JP2005217524A - Security management system and security management method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a security management system and a security management method for particularizing a user of a mobile phone to authenticate a person without the need for a watchman and a server for storing image data in advance and comparing the image data stored in advance with image data photographed by the mobile phone. <P>SOLUTION: An image input section 111 provided with the mobile phone 100 receives an image of a face of a user and produces image data of the face of the user. When an input data processing section 131-1 compares image data of faces of permittees being registered people which an input data authentication data storage section 132-1 stores in advance with image data of the face of the user and determines that the user is the same as a registered person, the input data processing section 131-1 requests the user to enter a password, and transmits the combination between the password entered by the user and a telephone number of the mobile phone 100 to the security management apparatus. When the received combination between the password and the telephone number is coincident with a combination between the password and the telephone number stored in advance, the security management apparatus opens / closes a door entered from / exited to a particular place. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a security management system and a security management method for recognizing a person using information specifying a person acquired by a mobile phone.

  When constructing a security management system using a mobile phone, it is difficult to specify whether or not the user of the mobile phone is a person (owner of the mobile phone) registered in the security management system.

  As a security management system using a mobile phone, for example, there is an authentication system described in Patent Document 1. In the authentication system, an authentication server connected to a communication line network such as a mobile phone communication network is installed, and an image (for example, a face image) for identifying a person is photographed and photographed with a cellular phone with an image photographing function. The image data of the image is transmitted to the authentication server via the communication line network. Then, the authentication server compares the image data stored in advance with the received image data, and determines whether or not to permit the user of the mobile phone to operate another system connected to the communication network. .

  Moreover, as a security management system using images, for example, there is an entrance / exit management system described in Patent Document 2. In the entrance / exit management system, an image of a person who is going to enter / exit at the entrance / exit of the room where entrance / exit is managed is taken, and the taken image data and the image data stored in advance in the database are guarded. In comparison, the security guard determines whether or not the person who is going to enter or leave the room is to enter or leave the room.

JP 2001-306517 A (page 4-6, FIG. 1) JP-A-9-319877 (Page 3-5, Fig. 1)

  However, in the authentication system described in Patent Document 1, it is necessary to install an authentication server connected to the communication line network, which is expensive. In addition, the mobile phone transmits captured image data to the authentication server via the communication network, but the image data generally has a large amount of data, which places a load on the mobile phone and the communication network. Furthermore, the authentication server performs image data processing for comparing image data stored in advance with received image data, but it takes time to process the image data.

  In addition, in the entrance / exit management system described in Patent Document 2, it is necessary to install a control terminal for storing a database including image data in advance, and whether or not a person who is going to enter / exit is to enter or exit the room. It is necessary to have a security guard to make a decision, which is expensive.

  Accordingly, the present invention provides a user of a mobile phone without using a server or a security guard that stores image data in advance or compares image data stored in advance with image data taken by the mobile phone. It is an object of the present invention to provide a security management system and a security management method for identifying and performing person authentication.

  A security management system according to the present invention is a security management system including a security management device that performs security management using a signal received from a mobile phone, and the mobile phone is unique to an authorized person who is a person having a predetermined qualification. Authorized person-specific data storage means for storing authorized person-specific data that is data of the user, user data input means for inputting user data that is a characteristic of the user of the mobile phone, user data, and authorized person By comparing the specific data with the judging means for judging whether the user and the authorized person are the same person, and when the judging means judges that the user and the authorized person are the same person, Authentication means for generating authentication information that is information indicating that the permitter is the same person, and the authentication information generated by the authentication means for the security management device Authentication information transmitting means for transmitting, the security management device receiving authentication information receiving means for receiving the authentication information transmitted by the mobile phone, and permitter information storage means for preliminarily storing permitter information that is information relating to the permitter. And authentication result processing means for judging whether or not the authentication information received by the authentication information receiving means matches the permitter information stored in the permitter information storage means.

  The security management system is a security management system for managing entry / exit of a mobile phone user to / from a specific location using a signal received from the mobile phone, wherein the security management device authenticates the authentication result processing means. If it is determined that the information and the permitter information match, the mobile phone may be configured to include a control unit that permits the user of the mobile phone to enter or leave the specific place.

  The mobile phone includes operation input means for a user to input a password, and the authentication means is configured to generate authentication information including the password entered by the user into the operation input means and the telephone number of the mobile phone. May be. According to such a configuration, user authentication can be performed more strictly.

  The control means may control opening and closing of a door at a specific place. According to such a configuration, the person who can enter and leave the specific place can be limited to the authorized person.

  The control means may control the unlocking and locking of the door of the entrance / exit of a specific place. According to such a configuration, even if the door of the specific place is not an automatic door, the person who can enter and leave the specific place is limited to the authorized person. Can do.

  Another aspect of the security management system according to the present invention is a security management system including an identification system for managing access from a mobile phone to a data processing device, and the mobile phone is a person having access qualifications. Permiter-specific data storage means for storing permitter-specific data, which is data specific to the permitter, user data input means for inputting user data, which is data representing the characteristics of the user of the mobile phone, and the user By comparing the data and the authorized person specific data, the judging means for judging whether or not the user and the authorized person are the same person, and when the judging means judges that the user and the authorized person are the same person, Authentication means for generating authentication information, which is information indicating that the user and the authorized person are the same person, and the authentication information generated by the authentication means via a wireless communication line An authentication information transmitting means for transmitting to the identity confirmation system, and the identity confirmation system for storing the authentication information receiving means for receiving the authentication information transmitted by the mobile phone and the permitter information that is information related to the permitter in advance. An authentication result processing unit, an authentication result processing unit for determining whether or not the authentication information received by the authentication information receiving unit and the permitter information stored in the permitter information storage unit match; If it is determined that the authentication information and the permitter information match, the mobile phone includes a control means for permitting access to the data processing device.

  The authorized person specific data storage means stores the authorized person face image data as authorized person specific data, and the user data input means inputs the photographed user face image data as user data. It may be configured to. According to such a configuration, it is possible to determine whether or not the user is an authorized person using the data of the user's face image.

  Even if the permitter specific data storage means stores the data of the permitter's voice as the permitter specific data, and the user data input means is configured to input the user's voice data as the user data Good. According to such a configuration, it is possible to determine whether or not the user is an authorized person using the user's voice data.

  The authorized person specific data storage means stores authorized person fingerprint image data as authorized person unique data, and the user data input means inputs user fingerprint image data as user data. May be. According to such a configuration, it is possible to determine whether or not the user is an authorized person using data of the fingerprint image of the user.

  A security management method according to the present invention is a security management method in which a mobile phone and a security management device work together to perform security management, and the mobile phone is unique data relating to an authorized person who is a person having a predetermined qualification. Stores certain authorized person specific data, inputs user data that represents the characteristics of the user of the mobile phone, compares the user data with authorized person specific data, and the user and authorized person are the same person If the user and the permitter are determined to be the same person, authentication information that is information indicating that the user and the permitter are the same person is generated and generated. The authentication information is transmitted to the security management device, the security management device stores in advance the permitter information that is information related to the permitter, receives the authentication information transmitted by the mobile phone, and receives the authentication information. Characterized in that the the authorized individual information stored authentication information and determines whether they meet.

  A security management method is a security management method in which a mobile phone and a security management device work together to manage entry / exit of a user of a mobile phone to a specific location. If it is determined that the permitter information matches, the mobile phone user may be allowed to enter a specific place or leave the specific place.

  The mobile phone may be configured to input a password and generate authentication information including the input password and the mobile phone number. According to such a method, user authentication can be performed more strictly.

  Another aspect of the security management method according to the present invention is a security management method for managing access from a mobile phone to a data processing device in cooperation with a mobile phone and an identity confirmation system, the person having access qualifications. The authorized person-specific data, which is unique data related to the authorized person, is stored, the user data, which represents the characteristics of the user of the mobile phone, is input, and the user data is compared with the authorized person-specific data. It is determined whether or not the user and the permitter are the same person, and if it is determined that the user and the permitter are the same person, authentication is information indicating that the user and the permitter are the same person Information is generated, and the generated authentication information is transmitted to the identity confirmation system via a wireless communication line. The identity confirmation system stores in advance permitter information, which is information related to the permitter, and When the authentication information transmitted by the device is received, it is determined whether the received authentication information matches the stored authorized person information, and if it is determined that the authentication information matches the authorized person information, The access to the data processing device is permitted.

  ADVANTAGE OF THE INVENTION According to this invention, the user of a mobile telephone can be specified using a mobile telephone, and a cheap and simple security management system can be provided.

Embodiment 1 FIG.
A first embodiment of the present invention will be described with reference to the drawings. FIG. 1 is an explanatory diagram showing an example of the appearance of a mobile phone 100 according to the present invention. 1A is an explanatory diagram showing an appearance of the mobile phone 100 in a closed state, and FIG. 1B is an explanatory diagram showing a state in which the mobile phone 100 is opened.

  A mobile phone 100 according to the present invention is configured by connecting an upper casing portion 10 and a lower casing portion 20 by a hinge, and the upper casing portion 10 includes a first display unit 11 for displaying information, an analog electrical unit, and the like. The lower casing unit 20 includes a speaker 12 that converts an audio output signal, which is a signal, into sound, a second display unit 13 that displays information, a camera 14 that captures an image, and an antenna 15 that transmits and receives radio waves. Is an operation unit 21 for inputting information by a user of the mobile phone 100, a microphone 22 for converting the input voice to a voice input signal that is an analog electric signal, and a user of the mobile phone 100 taking an image using the camera 14. It includes a shutter button 23 that is a button for inputting an instruction to perform.

  The first display unit 11 and the second display unit 13 are realized by an LCD (liquid crystal display), for example.

  FIG. 2 is an explanatory diagram showing the configuration of the security management system according to the first embodiment of this invention. The security management system according to the first exemplary embodiment of the present invention includes a mobile phone 100, a security management device including a wireless reception unit 5 that receives information transmitted by the mobile phone 100, and opens and closes according to control of the security management device. Alternatively, it includes a security management door 200 that unlocks and locks. Here, as an example of a security management system, a system in which only users who have entry / exit qualifications in the door are permitted to enter / exit is illustrated. However, the security management system according to the present invention is applied in such a case. Not limited.

