JP2006113675A - User authentication device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a user authentication device capable of enhancing security levels without requiring a user to do complex operations. <P>SOLUTION: A dummy screen that apparently urges a user to input a user ID or password is displayed in a display part 81 of an MFP device at the first of two steps of user authentication. When the user ID or password is inputted in accordance with the display of the dummy screen, the user is determined to be using the device illicitly. The normal user needs only to press a cancel button 84 when the dummy screen is displayed. In this way, security levels can be greatly enhanced without the normal user being required to do complex operations. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a user authentication apparatus for performing user authentication.

  2. Description of the Related Art Conventionally, there is known an MFP apparatus (multifunction machine) having a function as a user authentication apparatus for confirming whether or not the user has a use authority based on authentication information such as a password input from the user. .

  In the MFP apparatus, by using such a user authentication function, unauthorized use by an unspecified number of humans without usage authority is prevented, and leakage of personal information such as telephone directory data stored in the apparatus is prevented. It is to be prevented.

  As prior art documents disclosing techniques related to the present invention, there are the following documents.

Japanese Patent No. 2972979

  By the way, the higher the security level achieved by such user authentication, the better. For this reason, user authentication as described above is normally performed only once, but it has also been proposed to perform user authentication in multiple stages in order to improve the security level.

  For example, when performing two-step user authentication, a first password is requested in the first-step user authentication, and a second password different from the first password is requested in the second-step user authentication. Conceivable. As a result, even if one of the first and second passwords is leaked to another person, it can be determined that the password has been illegally used if the passwords in both stages are not correct. Can be improved.

  However, if the user authentication is performed in a plurality of stages as described above, the security level is improved, but conversely, many complicated user operations are required before the use becomes possible, and the convenience of the user is sacrificed.

  The present invention has been made in view of the above problems, and an object of the present invention is to provide a user authentication device capable of improving the security level without requiring a complicated operation from the user.

  In order to solve the above-described problem, the invention of claim 1 is a user authentication device that performs user authentication in a plurality of stages, and apparently authentication for user authentication in any of the user authentications in the plurality of stages. A display unit that displays a dummy screen that prompts the user to input information; and a determination unit that determines unauthorized use when the authentication information is input according to the display of the dummy screen.

  In addition, according to a second aspect of the present invention, in the user authentication device according to the first aspect, any one of the plurality of stages of user authentication is biometric authentication based on a user's physical characteristics.

  The invention of claim 3 further comprises recording means for recording the user's characteristics in the user authentication device according to claim 1 or 2 when the unauthorized use is determined.

  According to the first to third aspects of the invention, the security level can be greatly improved without requiring a complicated operation by the user. Further, unauthorized use can be easily determined without using a complicated authentication algorithm.

  In particular, according to the invention of claim 2, the security level can be further improved.

  In particular, according to the invention of claim 3, it is possible to specify the user who tried to use illegally afterwards.

  Hereinafter, as a specific example, a case where the function of the user authentication device according to the embodiment of the present invention is applied to an MFP device will be described.

<1. Overview>
FIG. 1 is a block diagram illustrating a schematic configuration of the MFP apparatus 1. The MFP apparatus 1 is configured as a multi-function machine having a plurality of functions such as a facsimile function, a scanner function, a printer function, and a copy function (hereinafter, these functions are collectively referred to as “main functions”).

  The facsimile function inputs image data to be transmitted, and sends it to a destination device as an external terminal specified by “phone number” or “e-mail address” (hereinafter collectively referred to as “destination information”). This function transmits the image data. When “telephone number” is set as the data transmission destination, the MFP apparatus 1 functions as a G3 facsimile apparatus using the public switched telephone network (PSTN) 3. On the other hand, when “e-mail address” is set as the data transmission destination, the MFP apparatus 1 functions as an Internet facsimile apparatus using the Internet 22 (and the LAN 21).

  The copy function is a function for copying the content of a document by acquiring the content of the document on a paper medium as image data and printing the image data on a print sheet. The scanner function is a function for acquiring the content of a document on a paper medium as image data, and the printer function is a function for printing data on printing paper.

  Further, the MFP apparatus 1 has a function as a user authentication apparatus, and the user who intends to operate the user has authority to use by performing two-step user authentication before using the main function by the user. An authority confirmation process for confirming whether the user is a user is performed. Before performing the authority confirmation process, the main function of the MFP apparatus 1 is invalidated (deactivated), and the authority confirmation process determines that the user has a use authority (hereinafter referred to as “regular user”). Only when it is confirmed, the main function of the MFP apparatus 1 is enabled (activated). That is, only authorized users can log in to the MFP apparatus 1 and use its main functions. A user who is assumed to use the MFP apparatus 1 on a daily basis is given a use authority in advance.

