JP2006302199A - Information processor which partially locks window and program for operating this information processor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To reduce temporal overhead from completion of lock to unlock by performing authentication in every misconception by eliminating the misconception due to behavior factors and camera factors in accordance with change of illumination environment in a system for locking the whole information processor by detecting leaving of a user after logon using biometrics. <P>SOLUTION: The information processor is equipped with a leaving detection means by the biometrics 3, a means for storing setting information at stepwise security levels, a means 8 for partially locking a window according to the setting information at the stepwise security levels and an authentication means 3 for performing authentication during unlock of the partially locked window, and locks a part of the window. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a method for identifying the presence / absence of a legitimate user or owner and a method for eliminating an unauthorized operation by a third party in a monitoring system that controls the security of an information processing apparatus.

  There is a high risk of information leakage regarding information processing devices due to theft or theft by third parties. To date, logon judgments using password authentication and biometric authentication, and lock judgments when operation for a specified period of time has been interrupted, It has been possible to prevent information from being exposed to eyes and third parties from operating information processing devices.

  Conventionally, the feature information of the parts to be noticed is calculated from the image data obtained from the authentication information acquisition means and compared with the registered feature information. As a result, if it matches the registered information, the logon state is entered. Also, a computer monitoring system has been proposed that maintains biometric authentication, maintains a logon state as long as it matches, and locks the information processing apparatus when biometric authentication fails due to leaving the seat (for example, see Patent Document 1).

In the multi-window management device, whether the time has passed or the focus has moved to another window, or according to the security attribute table according to the declaration from the application program itself, the windows opened by the application program are locked individually for each application program. It has been proposed (see, for example, Patent Document 2).
JP 2002-7351 A JP-A-5-53748

  Conventionally, in a system that determines that the user is registered by biometric authentication, enters the logon state, and continues biometric authentication in the logon state, once the biometric authentication is successful, the logon state is maintained, and if biometric authentication fails due to leaving the desk or the like The information processing device was locked. However, the factors that cause biometric authentication to fail include failure to extract feature information due to failure in searching for parts such as the eyes, nose and mouth of the face in addition to leaving the seat. For example, as extraction failure factors, the camera's auto white balance function may cause whitening due to changes in the lighting environment, etc., or the camera may become dark due to sunset or light turning off, and the user may be depressed There were factors that caused the user to look back, look away, and the user during imaging was not facing the front, or that the face protruded from the shooting range.

In the conventional system, a failure of biometric authentication due to a camera factor or a gesture factor, which is a factor different from leaving the seat, is regarded as leaving and the window is locked.

  Once the window is locked, unlocking requires biometric authentication or password authentication instead of biometric authentication, which requires authentication effort and time overhead each time it is locked.

  As mentioned above, because the window is locked due to a factor other than leaving without being away from the desk, the work, communication or service is interrupted to the user, and the lock is released. In addition, every time it is locked, there is a problem in that it requires authentication effort and time overhead.

  In addition, when a security attribute table is provided and the application program performs settings for each application program, and the windows opened by the application program are individually locked according to the security attribute table, a commercially available application program can set the security attribute table. Also, the application program itself had to be modified so that the window lock could be declared.

  In addition, since the application program sets a password for each application program, the password is not consistent and the management and use of the password is complicated, and the person who knows the password is an authorized user or owner immediately. However, there is a problem that when a password is revealed by one application program, OS services such as file operations and communication operations are possible, and other locked and protected application programs are also threatened. It was.

  Similarly, since the application program sets the security attribute table, it is possible to invalidate the lock by altering the security attribute table when a computer virus infects the application program. There was a problem that other application programs below were under threat.

  The present invention uniquely identifies a logged-on computer user by detecting the presence of a legitimate user by using biometric authentication even after logging on to lock a window or computer resource, and the window or application program. The purpose is to eliminate unit password setting and authentication.

  In addition, even if tracking is unsuccessful due to camera factors or gesture factors, it is possible to provide a lock method that reduces partial or complete window lock and unlock overhead of computer resources based on stepwise security levels. The purpose is to do.