  FIG. 3 is a block diagram illustrating the configuration of the mobile phone 100 according to the first embodiment of the present invention. The cellular phone 100 according to the first embodiment of the present invention receives a radio frequency signal received by the speaker 12, the antenna 15, the microphone 22, and the antenna 15, performs frequency conversion, and further demodulates the audio signal or data signal. An audio signal (digital signal) output from the communication unit 30 and the wireless communication unit 30 is converted into an audio output signal (analog signal) and output to the speaker 12, and an audio input signal (analog signal) input from the microphone 22 is converted into an audio signal. A voice processing circuit 31-1 for converting to a mobile phone, a mobile phone main control unit 32-1 for controlling each part of the mobile phone 100, and a permission that is permitted to enter a specific place and leave the specific place. Storage unit 33-1 for storing in advance the permitter feature information which is the feature information of the person and the telephone number of the mobile phone 100, Bluetooth In accordance with the Bluetooth (registered trademark) standard, wireless signals are transmitted and received, and information input to the Bluetooth circuit 34 including the Bluetooth antenna (not shown), the operation unit 21 and the shutter button 23 is transmitted to the mobile phone main control unit 32- An operation input unit (operation input means) 35 for outputting to 1, a display unit 36 including a first display unit 11 and a second display unit for displaying information based on the control of the mobile phone main control unit 32-1, an external A data input / output interface 37 for transmitting / receiving data to / from the device, a connection connector 38 for connecting to an external device, a camera 14 which is a CCD (Charge Coupled Device) camera or a CMOS (Complementary Metal Oxide Semiconductor) camera, and an image taken by the camera 14 Image input signal ( The analog signal) is converted into an image signal (digital signal) it includes a camera unit 39 for generating and outputting an image data to the cellular phone main control unit 32-1.

  The radio communication unit 30 receives an audio signal from the audio processing circuit 31-1, inputs a data signal from the mobile phone main control unit 32-1, modulates each input signal, converts the signal into a radio frequency signal, an antenna 15 is output. The mobile phone main control unit 32-1 is realized by, for example, an MPU (Micro Processing Unit). The storage unit 33-1 is realized, for example, by a flash ROM (Read Only Memory). The cellular phone 100 according to the first embodiment of the present invention includes the Bluetooth circuit 34, but the present invention is not limited to this, and a circuit capable of wirelessly communicating with the security management device. If so, an IrDA circuit (infrared communication circuit) or other wireless communication circuit may be used. Further, the camera unit 39 may include a JPEG (Joint Photographic Experts Group) encoding function and an MPEG (Motion Picture Experts Group) encoding function. The storage unit 33-1 may store a unique password for the mobile phone 100 in advance.

  Here, the case where a predetermined signal is transmitted from the mobile phone to the security management device by short-range communication will be described as an example, but the predetermined signal is transmitted from the mobile phone to the security management device via the mobile phone communication network. The security management system may be configured so as to be transmitted.

  The permitter feature information stored in the storage unit 33-1 of the mobile phone 100 according to the first embodiment of the present invention is image data of the permitter's face. Then, the mobile phone main control unit 32-1 performs an authentication process for matching the image data generated by the camera unit 39 with the image data of the authorized person's face stored in the storage unit 33-1, and the mobile phone It is determined whether 100 users are authorized persons.

  Next, in the cellular phone 100 according to the first embodiment of the present invention, a configuration of a part that processes information transmitted to the security management device according to the first embodiment of the present invention will be described. FIG. 4 is a block diagram showing a configuration of a part for processing information to be transmitted to the security management device according to the first embodiment of the present invention in the mobile phone 100 according to the first embodiment of the present invention.

  In the mobile phone 100 according to the first embodiment of the present invention, the configuration of the part that processes the information to be transmitted to the security management device according to the first embodiment of the present invention is an image obtained by photographing the user's face. Image input unit (user data input means for inputting user data) 111 for generating image data, image / authentication result display unit 112 for displaying images and information, user authentication is performed, and the user (user) permits An authentication processing unit 130 that determines whether or not the user is an authorized person, and a data transmission unit (authentication information transmission unit) 113-1 that transmits information output from the authentication processing unit 130 to the security management apparatus. The authentication processing unit 130 also includes an input data authentication data storage unit (permitter specific data storage unit) 132-1 that stores image data of the permitted person's face in advance, and image data generated by the image input unit 111 and the input. When the authentication process for matching the image data stored in the data authentication data storage unit 132-1 is performed, it is determined whether or not the user and the authorized person are the same person. An input data processing unit (determination unit, authentication unit) 131-1 that causes the image / authentication result display unit 112 to display a message requesting the user to input a password, and the input data processing unit 131-1 includes a user and an authorized person. When it is determined that they are the same person, the telephone number of the mobile phone 100 stored in advance in the storage unit 33-1 and information indicating that the user and the authorized person are the same person, And a authentication section 133 for outputting the authentication information is information that is over The combination of a password entered to the data transmitting unit 113-1. The image of the user's face input by the image input unit 111 is an example of user data that is data representing the characteristics of the user of the mobile phone.

  The image input unit 111 is realized by the camera unit 39. The image / authentication result display unit 112 is realized by the display unit 36. The data transmission unit 113-1 is realized by the Bluetooth circuit 34. The input data authentication data storage unit 132-1 is realized by the storage unit 33-1. The input data processing unit 131-1 and the authentication unit 133 are realized by the mobile phone main control unit 32-1. When the security management system is configured to transmit a predetermined signal from the mobile phone to the security management device via the mobile phone communication network, the data transmission unit 113-1 includes the wireless communication unit 30. And the antenna 15. In that case, the Bluetooth circuit 34 is unnecessary.

  FIG. 5 is a block diagram illustrating the configuration of the security management device according to the first embodiment of the present invention.

  The security management device according to the first embodiment of the present invention transmits / receives a radio signal to / from the Bluetooth circuit 34 of the mobile phone 100 based on the Bluetooth standard, and includes a Bluetooth circuit 51 including a Bluetooth antenna as the wireless receiving unit 5, security Security management device main control unit 40 that controls the entire management device, security management door control unit 52 that controls the opening and closing of the security management door 200 based on the control of the security management device main control unit 40, and a door at a specific location The security management door 200 is included. The security management device main control unit 40 controls the program storage unit 42 that stores a program for controlling the security management device, the data storage unit 43 that stores information on the authorized person in advance, and the security management device main control unit 40 as a whole. A central processing unit 41 and an input / output interface 44 for transmitting / receiving information to / from the security management door control unit 52.

  Although the security management device according to the first embodiment of the present invention includes the Bluetooth circuit 51, the present invention is not limited to this, and a circuit capable of wirelessly communicating with the mobile phone 100. If so, an IrDA circuit (infrared communication circuit) or other wireless communication circuit may be used. The security management door control unit 52 may include a motor that opens and closes the security management door 200. When the security management door 200 is not an automatic door, an actuator (for example, a solenoid) that locks and unlocks the security management door 200. May be included. Further, the data storage unit 43 stores the telephone number and password of each permitter's mobile phone as authentication data in association with each other in advance.

  In addition, when the security management system is configured to transmit a predetermined signal from the mobile phone to the security management device via the mobile phone communication network, the Bluetooth circuit 51 is not necessary. The security management apparatus receives a predetermined signal from the mobile phone via, for example, a public line network including a mobile phone communication network or an IP communication network. In this case, since the security management door control unit 52 and the security management door 200 are generally installed at a location away from the security management device, the security management device and the security management door control unit 52 are connected to the public telephone network. Or an IP communication network.

  In the security management device according to the first embodiment of the present invention, a configuration of a part that processes information received from the mobile phone 100 according to the first embodiment of the present invention will be described. FIG. 6 is a block diagram showing a configuration of a part for processing information received from the mobile phone 100 according to the first embodiment of the present invention, in the security management device according to the first embodiment of the present invention.

  In the security management device according to the first embodiment of the present invention, the configuration of the part that processes the information received from the mobile phone 100 according to the first embodiment of the present invention is the data reception for receiving information from the mobile phone 100. (Authentication information receiving means) 213 and an authentication result processing unit 230 for opening / closing or unlocking / locking the security management door 200 based on the information received by the data receiving unit 213. The authentication result processing unit 230 includes a reception data authentication data storage unit (permitter information storage unit) 231 that stores information on the telephone number of the permitter's mobile phone and a password in association with each other in advance as authentication data. A received data processing unit (authentication result processing means) 232 that determines whether the information received by the data receiving unit 213 matches the authentication data stored in the received data authentication data storage unit 231; When the processing unit 232 determines that the information received by the data receiving unit 213 matches the authentication data stored in the received data authentication data storage unit 231, control for opening / closing or unlocking / locking the security management door 200 is performed. Part (control means) 233.

  The data receiving unit 213 is realized by the Bluetooth circuit 51. The reception data authentication data storage unit 231 is realized by the data storage unit 43. The control unit 233 is realized by the central processing unit 41, the input / output interface 44, and the security door control unit 52. When the security management system is configured so that a predetermined signal is transmitted from the mobile phone to the security management device via the mobile phone communication network, a public telephone network or an IP communication network is used as the data receiving unit 213. An interface for connecting is used.

  Next, the operation of the first exemplary embodiment of the present invention will be described with reference to the drawings. First, the operation of the mobile phone 100 according to the first embodiment of the present invention will be described. FIG. 7 is a flowchart for explaining the operation of the mobile phone 100 according to the first embodiment of the present invention.

  First, the image input unit 111 of the mobile phone 100 captures the user's face to generate image data, and outputs the generated image data to the image / authentication result display unit 112 and the input data processing unit 131-1. Step S101). The image / authentication result display unit 112 displays an image of the input image data.

  The input data processing unit 131-1 performs an authentication process for matching the input user face image data with the authorized person face image data stored in the input data authentication data storage unit 132-1. (Step S102), it is determined whether or not the user of the mobile phone 100 is an authorized person. As a matching method, for example, a known matching method such as template matching is used. It should be noted that the image data of the permitter's face is stored in advance in the input data authentication data storage unit 132-1 at the time of contracting the cellular phone or the like. For example, the image input unit 111 captures the face of the permitter to generate image data of the permitter's face, and the input data processing unit 131-1 stores the image input unit in the input data authentication data storage unit 132-1. 111 may be stored, or image data of the face of the authorized person may be obtained from the external device of the security company connected to the connection connector 38 via the connection connector 38 and the data input / output interface 37. The data may be input to the input data processing unit 131-1, and the input data processing unit 131-1 may store the input image data in the input data authentication data storage unit 132-1. Further, the image data stored in the input data authentication data storage unit 132-1 may be changed by the same method. There may be a plurality of permitters. Accordingly, the image data of the face of the authorized person stored in the input data authentication data storage unit 132-1 may be the image data of the face of each of the authorized persons.

  As a result of the authentication process, the input data processing unit 131-1 displays on the image / authentication result display unit 112 whether or not the user of the mobile phone 100 is an authorized person (step S103). When the input data processing unit 131-1 determines that the user is an authorized person (step S104), the input data processing unit 131-1 causes the image / authentication result display unit 112 to display a screen requesting the user to input a password. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-1. Note that the input data processing unit 131-1 may read a password stored in advance in the storage unit 33-1. The input data processing unit 131-1 inputs authentication information, which is information obtained by combining information indicating the telephone number of the mobile phone 100, information indicating that the user is an authorized person, and a password to the authentication unit 133, The authentication unit 133 outputs the input authentication information to the data transmission unit 113-1, and causes the data transmission unit 113-1 to transmit the authentication information to the data reception unit 213 (step S105).

