evaluation function representing the reliability of each physical feature by using the information of the security level and the information of the table, thereby obtaining the plurality of types of the plurality of types. A procedure for selecting the most suitable physical characteristics from the physical characteristics for authentication,
The physical characteristics obtained from the user are compared with the physical characteristics of the specific individual registered in advance, and it is determined whether the physical characteristics are of the specific individual. When the authentication process is completed, and when the individual is not determined to be the specific individual, the evaluation function is used to perform authentication using the physical feature listed as the next candidate. And a procedure that is repeatedly performed until the operation is completed.

Further, the present invention can be configured as follows. In the present invention, the user-side terminal is connected to the center-side device via a communication network, and the center-side device or the user sequentially selects physical characteristics to be used from among a plurality of types of physical characteristics. A recording medium storing a personal authentication program for executing processing of the center-side device for performing authentication, wherein a procedure for storing authentication results of a plurality of types of physical characteristics in a table and a procedure for setting a security level of personal authentication And calculating an evaluation function representing the reliability of each physical feature using the information of the security level and the information of the table, thereby selecting a physical feature most suitable for authentication from a plurality of types of physical features. And comparing the physical characteristics transmitted from the user terminal with the physical characteristics of a specific individual registered in advance, and comparing the physical characteristics with the specific characteristics. It is determined whether or not it belongs to an individual, and when it is determined to be the specific individual, the authentication process is terminated, and when it is not determined to be the specific individual, the physical characteristics listed as the next candidate by the selection are used. And step-by-step repetition of stepwise selection of authenticating until all of the plurality of types of physical characteristics are used.

Further, the present invention can be configured as follows. In the present invention, the user-side terminal is connected to the center-side device via a communication network, and the center-side device or the user sequentially selects physical characteristics to be used from among a plurality of types of physical characteristics. A recording medium on which a personal authentication program for executing processing of the user side terminal for performing authentication is recorded, wherein the user himself / herself sets a security level of personal authentication, and inputs physical information specified to perform physical authentication. A step of extracting a feature and transmitting the extracted feature to the center-side device, and a step-by-step selection of authenticating using the physical feature listed as the next candidate by the designation when the center-side device does not authenticate the user. A step of repeatedly performing until all of the plurality of types of physical characteristics are used.

By causing a computer to read the program recorded on the recording medium, it becomes possible to realize a center-side device and a user-side terminal for implementing the personal authentication method of the present invention. As described above, according to the present invention, the priority of acceptance / rejection of another person is set on the user side or the authentication server side, and the authentication result of the biometrics used in the process of operating the server based on the setting is statistically calculated. By registering the information as information in a table and updating the table each time authentication is performed, the most suitable biometrics can be used. This enables customization of the authentication server and automation of tuning.

[0013]

Next, an embodiment of the present invention will be described with reference to the drawings. FIG. 1 is a block diagram showing a personal authentication system according to an embodiment of the present invention. The system includes a user 1, a user terminal 2, a communication network 3, and an authentication server 4.
Consists of Note that the authentication server can also be called a center-side device. The user terminal 2 includes an input unit 21, a pre-processing unit 22, a display unit 23, and a use order memory unit 24. The pre-processing unit 22 includes N different sensors (sensor 1 (22
1), sensor 2 (222), ..., sensor N (22
3)) and the corresponding feature extraction unit (feature extraction unit 1 (2
24), feature extraction unit 2 (225),..., Feature extraction unit N
(226)). The authentication server 4 includes a priority setting unit 41, a determination result storage table 42, a selection unit 43, a post-processing unit 44, and a personal feature memory unit 45. The post-processing unit 44 includes N collating units (collating unit 1 (441), collating unit 2 (442),..., Collating unit N (443)) and a corresponding determining unit (determining unit 1 (444)). ), Determination unit 2 (44
5),..., Judgment unit N (446)).

In the personal authentication system, the user terminal 2 acquires a physical feature from information acquired by one of a plurality of sensors by a feature extracting unit corresponding to the sensor, and the authentication server 4 acquires the physical feature from the information. Personal authentication is performed by comparing the target feature with the registered feature. The operation of this embodiment will be described with reference to the processing flow of FIG. In the flow of FIG. 2, attention is paid particularly to a process of selecting and using biometrics to be used from a plurality of biometrics.