  An information processing apparatus that partially locks a window according to the present invention is based on biometric authentication absence detection means, setting information storage means for storing stepwise security level setting information, and stepwise security level setting information. It is characterized by comprising partial lock means for partially locking a window and authentication means for performing authentication when the partially locked window is unlocked.

  According to the present invention, a legitimate user or owner who has logged on is always tracked by face authentication, and the information processing apparatus is configured to display a window according to stepwise security level setting information by detecting absence from the disappearance during imaging. Because it is partially locked, the time required for unlocking is short even if it encounters a false detection caused by a user's gesture or a temporary malfunction of the camera, and the work, communication, or service interruption time can be shortened. .

  Even if a third party attempts an unauthorized operation in a partially locked state, the application program has individual security levels set, and the application program locks the opened window according to the set security level. Therefore, for example, voice communication and services on other computers such as servers connected to the network cannot be used, and unauthorized operation by a third party can be prevented. In addition, since the biometric authentication and password authentication fail, the lock cannot be released, and the failure shifts to a complete lock state, so that an unauthorized operation by a third party can be prevented.

  [Embodiment 1] A first embodiment of the present invention will be described with reference to FIGS. In the figure, 1s is a partial window lock state, 10s is a logged-on state, 201 is a transition to a locked state, 202 is a transition associated with returning from the locked state, 203 is a transition to a hibernation state, and 204 is a logged-out state. During the transition or transition to the power-off state, 205 is a transition to the power-off state.

  The outline of the operation of the partial window lock system of the present invention will be described using FIG. 6 in comparison with the state transition of the OS. As shown in FIG. 6, in an information processing apparatus that is powered on, for example, a PC, when the OS transitions to a logged-out state and is successfully authenticated and determined to be a valid user, the OS transitions to the logged-on state 10 s You can start and work on application programs and enjoy communication and services.

  By switching from the logged-on state 10s to the locked state by time-out, user operation, or absence detection, which is a function of the partial window lock system of the present invention, operation by a third party can be eliminated, and user operation This allows transition to a hibernation state, so-called standby state, hibernation state, logged-out state, or power-off state.

  The partial window lock system of the present invention is characterized by having a partial window lock state 1s as a secondary state in the OS logged on state 10s.

  When the user successfully logs on, the OS transitions to the logged on state 10s, and the partial window lock system of the present invention is activated in the logged on state. The partial window lock system starts face tracking after startup, and when face tracking fails, the protected application program locks the opened window, transitions to the partial window lock state 1s, and the partial window Realize the locked state.

  When in the partial window lock state 1s, the locked application program falls under the protection of the partial window lock system of the present invention displayed as an icon in the task tray. An open window cannot be operated, and the locked application program is protected.

  When the user clicks on an icon that is a partial window lock system of the present invention displayed on the task tray, the user is required to authenticate.

  When the authentication is successful, the lock is released, and the window opened by the application program is displayed at the position displayed before the lock, and the user can operate.

  If the authentication fails, the partial window lock system of the present invention changes the state of the OS from the logged-on state 10s including the partial window lock state 1s to the locked state (201).

  When the user tries to release the lock, the OS is in the locked state, so that the OS authenticates and returns to the logged-on state 10s (202). At the time of return, the protection of the application program by the partial window lock system of the present invention is released, and the OS is purely in the logged-on state 10s. Also, upon return, the partial window lock system of the present invention resumes face tracking.

  Hereinafter, partial unlocking of the window before and after the transition to the locked state (201) and the return to the logged-on state 10s (202) will be described. As long as the transition to the locked state occurs due to the failure of the face tracking, the transition to the locked state is realized by the partial window lock system of the present invention requested by the OS, and is locked before the transition to the locked state (201). Or release the lock. When returning to the logged-on state 10s (202), the lock has already been released or the lock release flag is set and the lock is released according to the flag, and the user can safely operate the application program.

  When the OS transitions from the logged-on state 10s to the locked state due to a timeout or user operation, the OS and the partial window lock system of the present invention negotiate whether or not to lock, and the partial window lock of the present invention is locked. The system transitions to the lock state when it agrees to the lock. In the course of this discussion, the partial window lock system of the present invention releases the lock or sets a lock release flag as described above, so that the application program is unlocked after returning to the logged-on state.