  Hereinafter, the configuration of the MFP apparatus 1 having such a function and the authority confirmation process will be described in detail.

<2. Configuration>
As shown in FIG. 1, the MFP apparatus 1 includes a main control unit (CPU) 10 for controlling the entire apparatus. Each processing unit of the MFP apparatus 1 is electrically connected to the main control unit 10 via the bus line 11. As a result, each processing unit operates under the control of the main control unit 10 and can transmit and receive data and commands between the processing units.

  The operation panel 8 is a processing unit that functions as a user interface. FIG. 2 is a diagram showing an external configuration of the operation panel 8. As shown in FIG. 2, the operation panel 8 is provided with a display unit 81 configured by a liquid crystal display for displaying various information. The display unit 81 has a touch panel function and can accept user operations as well as display information.

  On the right side of the display unit 81, operation button groups 83 to 87 necessary for receiving various user operations are arranged. The operation button groups 83 to 87 include a determination button 83 for determination, a cancel button 84 for cancellation, a numeric keypad 85 for inputting various information, a start button 86 for instructing operation start, and a stop for instructing operation stop. Buttons 87 and the like are included. Necessary commands and data can be input to the MFP apparatus 1 by operating these operation button groups 83 to 87 and the display unit 81 as a touch panel.

  Further, a fingerprint sensor 89 for inputting user fingerprint information is arranged on the right side of the display unit 81. The fingerprint sensor 89 scans the user's finger placed on the sensor surface, reads the fingerprint pattern, and acquires it as fingerprint information. Fingerprint information acquisition methods include optical methods that acquire fingerprint shadows as fingerprint information through a lens, etc., and electrostatic capacitance methods (semiconductor method) that acquire fingerprint information based on the amount of charge that varies depending on the unevenness of the fingerprint. However, either method may be adopted. The fingerprint sensor 89 is used for authority confirmation processing.

  Further, on the left side of the display unit 81, an imaging unit 88 that captures the user who is operating and acquires the image data is provided. The imaging unit 88 has a configuration as a general digital camera. More specifically, the imaging unit 88 is an optical system that forms an incident light, an image pickup device such as a CCD that photoelectrically converts the formed light image into a charge signal, and an analog charge signal that is converted into a digital signal. An A / D converter or the like is provided. The optical axis of the optical system of the imaging unit 88 is directed to a position where the user's face is assumed to be arranged when the user operates the operation panel 8. Therefore, when shooting is performed by the imaging unit 88, image data with the face of the user operating at that time as the subject is acquired. The acquired image data is preferably in color, but may be in black and white.

  Returning to FIG. 1, the image reading unit 41 is a processing unit that scans and reads an original on a paper medium with a line sensor such as a CCD, and acquires monochrome or color image data relating to the original. The image reading unit 41 realizes a scanner function and an image acquisition function in a facsimile function and a copy function.

  The printing unit 42 is a processing unit that prints image data, character strings, and the like on printing paper by an electrophotographic method or the like. The printing unit 42 realizes a printer function and an image printing function in the facsimile function and the copy function.

  The NCU (network control circuit) 43 and the fax modem 44 are processing units that implement a communication function as a G3 facsimile apparatus. That is, the NCU 43 is a hardware circuit that performs operations such as closing and opening a DC loop of the analog public telephone exchange network 3 and connects the fax modem 44 to the public telephone exchange network 3 as necessary. The fax modem 44 modulates and demodulates image data for G3 facsimile communication. When the MFP apparatus 1 functions as a G3 facsimile apparatus, the NCU 43 and the fax modem 44 transmit and receive image data to and from the partner apparatus.

  The LAN interface 45 is a processing unit that implements a communication function as an Internet facsimile machine. That is, the LAN interface 45 is an interface circuit for connecting the main control unit 10 and each processing unit to the LAN 21 and performs processing such as protocol conversion.

  In addition to the MFP apparatus 1, a mail server, a router apparatus, and the like are connected to the LAN 21, and the LAN 21 and the Internet 22 are connected via the router apparatus. With such a network configuration, the MFP apparatus 1 can transmit and receive data to and from other communication terminals connected to the LAN 21 and the Internet 22. When the MFP apparatus 1 functions as an Internet facsimile apparatus, an electronic mail with an image mail attached is transmitted / received to / from a mail server on the LAN 21 through the LAN interface 45. This electronic mail is further transmitted / received to / from the destination apparatus via a number of mail servers on the Internet 22.

  The ROM 5 is a storage device that stores various fixed data and programs. Various processing functions and control functions of the main control unit 10 are realized by software as the main control unit 10 performs arithmetic processing according to a program stored in the ROM 5. The function of the main control unit 10 includes a function for performing authority confirmation processing.