At step 501, the authentication server 4 or the user 1 can select which biometric to use from among a plurality of biometrics. This can be selected by the user, for example. If the authentication server 4 has a selection right, the authentication server 4 sets the use order k (k = 1, 2,..., N) of the biometrics. When k = 1 is set (step 502), the authentication server 4 presents the display unit 23 via the communication network 3 to input the information of the k-th biometric. The user 1 inputs the information of the k-th biometric from the designated sensors out of N according to the presentation on the display unit 23. The user terminal 2 transmits the extracted features to the authentication server 4 via the communication network 3, and the authentication server 4 performs authentication in the post-processing unit 44 (step 50).
3). If the user 1 is determined to be the user (step 50
4), a message indicating acceptance is displayed on the display unit 23 (step 505), and the process ends.

If the person is not determined (step 50)
4), k is set to k = k + 1 (step 506), k
Authentication is performed using the next designated biometric among the biometrics that have not been used up to this time (step 503), and it is determined whether or not the user is the principal (step 504). If the above process is repeated and all the specified N biometrics are used (k> N) and the user is not yet authenticated (step 507), the process is retried from the beginning (step 508).

If user 1 has the right to select,
Sets the use order k of biometrics from the input unit 21 (step 509). The user terminal 2 sets k = 1 (step 510), and authentication using the k-th biometric is performed (step 511). When the user 1 is determined to be the user (step 512), the user 1 is accepted (step 513), and the process ends. If it is not determined that the user is the principal (step 512), k is updated to k = k + 1 (step 514), and the authentication is repeated by changing the used biometrics. If all the specified N biometrics are used (k> N) and the user is still not authenticated (step 515), the retry is performed from the beginning (step 51).
6).

Next, the detailed operation of this embodiment will be described with reference to FIGS.
This will be described with reference to FIG. FIG. 3 is a diagram showing a processing flow when the authentication server 4 has a selection right. User 1 is input unit 2
When the ID number is entered from No. 1, it is transmitted to the authentication server 4 (steps 1 and 2). Biometrics exists in a wide range from those with high authentication accuracy to those with low authentication accuracy, those with affinity for users, and those that are difficult to use. Biometrics is selected by the processing of the priority setting unit 41, the determination result storage table unit 42, and the selection unit 43. Here, an outline will be described, and details will be described later.

The priority setting unit 41 considers the situation and the security level required by the service, and
The degree occupied by each element of denial of others is determined (step 3). The selection unit 43 is the first of N biometrics from the contents of the determination result storage table unit 42 in which the degree of emphasis on accepting and rejecting others and the authentication result of each biometric of the user 1 so far are stored. The first biometric to be used is determined by a method described later (steps 4 and 5), and its name is transmitted to the user terminal 2 and displayed on the display unit 23 (step 6).

The user 1 looks at the display and inputs biometrics information using a sensor corresponding to the first biometrics (step 7), and executes a program existing in the pre-processing unit 22 to extract features. (Step 8), transmit to the authentication server 4. The authentication server 4 receives the feature (step 9), activates the program of the matching unit corresponding to the first biometrics, and transmits the registered feature of the user 1 stored in the personal feature memory unit 45 and the transmitted second feature. Matching is performed with the feature of one biometric to obtain a measure of similarity or difference (step 10). The determination unit applies a threshold value to the scale to determine whether or not the feature of the first biometrics belongs to the user, writes the determination result in the determination result storage table unit 42, and updates the content. If the result of the determination is that the user is himself, the login to the user terminal 2 is accepted (steps 11 and 1).
2) If it is another person, it is rejected (step 1)
3). When the rejection occurs, the selection unit 43 determines the second biometric to be used second from the remaining (N-1) biometrics, transmits the name to the user terminal 2, and executes the second biometric by the processing described above. Authentication based on biometrics is performed (step 14 to). Hereinafter, the above process is repeatedly performed until the user is authenticated. If the user authentication is not completed even when all the biometrics are used, the process is retried from the beginning.