  The configuration of the partial window lock system of the present invention will be described with reference to FIG. The partial window lock system of the present invention includes a partial window lock system (application program # 0) 1, an OS 2, and biometric authentication means (biometric authentication engine) 3.

  The window lock system 1 has a tracking means 7 and a partial window lock means 8. Information 9 of the lock target program for each security level is supplied to the partial window lock means 8.

  The OS 2 includes a user manager 4, a task manager / window manager 5, a timer 6, a desktop window 10 after logon, a desktop window 11 (described in the description of FIG. 4) 11 on which a screen saver displayed at the time of locking is moved, and a camera 30. Have. On the desktop window 10, an active application program (# 1) 101, application program (# 2) 102, and application program (# 3) 103 are displayed. As shown in FIG. 2 or 3, a task bar and a task tray 100 are displayed on the desktop window 10.

  When the OS 2 is activated in a powered-on information processing apparatus such as a PC, the user manager 4 transitions to a logged off state, and the user manager 4 is used for password authentication by the user manager 4 or biometric authentication using the biometric authentication means (biometric authentication engine) 3. If the user is authenticated and it is determined that the user is a valid user, a transition is made to the logged on state.

  When the OS 2 transitions to the logged-on state, as shown in FIG. 2A, a desktop window 10 that is a desktop window dedicated to the logged-on state is displayed on the PC screen. When the user starts the application program, the task manager / window manager 5 displays windows (101 to 103) on which the application program is opened on the desktop window 10.

  When transitioning to the logged-on state, the OS 2 starts a pre-registered program or service routine. The partial window lock system 1 of the present invention is also activated at this point and displayed on the task bar and task tray 100 at the lower side of the desktop window 10 displayed on the screen.

  As shown in FIG. 1, the partial window lock system 1 of the present invention comprises a tracking means 7 and a partial window lock means 8. When the partial window lock system 1 of the present invention is activated, first, the tracking means 7 takes over the inquiry information about the feature information such as the position and color of the face of the user who has successfully logged on to the user manager 4. Start face tracking. The tracking unit 7 appropriately calls the biometric authentication unit (biometric authentication engine) 3 to extract features or perform authentication on the face being tracked and confirm whether the user can be tracked accurately.

  The partial window lock system 1 of the present invention starts face tracking, and when face tracking fails, instructs the partial window lock means 8 to lock the partial window.

  Upon receiving the lock instruction, the partial window lock means 8 refers to the information 9 of the lock target program for each security level, and determines whether the application program to be protected is activated and displayed on the desktop window 10 as a task manager / window manager 5. Contact

  The partial window lock means 8 of the present invention inquires of the task manager / window manager 5 about the handle of the window to be locked from the inquiry result, and intercepts the handle. By instructing non-display of the stealed handle for each handle, the window that has been opened on the desktop window 10 is hidden. The partial window lock means 8 holds a steered handle, and when unlocked, the display is instructed for each handle to return to the display state before the lock, and the lock is released.

  In the first embodiment of the present invention, the lock target program information 9 for each security level is set by the installer program as a default value, an initial value, or a recommended value when the application program is installed. The user or system administrator can set interactively using the installer program at the time of installation, and can set or change for each program or for each window title as needed in the unlocked state after logon.

  In the present invention, unlike the example of Patent Document 2, the application program is not set, but instead is set by the installer program. However, the installer program is written together with the installation procedure in the so-called installer script created by the manufacturer of the application program. Is realized by following the procedure.

  In particular, since the installer program verifies the signature of the installation procedure written by the certificate authority and the manufacturer's certificate attached to the installation procedure so-called installer script, the installation program determines whether installation is possible. In addition, the setting of lock target program information 9 for each security level can be realized.

  The activation of the application program by the user will be described with reference to FIG. The user double-clicks the application program icon displayed by the desktop window 10 or the file manager function of the OS 2, clicks the task bar and the task tray 100, and selects an application program from the program menu that appears to select a desired application program. to start.

  Each activated application program opens a window 102 and displays it on the desktop window 10.

  The partial window lock unit 8 of the present invention refers to the lock target program information 9 for each security level, and determines whether the activated application program (# 2) 102 is an application program to be protected. The activated application program (# 2) 102 is a protection target, and the partial window lock means 8 monitors each display position and state until the application program (# 2) 102 ends.