  The image memory 6 is a storage device that mainly stores image data, and includes a memory such as a DRAM that can be read and written. The image data acquired by the imaging unit 88 and the image reading unit 41 of the operation panel 8 and the image data received by the facsimile function are stored in the image memory 6.

  The data memory 7 is a storage device that stores various types of data that are changed as appropriate, and is configured of a non-volatile memory capable of both reading and writing, such as a flash memory and an MRAM. The data memory 7 stores fingerprint authentication data 71, telephone book data 72, and the like.

  The fingerprint authentication data 71 is data used for fingerprint authentication, which is one stage of user authentication included in the authority confirmation process. The fingerprint authentication data 71 is composed of a plurality of records, and for each of the records, a user ID serving as an authorized user identification code and fingerprint information of the authorized user are associated. The fingerprint information of the authorized user is acquired in advance by the fingerprint sensor 89 and registered in the fingerprint authentication data 71.

  In the fingerprint authentication, the user is requested to input fingerprint information, and the fingerprint information acquired by the fingerprint sensor 89 in response to this is collated with the fingerprint information registered in the fingerprint authentication data 71 in advance. If the acquired fingerprint information matches any fingerprint information in the fingerprint authentication data 71, the result of fingerprint authentication is positive. As a collation algorithm for fingerprint information, there are a pattern matching method, a minutia method, a frequency analysis method, and the like, any of which may be adopted. If the result of the fingerprint authentication is affirmative, the fingerprint authentication data 71 is further referred to based on the matched fingerprint information, and the user ID associated with the fingerprint information is obtained. Identification) will be made.

  The phone book data 72 is data used in the phone book function, which is a part of the facsimile function, and a plurality of pieces of destination information as data transmission destination candidates are registered. When the user performs a predetermined operation on the operation panel 8, destination information is called from the phone book data 72, and the called destination information is set as a data transmission destination. In the MFP apparatus 1, dedicated phone book data 72 is prepared for each authorized user, and each is associated with a user ID. As a result, the authorized user can use the dedicated telephone directory data 72 that can be browsed only by himself / herself.

<3. Authority confirmation process>
Next, the authority confirmation process will be described. As described above, in the authority confirmation process, user authentication is performed in two stages. In the first stage user authentication, a user ID and a password are input. In the second stage user authentication, fingerprint information is input. Each request is made to the user by the screen display of the display unit 81. However, the screen of the display unit 81 in the first stage of user authentication is a dummy screen. When a user ID or password is input according to the display of the dummy screen, the user who is operating is not a regular user. It is determined to be unauthorized use.

  Hereinafter, the flow of such authority confirmation processing will be described with reference to FIG. It is assumed that the main function of the MFP apparatus 1 is disabled at the start of the processing in FIG.

  First, a dummy screen is displayed on the display unit 81 in order to perform user authentication at the first stage (step S11). FIG. 4 is a diagram showing the operation panel 8 in the vicinity of the display unit 81 on which a dummy screen is displayed. As shown in the figure, the display unit 81 displays a screen that prompts input of a user ID and a password, which are authentication information generally used for user authentication. However, this screen apparently prompts for the input of authentication information, but is a dummy screen to the last.

  The authorized user is notified in advance that the screen displayed in the first stage user authentication is a dummy screen. When this dummy screen is displayed, the input is canceled by pressing the cancel button 84. Has been instructed. For this reason, if the operated user is a regular user, the input is canceled when the dummy screen is displayed. However, if the operated user is an unauthorized user, this is not known, and there is a high possibility that the user ID and password are input according to the display of this dummy screen.

  For this reason, when a user ID or a password is input when the dummy screen is displayed (FIG. 3: Yes in step S12), the main control unit 10 determines that it is unauthorized use (step S20).

  On the other hand, when the cancel button 84 is operated ignoring the display of the dummy screen (No in step S12), the result of the first stage user authentication becomes affirmative and the second stage user authentication is performed. . Fingerprint authentication is adopted for the second stage user authentication, and as shown in FIG. 5, a screen for prompting input of fingerprint information is displayed on the display unit 81 (step S13).

  When the user's finger is placed on the sensor surface of the fingerprint sensor 89 in accordance with the display on this screen, fingerprint information is acquired, and fingerprint authentication is performed based on the acquired fingerprint information and fingerprint authentication data 71 (step S14). Even when the result of this fingerprint authentication is negative (No in step S15), the main control unit 10 determines that it is unauthorized use (step S20).

  On the other hand, when the result of fingerprint authentication is affirmative, that is, when the result of both user authentications in two steps is affirmative, the user operated by the main control unit 10 is determined to be a regular user (regular use). (Step S16). As a result, the main function of the MFP apparatus 1 is activated (login), and thereafter, the user can use the main function of the MFP apparatus 1.