  When the input data processing unit 131-1 determines that the user is not an authorized person (step S104), the input data processing unit 131-1 restricts the functions of the mobile phone 100 that can be used by the user (step S106). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Next, the operation of the security management device in the first exemplary embodiment of the present invention will be described. FIG. 8 is a flowchart for explaining the operation of the security management apparatus according to the first embodiment of the present invention.

  When the data reception unit 213 receives the authentication information (step S110), the received authentication information is output to the reception data processing unit 232 of the authentication result processing unit 230. The reception data processing unit 232 stores the telephone number information and password stored in the reception data authentication data storage unit 231 in advance in association with the combination of the telephone number information and the password included in the received authentication information. It is determined whether or not it is included in the authentication data (step S111).

  The reception data processing unit 232 stores the telephone number information and password stored in the reception data authentication data storage unit 231 in advance in association with the combination of the telephone number information and the password included in the received authentication information. If it is determined that the authentication data is included in the authentication data, the user is allowed to enter and leave the specific location (step S112), and the security management door 200 is opened via the control unit 233. Or unlock the security management door. Then, the user can enter a specific place and leave the specific place. The control unit 233 closes or locks the security management door 200 after a predetermined time has elapsed. The reception data processing unit 232 stores the telephone number information and password stored in the reception data authentication data storage unit 231 in advance in association with the combination of the telephone number information and the password included in the received authentication information. If it is determined that it is not included in the authentication data, the user is not permitted to enter or leave the specific place (step S113). Therefore, the security management door 200 cannot be opened or the security management door 200 is not unlocked. Then, the user cannot enter the specific place and leave the specific place.

  As described above, according to this embodiment, a person who should be permitted to enter and leave a specific place without transmitting image data of the user's face to the security management device. Admission to a specific location and exit from a specific location can be permitted. Accordingly, the security management door 200 can be opened in a short time after the user starts an operation for authentication.

  Further, when the security management system is configured to transmit a predetermined signal from the mobile phone to the security management device via the mobile phone communication network, the security management system is separated from the security management object such as the security management door 200. The authentication result processing unit 230 can be installed at a new location. Therefore, a large number of security management objects existing at a large number of places can be controlled by one authentication result processing unit 230.

Embodiment 2. FIG.
Next, a second embodiment of the present invention will be described. The configuration of the security management system of the second embodiment is the same as the configuration of the first embodiment. For this reason, the same devices as those in the first embodiment are denoted by the same reference numerals as those in FIG.

  The configuration of the mobile phone 100 according to the second embodiment of the present invention is different from the first embodiment in that the camera unit 39 is not included, and other configurations are the same as those of the first embodiment. However, the operations of the voice processing circuit 31-2, the mobile phone main control unit 32-2, and the storage unit 33-2 are different from the operations in the first embodiment. For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG. As in the case of the first embodiment, the security management system may be configured such that a predetermined signal is transmitted from the mobile phone to the security management device via the mobile phone communication network.

  FIG. 9 is a block diagram illustrating a configuration of the mobile phone 100 according to the second embodiment of the present invention. The audio processing circuit 31-2 converts the audio signal output by the wireless communication unit 30 into an audio output signal and outputs it to the speaker 12, and converts the audio input signal input by the microphone 22 into an audio signal to generate audio data. To the mobile phone main control unit 32-2. The permitter feature information stored in advance in the storage unit 33-2 is permitter voice data that is voice data of the permitter. For example, the voice data stored in the storage unit 33-2 at this time may be voice data of a specific word determined in advance. In addition, the storage unit 33-2 may store a unique password for the mobile phone 100 in advance. Then, the mobile phone main control unit 32-2 controls each part of the entire mobile phone 100, and the voice data of the user of the mobile phone 100 input to the voice processing circuit 31-2 and the storage unit 33-2 An authentication process for matching the stored permitted person voice data is performed to determine whether or not the user of the mobile phone 100 is a permitted person.

  Next, in the cellular phone 100 according to the second embodiment of the present invention, a configuration of a part that processes information to be transmitted to the security management device according to the second embodiment of the present invention will be described. In the mobile phone 100 according to the second embodiment of the present invention, the configuration of the part that processes the information to be transmitted to the security management device according to the second embodiment of the present invention is that the image input unit 111 is a voice input unit (use (Person data input means) 114, and the image / authentication result display unit 112 is replaced with an authentication result display unit 115, and the other configuration is the same as that of the first embodiment. However, the operations of the input data processing unit (determination unit, authentication unit) 131-2 and the input data authentication data storage unit (permitter specific data storage unit) 132-2 are different from the operations in the first embodiment. . For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG.

  FIG. 10 is a block diagram showing a configuration of a part for processing information to be transmitted to the security management device according to the second embodiment of the present invention, in the mobile phone 100 according to the second embodiment of the present invention.

  When the user's voice is input, the voice input unit 114 generates voice data of the input voice. The authentication result display unit 115 displays information output from the input data processing unit 131-2. Further, the input data authentication data storage unit 132-2 stores in advance permitter voice data, which is voice data of the permitter. At this time, the permitter voice data stored in the input data authentication data storage unit 132-2 may be voice data of a specific word determined in advance. The input data processing unit 131-2 performs an authentication process for matching the voice data generated by the voice input unit 114 and the permitter voice data stored in the input data authentication data storage unit 132-2, and the user permits If it is determined whether or not the user is an authorized person and the user is determined to be an authorized person, a message requesting the user to input a password is displayed on the authentication result display unit 115.

  The voice input unit 114 is realized by the microphone 22 and the voice processing circuit 31-2. The authentication result display unit 115 is realized by the display unit 36. The input data authentication data storage unit 132-2 is realized by the storage unit 33-2. The input data processing unit 131-2 is realized by the mobile phone main control unit 32-2.

  Since the configuration of the security management device according to the second exemplary embodiment of the present invention is the same as the configuration of the security management device according to the first exemplary embodiment, the same reference numerals as those in FIG.

  In the security management device according to the second embodiment of the present invention, the configuration of the part that processes the information received from the mobile phone 100 according to the second embodiment of the present invention is in accordance with the first embodiment of the present invention. Since it is the same as the structure of the part which processes the information received from the mobile telephone 100, the same code | symbol as FIG. 6 is attached | subjected and description is abbreviate | omitted.

  Next, the operation of the second exemplary embodiment of the present invention will be described with reference to the drawings. The operation of the mobile phone 100 in the second embodiment of the present invention will be described. FIG. 11 is a flowchart for explaining the operation of the mobile phone 100 according to the second embodiment of the present invention.

  First, when a user's voice is input, the voice input unit 114 generates voice data of the input voice and outputs the voice data to the input data processing unit 131-2 (step S201). For example, the voice input to the voice input unit 114 at this time is a voice of a specific word determined in advance.

  The input data processing unit 131-2 performs an authentication process for matching the input user voice data and the authorized person voice data stored in the input data authentication data storage unit 132-2 (step S202). It is determined whether or not the user of the mobile phone 100 is an authorized person. As a matching method, for example, a known matching method such as template matching is used. The permitter voice data is stored in advance in the storage unit 33-2 at the time of contracting the mobile phone. For example, the permitted person's voice data is generated by inputting the permitted person's voice to the voice input unit 114, and the generated permitted person voice data is output to the input data processing unit 131-2. The input data processing unit 131-2 causes the input authorized person voice data to be stored in the input data authentication data storage unit 132-2. The authorized person voice data is input to the input data processing unit 131-2 from the external device of the security company connected to the connection connector 38 via the connection connector 38 and the data input / output interface 37, and the input data processing unit 131-2. 131-2 may store the input authorized person voice data in the input data authentication data storage unit 132-2. The authorized person voice data stored in the input data authentication data storage unit 132-2 may be changed by the same method. There may be a plurality of permitters. Accordingly, the authorized person voice data stored in the input data authentication data storage unit 132-2 may be voice data of each of a plurality of authorized persons.

  As a result of the authentication process, the input data processing unit 131-2 displays on the authentication result display unit 115 whether or not the user of the mobile phone 100 is an authorized person (step S203). When the input data processing unit 131-2 determines that the user is an authorized person (step S204), the input data processing unit 131-2 causes the authentication result display unit 115 to display a screen requesting the user to input a password. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-2. Note that the input data processing unit 131-2 may read the password stored in advance in the storage unit 33-2. The input data processing unit 131-2 inputs authentication information, which is information obtained by combining information indicating the telephone number of the mobile phone 100, information indicating that the user is an authorized person, and a password to the authentication unit 133, The authentication unit 133 outputs the input authentication information to the data transmission unit 113-1, and causes the data transmission unit 113-1 to transmit the authentication information to the data reception unit 213 of the security management device (step S205).

  When the input data processing unit 131-2 determines that the user is not an authorized person (step S204), the input data processing unit 131-2 restricts the functions of the mobile phone 100 that can be used by the user (step S206). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Since the operation of the security management device in the second exemplary embodiment of the present invention is the same as the operation of the security management device in the first exemplary embodiment of the present invention, description thereof is omitted.

  As described above, according to this embodiment, a person who is permitted to enter a specific place and leave the specific place without performing a process that requires a load on the mobile phone 100 called image data processing. In addition, entry to a specific place and exit from a specific place can be permitted.

Embodiment 3 FIG.
Next, a third embodiment of the present invention will be described. The configuration of the security management system of the third embodiment is the same as that of the first embodiment. For this reason, the same devices as those in the first embodiment are denoted by the same reference numerals as those in FIG. As in the case of the first embodiment, the security management system may be configured such that a predetermined signal is transmitted from the mobile phone to the security management device via the mobile phone communication network.

  The configuration of the mobile phone 100 according to the third embodiment of the present invention is different from that of the first embodiment in that the camera unit 39 is replaced with the fingerprint input unit 60. Other configurations are the same as those of the first embodiment. It is the same. However, the operations of the mobile phone main control unit 32-3 and the storage unit 33-3 are different from the operations in the first embodiment. For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG.

  FIG. 12 is a block diagram illustrating a configuration of the mobile phone 100 according to the third embodiment of the present invention. The fingerprint input unit 60 inputs a fingerprint shape by bringing a fingertip into contact with the user, converts the input fingerprint shape into image data, and generates user fingerprint image data that is user fingerprint image data. The generated user fingerprint image data is input to the mobile phone main control unit 32-3. The permitter characteristic information stored in advance in the storage unit 33-3 is permitter fingerprint image data that is image data of the permitter's fingerprint. In addition, the storage unit 33-3 may store a unique password for the mobile phone 100 in advance. Then, the cellular phone main control unit 32-3 controls each unit of the entire cellular phone 100, and the user fingerprint image data generated by the fingerprint input unit 60 and the authorized person fingerprint image stored in the storage unit 33-3. An authentication process for matching data is performed to determine whether or not the user of the mobile phone 100 is an authorized person.