  A window operation and display by the user will be described with reference to FIG. When the user minimizes the window of the application program (# 1) 101 among the application programs displayed on the desktop window 10, an icon 101t is displayed on the task bar or task tray 100 on the desktop window 10. In this state, the application program (# 1) 101 displayed with the icon 101t does not accept anything other than a specific key input or click of the icon 101t using a mouse or the like.

  When the window is minimized, the OS 2 displays an icon on the task bar or task tray using the task manager / window manager function. Before the icon is displayed, the partial window lock system of the present invention is used as the icon display position. Determine if the taskbar or task tray is appropriate.

  In FIG. 2, the partial window lock means 8 of the partial window lock system 1 of the present invention inquires whether the tracking means 7 can accurately track the user and confirms that the user is not away, ie, As a result of determining that the user is not away, the minimized application program (# 1) 101 is displayed as an icon 101t on the task bar or task tray 100 which is the normal display position.

  Thereafter, the minimized application program is continuously displayed on the icon 101t on the task bar or task tray 100 unless the tracking means 7 determines that the user is away from the desk, and the user clicks the icon 101t to return to the original position of the desktop window 10. The original size is displayed.

  If it is determined that the tracking means 7 has left, the application program 101 is a protection target, so the icon (101t) disappears from the task bar or task tray 100 and is taken into the icon 1 on the task bar or task tray 100 to be protected.

  With reference to FIG. 3, the display when leaving the seat and the protection by the partial window lock system of the present invention will be described. If the tracking means 7 of the partial window lock system 1 fails to track the face and determines that it is away from the desk, the partial window lock means 8 sends the application program (# 2) 102, (# 3) 103 to the task manager / window manager 5. As shown in FIG. 3A, the application program (# 2) 102, (# 3) 103 and the icon 101t on the desktop window 10 and the task bar or task tray 100 are hidden, and the user is not displayed. Cannot be operated, and a partial window lock state of the present invention is entered.

  The hidden application programs (# 2) 102 and (# 3) 103 are displayed on the task bar or task tray 100 because the partial window lock system 1 displayed on the task bar or task tray 100 is protected. When the partial window lock system 1 is clicked, a pop-up menu 1p is displayed as shown in FIG. The pop-up menu 1p lists application program names or window names, and the user selects an application program or window to be displayed. When an application program or window to be displayed is selected, the partial window lock system 1 requests the user to authenticate, for example, by requesting the user manager 4 to perform authentication, or directly authenticate the biometric authentication engine 3. To perform biometric authentication. If the authentication is successful, the partial window lock means 8 instructs the task manager / window manager 5 to display the original size at the original position, and releases the partial window lock state.

  As shown in FIG. 3C, in the partial window lock system 8 of the present invention, the tracking means 7 requests password authentication from the OS 2 user manager 4 for password authentication, and when the password authentication is successful, the user manager 4 A response is sent to the tracking means 7 indicating success. If successful, the tracking means 7 instructs the partial window lock means 8 to release the lock, and the window lock means 8 instructs the OS2 task manager / window manager 5 to display the application programs (# 2) 102 and (# 3) 103. To do.

  The partial window lock system 1 of the present invention can shift to authentication without opening the pop-up menu 1p even if clicked. When the user clicks the partial window lock system 1 displayed on the task bar or task tray 100 on the desktop window 10 in FIG. 3A, a password authentication window 104 is suddenly displayed as shown in FIG. Is displayed. Password authentication is performed by the user entering a password, but if the password is not entered, face authentication is automatically attempted in the background using biometric authentication means (biometric authentication engine) 3 in parallel. Is done.

  In FIG. 3, all the windows that were open at the time of partial lock were minimized and protected by the partial window lock system of the present invention. Windows that cannot directly operate computer resources or application programs, such as incoming notification windows and virus quarantine warning windows, are displayed without protection. By this display, information that should be noticed by the user continues to be displayed, and information that should be noticed by the user is not buried in other windows, so that the information can be reliably transmitted.