FIG. 4 shows the processing when the user 1 has the right to select. User 1 enters an ID number (step 1),
Next, when the biometrics which are easy to use and can be accepted with high accuracy from the viewpoint of efficiency and affinity are sequentially designated, the contents are stored in the use order memory unit 24 (steps 2 and 3). Subsequently, when the contents of the use order memory unit 24 are read and a message prompting input of the first biometrics appears on the display unit 23, the user 1 inputs the biometrics information using the sensor corresponding to the first biometrics. Then, the program existing in the pre-process processing section 22 is executed to extract features and transmit the features to the authentication server 4 (steps 4 and 5).

In the following, collation and judgment are executed, and
The process up to the point where the rejection is performed is the same as the process in FIG.
The difference is the post-processing in the case of refusal. In FIG. 3, the authentication server 4 transmits the biometric name determined to be used for the second time to the user terminal 2, whereas in FIG. By the way (step 9). Upon receiving the personal rejection notification (step 10), the user 1 performs authentication using the second biometrics in the same processing as the above-described processing, and thereafter, the above processing is repeatedly performed until the user is authenticated (steps 11 to 11). If the authentication fails even after all the biometrics are used, a retry is performed from the beginning.

Next, the above-described process of selecting biometrics will be described in detail. FIG. 5 is a diagram showing the contents of the determination result storage table 42, in which the number of uses T, the number of false rejections R, and the number of other persons accepted A for each biometric are stored. The initial values of T, R, and A are all zero.
When the authentication based on a certain biometric is executed, T corresponding to the biometric is incremented by 1. If R is not authenticated as the user 1 as a result of the authentication, R becomes 1.
Is only incremented. Since it is difficult to measure the number of accepted persons A in actual operation, when the user is not authenticated as the user 1, the post-process processing is performed using the characteristics of all the users other than the user 1 stored in the personal characteristic memory unit 45 as input. If the unit 44 collates with the characteristics of the user 1 and is authenticated as the user 1, A is incremented by 1 assuming that another person has been accepted. As described above, the values of T, R, and A are updated each time authentication is performed.

FIG. 6 is a block diagram of the selection unit 43, which comprises an evaluation function calculation unit 431 and a maximum value detection unit 432. The evaluation function calculation unit 431 calculates the importance degree α of the false acceptance of the false rejection input from the priority setting unit 41, the use count T, the false reject count R, and the false count A input from the determination result storage table 42. Then, the value of the evaluation function GG = 1− (R + αA) / T (1) in the equation (1) is obtained. In the second term on the right side of equation (1), A is α compared to R
Double weight is applied. The second term on the right side of equation (1) is a penalty term, and the value of G increases as A and R become smaller, and takes the maximum value 1 when R = A = 0. The maximum value detection circuit 432 detects the maximum value among the G values to be selected, displays the corresponding biometric name on the display unit 23 of the user terminal 2, and prompts the user 1 to input the biometric information. . Since G is calculated every time authentication is performed, the authentication server 4 finds a substitute biometric when the authentication accuracy of the user 1 that has been used frequently at first decreases with time. If there are many users having biometrics similar to the biometrics of the user 1 among a large number of users, the authentication server 4 instructs to use one different from the biometrics, so that highly reliable authentication can be performed. . When a new user having similar biometrics joins from the middle, the use of different biometrics can be similarly switched by the guidance of the authentication server 4. In this way, even if the use environment changes, the system can follow the change, so that stable authentication can always be performed. In addition, since the above operation is automatically performed by the authentication server 4, there is no need for manual customization and tuning.

FIGS. 3 and 4 show a program for the pre-process processing and a program for the post-process, respectively.
4, the authentication server 4 can transmit a program for the pre-process, and FIGS. 7 and 8 show the processing procedure in such a configuration. FIG. Note that ProGUI and the like used in the following description are symbols indicating each component, and hereinafter, the element may be referred to only by the symbol.