  The fingerprint input unit 60 is, for example, a capacitance semiconductor sensor type fingerprint recognition device that detects a difference in charge accumulation between a peak portion (convex portion) and a valley portion (concave portion) of a fingerprint and converts it into image data. Realized.

  Next, in the cellular phone 100 according to the third embodiment of the present invention, a configuration of a part that processes information to be transmitted to the security management device according to the third embodiment of the present invention will be described. In the mobile phone 100 according to the third embodiment of the present invention, the configuration of the part that processes the information to be transmitted to the security management device according to the third embodiment of the present invention is that the image input unit 111 is replaced with a fingerprint shape input unit ( User data input means) 116, and the other configuration is the same as that of the first embodiment. However, the operations of the input data processing unit (determination unit, authentication unit) 131-3 and the input data authentication data storage unit (permitter specific data storage unit) 132-3 are different from the operations in the first embodiment. . For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG.

  FIG. 13 is a block diagram showing a configuration of a part for processing information to be transmitted to the security management device according to the third embodiment of the present invention in the mobile phone 100 according to the third embodiment of the present invention.

  The fingerprint shape input unit 116 inputs a fingerprint shape by bringing a fingertip into contact with the user, converts the input fingerprint shape into image data, generates user fingerprint image data, and generates the generated user fingerprint image data. The data is input to the input data processing unit 131-3. The input data authentication data storage unit 132-3 stores in advance permitter fingerprint image data, which is data of a permitter's fingerprint image. The input data processing unit 131-3 performs an authentication process for matching the user fingerprint image data generated by the fingerprint shape input unit 116 and the authorized person fingerprint image data stored in the input data authentication data storage unit 132-3. It is determined whether the user of the mobile phone 100 is an authorized person.

  The configuration of the security management device according to the third exemplary embodiment of the present invention is the same as the configuration of the security management device according to the first exemplary embodiment. Therefore, the same reference numerals as those in FIG.

  In the security management device according to the third embodiment of the present invention, the configuration of the part that processes the information received from the mobile phone 100 according to the third embodiment of the present invention is the same as in the first embodiment of the present invention. Since it is the same as the structure of the part which processes the information received from the mobile telephone 100, the same code | symbol as FIG. 6 is attached | subjected and description is abbreviate | omitted.

  Next, the operation of the third exemplary embodiment of the present invention will be described with reference to the drawings. The operation of the mobile phone 100 in the third embodiment of the present invention will be described. FIG. 14 is a flowchart for explaining the operation of the mobile phone 100 according to the third embodiment of the present invention.

  When the user touches the fingerprint shape input unit 116 with the fingertip and inputs the fingerprint shape into the fingerprint shape input unit 116 (step S301), the fingerprint shape input unit 116 converts the input fingerprint shape into image data. User fingerprint image data is generated, and the generated user fingerprint image data is output to the image / authentication result display unit 112 and the input data processing unit 131-3. The image / authentication result display unit 112 displays an image of the input user fingerprint image data.

  The input data processing unit 131-3 performs an authentication process for matching the input user fingerprint image data with the authorized person fingerprint image data stored in the input data authentication data storage unit 132-3 (step S302). Then, it is determined whether or not the user of the mobile phone 100 is an authorized person. As a matching method, for example, a known matching method such as template matching is used. The permitter fingerprint image data is stored in advance in the input data authentication data storage unit 132-3 at the time of contracting the cellular phone or the like. For example, an authorized person brings a fingertip into contact with the fingerprint shape input unit 116 and inputs the fingerprint shape into the fingerprint shape input unit 116. The fingerprint shape input unit 116 converts the input fingerprint shape into fingerprint image data. The authorized person fingerprint image data is generated, and the generated authorized person fingerprint image data is output to the input data processing unit 131-3. The input data processing unit 131-3 receives the input permitted person fingerprint image data as input data. It may be stored in the authentication data storage unit 132-3, or permitter fingerprint image data is obtained from an external device of a security company connected to the connection connector 38 via the connection connector 38 and the data input / output interface 37. The data is input to the input data processing unit 131-3, and the input data processing unit 131-3 stores the input authorized person fingerprint image data in the input data authentication data storage unit 132-3. It may be. The authorized person fingerprint image data stored in the input data authentication data storage unit 132-3 may be changed in a similar manner. There may be a plurality of permitters. Accordingly, the authorized person fingerprint image data stored in the input data authentication data storage unit 132-3 may be image data of fingerprints of a plurality of authorized persons.

  As a result of the authentication process, the input data processing unit 131-3 displays on the image / authentication result display unit 112 whether or not the user of the mobile phone 100 is an authorized person (step S303). If the input data processing unit 131-3 determines that the user is an authorized person (step S304), the input data processing unit 131-3 causes the image / authentication result display unit 112 to display a screen requesting the user to input a password. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-3. Note that the input data processing unit 131-3 may read a password stored in advance in the storage unit 33-3. The input data processing unit 131-3 inputs authentication information, which is a combination of the telephone number of the mobile phone 100, information indicating that the user is an authorized person, and a password to the authentication unit 133, and 133 outputs the input authentication information to the data transmission unit 113-1, and causes the data transmission unit 113-1 to transmit the authentication information to the data reception unit 213 (step S305).

  If the input data processing unit 131-3 determines that the user is not an authorized person (step S304), the input data processing unit 131-3 restricts the functions of the mobile phone 100 that can be used by the user (step S306). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Since the operation of the security management device in the third exemplary embodiment of the present invention is the same as the operation of the security management device in the first exemplary embodiment of the present invention, description thereof is omitted.

  As described above, according to this embodiment, whether or not a user should be permitted to enter and leave a specific place using the image data of the user's fingerprint. Therefore, strict user authentication can be performed.

Embodiment 4 FIG.
Next, a fourth embodiment of the present invention will be described. The configuration of the security management system of the fourth embodiment is the same as the configuration of the first embodiment. For this reason, the same devices as those in the first embodiment are denoted by the same reference numerals as those in FIG. As in the case of the first embodiment, the security management system may be configured such that a predetermined signal is transmitted from the mobile phone to the security management device via the mobile phone communication network.

  The configuration of the cellular phone 100 according to the fourth embodiment of the present invention is different from that of the first embodiment in that it includes a fingerprint input unit 60, and the other configurations are the same as those of the first embodiment. However, the operation of the voice processing circuit 31-2 is the same as the operation in the second embodiment, and the operation of the fingerprint input unit 60 is the same as the operation in the third embodiment. The operations of the mobile phone main control unit 32-4 and the storage unit 33-4 are different from the operations in the first embodiment. Therefore, the same reference numerals as those in FIGS. 3, 9, and 12 are assigned to the circuits and the like similar to those in the first embodiment, the second embodiment, and the third embodiment, respectively, and the description thereof is omitted.

  FIG. 15 is a block diagram illustrating a configuration of a mobile phone 100 according to the fourth embodiment of the present invention. The permitter characteristic information stored in advance in the storage unit 33-4 is permitter face image data, permitter voice data that is permitter voice data, and permitter fingerprint image data. And permitter fingerprint image data. Here, the permitter voice data may be voice data in which the permitter uttered a predetermined word. The storage unit 33-4 stores these pieces of data in association with each other in advance. In addition, the storage unit 33-4 may store a unique password for the mobile phone 100 in advance. The mobile phone main control unit 32-4 includes a process for matching the image data of the user's face input by the camera unit 39 with the image data of the authorized person's face stored in the storage unit 33-4, and an audio processing circuit. The process of matching the user voice data input by the user 31-2 with the authorized person voice data stored in the storage unit 33-4, the user fingerprint image data input by the fingerprint input unit 60, and the storage unit 33-4 An authentication process, which is a process of matching the stored authorized person fingerprint image data, is performed to determine whether or not the user of the mobile phone 100 is an authorized person.

  Next, in the mobile phone 100 according to the fourth embodiment of the present invention, a configuration of a part that processes information to be transmitted to the security management device according to the fourth embodiment of the present invention will be described. In the mobile phone 100 according to the fourth embodiment of the present invention, the configuration of the part that processes the information to be transmitted to the security management device according to the fourth embodiment of the present invention consists of the voice input unit 114 and the fingerprint shape input unit. The other configuration is the same as that of the first embodiment. However, the operation of the voice input unit 114 is the same as the operation in the second embodiment, and the operation of the fingerprint shape input unit 116 is the same as the operation in the third embodiment. The operations of the input data processing unit (determination unit, authentication unit) 131-4 and the input data authentication data storage unit (permitter specific data storage unit) 132-4 are different from the operations in the first embodiment. . Therefore, the same reference numerals as those in FIGS. 4, 10, and 13 are assigned to the circuits and the like similar to those in the first embodiment, the second embodiment, and the third embodiment, respectively, and the description thereof is omitted.

  FIG. 16 is a block diagram showing a configuration of a part that processes information to be transmitted to the security management device according to the fourth embodiment of the present invention in the mobile phone 100 according to the fourth embodiment of the present invention.

  The permitter characteristic information stored in advance in the input data authentication data storage unit 132-4 includes the image data of the permitter's face, permitter voice data that is the permitter's voice data, and the fingerprint of the permitter. It is authorized person fingerprint image data which is image data. The input data authentication data storage unit 132-4 stores these pieces of data in advance in association with each other. The input data processing unit 131-4 is a process for matching the user face image data input by the image input unit 111 and the authorized person face image data stored in the input data authentication data storage unit 132-4. The user's voice data input by the voice input unit 114 and the authorized person voice data stored in the input data authentication data storage unit 132-4, and the user fingerprint input by the fingerprint shape input unit 116 An authentication process, which is a process of matching the image data with the authorized person fingerprint image data stored in the input data authentication data storage unit 132-4, is performed, and it is determined whether or not the user of the mobile phone 100 is an authorized person. judge.

  The configuration of the security management device according to the fourth exemplary embodiment of the present invention is the same as the configuration of the security management device according to the first exemplary embodiment. Therefore, the same reference numerals as those in FIG.

  In the security management device according to the fourth embodiment of the present invention, the configuration of the part that processes the information received from the mobile phone 100 according to the fourth embodiment of the present invention is in accordance with the first embodiment of the present invention. Since it is the same as the structure of the part which processes the information received from the mobile telephone 100, the same code | symbol as FIG. 6 is attached | subjected and description is abbreviate | omitted.

  Next, the operation of the fourth exemplary embodiment of the present invention will be described with reference to the drawings. The operation of the mobile phone 100 in the fourth embodiment of the present invention will be described. FIG. 17 is a flowchart for explaining the operation of the mobile phone 100 according to the fourth embodiment of the present invention.