  When the partial window lock system 1 releases the partial window lock on the basis of successful authentication, the tracking means 7 determines whether or not to resume face tracking. When face authentication is successful and partial window lock is released, face tracking is resumed.

  Hereinafter, lock criteria in multimodal authentication will be described. Even if the window lock system 1 succeeds in the password authentication instead of the face authentication and releases the partial window lock, the face tracking is performed when the face authentication is successfully attempted in the background after the release, and the partial window unlock state continues. To maintain.

  The window lock system 1 continues to challenge face authentication even if background authentication fails, but when the number of failures reaches a specified number of times, application programs other than the application program that succeeded in password authentication are locked, and again. Partial window lock state. As described above, the partial window lock system 1 of the present invention increases the security level or the protection level step by step by trying partial window lock in case of doubt by linking password authentication, face authentication and face tracking. , Restricting the information exposed to the user and the services that can be operated.

  In the partial window lock system 1 of the present invention, the biometric authentication means (biometric authentication engine) 3 performs face authentication, but the biometric authentication means (biometric authentication engine) 3 includes fingerprint authentication, finger vein authentication, and palm vein. Authentication, iris authentication, etc. can be added. The partial window lock release by the password authentication described above can be replaced by, for example, fingerprint authentication. Also in this case, the partial window lock system 1 of the present invention performs face authentication in the same manner as the password authentication described above after releasing the partial window lock by fingerprint authentication, and starts face tracking.

  In general, fingerprint authentication among biometric authentication techniques contributes to the convenience of the user because the determination time is faster than that of face authentication, and is easy to become familiar with the user's intuition and highly effective. For example, the face authentication of the partial window lock system of the present invention performs face tracking by illuminating the user with an infrared projector at night to obtain an image, but when the partial window lock is released, the user is darkened. It is easier and more reliable to press your finger against the fingerprint sensor or trace your finger than typing your password on the keyboard. For this reason, the partial window lock system of the present invention is configured so that a plurality of authentication means can be used together. For partial lock release, in addition to password authentication, face authentication, other authentication means such as fingerprint authentication. By the parallel operation, partial lock state release is realized according to the authentication information of the authentication means that has succeeded in the authentication first of the authentication means.

  That is, in the partial window lock system 1 of the present invention, authentication used for logon, lock release, or partial window lock release, and authentication for tracking a user and determining whether a legitimate user is using it. The user can dynamically choose according to time and circumstances. In response to the successful authentication by the authentication means selected by the user, the partial window lock system 1 of the present invention consistently confirms whether the authentication information provided by the authentication means matches the user who has successfully logged on. Compensates for sex. This is the end of the description of the lock criteria in the multimodal authentication of the present invention.

  When a user starts an application program during the partial window lock of the present invention, the partial window lock means 8 of the partial window lock system 1 refers to the lock target program information 9 for each security level. If it is determined whether it is a protection target, it is protected without displaying a window.

  In the state of FIG. 3A, the user starts the application program (# 3) 103, but the application program (# 3) 103 is registered / published in the lock target program information 9 for each security level. The window lock means 8 of the present invention is determined as a protection target. Since the window is already partially locked at this point, the window lock means 8 of the present invention instructs the task manager / window manager 5 to hide the application program (# 3) 103.

  The hidden application program (# 3) 103 is displayed when the user clicks the partial window lock system 1 displayed on the task bar or the task tray 100 on the desktop window 10 in FIG. Are listed in the pop-up menu 1p. The pop-up menu 1p also lists other protected and hidden application programs (# 1) 101 and (# 2) 102, and the user uniquely selects the application program (# 3) 103 for authentication. After that, it can be used by unlocking.

  The operation of the screen saver when authentication fails in a partial window lock state will be described with reference to FIGS. The desktop window displayed by the OS 2 in the partial window lock state is the desktop window 10 capable of starting an application program or displaying a window opened by the application program.

  In the partial window lock state, when the partial window lock release by biometric authentication or password authentication is attempted and the authentication fails, the tracking means 7 of the partial window lock system 1 of the present invention is provided in the OS 2 with respect to the OS 2. Instructs the window to be locked using the window lock function.