FIG. 7 shows a process when the authentication server 4 has a selection right. User 1 is the user's public key Pk (A) and private key
Sk (A) is generated, and then Pk (A) and the ID number are transmitted to the authentication server 4 (steps 1 and 2). The authentication server 4 receives them (Step 3), activates the priority setting unit 41 and the selection unit 43 one after another (Steps 4 and 5), and obtains the first biometrics B1 (Step 6). Further, the GUI control program ProGUI for displaying the input menu of the biometric information in the user terminal 2 is read (step 7). Further, the authentication server 4 uses the feature extraction program ProF
ow, create EPk (A) (ProFow, SXPro) by encrypting scramble program SXPro with Pk (A) (step 8),
1. ProGUI and EPk (A) (ProFow, SXPro) are transmitted to the user terminal 2. In user terminal 2, ProFow and SXPro use secret key Sk
(A) is decrypted (steps 9 and 10), and user 1
Input from the sensor corresponding to B1 according to the instruction of ProGUI (Step 11), and execute ProFow to extract the feature Kaz (Step 12). Next, Kaz is scrambled by SXPro to obtain Kaz {-1} (step 13), and ESk (A) (Kaz {-1}, ID) encrypted by ESk (A) is added to these to the authentication server 4. (Step 14).

The authentication server 4 performs decryption using Pk (A) (steps 15 and 16), and extracts Kaz {-1}. Then, the scrambled feature Kaz [0] {-1} of the user 1 is read from the personal feature memory unit 45 (step 17), and Kaz, Kaz [0] are converted by the scramble decoding program SXPro {-1}. It is restored (step 18). Thereafter, a series of processing sequences for activating the collation unit and the determination unit and performing Kaz authentication are the same as those in FIG.

FIG. 8 shows the processing when the user 1 has the right to select. The user 1 sequentially designates biometrics that are easy to use and can be accepted with high accuracy from the viewpoint of efficiency, affinity, etc., and store them in the use order memory unit 24. The user 1 sends the user's public key Pk (A), ID number, and B1 read from the use order memory unit 24 to the authentication server 4 (steps 1 to 3). Features using feature extraction program ProFow
Kaz is extracted (steps 4 to 9), the data scrambled by the scramble program SXPro and the first biometric name B1 read out from the use order memory unit 24.
Is transmitted to the authentication server 4 (steps 10 and 11).

Thereafter, the collation / judgment is executed and the acceptance / rejection of the person is performed, which is the same as the processing in FIG. The difference is the post-processing in the case of rejection. In FIG. 7, the authentication server 4 executes the program Pr for extracting B2 and the features of B2.
Although oGUI, ProFow and the scramble program SXPro are transmitted to the user terminal 2, B2 is unnecessary in FIG.
Upon receiving the data, the user 1 performs authentication by B2 in the same process as the above-described process, and thereafter, the process is repeatedly performed until the user is authenticated, and even if all biometrics are used, the user 1 performs authentication. If not, it will be retried from the beginning.

As described above, by dividing the steps in the personal authentication process and performing each process in the terminal and the server, it is possible to maintain security and reduce the amount of communication. Further, by encrypting the program and sending it to the terminal, it is possible to easily change the algorithm and the like, and it is possible to further enhance security.

The personal authentication system of the present invention is not limited to the configuration shown in FIG. 1, but various configurations are possible. For example,
The configuration shown in FIG. 9 can be adopted. This personal authentication system includes a user 1, a user terminal 2, a communication network 3, and an authentication server 4. In FIG. 1, the collating units (collating unit 1 (441), collating unit 2 (442),..., Collating unit
N (443)) is located in the user terminal 2 in FIG.