  First, the image input unit 111 captures the user's face to generate image data of the user's face, and outputs the generated image data to the image / authentication result display unit 112 and the input data processing unit 131-4 ( Step S401). The image / authentication result display unit 112 displays an image of the input image data. When a user's voice is input to the voice input unit 114 (step S402), voice data is generated and output to the input data processing unit 131-4. For example, the voice input to the voice input unit 114 at this time is a voice of a specific word determined in advance. When the user touches the fingertip shape input unit 116 with a fingertip and inputs the fingerprint shape into the fingerprint shape input unit 116 (step S403), the fingerprint shape input unit 116 converts the input fingerprint shape into the fingerprint image. The data is converted into data to generate user fingerprint image data, and the generated user fingerprint image data is output to the image / authentication result display unit 112 and the input data processing unit 131-4. The image / authentication result display unit 112 displays an image of the input user fingerprint image data.

  The input data processing unit 131-4 is a process for matching the image data of the user's face input by the image input unit with the image data of the authorized person's face stored in the input data authentication data storage unit 132-4. , Processing for matching the user's voice data input by the voice input unit 114 and the authorized person voice data stored in the input data authentication data storage unit 132-4, and the user fingerprint image input by the fingerprint shape input unit 116 An authentication process, which is a process of matching the data with the authorized person fingerprint image data stored in the input data authentication data storage unit 132-4, is performed (step S404), and whether the user of the mobile phone 100 is an authorized person Determine whether or not. Note that the input data processing unit 131-4 determines that the user of the mobile phone 100 is an authorized person when all of the matching processes match.

  The input data processing unit 131-4 causes the image / authentication result display unit 112 to display whether or not the user of the mobile phone 100 is the authorized person as a result of the authentication processing (step S405). When the input data processing unit 131-4 determines that the user is an authorized person (step S406), the input data processing unit 131-4 causes the image / authentication result display unit 112 to display a screen requesting the user to input a password. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-4. Note that the input data processing unit 131-4 may read a password stored in advance in the storage unit 33-4. The input data processing unit 131-4 inputs, to the authentication unit 133, authentication information that is a combination of information indicating the telephone number of the mobile phone 100, information indicating that the user is an authorized person, and a password. The authentication unit 133 outputs the input authentication information to the data transmission unit 113-1, and causes the data transmission unit 113-1 to transmit the authentication information to the data reception unit 213 (step S407).

  If the input data processing unit 131-4 determines that the user is not an authorized person (step S104), the input data processing unit 131-4 restricts the functions of the mobile phone 100 that can be used by the user (step S106). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Since the operation of the security management device in the fourth exemplary embodiment of the present invention is the same as the operation of the security management device in the first exemplary embodiment of the present invention, description thereof is omitted.

  As described above, according to this embodiment, the user enters and leaves a specific place using the face image data, voice data, and fingerprint image data. Therefore, it is possible to perform more strict user authentication.

Embodiment 5 FIG.
Next, a fifth embodiment of the present invention will be described. FIG. 18 is an explanatory diagram showing the configuration of the security management system according to the fifth embodiment of the present invention. The security management system according to the fifth embodiment of the present invention includes a mobile phone 100, base stations 300 to 30n that transmit / receive information to / from the mobile phone 100, each base station and a dedicated digital line, a LAN (Local Area Network), and the like. A control station 400 that is connected and has an exchange function for controlling the output of data received from each base station, an identity confirmation system 500 that authenticates the identity of the user of the mobile phone 100, a bank system 600 that performs bank operations, and a control station 400, a communication network 700 connecting the identification system 500 and the bank system 600.

  The bank system 600 is realized by a data processing device such as a server, for example. The communication network 700 is, for example, a public line network, an IP telephone network, the Internet, or the like.

  The configuration of the mobile phone 100 according to the fifth embodiment of the present invention is different from that of the first embodiment in that it does not include the Bluetooth circuit 34. Other configurations are the same as those of the mobile phone 100 according to the first embodiment. It is the same. However, the operations of the storage unit 33-5 and the mobile phone main control unit 32-5 are different from the operations in the first embodiment. For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG.

  FIG. 19 is a block diagram illustrating a configuration of a mobile phone 100 according to the fifth embodiment of the present invention. The storage unit 33-5 stores in advance image data of a face of an access permitted person who is a person permitted to access the bank system 600. In addition, the storage unit 33-5 may store a unique password for the mobile phone 100 in advance. The mobile phone main control unit 32-5 controls each part of the entire mobile phone 100, user face image data generated by the camera unit 39, and access permission stored in the storage unit 33-5. Authentication processing for matching image data of a person's face is performed, whether or not the user of the mobile phone 100 is an access-permitted person, and if the user is determined to be an access-permitted person, Authentication information, which is a combination of a number, information indicating that the user is an authorized user, and a password input by the user, is communicated to the radio communication unit 30 with either the antenna 15 or each base station and the control station 400. The data is transmitted to the identity confirmation system 500 via the network 700.

  Next, in the mobile phone 100 according to the fifth embodiment of the present invention, the configuration of the part that processes the information transmitted to the identification system 500 according to the fifth embodiment of the present invention will be described. In the mobile phone 100 according to the fifth embodiment of the present invention, the configuration of the part that processes the information transmitted to the identity confirmation system 500 according to the fifth embodiment of the present invention is the same as that of the first embodiment. is there. However, the operations of the input data processing unit 131-5, the input data authentication data storage unit 132-5, and the data transmission unit 113-2 are different from the operations in the first embodiment. For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG. The data transmission unit 113-2 is realized by the wireless communication unit 30.

  FIG. 20 is a block diagram showing a configuration of a part for processing information to be transmitted to the identification system 500 according to the fifth embodiment of the present invention in the mobile phone 100 according to the fifth embodiment of the present invention.

  The input data authentication data storage unit 132-5 stores in advance image data of an access-permitted person who is a person permitted to access the bank system 600. The input data processing unit 131-5 includes image data of the user's face captured and generated by the image input unit 111, and image data of the access permitted person's face stored in the input data authentication data storage unit 132-5. Is performed, and it is determined whether or not the user of the mobile phone 100 is an access permitter. If the user is determined to be an access permitter, the phone number of the mobile phone 100 and the user are permitted to access. Authentication information that is a combination of the information indicating that the password is input by the user and the authentication unit 133 outputs the authentication information. The data transmission unit 113-2 transmits the authentication information output by the authentication unit 133 to the identity confirmation system 500 via the base station 300, the control station 400, and the communication network 700.

  FIG. 21 is a block diagram showing a configuration of an identification system 500 according to the fifth embodiment of this invention. An identity confirmation system 500 according to the fifth embodiment of the present invention controls a communication unit (authentication information receiving means) 501 that transmits / receives information to / from the control station 400 and the bank system 600 via the communication network 700, and controls the entire identity confirmation system. Identity verification system control unit (authentication result processing means, control means) 502 and a user's mobile phone permitting access to bank system 600 are previously associated with each other and stored as authentication data in association with the telephone number and password. A system storage unit (permitter information storage unit) 503 is included. The identity confirmation system is realized by a server or the like, for example.

  Next, operation of the fifth exemplary embodiment of the present invention will be described with reference to the drawings. First, the operation of the mobile phone 100 in the fifth embodiment of the present invention will be described. FIG. 22 is a flowchart for explaining the operation of the mobile phone 100 according to the fifth embodiment of the present invention.

  First, the image input unit 111 captures a user's face to generate image data, and outputs the generated image data to the image / authentication result display unit 112 and the input data processing unit 131-5 (step S501). The image / authentication result display unit 112 displays an image of the input image data.

  The input data processing unit 131-5 performs an authentication process for matching the input user's face image data with the access permitted person's face image data stored in the input data authentication data storage unit 132-5. (Step S502), it is determined whether or not the user of the mobile phone 100 is an authorized person. As a matching method, for example, a known matching method such as template matching is used. It should be noted that the image data of the access permitted person's face is stored in advance in the input data authentication data storage unit 132-5 at the time of contracting the cellular phone or the like. For example, the image input unit 111 captures the face of the access permitted person, generates image data of the access permitted person's face, and the input data processing unit 131-5 stores the image in the input data authentication data storage unit 132-5. The image data generated by the input unit 111 may be stored, or from the external device of the security company connected to the connection connector 38, the face of the access permitted person may be connected via the connection connector 38 and the data input / output interface 37. The image data is input to the input data processing unit 131-5, and the input data processing unit 131-5 stores the input image data of the access permitted person in the input data authentication data storage unit 132-5. Good. The image data to be stored in the input data authentication data storage unit 132-5 may be changed by a similar method. Also, there may be a plurality of access authorized persons. Therefore, the face image data of the permitted access person stored in the input data authentication data storage unit 132-5 may be the image data of each face of the plurality of permitted access persons.

  As a result of the authentication process, the input data processing unit 131-5 displays on the image / authentication result display unit 112 whether or not the user of the mobile phone 100 is an authorized person (step S503). When the input data processing unit 131-5 determines that the user is an authorized person (step S504), the input data processing unit 131-5 displays a screen for requesting the user to input a password on the image / authentication result display unit 112. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-5. Note that the input data processing unit 131-1 may read a password stored in advance in the storage unit 33-1. The input data processing unit 131-5 inputs authentication information, which is a combination of the telephone number of the mobile phone 100, information indicating that the user is an authorized user, and a password to the authentication unit 133, and performs authentication. Unit 133 outputs the input authentication information to data transmission unit 113-2, and transmits it to data transmission unit 113-2 to identity confirmation system 500 via one of the base stations, control station 400, and communication network 700. (Step S505).

  When the input data processing unit 131-5 determines that the user is not an authorized person (step S504), the input data processing unit 131-5 restricts the functions of the mobile phone 100 that can be used by the user (step S506). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Next, the operation of the identification system 500 in the fifth embodiment of the present invention will be described. FIG. 23 is a flowchart for explaining the operation of the identity verification system 500 in the fifth embodiment of the present invention.

  In the identity confirmation system 500, when the communication unit 501 receives the authentication information (step S510), the received authentication information is output to the identity confirmation system control unit 502. The identification confirmation system control unit 502 uses the authentication data in which the combination of the telephone number and the password included in the received authentication information is the telephone number and the password stored in association with the identification confirmation system storage unit 503 in advance. (Step S511).

  In the identity confirmation system control unit 502, the combination of the telephone number information and the password included in the received authentication information is the phone number and password stored in advance in the identity confirmation system storage unit 503 in association with each other. If it is determined that it is included in the authentication data, the user is allowed to access the bank system 600 via the mobile phone 100, each base station, the control station 400, and the communication network 700 (step S512). The identification confirmation system control unit 502 includes the telephone number information and password stored in the identification confirmation system storage unit 503 in advance in association with the telephone number information and password included in the received authentication information. If it is determined that it does not match the authentication data, access to the bank system 600 is not permitted (step S513).

