JP2005115486A - Authentication system and computer readable storage medium - Google Patents

Authentication system and computer readable storage medium Download PDF

Info

Publication number
JP2005115486A
JP2005115486A JP2003346181A JP2003346181A JP2005115486A JP 2005115486 A JP2005115486 A JP 2005115486A JP 2003346181 A JP2003346181 A JP 2003346181A JP 2003346181 A JP2003346181 A JP 2003346181A JP 2005115486 A JP2005115486 A JP 2005115486A
Authority
JP
Japan
Prior art keywords
user
information
authentication
dictionary
collation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
JP2003346181A
Other languages
Japanese (ja)
Inventor
Hiroaki Kita
Kuniyuki Matsubara
Hiroshi Sakai
Ayako Uchida
Takehiko Yamamoto
綾子 内田
宏明 喜多
浩 堺
健彦 山本
邦幸 松原
Original Assignee
Toshiba Corp
Toshiba Social Automation Systems Co Ltd
東芝ソシオシステムズ株式会社
株式会社東芝
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp, Toshiba Social Automation Systems Co Ltd, 東芝ソシオシステムズ株式会社, 株式会社東芝 filed Critical Toshiba Corp
Priority to JP2003346181A priority Critical patent/JP2005115486A/en
Publication of JP2005115486A publication Critical patent/JP2005115486A/en
Abandoned legal-status Critical Current

Links

Images

Abstract

PROBLEM TO BE SOLVED: To provide an authentication system capable of surely authenticating by combining a face authentication method with other verification information, and a computer-readable storage medium used for the authentication system.
SOLUTION: Based on face registration dictionary 16 in which face information of a user permitted to use the device is registered in advance and collation information input by a device user, the user corresponding to the collation information is specified. A user specific dictionary 17 is prepared. When the device use target person inputs the collation information, the user is specified by the user specifying dictionary 17, and the face information of the specified user is read from the face registration dictionary 16. Then, the face information and the image information obtained from the camera 11 are collated by the authentication processing means 18, and if the authentication result is equal to or greater than a preset authentication threshold, the use of the device is permitted.
[Selection] Figure 1