  In this state, when a command is input from the user via the operation panel 8, an operation according to the command is performed in the MFP apparatus 1 (step S17). In this state, when the user gives an instruction to log out (Yes in Step S18), or when no command is input for a predetermined time (Yes in Step S19), logout processing is performed. The process returns to step S11.

  By the way, when the main control unit 10 determines that the unauthorized use is made by any of the above-described two-stage user authentication (step S20), the imaging unit 88 of the operation panel 8 performs shooting. Thereby, image data indicating the face of the user determined to be unauthorized use is acquired (step S21). The acquired image data is recorded in the image memory 6 (step S22). The image data recorded in this way can be displayed on the display unit 81 by performing a predetermined process via the operation panel 8, which may cause unauthorized use. It is possible to identify a certain user after the fact.

  As described above, in the MFP apparatus 1, a dummy screen that prompts the user to input a user ID and a password is displayed in the first stage of the two stages of user authentication, and the user is displayed according to the display of the dummy screen. When an ID or a password is input, it is determined that it is unauthorized use. For this reason, it is possible to determine unauthorized use very easily without using a complicated authentication algorithm. In addition, the authorized user simply cancels the input when the dummy screen is displayed, and does not need to perform a complicated operation. That is, the user can perform user authentication in a plurality of stages without complicated operations, thereby greatly improving the security level.

  In addition, since fingerprint authentication is adopted in the second stage user authentication, the security level can be greatly improved as compared with the case where user authentication based on a general password or the like is adopted.

  Further, when it is determined that the user is illegally used, the image data indicating the user's face is recorded, so that a user who may have attempted to use it illegally can be identified afterwards.

<4. Modification>
Although the embodiments of the present invention have been described above, the present invention is not limited to the above-described embodiments, and various modifications are possible.

  In the above embodiment, the fingerprint information input is accepted after the cancel button is pressed on the first-stage dummy screen. However, when the dummy screen is displayed, the fingerprint information input may be accepted. Good. In other words, when a user ID or password is input when displaying a dummy screen, it is determined that the user has illegally used the information. On the other hand, when fingerprint information is input, fingerprint authentication is performed as second-stage user authentication. Also good.

  In the above embodiment, the user ID and password are prompted for input on the dummy screen. However, the screen prompting for the input of fingerprint information is displayed as a dummy screen as shown in FIG. 5, and the fingerprint information is input accordingly. In some cases, it may be determined as unauthorized use. In other words, it may be determined as unauthorized use when authentication information according to the display content of the dummy screen is input.

  In the above embodiment, fingerprint authentication is adopted as user authentication at the stage where a dummy screen is not used. However, the present invention is not limited to this, and user authentication by other methods such as user authentication based on a user ID and a password is adopted. May be. However, in order to improve the security level, it is preferable to employ biometric authentication, which is user authentication based on the user's physical characteristics such as fingerprints, irises, voiceprints, retinas, palms, faces, palm veins, and the like.

  In the above-described embodiment, two-stage user authentication is performed as the authority confirmation process. However, three or more stages of user authentication may be performed. In addition, the display of the dummy screen is not limited to the first stage among these multiple stages of user authentication, and may be performed in the second stage and subsequent user authentications. A dummy screen may be displayed in a plurality of stages.

  In the above embodiment, when it is determined that the user has illegally used, image data indicating the face is recorded as the user's characteristic. However, the user's fingerprint, iris, voiceprint, retina, palm, face Information indicating other physical characteristics such as a palm vein may be recorded. Information indicating such physical characteristics can be acquired by prompting the input by displaying a dummy screen, for example.

  In the above embodiment, the case where the user authentication apparatus is applied to the MFP apparatus has been described. However, the present invention is not limited to this, and the user authentication apparatus having the same function as described above is applied to another apparatus such as a mobile phone. Of course it is also possible.

2 is a block diagram illustrating a schematic configuration of an MFP apparatus. FIG. It is a figure which shows the external appearance structure of an operation panel. It is a figure which shows the flow of an authority confirmation process. It is a figure which shows the display part on which the dummy screen was displayed. It is a figure which shows the display part with which the screen which prompts input of fingerprint information was displayed.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 MFP apparatus 6 Image memory 8 Operation panel 10 Main control part 84 Cancel button 88 Imaging part 89 Fingerprint sensor

Claims (3)

A user authentication device that performs multi-stage user authentication,
In any one of the plurality of stages of user authentication, a display means that displays a dummy screen that prompts the user to input authentication information for user authentication in appearance,
When the authentication information is input according to the display of the dummy screen, a determination unit that determines unauthorized use,
A user authentication device comprising: The user authentication device according to claim 1,
One of the plurality of stages of user authentication is biometric authentication based on a user's physical characteristics. In the user authentication device according to claim 1 or 2,
A recording means for recording the characteristics of the user when the unauthorized use is determined;
A user authentication device further comprising:

Images