JP2002368876A - On-vehicle information system and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an on-vehicle information system or the like that can provide information to the user, by simply and properly authenticating a user. SOLUTION: The system acquires a telephone number from a mobile phone 29 (S150), when the use of the telephone number has already been registered (S160: YES), the system displays a password authentication menu to urge the user to enter a password and a telephone number (S200). Then the system generates a secret code from the entered password and telephone number (S220), and discriminates whether or not the generated secret code is coincident with a secret code stored in a management table (S230). When the secret codes are coincident (S230: YES), the system decides that the authentication is OK (S240) and places no limit on the access. On the other hand, when dissident (S230: NO), the system decides that the authentication is NG (S140), and the system inhibits the access of the user to a personal folder to which the access by only a legitimate user is allowed.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an in-vehicle information system, and more particularly to a system capable of storing personal information.

[0002]

2. Description of the Related Art Conventionally, an in-vehicle information system including a navigation device and the like has been known, and in many cases, communication with the outside is enabled by mounting a mobile phone or the like. Therefore, by connecting to the Internet or the like via a mobile phone, web pages are browsed and e-mails are sent and received. For example, the chances of registering the user's personal information in the in-vehicle information system will increase. Examples of the personal information include, for example, information requiring a very high degree of confidentiality, such as a credit card number, and a telephone number list of a friend. There is no problem if the vehicle itself is used only by a specific user. However, in reality, there is a case where another person uses the vehicle, and in that case, a navigation function may be used. Of course, it is OK to use the navigation function itself, but there is a problem that personal information is leaked with the use of the navigation function. Therefore, the need for an authentication function is increasing.

Here, the authentication system in the conventional vehicle-mounted information system is as follows. When the system is started, for example, a screen for inputting a password is displayed on the display device. Then, it is determined whether the password input by the user matches the contents stored in the system. If they match, access to the information stored in the system is not restricted. By authenticating the user with the password in this way, only those who know the password can access the personal information.

[0004]

However, there is a problem that the password is simply inputting a character string, so that the password is easily leaked to a third party. In other words, if the passwords match, the in-vehicle information system permits access to personal information, and the highly private information, such as the credit card numbers and telephone number lists described above, leaks to others unexpectedly. Will be lost.

Accordingly, an object of the present invention is to provide an in-vehicle information system or the like which can provide information by performing user authentication simply and accurately.

[0006]

According to the present invention, there is provided an on-vehicle information system for solving the above-mentioned problems. Authentication is performed based on the obtained authentication information and the system-side authentication information stored in the system. As the individually selected call receiving device,
A mobile phone is considered as a representative, but may be a pager, for example. However, when a mobile phone is attached, communication with an external server or the like becomes possible, and browsing of a web page and transmission / reception of an e-mail can also be performed. Of course, in some cases, these functions can be performed by the mobile phone alone, but the functions are restricted due to the nature of the mobile phone.
For example, browsing a web page is centered on characters, and sending and receiving e-mails has a limited number of characters. On the other hand, an in-vehicle information system can use a large-screen display device and a high-performance computer as compared to a mobile phone. It is preferable to have a function.

Then, based on the authentication result of this authentication,
Provide available information. Unlike the conventional method in which anyone who knows the password can receive information, unlike the conventional method, authentication is not performed unless a physical device such as a personalized call receiving device such as a mobile phone is attached, so it is safer and more accurate than before. Can be authenticated. An individual selective call receiving device such as a mobile phone is always carried by its owner, and has an individual use as the individual selective call receiving device. Therefore, there is no inconvenience of carrying the vehicle only for authentication of the vehicle-mounted information system. Nevertheless, since unique information such as a telephone number is originally stored, it can be easily used as authentication information.

The determination as to whether the information can be provided is made, for example, by storing the information to be provided in different storage areas according to the level of authentication required, and storing the requested information in any of the storage areas. It may be determined whether or not the information can be provided based on whether the information is provided. For example, access to a storage area of information related to personal information such as a credit card number and a telephone number list is not permitted.

It is preferable that the authentication information stored in the individual selective call receiving device is at least unique information obtained from the individual selective call receiving device.
The unique information may be, for example, information including at least one of the telephone number and the serial number of the individually-selected call receiving device, or information generated based on at least one of them and the model number. (Claim 4).