  In the present invention, the lock of the OS 2 is realized by switching the desktop window 10 to the desktop 11 for the screen saver, and the desktop window 10 is hidden and inactivated, and the input means such as the keyboard and the mouse are disconnected. The input means of the application programs (# 1) 101 and (# 2) 102 operating on the desktop window 10 are also cut off, and the lock is realized.

  In the locked state by the OS 2, as shown in FIG. 5A, the screen saver 110 is activated and displayed on the screen saver desktop 11.

  In addition to the transition to the locked state due to the authentication failure described above, the OS 2 has a screen saver setting, and when there is no operation such as key input by the user for a certain period of time, the desktop is switched to the screen saver desktop 11 and the screen saver 110 is started. To lock.

  Even in the partial window lock state of the present invention, when a certain time elapses after the partial lock of the window, the partial window lock system 1 of the present invention determines to lock the window by the OS 2. In this case, the tracking unit 7 instructs the OS 2 to lock the window or asks the OS 2 to agree to the lock because there is no operation such as key input by the user for a certain period of time. To lock.

  The unlocking will be described with reference to FIG. The partial window lock system of the present invention does not intervene in the release of the lock, and the OS tries to authenticate and releases the lock when the authentication is successful.

  The OS 2 starts authentication in response to user operations such as simultaneous pressing of the control key, the ALT key, and the delete key, finger detection with the fingerprint sensor, and face detection with the camera.

  The user manager 4 selects an authentication means, and in FIG. 5, the screen saver 110 is stopped, and a password input window 104 is opened and displayed on the screen saver desktop 11 shown in FIG. Face authentication using the authentication means (biometric authentication engine) 3 is tried.

  If any authentication is successful, the user manager 4 switches the desktop from the screen saver desktop 11 to the desktop window 10 and releases the lock, and at the same time, the user manager 4 notifies the tracking means 7 that the lock is released. The tracking unit 6 inquires the user manager 4 about characteristic information such as the position and color of the user's face to be tracked, takes over the information, and starts face tracking.

  When the authentication is successful other than the face authentication, the face authentication is continued even after the lock is released, and no tracking is performed by the tracking unit 6 until the face authentication is successful. When the face authentication is successful, the user manager 4 notifies the tracking means 6 that the face authentication has succeeded, and the tracking means 6 inquires the user manager 4 about the feature information such as the position and color of the user's face to be tracked. Take over the face tracking.

  The following explains the grounds for generating credit and the formation of the ring. As described in the first embodiment of the present invention, the partial window locking system of the present invention is based on the fact that the trust generated at the time of logon or unlocked, that is, based on the successful authentication, is the user manager. The feature information such as the position and color of the user's face brought by 4 is updated while the tracking means 7 tracks the face. In other words, as long as a user who has successfully logged on uses the credit, the trust generated at the time of logon is maintained, and a trust circle is formed based on the stored trust so that the user can use the information processing apparatus as a reason.

  When the tracking means 7 of the partial window locking system of the present invention fails to track the face and locks the window in part, the trust is shaken, and when the authentication is successful and the partial window is unlocked Credit is restored.

  The feature information such as the position and color of the user's face brought to the tracking means 7 by the user manager 4 when the credit is generated is not limited to the feature information, for example, the user ID information held by the user manager 4 or the temporary information It can be a unique number or symbol that can be used for any purpose. In this case, the tracking unit 7 uses the tracking unit 7 and the biometric authentication engine 3 to extract and collect feature information such as the position and color of the face, and associate it with the user ID information provided by the user manager 4. The credit is taken over, and as long as the face tracking is successful, the credit is maintained and a circle of trust is formed.

  If unlocking fails or OS2 transitions to the locked state for some reason, the trust circle will be interrupted. However, when unlocking is successful, new credit will be generated by successful authentication, and credit will be restored. A ring is formed. In this way, a circle of trust is formed.

  As described above, according to the trust circle formed by maintaining the trust generated by the successful logon or unlock, the logged-on user continues to use as long as the trust circle exists. As long as the tracking means 7 succeeds in face tracking, authentication as in Patent Document 2 is unnecessary, and even if the tracking means 7 fails in face tracking, the computer resources are protected by partially locking, Unauthorized operations by a third party do not extend to the OS or application program, and thus locking at the OS level is unnecessary. Windows that cannot directly operate computer resources and application programs, such as a window that displays the time and status of the clock when partially locked, a window that informs the arrival of voice mail on an IP phone, and a virus quarantine warning window are protected. Therefore, information that should be noticeable to the user continues to be displayed, and in particular, information that should be noticeable to the user is not buried in other windows, so that it can be reliably transmitted.