Description

  The present invention relates to an authentication system for authenticating whether a person who uses a device is a user who is permitted to use the device in advance, and a computer-readable storage medium used in the authentication system.
  Generally, when using a device having highly confidential information such as a computer system, use permission is given only to a user specified in advance from the viewpoint of security. In this case, an authentication system is required to authenticate whether or not the user who intends to use the device (hereinafter referred to as a user) is an authorized user. For this type of authentication system, various authentication methods have been proposed and implemented (see, for example, Patent Document 1).
  Until now, a password authentication method has generally been used as an authentication method at the time of logon in a computer system. However, with the password method, there is a problem that a password is stolen or a simple password (such as a person's name or date of birth) is easily broken.
Therefore, as another method, so-called face authentication is performed in which the image information of the face of the person to be authenticated is registered and verified against the image information of the face photographed by the camera at the time of authentication. The method has come to be adopted. However, in the case of this face authentication, image information changes depending on the shooting environment of the face, so if you set the authentication threshold low to increase the authentication rate, there is a possibility of performing so-called other person authentication to authenticate others. There were some security problems depending on the usage environment.
JP 2002-55956 A
  As described above, there are various kinds of authentication methods, but each has some problems, and further improvement has been desired.
  An object of the present invention is to provide an authentication system capable of reliably performing authentication by combining a face authentication method with other verification information, and a computer-readable storage medium used in the authentication system.
  The authentication system according to the present invention is an authentication system for authenticating whether a person who uses a device is a user who is permitted to use the device in advance, and the face information of the user who is permitted to use the device is registered in advance. A registration dictionary, a camera that captures the face of the device use target person to obtain image information, and a user specification dictionary for specifying the user corresponding to the check information based on the check information input by the use target person And authentication processing means for reading the face information of the user specified from the collation information by the user identification dictionary from the face registration dictionary, and collating the face information with image information obtained from the camera, and the authentication processing means If the result of authentication is equal to or greater than a preset authentication threshold value, a permission means for permitting device use is provided.
  Moreover, in this invention, it is good for the collation information input by a use target person to use the 1st collation information which a use target person can set arbitrarily previously, and the 2nd collation information peculiar to a use target person. .
  A computer-readable storage medium according to the present invention is a computer-readable storage medium used for an authentication system for authenticating whether a person who uses the device is a user who is permitted to use the device in advance. Based on the collation information input by the device user, the user is identified from the collation information using a user identification dictionary that identifies the user corresponding to the collation information. The user's face information is read from the face registration dictionary in which the face information of the user permitted to use is registered in advance, and this face information is obtained from the camera for photographing the face of the device user A program that verifies image information and permits use of the device is stored if the authentication result is equal to or greater than a preset authentication threshold.
  In these inventions, the face information of a user permitted to use the device is registered in advance, and the user corresponding to the collation information is specified based on the collation information input by the device use target person. When a user specific dictionary is prepared and the device use target person inputs collation information, the user is specified by the user specific dictionary, the user's face information is read from the face registration dictionary, and the face information is read from the device use target person. Compared with image information obtained from a camera that captures the face of the camera, use of the device is permitted if it is equal to or greater than a preset authentication threshold.
  According to the present invention, first, a user is identified based on collation information input by a device use target person, and then a two-step authentication is performed in which this user is collated with face information. The user can be reliably identified by the rate, and the security problem can be solved.
  Hereinafter, an embodiment of an authentication system according to the present invention will be described with reference to the drawings.
  In this embodiment, a personal computer (hereinafter referred to as a personal computer) will be described as an example of an operation target device. That is, it is assumed that the user to be authenticated when logging on the personal computer is authenticated, and the authentication system is programmed in the personal computer that is the operation target device with package software or the like.
  In FIG. 1, reference numeral 11 denotes a camera, and reference numeral 12 denotes signal processing means, which captures a face 13 of a device use target person and outputs image information based on a command from the controller 14. As the camera 11, a commercially available camera such as a USB camera may be used. The camera 11 is attached to a position where a front image of the user's face can be taken, such as an upper part of a display of a personal computer. The controller 14 is configured by a control unit of a personal computer, and is connected to an input device 15 such as a keyboard for inputting various information.