[0010] According to a fifth aspect of the present invention, input information from a user may be received, and authentication may be performed in consideration of the received input information. For example, predetermined encryption information is generated based on authentication information and input information, and authentication is performed based on the generated encryption information and system-side authentication information (claim 6). For example, the input information may be a password or the like (claim 7).
In this way, even if the individual selective call receiving device such as a mobile phone is passed to another person, personal information can be guarded without knowing the password.

The above-mentioned authentication function in the on-vehicle information system can be realized by executing a program according to the present invention. Such a program can be recorded on a recording medium and distributed, or can be provided via a network, and can be loaded into a computer from a recording medium or a network and executed.

[0012]

Embodiments of the present invention will be described below with reference to the drawings. It is needless to say that the embodiments of the present invention are not limited to the following examples, and can take various forms as long as they belong to the technical scope of the present invention.

FIG. 1 is a block diagram showing a schematic configuration of the car information system 1. As shown in FIG. The in-vehicle information system 1 includes a position detector 21, an operation switch unit 22, a mobile phone connection device 2,
3, external storage device 24, audio output device 25, display device 2
6. Video control device 27, music control device 29, communication device 3.
0 and a control circuit 10 connected thereto.
The control circuit 10 is configured as a normal computer, and includes a well-known CPU, ROM, RAM,
/ O, a timer, and a bus line for connecting them.

The position detector 21 is a GPS (Global Posit
GPS for transmitting radio waves from artificial satellites for ioning systems
A GPS receiver that receives via an antenna and detects the position, direction, speed, etc. of the vehicle, a gyroscope that detects the magnitude of rotational motion applied to the vehicle, a vehicle speed sensor, wheel sensors, etc. It is provided with a distance sensor for detecting, a geomagnetic sensor 21 for detecting an absolute azimuth based on geomagnetism, and the like. Each of these sensors and the like has an error having a different property, and is configured to be used while complementing each other. Depending on the accuracy, a configuration may be made using only a part of the above-described sensors or the like, or a sensor or the like that obtains the direction by accumulating the steering angle of the vehicle obtained from the rotation difference between the left and right steered wheels. May be used.

The operation switch section 22 includes a mechanism switch, a remote control switch, a voice recognition device, and the like, all of which are not shown. The mechanism switch is, for example, a display device 26
A touch switch or a mechanical switch integrated with the device is used, and is used for various inputs such as a destination for a route calculation and a password input described later. Also,
The same instruction input as that of the mechanism switch can be made via a remote control switch. In the voice recognition device, while the mechanism switch or the remote control switch is used to manually specify a destination or the like, the user may similarly input a voice to specify the destination or the like. It is a device for making it possible. It should be noted that the operation switch unit 22 does not necessarily have to include all of these mechanism switches, remote control switches, and voice recognition devices, and any one of them can input a desired instruction. In the present embodiment, it is assumed that three are provided for convenience.

The portable telephone connecting device 23 is for connecting a portable telephone 29 as an "individually selected call receiving device". The portable telephone 29 is controlled by the control circuit 10 through the portable telephone connecting device 23. Can be. In other words, it is of course possible to use the mobile phone 29 alone, but if it is connected to the in-vehicle information system 1 via the mobile phone connection device 23, it can be controlled by the control circuit 10. In that case, use the above speech recognition function,
You may be comprised so that what is called a hands-free call can be performed.

The external storage device 24 stores various data including data for so-called map matching for improving the accuracy of position detection and data indicating road connection status (road network data). Note that this external storage device 2
As 4, a hard disk may be adopted, or a configuration in which a recording medium storing the above various data is read by a data input device may be adopted. As a recording medium, a CD-ROM, a DVD-ROM, or the like is generally used because of its data amount. The external storage device 24 is used not only for the navigation function but also for other functions. For example, a telephone number registered in the past can be stored as a telephone directory function.
This may be registered individually using the in-vehicle information system 1 or may be a telephone number list registered in the mobile phone 29 itself and registered in the external storage device 24. . Further, the control circuit 10 of the present embodiment has a web browser function and an e-mail function, and is capable of browsing web pages and transmitting / receiving e-mails by connecting to the Internet 50 via the mobile phone 29. Has been. Therefore, information on the browsed web page, the contents of the transmitted / received e-mail, and the like are also stored in the external storage device 24. In addition,
The external storage device 24 can retain the stored contents even when the power supply is cut off.