  When the identity verification system 500 permits the user to access the bank system 600, for example, when the user makes a balance inquiry via the mobile phone 100, the user operates the operation input unit 35 of the mobile phone 100. The information for specifying the account number and the information for instructing the balance inquiry are input. The operation input unit 35 outputs information specifying the input account number and information instructing balance inquiry to the input data processing unit 131-5. The input data processing unit 131-5 sends the information specifying the account number and the information for instructing the balance inquiry to the data transmission unit 113-2 via the authentication unit 133, the base station, the control station 400, and the communication network 700. To the identity confirmation system 600 via The above is the operation of the part that processes the information transmitted to the identification system 500 according to the fifth embodiment of the present invention in the cellular phone 100 according to the fifth embodiment of the present invention.

  In the identity verification system 500, when the communication unit 501 receives the information specifying the account number and the information instructing the balance inquiry, the communication unit 501 receives the information specifying the account number and the information instructing the balance inquiry. The data is transmitted to the bank system 600 via the communication network 700. The bank system performs an account balance inquiry for the account number specified based on the information for specifying the account number, and sends the information for specifying the account balance amount of the account number for the account number identification information to the identification system 500. Send. In the identity verification system 500, when the communication unit 501 receives information specifying the balance amount, the communication unit 501 carries the received information specifying the balance amount via the communication network 700, the control station 400, and each base station. It transmits to the telephone 100. In the mobile phone 100, when the wireless communication unit 30 receives information specifying the balance amount, the information is input to the mobile phone main control unit 32-5. The mobile phone main control unit 32-5 displays the balance amount on the display unit 36 based on the information specifying the input balance amount.

  As described above, according to this embodiment, a person who should be allowed to access the bank system 600 without transmitting the image data of the user's face to the identity confirmation system 500 is sent to the bank system 600. Access can be granted.

Embodiment 6 FIG.
Next, a sixth embodiment of the present invention will be described. The configuration of the security management system of the sixth embodiment is the same as the configuration of the fifth embodiment. Therefore, the same system and the like as those in the fifth embodiment are denoted by the same reference numerals as those in FIG.

  The configuration of the mobile phone 100 according to the sixth embodiment of the present invention is different from the second embodiment in that it does not include the Bluetooth circuit 34, and the other configurations are the same as those of the second embodiment. However, the operations of the mobile phone main control unit 32-6 and the storage unit 33-6 are different from the operations in the second embodiment. For this reason, circuits similar to those of the second embodiment are denoted by the same reference numerals as those in FIG. 9, and description thereof is omitted.

  FIG. 24 is a block diagram illustrating a configuration of a mobile phone 100 according to the sixth embodiment of the present invention. The storage unit 33-6 stores in advance permitted person voice data, which is voice data of an authorized person who is permitted to access the bank system 600. For example, the voice data stored in the storage unit 33-6 at this time is voice data of a specific word determined in advance. In addition, the storage unit 33-6 may store a unique password for the mobile phone 100 in advance. The mobile phone main control unit 32-6 controls each part of the entire mobile phone 100, and the authorized person stored in the voice data input to the voice processing circuit 31-2 and the storage unit 33-6. An authentication process for matching the voice data is performed to determine whether or not the user of the mobile phone 100 is an access permitter. When it is determined that the user is an access permitter, the phone number of the mobile phone 100 and the user access Authentication information that is a combination of information indicating permission and a password input by the user is transmitted to the wireless communication unit 30 via the antenna 15, one of the base stations, the control station 400, and the communication network 700. To the identity confirmation system 500.

  Next, in the mobile phone 100 according to the sixth embodiment of the present invention, the configuration of the part that processes the information transmitted to the identity confirmation system 500 according to the sixth embodiment of the present invention will be described. In the mobile phone 100 according to the sixth embodiment of the present invention, the configuration of the part that processes the information transmitted to the identification system 500 according to the sixth embodiment of the present invention is the same as that of the second embodiment. is there. However, the operations of the input data processing unit 131-6, the input data authentication data storage unit 132-6, and the data transmission unit 113-2 are different from the operations in the second embodiment. Therefore, the same circuits as those in the second embodiment are denoted by the same reference numerals as those in FIG. The data transmission unit 113-2 is realized by the wireless communication unit 30.

  FIG. 25 is a block diagram showing a configuration of a part for processing information to be transmitted to the identity confirmation system 500 according to the sixth embodiment of the present invention in the mobile phone 100 according to the sixth embodiment of the present invention.

  The input data authentication data storage unit 132-6 stores in advance permitted person voice data, which is voice data of an authorized person who is permitted to access the bank system 600. For example, the voice data stored in the input data authentication data storage unit 132-6 at this time is voice data of a predetermined specific word. The input data processing unit 131-6 performs an authentication process for matching the voice data input to the voice input unit 114 with the authorized person voice data stored in the input data authentication data storage unit 132-6. If it is determined whether the user of the mobile phone 100 is an access permitter and it is determined that the user is an access permitter, the phone number of the mobile phone 100 and information indicating that the user is an access permitter Authentication information, which is information combined with the password input by the user, is output to the authentication unit 133. The data transmission unit 113-2 transmits the authentication information output by the authentication unit 133 to the identity confirmation system 500 via the base station 300, the control station 400, and the communication network 700.

  Since the configuration of the identity confirmation system 500 according to the sixth embodiment of the present invention is the same as the configuration of the identity confirmation system 500 according to the fifth embodiment, the same reference numerals as those in FIG.

  Next, operation of the sixth exemplary embodiment of the present invention will be described with reference to the drawings. The operation of the mobile phone 100 in the sixth embodiment of the present invention will be described. FIG. 26 is a flowchart for explaining the operation of the mobile phone 100 according to the sixth embodiment of the present invention.

  First, when a user's voice is input to the voice input unit 114 of the mobile phone 100, voice data of the input voice is generated and output to the input data processing unit 131-6 (step S601). For example, the voice input to the voice input unit 114 is a predetermined specific word.

  The input data processing unit 131-6 performs an authentication process for matching the input voice data of the user with the data of the access permitted person voice stored in the input data authentication data storage unit 132-6 (step S602). ), It is determined whether the user of the mobile phone 100 is an authorized person. As a matching method, for example, a known matching method such as template matching is used. Note that the voice data of the authorized person is stored in advance in the input data authentication data storage unit 132-6 at the time of contracting the cellular phone or the like. For example, the voice of the access permitted person is input to the voice input unit 114, the permitted person voice data is generated, and is output to the input data processing unit 131-6. The input data processing unit 131-6 stores the input permitter voice data in the input data authentication data storage unit 132-6. The authorized person voice data is input to the input data processing unit 131-6 from the external device of the security company connected to the connection connector 38 via the connection connector 38 and the data input / output interface 37, and the input data processing unit 131-6 is input. 131-6 may store the input authorized person voice data in the input data authentication data storage unit 132-6. The authorized person voice data stored in the input data authentication data storage unit 132-6 may be changed in a similar manner. Also, there may be a plurality of access authorized persons. Therefore, the permitted person voice data stored in the input data authentication data storage unit 132-6 may be voice data of each of a plurality of authorized users.

  As a result of the authentication process, the input data processing unit 131-6 displays on the authentication result display unit 115 whether or not the user of the mobile phone 100 is an access authorized person (step S603). When the input data processing unit 131-6 determines that the user is an authorized user (step S604), the input data processing unit 131-6 displays a screen for requesting the user to input a password on the authentication result display unit 115. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-6. Note that the input data processing unit 131-6 may read the password stored in advance in the storage unit 33-6. The input data processing unit 131-6 inputs authentication information, which is a combination of the telephone number of the mobile phone 100, information indicating that the user is an authorized user, and a password to the authentication unit 133, and performs authentication. Unit 133 outputs the input authentication information to data transmission unit 113-2, and transmits it to data transmission unit 113-2 to identity confirmation system 500 via one of the base stations, control station 400, and communication network 700. (Step S605).

  If the input data processing unit 131-6 determines that the user is not an authorized person (step S604), the input data processing unit 131-6 restricts the functions of the mobile phone 100 that can be used by the user (step S606). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Since the operation of the identity confirmation system 500 in the sixth embodiment of the present invention is the same as the operation of the identity confirmation system 500 in the fifth embodiment of the present invention, description thereof is omitted.

  As described above, according to this embodiment, a person who should be permitted to access the bank system 600 without performing processing that requires a load on the mobile phone 100 called image data processing can be transferred to the bank system 600. Access can be granted.

Embodiment 7 FIG.
Next, a seventh embodiment of the present invention will be described. The configuration of the security management system according to the seventh embodiment of the present invention is the same as the configuration according to the fifth embodiment. Therefore, the same system and the like as those in the fifth embodiment are denoted by the same reference numerals as those in FIG.

  The configuration of the cellular phone 100 according to the seventh embodiment of the present invention is different from that of the third embodiment in that the Bluetooth circuit 34 is not included, and the other configuration is the same as that of the third embodiment. However, the operations of the mobile phone main control unit 32-7 and the storage unit 33-7 are different from the operations in the third embodiment. For this reason, circuits similar to those of the third embodiment are denoted by the same reference numerals as those in FIG. 12, and description thereof is omitted.

  FIG. 27 is a block diagram illustrating a configuration of a mobile phone 100 according to the seventh embodiment of the present invention. The storage unit 33-7 stores in advance permitter fingerprint image data, which is image data of a fingerprint of the permitter of access. In addition, the storage unit 33-7 may store a unique password for the mobile phone 100 in advance. Then, the mobile phone main control unit 32-7 controls each part of the entire mobile phone 100, and the user fingerprint image data which is the image data of the user's fingerprint generated by the fingerprint input unit 60 and the storage unit 33-7 An authentication process for matching the stored permitted person fingerprint image data is performed to determine whether or not the user of the mobile phone 100 is an access permitted person. When the user is determined to be an access permitted person, the cellular phone 100 is determined. Authentication information, which is a combination of information indicating that the user is an access authorized person and a password entered by the user, is transmitted to the wireless communication unit 30, the antenna 15, one of the base stations, and the control station 400. Are transmitted to the identity confirmation system 500 via the communication network 700.

  Next, in the cellular phone 100 according to the seventh embodiment of the present invention, a configuration of a part that processes information transmitted to the identity confirmation system 500 according to the seventh embodiment of the present invention will be described. In the cellular phone 100 according to the seventh embodiment of the present invention, the configuration of the part that processes the information transmitted to the identity confirmation system 500 according to the seventh embodiment of the present invention is the same as that of the third embodiment. is there. However, the operations of the input data processing unit 131-7, the input data authentication data storage unit 132-7, and the data transmission unit 113-2 are different from the operations in the third embodiment. For this reason, circuits similar to those of the third embodiment are denoted by the same reference numerals as those in FIG. The data transmission unit 113-2 is realized by the wireless communication unit 30.