Also in this example, either the authentication server 4 or the user 1 may have the right to select which biometric to use from among a plurality of biometrics. When the authentication server 4 has a selection right, the authentication server 4 sets the use order k of biometrics (k = 1, 2,..., K, K; the number of types of biometrics to be used). k = 1
Is set, the authentication server 4 presents the information of the k-th biometric to the display unit 23 via the communication network 3 to input the information. The user 1 inputs the information of the k-th biometric from the designated sensors among the N sensors, performs collation using the extracted features, transmits the result to the authentication server 4 via the communication network 3, and transmits the result to the authentication server. Reference numeral 4 denotes a determination unit for determining whether or not the user is the person. If the user 1 is determined to be the user, a message indicating acceptance is displayed on the display unit 23, and the process ends. If the person is not identified, k is k = k +
It is set to 1, and the authentication is performed in the above-described procedure using the designated biometrics, and it is determined whether or not the user is the principal. The above process is repeated, and even if all of the specified N biometrics are used, if the user is still not authenticated, the retry is performed from the beginning.

If user 1 has the right to select, user 1
Sets the use order k of the biometrics by the input unit 21 and is stored in the use order memory unit 24. The user terminal 2 is set to k = 1, and authentication using the k-th biometric is performed. When the user 1 is determined to be the user, the user 1 is accepted and the process ends. K is k = k + 1 if the person is not determined
The information stored in the use order memory unit 24 is read out, and the authentication is repeated by changing the use biometrics. If the user is not authenticated even after using all the specified N biometrics, retry from the beginning.

In FIG. 9 of this embodiment, the collating unit (collating unit 1 (4
41), collating unit 2 (442),..., Collating unit N (44
3)) is described in the user terminal 2, but the determination unit (the determination unit 1 (444), the determination unit 2 (445),..., The determination unit)
N (446)) may belong to the user terminal 2, and only the determination result may be transmitted to the authentication server 4.
Furthermore, it is also possible to provide a personal authentication device that performs determination from input of characteristics and selection of biometrics in a stand-alone manner.

A program for realizing each of the above-described components can be stored in a recording medium such as a CD-ROM or a floppy (registered trademark) disk. By installing the program stored in the recording medium on a computer, it is possible to perform the processing of the terminal and the authentication server of the present invention. Further, it is also possible to pre-install the above program on a computer.

As described above, the present invention has been specifically described based on the embodiments. However, it is needless to say that the present invention is not limited to the above-described embodiments and can be variously modified without departing from the gist of the present invention.

[0037]

As described above, according to the present invention, the priority setting of acceptance or rejection of another person is performed on the user side or the authentication server side, and the authentication result of biometrics in the operation process is stored in a table as statistical information. Since it is registered and updated every time authentication is performed, there is an advantage that the optimum biometrics can be used while maintaining the specified priority. In addition, since the updating is performed automatically, there is an advantage that it is possible to reduce the labor for providing a variety of uses and to apply the system to an environment that changes with time.

[Brief description of the drawings]

FIG. 1 is a block diagram of a personal authentication system according to an embodiment of the present invention.

FIG. 2 is a processing flowchart of the personal authentication system in FIG. 1;

FIG. 3 shows an authentication server 4 in the personal authentication system in FIG.
FIG. 7 is a communication control flow diagram when the user has a selection right.

FIG. 4 is a communication control flow diagram when the user 1 has a selection right in the personal authentication system in FIG. 1;

FIG. 5 is a diagram showing an example of a determination result storage table 42.

FIG. 6 is a block diagram of a selection unit 43;

FIG. 7 is a diagram illustrating an example of the personal authentication system shown in FIG.
FIG. 7 is a communication control flow diagram in a case where the communication control is transmitted from the server.

8 is a communication control flow diagram in a case where a program for a pre-process is transmitted from the authentication server 4 when the user 1 has a selection right in the personal authentication system in FIG.

FIG. 9 is a block diagram of a personal authentication system showing another embodiment of the present invention.