The voice output device 25 is for outputting various guide voices and the like. The display device 26 is a color display device for displaying various types of guidance on the screen of the display device 26. For example, when using the navigation function, a current position mark indicating the current position obtained by a known method based on the information input from the position detector 21, map data input from the external storage device 24,
A destination mark indicating a set destination, a guide route to the destination, a travel guide useful for traveling on the set guide route, and other data such as character information and image information can be displayed in a superimposed manner. it can. Note that the above-described audio output device 2
5 can output various guide voices and the like. Further, for example, when a password is input by a touch switch method, a list of alphabets and numbers that can be input may be displayed.

The communication device 30 is a device for receiving information provided from, for example, a VICS information center 40 and transmitting information to the outside. Information received from outside via the communication device 30 is processed by the control circuit 10. In the in-vehicle information system 1 having such a configuration, as described above, information having a high degree of privateness, such as information regarding a telephone number list, a browsed web page, or the content of an e-mail sent or received, is stored in an external storage. It is stored in the device 24. Although we do not want others to know such information, it is common for others to use the vehicle itself. At that time, it is better that the navigation function can be used. Therefore, the in-vehicle information system 1 itself may be used, but it is preferable that the above-mentioned access to the personal information be performed by performing predetermined authentication to determine whether or not the access is permitted, and to allow access only when the access is permitted. .

Therefore, in the on-vehicle information system 1 of the present embodiment, the following authentication is performed. That is, when the user mounts his or her own mobile phone 29 on the in-vehicle information system 1, the control circuit 10 reads out the authentication information stored in the mobile phone 29 via the mobile phone connection device 23. Further, a guidance prompting the user to input a password is given to the display device 26.
The authentication is performed on the basis of the password input in response thereto, the authentication information, and the system-side authentication information stored in the external storage device 24.

The processing executed by the control circuit 10 for this authentication will be described. Prior to the description of the process of actually performing authentication, with reference to the flowchart of FIG.
A process for registering a new password will be described. This processing is executed when the user instructs registration of a new password via the operation switch group 22.

In the first step S10, a telephone number as authentication information is obtained from the mobile phone 29 connected to the mobile phone connecting device 23. When registering a new password, it is necessary that the mobile phone 23 is connected. However, there are cases where the user does not know this, or forgets to connect even if he knows it. Then, next, S2
At 0, it is determined whether or not the telephone number has been acquired. If the telephone number has not been acquired (S20: NO), for example, the display device 2
6 displays a message prompting the user to attach the mobile phone (S30). Of course, the voice may be prompted by the voice output device 25,
The user may be notified using both display and voice.

If the telephone number can be obtained from the mobile phone 29 (S20: YES), for example, a display prompting the input of a password is displayed on the display device 26 (S40). For example, the password is set so that a predetermined digit consisting of a combination of alphabets and numbers is input. And
When inputting by the touch switch system integrated with the display device 26, a list of alphabets and numbers that can be input may be displayed on the display device 26. In this way, the user can input a password by sequentially selecting desired ones from a list of alphabets and numbers displayed on the display device 26. In addition to the above list display, it is convenient to display a password input field in which input passwords are sequentially displayed, a switch for instructing correction or confirmation of the input password, and the like.
Instead of touching the list of alphabets and numbers displayed on the display device 26, the input may be made by voice via a voice recognition device. However, even in this case, since the user needs to confirm the entered password, the above-mentioned password entry field is displayed on the display device 2.
6 is preferably displayed.

When the input of the password is completed in this manner (S50: YES), a secret code is created from the telephone number obtained from the mobile phone 29 and the password input by the user (S60). For the creation of the secret code, a known encryption technique may be used. And
As shown in FIG. 2B, a user ID is assigned to the input or created telephone number, password, and secret code data set and registered in the management table (S7).
0). This management table is stored in the external storage device 24.