  FIG. 28 is a block diagram showing a configuration of a part for processing information to be transmitted to the identification system 500 according to the seventh embodiment of the present invention in the mobile phone 100 according to the seventh embodiment of the present invention.

  The input data authentication data storage unit 132-7 stores in advance authorized person fingerprint image data, which is data of an authorized person's fingerprint image. The input data processing unit 131-7 performs an authentication process for matching the user fingerprint image data generated by the fingerprint shape input unit 116 and the authorized person fingerprint image data stored in the input data authentication data storage unit 132-7. If it is determined whether the user of the mobile phone 100 is an access permitter and it is determined that the user is an access permitter, the phone number of the mobile phone 100 and information indicating that the user is an access permitter Authentication information, which is information combined with the password input by the user, is output to the authentication unit 133. The data transmission unit 113-2 transmits the authentication information output by the authentication unit 133 to the identity confirmation system 500 via the base station 300, the control station 400, and the communication network 700.

  Since the configuration of the identity verification system 500 according to the seventh embodiment of the present invention is the same as the configuration of the identity verification system 500 according to the fifth embodiment, the same reference numerals as those in FIG.

  Next, the operation of the seventh exemplary embodiment of the present invention will be described with reference to the drawings. The operation of the mobile phone 100 in the seventh embodiment of the present invention will be described. FIG. 29 is a flowchart for explaining the operation of the mobile phone 100 according to the seventh embodiment of the present invention.

  When the user touches the fingerprint shape input unit 116 with the fingertip and inputs the fingerprint shape into the fingerprint shape input unit 116 (step S701), the fingerprint shape input unit 116 converts the input fingerprint shape into image data. Then, user fingerprint image data which is image data of the user's fingerprint is generated, and the generated user fingerprint image data is output to the image / authentication result display unit 112 and the input data processing unit 131-7. The image / authentication result display unit 112 displays an image of the input user fingerprint image data.

  The input data processing unit 131-7 performs authentication processing for matching the input user fingerprint image data with the authorized person fingerprint image data stored in the input data authentication data storage unit 132-7 (step S702). Then, it is determined whether or not the user of the mobile phone 100 is an authorized person. As a matching method, for example, a known matching method such as template matching is used. The authorized person fingerprint image data is stored in advance in the input data authentication data storage unit 132-7 at the time of contracting the cellular phone or the like. For example, the access authorized person contacts the fingertip with the fingerprint shape input unit 116 and inputs the fingerprint shape into the fingerprint shape input unit 116. The fingerprint shape input unit 116 converts the inputted fingerprint shape into image data. The authorized person fingerprint image data is generated, and the generated authorized person fingerprint image data is output to the input data processing unit 131-7. The input data processing unit 131-7 authenticates the input authorized person fingerprint image data as input data authentication. The data may be stored in the data storage unit 132-7, or permitted person fingerprint image data is input from the external device of the security company connected to the connection connector 38 via the connection connector 38 and the data input / output interface 37. The data is input to the data processing unit 131-7, and the input data processing unit 131-7 records the input authorized person fingerprint image data in the input data authentication data storage unit 132-7. It may be. The authorized person fingerprint image data stored in the input data authentication data storage unit 132-7 may be changed in a similar manner. Also, there may be a plurality of access authorized persons. Accordingly, the authorized person fingerprint image data stored in the input data authentication data storage unit 132-7 may be the image data of the fingerprints of a plurality of authorized users.

  As a result of the authentication processing, the input data processing unit 131-7 displays on the image / authentication result display unit 112 whether or not the user of the mobile phone 100 is an authorized person (step S703). When the input data processing unit 131-7 determines that the user is an authorized user (step S704), the input data processing unit 131-7 causes the image / authentication result display unit 112 to display a screen requesting the user to input a password. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-7. Note that the input data processing unit 131-7 may read a password stored in advance in the storage unit 33-7. The input data processing unit 131-7 inputs authentication information that is a combination of the telephone number of the mobile phone 100, information indicating that the user is an authorized user, and a password to the authentication unit 133, and performs authentication. Unit 133 outputs the input authentication information to data transmission unit 113-2, and transmits it to data transmission unit 113-2 to identity confirmation system 500 via one of the base stations, control station 400, and communication network 700. (Step S705).

  If the input data processing unit 131-7 determines that the user is not an authorized person (step S704), the input data processing unit 131-7 restricts the functions of the mobile phone 100 that can be used by the user (step S706). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  Since the operation of the identity confirmation system 500 in the seventh embodiment of the present invention is the same as the operation of the identity confirmation system 500 in the fifth embodiment of the present invention, description thereof is omitted.

  As described above, according to this embodiment, the image data of the user's fingerprint is used to determine whether or not the user is a person who should be allowed to access the bank system 600. Strict user authentication can be performed.

Embodiment 8 FIG.
Next, an eighth embodiment of the present invention will be described. The configuration of the security management system according to the eighth embodiment of the present invention is the same as the configuration according to the fifth embodiment. Therefore, the same system and the like as those in the fifth embodiment are denoted by the same reference numerals as those in FIG.

  The configuration of the mobile phone 100 according to the eighth embodiment of the present invention is different from the fourth embodiment in that it does not include the Bluetooth circuit 34, and the other configurations are the same as those of the fourth embodiment. However, the operations of the mobile phone main control unit 32-8 and the storage unit 33-8 are different from the operations in the fourth embodiment. For this reason, circuits similar to those in the fourth embodiment are denoted by the same reference numerals as those in FIG.

  FIG. 30 is a block diagram illustrating a configuration of the mobile phone 100 according to the eighth embodiment of the present invention. The permitted person characteristic information stored in advance in the storage unit 33-8 includes the image data of the access permitted person's face, the permitted person voice data that is the voice data of the permitted access person, and the fingerprint image of the permitted access person. It is authorized person fingerprint image data which is data. The storage unit 33-8 stores these pieces of data in association with each other in advance. The storage unit 33-8 may store a unique password for the mobile phone 100 in advance. The mobile phone main control unit 32-8 performs a process of matching the image data of the user's face input by the camera unit 39 with the image data of the access permitted person's face stored in the storage unit 33-8, and voice processing. A process of matching the voice data of the user input by the circuit 31-2 with the voice data of the authorized person stored in the storage unit 33-8, the user fingerprint image data input by the fingerprint input unit 60, and the storage unit An authentication process, which is a process of matching the authorized person fingerprint image data stored in 33-8, is performed, and it is determined whether or not the user of the mobile phone 100 is an authorized person.

  Next, in the mobile phone 100 according to the eighth embodiment of the present invention, the configuration of the part that processes the information transmitted to the identity confirmation system 500 according to the eighth embodiment of the present invention will be described. In the mobile phone 100 according to the eighth embodiment of the present invention, the configuration of the part that processes the information transmitted to the identity confirmation system 500 according to the eighth embodiment of the present invention is the same as that of the fourth embodiment. is there. However, the operations of the input data processing unit 131-8, the input data authentication data storage unit 132-8, and the data transmission unit 113-2 are different from the operations in the fourth embodiment. For this reason, the same circuits as those in the first embodiment are denoted by the same reference numerals as those in FIG. The data transmission unit 113-2 is realized by the wireless communication unit 30.

  FIG. 31 is a block diagram showing a configuration of a part for processing information to be transmitted to the identity verification system 500 according to the eighth embodiment of the present invention in the mobile phone 100 according to the eighth embodiment of the present invention.

  The access permitter characteristic information stored in advance in the input data authentication data storage unit 132-8 includes the image data of the access permitter's face, permitter voice data that is voice data of the access permitter, and access permission. The authorized person fingerprint image data, which is the image data of the person's fingerprint. The input data authentication data storage unit 132-8 stores these pieces of data in advance in association with each other. The input data processing unit 131-8 matches the image data of the user's face input by the image input unit 111 and the image data of the face of the authorized person stored in the input data authentication data storage unit 132-4. The process, the process of matching the user's voice data input by the voice input unit 114 and the voice data of the access permitted person stored in the input data authentication data storage unit 132-8, and the fingerprint shape input unit 116 An authentication process, which is a process of matching the input user fingerprint image data and the authorized person fingerprint image data stored in the input data authentication data storage unit 132-8, is performed, and the user of the mobile phone 100 is an authorized person. If it is determined whether or not the user is an authorized person, the telephone number of the mobile phone 100 and the user are permitted to access. The authentication information is information that information and the user indicating that there is a combination of a password, and outputs to the authentication unit 133. The data transmission unit 113-2 transmits the authentication information output by the authentication unit 133 to the identity confirmation system 500 via the base station 300, the control station 400, and the communication network 700.

  Since the configuration of the identity confirmation system 500 according to the eighth embodiment of the present invention is the same as the configuration of the identity confirmation system 500 according to the fifth embodiment, the same reference numerals as those in FIG.

  Next, the operation of the eighth exemplary embodiment of the present invention will be described with reference to the drawings. The operation of the mobile phone 100 in the eighth embodiment of the present invention will be described. FIG. 32 is a flowchart for explaining the operation of the mobile phone 100 according to the eighth embodiment of the present invention.

  First, the image input unit 111 captures a user's face to generate image data, and outputs the generated image data to the image / authentication result display unit 112 and the input data processing unit 131-8 (step S801). The image / authentication result display unit 112 displays an image of the input image data. When a user's voice is input to the voice input unit 114, user voice data is generated and output to the input data processing unit 131-8 (step S802). For example, the voice input to the voice input unit 114 at this time is a predetermined specific word. When the user touches the fingerprint shape input unit 116 with the fingertip and inputs the fingerprint shape into the fingerprint shape input unit 116 (step S803), the fingerprint shape input unit 116 converts the input fingerprint shape into image data. The user fingerprint image data is generated by conversion, and the generated user fingerprint image data is output to the image / authentication result display unit 112 and the input data processing unit 131-8. The image / authentication result display unit 112 displays an image of the input user fingerprint image data.

  The input data processing unit 131-8 matches the user face image data input by the image input unit 111 with the access permitted person face image data stored in the input data authentication data storage unit 132-8. Processing, processing for matching user voice data input by the voice input unit 114 and authorized person voice data stored in the input data authentication data storage unit 132-8, and user fingerprint input by the fingerprint shape input unit 116 An authentication process, which is a process of matching the image data with the authorized person fingerprint image data stored in the input data authentication data storage unit 132-8, is performed (step S804), and the user of the mobile phone 100 is an authorized person. It is determined whether or not. Note that the input data processing unit 131-8 determines that the user of the mobile phone 100 is an access-permitted person when all the matching processes match.