[Explanation of symbols]

 Reference Signs List 1 user 2 user terminal 3 communication network 4 authentication server 21 input unit 22 pre-process processing unit 23 display unit 221 sensor 1 222 sensor 2 223 sensor N 224 feature extraction unit 1 225 feature extraction unit 2 226 feature extraction unit N 41 priority setting Unit 42 determination result storage table 43 selection unit 44 post-process processing unit 45 personal characteristic memory unit 441 collation unit 1 442 collation unit 2 443 collation unit N

 ──────────────────────────────────────────────────続 き Continuing on the front page (72) Inventor Toru Wakahara 2-3-1 Otemachi, Chiyoda-ku, Tokyo Inside Nippon Telegraph and Telephone Corporation (72) Inventor Masafumi Tonami 2-chome Otemachi, Chiyoda-ku, Tokyo No. 1 Inside Nippon Telegraph and Telephone Corporation (72) Inventor Riki Horioka 2-3-1 Otemachi, Chiyoda-ku, Tokyo Nippon Telegraph and Telephone Corporation (72) Kiyoshito Tanaka Otemachi, Chiyoda-ku, Tokyo 2-3-1, Nippon Telegraph and Telephone Corporation (72) Inventor Yoshiyoshi Yamanaka 2-3-1, Otemachi, Chiyoda-ku, Tokyo Nippon Telegraph and Telephone Corporation (72) Inventor Naohisa Komatsu Kokubunji, Tokyo 1-26-24 Hikarimachi F-term (reference) 5B043 AA09 BA02 BA06 CA09 FA02 FA08 GA13 5B085 AE25

Claims (9)