  In the authentication system, this input device 15 is used as input means for collation information input by the user. The collation information includes first collation information (for example, a password) that can be arbitrarily set in advance by the target user, and second verification information (for example, a user name) unique to the target user. Two of these.
  Reference numeral 16 denotes a face registration dictionary, and reference numeral 17 denotes a user identification dictionary, which holds and identifies face information as authentication data, and is created in advance prior to authentication.
  The face registration dictionary 16 registers face information of a user who is permitted to use the device, and image information (face information) taken by the camera 11 and output from the signal processing unit 12 is indicated by a broken line. Based on the control of the controller 14, the user-specific information (herein referred to as the user name) separately input from the collation information input means 15 is registered as a key.
  The user specifying dictionary 17 is a dictionary in which a relationship between a user who is permitted to use the device and collation information input by the user is set in advance. In this embodiment, a relationship between a password, which is verification information, and a user name is set, and is used to specify a user corresponding to the input verification information.
  Reference numeral 18 denotes an authentication processing unit that operates at the time of authentication based on the control of the controller 14, and is read from the image information of the operation target person's face 13 captured by the camera 11 and output from the signal processing unit, and the face registration dictionary 16. This is a collation engine that collates face information of a user. The face information read from the face registration dictionary 16 is the face information of the user specified by the user specifying dictionary 17 based on the collation information input from the collation information input means 15 by the user.
  Reference numeral 19 denotes permission means, which permits use of the device if the authentication result by the authentication processing means 18 is equal to or greater than a preset authentication threshold. If the operating device is a personal computer, log on.
  Next, the operation of this embodiment will be described with reference to the flowchart shown in FIG. The flowchart in FIG. 2 is roughly divided into a face registration flow and a logon flow by authentication.
  First, the face registration flow will be described. This face registration creates data for authentication prior to authentication, and registers users who are permitted to use the device. When registration is started, the registered user inputs a user name and password as collation information by the input means 15 shown in FIG. 1 (step 201).
  If there are a plurality of users, the user names may be the same. In this case, a domain (for example, the organization name of the user) is also input to enable identification. However, as the internal processing data, only the user name and the combination of the user name and the domain are managed with a unique face image ID. The reason for entering the password is to prevent accidental registration of another person who is not the user, for security reasons.
  Next, the face information is registered in the face registration dictionary 16 (step 202). That is, information captured by the camera 11 in FIG. 1 is captured and registered from the signal processing means 12 in the face registration dictionary 16 using the user name as a key, as indicated by a broken line.
  When the face registration is completed, the user name and password of the registered user are stored in the user identification dictionary 17 (step 203), and the registration ends.
  Next, a logon flow by face authentication will be described. At the start of authentication, first, the person who is logged on (the person who uses the device) inputs his / her user name (and domain if necessary) and password, which are collation information, using the input means 15 such as the keyboard shown in FIG. (Step 204). At this time, the camera 11 is photographing the face of the person to be logged on.
  When the input user name and password are those of a user who is permitted to use the device registered in advance, the face image ID is obtained from the user name, and the face information of the specified user is obtained from the face registration dictionary 16. The image captured by the camera 11 is collated with the authentication processing means 18 (1: 1 collation) (step 205). If the collation result is equal to or greater than the preset authentication threshold (step 206: Yes), the specified user name and the entered password are confirmed, and the logon is performed by the permission means 19 (step 207), and the authentication is terminated. .
  In this way, it is determined whether the user is permitted to use the device based on collation information such as a user name or a password input by the device use target person. In the case of the user, the face information of the identified user is registered as a face. The user is read out from the dictionary and checked against the image from the camera 1: 1 to authenticate the user, so that the user can be reliably authenticated and security is improved.
  In addition, by storing a program for realizing the above-described series of functions in a computer-readable storage medium, the authentication system can be realized by an arbitrary computer.
  In the above embodiment, the user name is input every time. However, in the case of a personal computer or the like, the user may be set only for a specific individual. In that case, the user name is fixed and only the password is set. May be entered to identify the user.
  In addition, although the user name and password input from the keyboard are exemplified as the verification information input by the device use target person, other verification information may be used as a matter of course. For example, identity information from an IC card that certifies the identity or identity identification information by fingerprint input may be used and combined with face matching.
  Furthermore, although the personal computer is exemplified as the target device, the present invention is not limited to this, and may be used for authentication of various devices with limited users for security.
1 is a system configuration diagram showing an embodiment of an authentication system according to the present invention. It is a flowchart explaining operation | movement of one Embodiment same as the above.
Explanation of symbols
DESCRIPTION OF SYMBOLS 11 Camera 13 Face 15 Collation information input means 16 Face registration dictionary 17 User specific dictionary 18 Authentication processing means 19 Authorization means