  Also, by authenticating at the time of partial unlocking, the trust that was shaken can be recovered and the trust ring can be maintained, and the vulnerable security state can be eliminated during the operation from logon to logout or shutdown.

  Therefore, password authentication at the application program level is unnecessary, and modification of a commercially available application program that has been considered as a problem in Patent Document 2 can also be used to set security attributes and passwords for each application program by the application program, and to use complicated passwords for users. Is no longer necessary.

  In addition, locking at the OS level is unnecessary, and the overhead of locking and unlocking at the OS level, which is problematic in Patent Document 1, can be reduced. This overhead reduction has one aspect that can avoid locking at the OS level due to a biometric authentication engine misjudgment caused by camera factors and gesture factors, reducing user stress, and security realized by the present invention. The user's acceptance of the system can be increased, the barrier to system introduction is lowered, and it leads to continuous use, and the security level is improved by introducing the system.

  Second Embodiment Hereinafter, a second embodiment in cooperation with RF-ID will be described with reference to FIG. In this embodiment, an RFID tag reader 31 is added to the system shown in FIG. For the sake of simplicity, description of functions and operations common to the first embodiment will be omitted, and differences from the first embodiment will be described.

  In the second embodiment, a wireless tag is added to a plurality of authentication means in releasing the partial window lock state described with reference to FIG. 3 of the first embodiment. The wireless tag reader 31 is connected to the OS 2 and used by a general application program, as well as the user manager 4 of the OS 2 and the biometric authentication means (biometric authentication engine) 3. The user manager 4 holds the association information by associating the RFID tag read by the RFID tag reader 31 with the RFID tag reader 31 while the user is logged on.

  In realizing the second embodiment of the present invention, the information held by the wireless tag is a simple solid identification number or symbol, and this information is read or read / written by the wireless tag reader, and the user successfully logs on. When credit is generated, the user manager 4 associates it with feature information such as the position and color of the user's face brought to the tracking means 7.

  Not limited to the feature information, for example, user ID information held by the user manager 4 or a unique number or symbol that can be temporarily used for temporary use may be used. In this case, the tracking unit 7 uses the tracking unit 7 and the biometric authentication engine 3 to extract and collect characteristic information such as the position and color of the face, and associates it with the user ID information provided by the user manager 4. At the same time, the information read out from the wireless tag is also associated, and these are associated, so that the trust is taken over. As long as the face tracking or the periodic reading of the wireless tag is successful, the trust is maintained and a trust ring is formed.

  The information held by the wireless tag may be not only a simple solid identification number or symbol but also information related to authentication or additional information of a user carrying the wireless tag. The partial window lock system of the present invention is a wireless tag reader. It can be used for reading.

  For example, user ID information held by the user manager 4 or derivative information of the ID information, for example, a hash value of the ID information, is stored in the wireless tag, and is associated with the user ID information provided by the user manager 4 described above. It is possible to verify the validity of the association by collating. Similarly, feature information such as the position and color of the user's face, so-called biometric authentication information, is stored in the wireless tag, and is associated with the feature information such as the position and color of the user's face brought about by the user manager 4 described above. It is possible to verify the validity of the association by collating.

  By associating the wireless tag with the feature information such as the position and color of the user's face of the tracking means 7 and the user ID information provided by the user manager 4, the tracking means 7 can detect camera factors and gestures during face tracking. Even if tracking fails due to a factor, if the wireless tag is successfully read, there will be no partial lock. However, if the face tracking continues to fail even in this state, that is, if the RFID tag continues to be successfully read, the tracking means 7 determines that the user is away from the seat and performs partial locking.