FIG. 3 is a flowchart showing the authentication processing. This process is automatically executed after the in-vehicle information system 1 is started, and is also executed when the user instructs the execution of the authentication process via the operation switch group 22. In the first step S110, it is determined whether or not the mobile phone 29 is connected. If the mobile phone 29 is not connected (S110: NO), for example, a display urging the user to attach the mobile phone is displayed on the display device 26 (S1).
20). Of course, the voice may be prompted by the voice output device 25, or the display and the voice may be used together for notification.
Thereafter, S110, S120 until a predetermined time elapses.
Is repeated, and if the predetermined time has elapsed without the mobile phone 29 being connected (S130: YES), it is determined that the authentication is NG (S140). Access is restricted for a user who has not been authenticated in this way. This will be described later.

On the other hand, when the mobile phone 29 is connected (S110: YES), a telephone number is obtained from the mobile phone 29 connected to the mobile phone connecting device 23 (S110).
150). Then, with reference to the management table shown in FIG. 2B, it is determined whether or not the obtained telephone number has already been registered as a user (S160). If the user has not been registered (S160: NO), the user is queried as to whether or not to perform user registration (S17).
0). This is performed via the display device 26 and the audio output device 25. When the user registration is instructed (S18
0: YES), and proceeds to S190 to execute user registration. This user registration process is performed in S40 shown in FIG.
The contents are the same as those of S70. Of course, there may be a situation where user registration is not performed. Therefore, when an instruction not to perform user registration is issued (or when there is no instruction and a timeout occurs) (S180: NO), S140 is performed.
The process proceeds to authentication NG.

If the user has been registered in S190, or if the user has already been registered (S160: YE
In S), the process shifts to S200, where a password authentication screen is displayed on the display device 26 to prompt for input. Then, it is determined whether the password input has been completed (S210). Until the predetermined time has elapsed, the process of S210 is repeated, and if the predetermined time has elapsed without completing the password input (S215: YES), it is determined that the authentication is NG (S215).
140). On the other hand, if the input of the password is completed within the predetermined time (S210: YES), a secret code is created from the telephone number obtained from the mobile phone 29 and the password input by the user (S220). Then, it is determined whether or not the created secret code matches the secret code stored in the management table shown in FIG. 2B (S230). If the secret codes match (S230:
(YES), it is determined that the authentication is OK (S240), and if they do not match (S230: NO), it is determined that the authentication is NG (S140).

By this authentication processing, authentication OK (S24
0) or authentication NG (S140). The in-vehicle information system 1 restricts access to predetermined data stored in the external storage device 24 when authentication is NG, but does not restrict access when authentication is OK. Here, the predetermined data is data that is considered to be unique to the authenticated user, and that it is desired to prohibit access to other users. Specifically, the information includes a telephone number list, information on a web page browsed via the mobile phone 29, and the content of an e-mail sent and received. For these data, it is conceivable to create a personal folder specified by the user ID in the external storage device 24, for example. The personal folder can be accessed only when the authentication with the corresponding user ID is OK.
In this way, unless the user is able to attach the mobile phone 29 at the time of user registration to the in-vehicle information system 1 and input a password at the time of user registration, the corresponding personal folder cannot be accessed, and Security can be ensured.

As described above, in the case of the present embodiment, authentication is not performed unless a physical device such as the cellular phone 29 is attached, so that authentication can be performed more safely and more accurately than in the past. In other words, even if you know only the password, you will not be authenticated. Since the mobile phone 29 is always carried by its owner, it is unlikely that another person will obtain it without permission, and the security is substantially high. In addition, since there is an individual use as the mobile phone 29,
There is no inconvenience of carrying the vehicle-mounted information system 1 only for authentication. For example, in a personal computer or the like, a method of authenticating by attaching a physical electronic key has been considered. However, since this electronic key is used only for authentication, it is easy to forget to carry it or neglected its management. . On the other hand, the mobile phone 29 is more likely to be used frequently (especially in recent situations). For this reason, since the mobile phone 29, which is a habit of always being carried, can be used for authentication, the possibility of forgetting to carry or neglecting the management is low, which is convenient for the user. Of course, in this embodiment, if the user does not know the password, the user is not authenticated. Therefore, even if the mobile phone 29 is passed to another person, the authentication is not easily performed, which is advantageous in terms of security.