Claims (3)

  1. An authentication system that authenticates whether the target user of the device is a user who is permitted to use the device in advance,
    A face registration dictionary in which face information of a user permitted to use is registered in advance;
    A camera that captures the face of the device user and obtains image information;
    Based on the collation information input by the device user, a user identification dictionary for identifying the user corresponding to the collation information;
    Authentication processing means for reading out the face information of the user identified from the collation information by the user identification dictionary from the face registration dictionary, and collating the face information with image information obtained from the camera;
    If the authentication result by the authentication processing means is equal to or higher than a preset authentication threshold, permission means for permitting device use;
    An authentication system characterized by comprising:
  2.   The collation information input by the target user is first verification information that can be arbitrarily set in advance by the target user and second verification information unique to the target user. The described authentication system.
  3. A computer-readable storage medium used in an authentication system for authenticating whether a user who uses a device is a user who is permitted to use the device in advance,
    A computer constituting the authentication system is
    Based on the collation information input by the device user, using a user identification dictionary that identifies the user corresponding to the collation information, identify the user from the collation information,
    The face information of the identified user is read from the face registration dictionary in which the face information of the user permitted to use is registered in advance, and the face information is read from the camera that captures the face of the device usage target person. Check the obtained image information,
    A computer-readable storage medium storing a program that permits device use if the authentication result is equal to or greater than a preset authentication threshold.
JP2003346181A 2003-10-03 2003-10-03 Authentication system and computer readable storage medium Abandoned JP2005115486A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2003346181A JP2005115486A (en) 2003-10-03 2003-10-03 Authentication system and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2003346181A JP2005115486A (en) 2003-10-03 2003-10-03 Authentication system and computer readable storage medium

Publications (1)

Publication Number Publication Date
JP2005115486A true JP2005115486A (en) 2005-04-28

Family

ID=34539223

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2003346181A Abandoned JP2005115486A (en) 2003-10-03 2003-10-03 Authentication system and computer readable storage medium

Country Status (1)

Country Link
JP (1) JP2005115486A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010015352A (en) * 2008-07-03 2010-01-21 Nec Corp Authentication device
JP2011013855A (en) * 2009-06-30 2011-01-20 Toshiba Corp Information processing apparatus, authentication control method, and program
US9245172B2 (en) 2013-02-22 2016-01-26 Fuji Xerox Co., Ltd. Authentication apparatus, authentication method, and non-transitory computer readable medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010015352A (en) * 2008-07-03 2010-01-21 Nec Corp Authentication device
JP2011013855A (en) * 2009-06-30 2011-01-20 Toshiba Corp Information processing apparatus, authentication control method, and program
US9245172B2 (en) 2013-02-22 2016-01-26 Fuji Xerox Co., Ltd. Authentication apparatus, authentication method, and non-transitory computer readable medium

Similar Documents

Publication Publication Date Title
US10296735B2 (en) Biometric identification device with removable card capabilities
US20180302223A1 (en) System and method for device registration and authentication
US9667609B2 (en) Application security system and method
JP5816750B2 (en) Authentication method and apparatus using disposable password including biometric image information
KR100899199B1 (en) security system and security method using fingerprint
US8296573B2 (en) System and method for remote self-enrollment in biometric databases
US7669236B2 (en) Determining whether to grant access to a passcode protected system
US8723643B2 (en) Method and computer program product of switching locked state of electronic device
US7174463B2 (en) Method and system for preboot user authentication
US7084734B2 (en) Secure authentication of a user to a system and secure operation thereafter
US7707622B2 (en) API for a system having a passcode authenticator
JP4996904B2 (en) Biometric authentication system, registration terminal, authentication terminal, and authentication server
JP4924603B2 (en) Face authentication device, face authentication method and program
JP4054052B2 (en) Biometric parameter protection USB interface portable data storage device with USB interface accessible biometric processor
CN101960493B (en) Biometric smart card for mobile devices
US9122913B2 (en) Method for logging a user in to a mobile device
US8943326B2 (en) Systems and methods for accessing a tamperproof storage device in a wireless communication device using biometric data
US9916430B1 (en) Authentication system and method thereof
JP4966765B2 (en) Biometric authentication system
EP2626805B1 (en) Simplified biometric character sequence entry
Jansen Authenticating users on handheld devices
JP5975293B2 (en) Authentication apparatus and program
US20090161924A1 (en) One time password generating method and apparatus
CA2795603C (en) Methods and systems for improving the security of secret authentication data during authentication transactions
US8407762B2 (en) System for three level authentication of a user

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20060731

RD04 Notification of resignation of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7424

Effective date: 20060804

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20070703

A762 Written abandonment of application

Free format text: JAPANESE INTERMEDIATE CODE: A762

Effective date: 20070831

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20071019