  As a result of the authentication process, the input data processing unit 131-8 displays on the image / authentication result display unit 112 whether or not the user of the mobile phone 100 is an authorized person (step S805). If the input data processing unit 131-8 determines that the user is an authorized person (step S806), the image / authentication result display unit 112 displays a screen requesting the user to input a password. When the user inputs a password to the operation input unit 35, the operation input unit 35 outputs the input password to the input data processing unit 131-8. Note that the input data processing unit 131-8 may read the password stored in advance in the storage unit 33-8. The input data processing unit 131-8 inputs authentication information, which is a combination of the telephone number of the mobile phone 100, information indicating that the user is an authorized user, and a password to the authentication unit 133, and performs authentication. Unit 133 outputs the input authentication information to data transmission unit 113-2, and transmits it to data transmission unit 113-2 to identity confirmation system 500 via one of the base stations, control station 400, and communication network 700. (Step S807).

  When the input data processing unit 131-8 determines that the user is not an authorized person (step S806), the input data processing unit 131-8 restricts the functions of the mobile phone 100 that can be used by the user (step S808). Specifically, use of a telephone function, an e-mail transmission / reception function, a web browsing function, etc. is restricted.

  The operation of the identity confirmation system 500 in the eighth embodiment of the present invention is the same as the operation of the identity confirmation system 500 in the fifth embodiment of the present invention, so the description thereof is omitted.

  As described above, according to this embodiment, a person to whom the user is permitted to permit access to the bank system 600 using the face image data, voice data, and fingerprint image data of the user. Therefore, stricter user authentication can be performed.

  In the fifth to eighth embodiments, the user authentication for accessing the bank system 600 has been described. However, the present invention is not limited to this and requires strict user authentication. It can be applied to various systems.

  Further, in each of the above-described embodiments, when it is determined that the user is not a person with entry / exit qualification or is not a person with access qualification, the functions of the mobile phone 100 that can be used by the user are limited. Although it did, it does not need to be controlled as such. For example, entry / exit may not be permitted, or access may not be permitted.

  The present invention can be used for entry / exit to a specific place requiring strict security management, access to a bank system, and the like.

It is explanatory drawing which shows an example of the external appearance of the mobile telephone by this invention. It is explanatory drawing which shows the structure of the security management system by the 1st Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 1st Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the security management apparatus by the 1st Embodiment of this invention in the mobile telephone by the 1st Embodiment of this invention. It is a block diagram explaining the structure of the security management apparatus by the 1st Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information received from the mobile telephone by the 1st Embodiment of this invention in the security management apparatus by the 1st Embodiment of this invention. 3 is a flowchart for explaining the operation of the mobile phone according to the first embodiment of the present invention. It is a flowchart explaining operation | movement of the security management apparatus in the 1st Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 2nd Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the security management apparatus by the 2nd Embodiment of this invention in the mobile telephone by the 2nd Embodiment of this invention. It is a flowchart explaining operation | movement of the mobile telephone in the 2nd Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 3rd Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the security management apparatus by the 3rd Embodiment of this invention in the mobile telephone by the 3rd Embodiment of this invention. It is a flowchart explaining the operation | movement of the mobile telephone in the 3rd Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 4th Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the security management apparatus by the 4th Embodiment of this invention in the mobile telephone by the 4th Embodiment of this invention. It is a flowchart explaining operation | movement of the mobile telephone in the 4th Embodiment of this invention. It is explanatory drawing which shows the structure of the security management system by the 5th Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 5th Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the identity verification system by the 5th Embodiment of this invention in the mobile telephone by the 5th Embodiment of this invention. It is a block diagram which shows the structure of the identity verification system of the 5th Embodiment of this invention. It is a flowchart explaining the operation | movement of the mobile telephone in the 5th Embodiment of this invention. It is a flowchart explaining operation | movement of the identity confirmation system in the 5th Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 6th Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the identity verification system by the 6th Embodiment of this invention in the mobile telephone by the 6th Embodiment of this invention. It is a flowchart explaining operation | movement of the mobile telephone in the 6th Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 7th Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the identity verification system by the 7th Embodiment of this invention in the mobile telephone by the 7th Embodiment of this invention. It is a flowchart explaining the operation | movement of the mobile telephone in the 7th Embodiment of this invention. It is a block diagram explaining the structure of the mobile telephone by the 8th Embodiment of this invention. It is a block diagram which shows the structure of the part which processes the information transmitted to the identification system by the 8th Embodiment of this invention in the mobile telephone by the 8th Embodiment of this invention. It is a flowchart explaining the operation | movement of the mobile telephone in the 8th Embodiment of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Upper housing | casing part 11 1st display part 12 Speaker 13 2nd display part 14 Camera 15 Antenna 21 Operation part 22 Microphone 23 Shutter button 30 Radio | wireless communication part 31-1, 31-2 Sound processing circuit 32-1, 32 -2, 32-3, 32-4, 32-5, 32-6, 32-7, 32-8 Mobile phone main control unit 33-1, 33-2, 33-3, 33-4, 33-5 33-6, 33-7, 33-8 storage unit 34 Bluetooth circuit 35 operation input unit 36 display unit 37 data input / output interface 38 connection connector 39 camera unit 40 security management device main control unit 41 central processing unit 42 program storage unit 43 Data storage unit 44 Input / output interface 51 Bluetooth circuit 52 Security management door control unit 60 Fingerprint Power unit 100 Mobile phone 111 Image input unit 112 Image / authentication result display unit 113-1, 113-2 Data transmission unit 114 Voice input unit 115 Authentication result display unit 116 Fingerprint shape input unit 130 Authentication processing unit 131-1, 131- 2, 131-3, 131-4, 131-5, 131-6, 131-7, 131-8 Input data processing unit 132-1, 132-2, 132-3, 132-4, 132-5, 132 -6, 132-7, 132-8 Input data authentication data storage unit 133 Authentication unit 200 Security management door 213 Data reception unit 230 Authentication result processing unit 231 Reception data authentication data storage unit 232 Reception data processing unit 233 Control unit 300 , 301, 30n Base station 400 Control station 500 Identity confirmation system 501 Communication unit 502 Identity confirmation system Arm controller 503 identification system storage unit 600 the bank system 700 communication network

Claims (13)

In a security management system including a security management device that performs security management using a signal received from a mobile phone,
The mobile phone is
Permitter-specific data storage means for storing permitter-specific data, which is data specific to the permitter who is a person having a predetermined qualification;
User data input means for inputting user data, which is data representing the characteristics of the user of the mobile phone;
A determination means for comparing the user data and the authorized person specific data to determine whether the user and the authorized person are the same person;
When the determination unit determines that the user and the permitter are the same person, an authentication unit that generates authentication information that is information indicating that the user and the permitter are the same person;
Authentication information transmitting means for transmitting the authentication information generated by the authentication means to the security management device,
The security management device includes:
Authentication information receiving means for receiving authentication information transmitted by the mobile phone;
Permitter information storage means for preliminarily storing permitter information which is information relating to the permitter;
An authentication result processing means for judging whether or not the authentication information received by the authentication information receiving means matches the permitter information stored in the permitter information storage means. . A security management system that manages entry / exit of a user of a mobile phone using a signal received from a mobile phone,
If the authentication result processing means determines that the authentication information and the permitter information match, the security management device permits the user of the mobile phone to enter or leave the specific location; The security management system according to claim 1. Mobile phone
Including an operation input means for the user to enter a password;
The security management system according to claim 2, wherein the authentication unit generates authentication information including a password input by the user to the operation input unit and a telephone number of the mobile phone. The security management system according to claim 2, wherein the control means controls opening / closing of a door at an entrance / exit of a specific place. The security management system according to claim 2, wherein the control unit controls the unlocking and locking of the door at the entrance / exit of the specific place. In a security management system comprising an identity confirmation system for managing access from a mobile phone to a data processing device,
The mobile phone is
Permitter-specific data storage means for storing permitter-specific data, which is data specific to the permitter who is an authorized person;
User data input means for inputting user data, which is data representing the characteristics of the user of the mobile phone;
A determination means for comparing the user data and the authorized person specific data to determine whether the user and the authorized person are the same person;
When the determination unit determines that the user and the permitter are the same person, an authentication unit that generates authentication information that is information indicating that the user and the permitter are the same person;
Authentication information transmitting means for transmitting the authentication information generated by the authentication means to the identity confirmation system via a wireless communication line,
The identity verification system
Authentication information receiving means for receiving authentication information transmitted by the mobile phone;
Permitter information storage means for preliminarily storing permitter information which is information relating to the permitter;
Authentication result processing means for determining whether or not the authentication information received by the authentication information receiving means matches the permitter information stored in the permitter information storage means;
When the authentication result processing means determines that the authentication information and the permitter information match, the mobile phone includes control means for permitting access to the data processing device. . The permitter specific data storage means stores the image data of the permitter's face as the permitter specific data,
The security management system according to any one of claims 1 to 6, wherein the user data input means inputs image data of a photographed user's face as user data. The authorized person specific data storage means stores the authorized person's voice data as authorized person specific data,
The security management system according to any one of claims 1 to 7, wherein the user data input means inputs user voice data as user data. The permitter specific data storage means stores the image data of the permitter's fingerprint as the permitter specific data,
The security management system according to any one of claims 1 to 8, wherein the user data input means inputs user fingerprint image data as user data. In a security management method in which a mobile phone and a security management device work together to perform security management,
The mobile phone is
Storing permitter-specific data, which is data specific to the permitter who is a person with a predetermined qualification,
Enter user data, which is data representing the characteristics of the user of the mobile phone,
Comparing the user data and the authorized person specific data to determine whether the user and the authorized person are the same person,
When it is determined that the user and the permitter are the same person, generating authentication information that is information indicating that the user and the permitter are the same person,
Sending the generated authentication information to the security management device;
The security management device includes:
Pre-stores permitter information, which is information about the permitter,
Receiving the authentication information transmitted by the mobile phone;
A security management method, comprising: determining whether or not the received authentication information matches the stored authorized person information. A security management method in which a mobile phone and a security management device work together to manage entry and exit of a mobile phone user to a specific location,
The security management method according to claim 10, wherein if the security management device determines that the authentication information and the permitter information match, the security management method permits the user of the mobile phone to enter or leave the specific location. . Mobile phone
Enter your password
The security management method according to claim 10 or 11, wherein authentication information including the input password and a telephone number of the mobile phone is generated. A security management method in which a mobile phone and an identity confirmation system work together to manage access from a mobile phone to a data processing device,
Stores permitter-specific data, which is data specific to the permitter who is an authorized person,
Enter user data, which is data representing the characteristics of the user of the mobile phone,
Comparing the user data and the authorized person specific data to determine whether the user and the authorized person are the same person,
If it is determined that the user and the permitter are the same person, generating authentication information that is information indicating that the user and the permitter are the same person,
The generated authentication information is transmitted to the identity confirmation system via a wireless communication line,
The identity verification system
Pre-stores permitter information, which is information about the permitter,
Receiving the authentication information transmitted by the mobile phone;
Determining whether the received authentication information matches the stored permitter information;
A security management method comprising: permitting the mobile phone to access the data processing device when it is determined that the authentication information matches the authorized person information.

Images