In this embodiment, the control circuit 10 in the in-vehicle information system 1 corresponds to a providing unit, and the operation switch unit 22 corresponds to a receiving unit. Further, the authentication processing in FIG. 3 corresponds to processing as an authentication unit. In addition, mobile phone 2
The telephone number stored in 9 corresponds to the authentication information, and the data in the management table stored in the external storage device 24 corresponds to the system-side authentication information. [Another embodiment] (1) In the above embodiment, the mobile phone 29 is adopted as the individually selected call receiving device, but it may be a pager, for example. In this case, although there is no transmission / reception function, the mobile phone is always carried like the mobile phone 29, and since a unique telephone number is stored in its own device, it can be used as authentication information.

(2) In the above embodiment, a secret code is created from a telephone number and a password, and authentication is performed based on whether the secret code matches the secret code registered in the management table. Variations are possible. The authentication information obtained from the mobile phone 29 may be a serial number other than the telephone number, or may be determined by the manufacturer (of the mobile phone 29) based on at least one of the telephone number and the serial number and the model number. The information may be generated and stored.

The user may not need to input a password, and authentication may be performed using only authentication information obtained from the mobile phone 29. In this case, at the time of user registration, the mobile phone 29
Since only the authentication information acquired from is registered in correspondence with the user ID, if the mobile phone 29 itself is transferred to another person, the authentication is automatically performed. Any information having a relatively low degree of privateness (low security necessity) may be used. In order to prevent leakage of information having high security necessity, such as a credit card number, it is preferable to use a password in combination. Also, regarding the creation of the secret code, that is, the encryption, it is preferable to adopt the encryption that increases the security strength if the leakage of information with high security necessity such as the credit card number is prevented.

[Brief description of the drawings]

FIG. 1 is a diagram illustrating a configuration of an in-vehicle information system according to an embodiment.

FIG. 2 is a flowchart showing a new password registration process.

FIG. 3 is a flowchart illustrating an authentication process.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 1 ... In-vehicle information system, 10 ... Control circuit, 21 ... Position detector, 22 ... Operation switch group, 23 ... Cellular phone connection device, 24 ... External storage device, 25 ... Voice output device, 26 ...
Display device, 27: video control device, 28: music control device,
29 mobile phone, 30 communication device, 40 information center,
50 ... Internet etc.

Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat II (reference) G10L 15/00 G01S 5/14 5K024 15/28 G08G 1/137 // G01C 21/00 G10L 3/00 551Q G01S 5 / 14 551J G08G 1/137 Q 551S F term (reference) 2F029 AA01 AB07 AC02 AC14 AC18 5D015 KK02 5D045 AB17 AB26 5H180 AA01 BB04 BB05 CC12 EE00 FF04 FF05 FF22 FF25 FF27 FF32 FF40 5J01A FF40 5J01A FF40 5J06A FF40 5J01A GG05 GG08

Claims (8)

[Claims] 1. An in-vehicle information system in which an individually-selected call receiving device that is portable and stores authentication information is detachable, and includes authentication information stored in the individually-selected call receiving device and the authentication information stored in the system. An in-vehicle information system comprising: an authentication unit that performs authentication based on system-side authentication information; and a providing unit that provides information that can be provided according to an authentication result by the authentication unit. 2. The on-vehicle information system according to claim 1, wherein said individual selective call receiving device is a mobile phone, and said system can communicate with the outside via said mobile phone. system. 3. The in-vehicle information system according to claim 1, wherein the authentication information is unique information obtained at least from the individual selective call receiving device. 4. The in-vehicle information system according to claim 3, wherein the unique information is information including at least one of a telephone number and a serial number of the individual selective call receiving device, or at least one of them. An in-vehicle information system, which is information generated based on a model number. 5. The in-vehicle information system according to claim 1, further comprising a receiving unit that receives input information from a user, wherein the authentication unit also receives the input information received through the receiving unit. An in-vehicle information system, wherein the authentication is performed in consideration of the above. 6. The on-vehicle information system according to claim 5, wherein the authentication unit is configured to perform a predetermined encryption based on the authentication information read from the individual selection call receiving device and the input information received via the reception unit. An in-vehicle information system comprising: generating encrypted information; and performing authentication based on the generated encrypted information and the system-side authentication information. 7. The on-vehicle information system according to claim 5, wherein the input information is a password. 8. A program for causing a computer to function as an authentication means in the on-vehicle information system according to claim 1.