[Claims] 1. A personal authentication method for extracting a physical characteristic peculiar to an individual and performing identity verification using the physical characteristic, wherein authentication results for a plurality of types of physical characteristics are stored in a table and are set in advance. By calculating an evaluation function representing the reliability of each physical feature using the information on the security level of the personal authentication and the information in the table, the physical feature most suitable for authentication from among the plurality of types of physical features And requesting the user to input the physical characteristics, collating the physical characteristics obtained from the user with the physical characteristics of the specific individual registered in advance, and comparing the physical characteristics with the specific individual. It is determined whether or not the physical characteristics listed as the next candidate by the evaluation function when it is determined that the specific individual, the authentication process ends when it is determined that the specific individual. Personal authentication method, which comprises carrying out repeated stepwise selection until use all of the plurality kinds of physical features that have been authenticated. 2. A personal authentication method for extracting a physical characteristic peculiar to an individual and performing identity verification using the physical characteristic, wherein a user side terminal is connected to a center side device via a communication network, This is a method in which a physical device used by a center device or a user is selected from a plurality of types of physical characteristics in order and used for authentication. The authentication result for each type of physical feature is stored in a table, and an evaluation function representing the reliability of each physical feature is calculated using the information on the security level of the personal authentication set in advance and the information in the table. By selecting a physical feature that is most suitable for authentication from a plurality of types of physical features, and transmitting the name of the physical feature to the user-side terminal, The user inputs the determined physical information, extracts the physical characteristics and transmits the extracted physical characteristics to the center-side device, and the center-side device transmits the physical characteristics transmitted from the user-side terminal and the specific individual registered in advance. It is determined whether the physical characteristic belongs to the specific individual by comparing the physical characteristic with the specific individual.If the specific individual is determined, the authentication process is terminated.If the specific individual is not determined, When the user performs the stepwise selection of performing authentication using the physical characteristics listed as the next candidate by the selection until all of the plurality of types of physical characteristics are used, and the user selects the physical characteristics In, the user inputs the physical information specified by himself, extracts the physical characteristics, transmits the physical characteristics to the center device, and the center device transmits the physical characteristics transmitted from the user terminal in advance. Specific registered It is determined whether or not the physical feature is that of the specific individual by comparing with the physical characteristics of the individual, and when it is determined that the individual is the specific individual, the authentication process is terminated and the individual is not determined to be the specific individual. In some cases, a stepwise selection of performing authentication using the physical feature listed as the next candidate by the designation is repeated until all of the plurality of types of physical features are used. 3. A personal authentication method for extracting physical characteristics unique to an individual and performing identity verification using the physical characteristics, wherein a user terminal is connected to a center device via a communication network, The physical device to be used by the center-side device or the user is selected from a plurality of types of physical characteristics in order and used for authentication, and the process related to authentication is divided into two processes, a pre-process and a post-process. In the personal authentication method, when the center device selects a physical feature,
Authentication results for a plurality of types of physical features are stored in a table, and an evaluation function representing the reliability of each physical feature is calculated using information on a security level of personal authentication set in advance and information on the table. By transmitting to the terminal a physical feature most suitable for authentication from among a plurality of types and a processing method of a pre-process, the terminal inputs physical information designated by the center-side device by the pre-process. Then, the physical characteristics are extracted and transmitted to the center-side device, and the center-side device checks the physical characteristics transmitted from the terminal by post-processing with the physical characteristics of a specific individual registered in advance. A determination is made as to whether or not the physical characteristic is that of the specific individual. If the physical individual is determined, the authentication process ends.If the physical characteristic is not determined, the selection is performed. In the case where the stepwise selection of authentication using the physical feature listed as the next candidate is repeated until all of the plurality of types of physical features are used, and the physical feature used by the user is determined. In the, the user side terminal inputs the physical information specified by the user by the pre-process processing method transmitted from the authentication server, extracts the physical characteristics, transmits to the center side device, The center-side device compares the physical characteristics transmitted from the terminal with the physical characteristics of the specific individual registered in advance by post-process processing, and determines whether the physical characteristics are those of the specific individual. The step-wise selection of terminating the authentication process when determined to be the specific individual, and performing authentication using the physical characteristics listed as the next candidate by the designation when not determined to be the specific individual. Personal authentication method, which comprises carrying out repeated until use all kinds of physical features. 4. The personal authentication method according to claim 2, wherein communication between the center-side device and the user-side terminal is performed by a public key cryptosystem. 5. The personal authentication method according to claim 1, wherein the contents of the table are updated according to a determination result obtained each time authentication is performed. 6. A recording medium recording a personal authentication program for causing a computer to execute a process of performing authentication using one of a plurality of types of physical characteristics, wherein the authentication result is stored in a table. And setting a security level for personal authentication, and calculating an evaluation function representing the reliability of each physical feature using the information of the security level and the information of the table, thereby obtaining the plurality of types of body. Selecting a physical feature that is most suitable for authentication from among the physical features, and comparing a physical feature obtained from a user with a physical feature of a specific individual registered in advance to determine the physical feature. It is determined whether or not it belongs to an individual. If it is determined that the individual is the specific individual, the authentication process ends. If it is not determined that the individual is the specific individual, the next candidate is determined by the evaluation function. A step of repeatedly performing stepwise selection of performing authentication using the listed physical characteristics until all of a plurality of types of physical characteristics are used. . 7. The recording medium according to claim 6, wherein the contents of the table are updated according to a determination result obtained each time authentication is performed. 8. A user-side terminal is connected to a center-side device via a communication network, and the center-side device or a user sequentially selects physical features to be used from a plurality of types of physical features. A storage medium storing a personal authentication program for executing the processing of the center-side device that performs authentication by using a procedure for storing authentication results of a plurality of types of physical characteristics in a table, and setting a security level of personal authentication. By calculating an evaluation function representing the reliability of each physical feature using the procedure and the information of the security level and the information of the table, a physical feature most suitable for authentication is selected from a plurality of types of physical features. The selecting procedure, and comparing the physical characteristics transmitted from the user side terminal with the physical characteristics of a specific individual registered in advance, and comparing the physical characteristics It is determined whether or not it belongs to a specific individual, and if it is determined that the individual is the specific individual, the authentication process ends.If it is not determined that the individual is a specific individual, the physical characteristics listed as the next candidate by the selection are selected. A step of repeatedly performing stepwise selection of authentication by using the plurality of types of physical characteristics until all of the plurality of types of physical characteristics are used. 9. A user-side terminal is connected to a center-side device via a communication network, and the center-side device or a user sequentially selects physical features to be used from a plurality of types of physical features. A recording medium in which a personal authentication program for executing processing of the user side terminal for performing authentication by the user is stored. A step of extracting a physical characteristic and transmitting the extracted characteristic to the center-side device, and a step-by-step selection in which, when the center-side device is not authenticated, the user is authenticated using a physical characteristic listed as a next candidate according to the designation. A step of repeatedly performing the above steps until all of the plurality of types of physical characteristics are used.