  When the user clicks the partial window lock system 1 icon of the present invention displayed on the task bar or task tray 100 in the partial window lock state, the partial window lock system 1 requests the OS 2 to perform password authentication. In addition, the wireless tag reader 31 requests detection and reading of the wireless tag. In this way, the password authentication window (104) is displayed, and face authentication and wireless tag detection proceed in the background. If authentication is successful with any of the authentication means, the partial window lock is released.

  In realizing the second embodiment of the present invention, the RFID tag reader 31 may be operated by the biometric authentication means (biometric authentication engine) 3 in addition to the mode operated by the user manager 4. In this configuration, the user manager 4 associates the user with the wireless tag, and the biometric authentication unit 3 associates with the user information held by the biometric authentication unit 3.

  The biometric authentication means (biometric authentication engine) 3 operates the wireless tag reader 31 in parallel with the face authentication being attempted, tries to detect the wireless tag, and based on information that succeeds in either face authentication or reading first. Unlock partial windows.

  Further, in the second embodiment of the present invention, since the RFID tag reader 31 can uniquely determine the distance at which the RFID tag can be read, the RFID tag can be periodically used when the logon state is not a partial window lock state. If the reading fails, it is considered that the user has left the seat, and the user's absence can be detected. The accuracy of absence detection can be improved by continuous reading of the wireless tag and face tracking.

  As described above, in the second embodiment of the present invention, the user manager 4 and the tracking means 7 associate the ID information and the feature information of the user who has successfully logged on, while the face tracking is successful. The ring is formed.

  For the ID information and feature information of the user who has successfully logged on, the information read from the wireless tag by the tracking unit 7 and the feature information of the user who has successfully logged on are associated with each other to use the wireless tag as an auxiliary for face tracking. If the wireless tag can be detected even if the tracking means 7 is determined to be away from the camera due to camera factors or gesture factors, it is possible to reduce misjudgment by not performing partial locking immediately. be able to.

  If the tracking unit 7 continues to fail in face tracking even if the wireless tag is successfully detected, the tracking unit 7 uses the wireless tag in a complementary manner by determining that the person is away from the seat. It is possible to make a transition to a partial lock state on the safe side in the same security as in the first embodiment that is not used.

  Regarding the ID information and feature information of the user who has successfully logged on, in the authentication for unlocking by associating the information read from the wireless tag by the user manager 4 with the ID information of the user who has successfully logged on, the wireless tag By performing detection and biometric authentication in parallel, unlocking can be performed based on whichever is earlier, and the time required for authentication can be shortened.

  Example 3 A third example of the present invention for displaying decoys will be described with reference to FIG. This embodiment is characterized in that a replacement icon (decoy) is displayed in the first embodiment. In this embodiment, when it is determined that the user is away, the replacement window icon 1d1 of the application program 101, the replacement window 1d2 of the application program (# 2) 102, and the application program (# 3) 103 are displayed on the desktop window 10. A replacement window 1d3 is displayed.

  For the sake of simplicity, description of functions and operations common to the first embodiment will be omitted, and differences from the first embodiment will be described. In the third embodiment, the operation in the partial window lock state described with reference to FIG. 3 of the first embodiment is different, and the reaction to the user's operation is changed according to the third embodiment. The look and feel is different from the example.

  When the tracking unit 7 fails to track the face, the partial window lock unit 8 of the present invention instructs the task manager / window manager 5 to hide the application program (# 1 to # 3) 101, and the desktop window 10 and the task bar. Or, the application program (# 2) 102 and the icon 101t on the task tray 100 are not displayed, and a partial window lock state of the present invention that cannot be operated by the user is set.

  At the same time, the partial window lock means 8 acquires the display positions and states of the application programs (# 1) 101 and (# 2) 102, and displays the replacement window 1d2 or the replacement icon 1d1t at the same position.

  In the partial window lock state, the replacement window 1d2 can be minimized, maximized, moved, and resized, and similarly, the replacement icon window can be displayed and maximized.

  In the replacement window 1d2, the window pane is filled with an arbitrary color, for example, gray, and does not reflect any user key input, mouse operation, or menu operation.

  In addition, a message can be displayed in the window pane. For example, “This window is locked” or “Click on the task tray icon” is displayed, and the user is partially locked in the window. It is possible to inform that it is in, and lead to unlocking.

  In addition, it is possible to let a third party know that the image is taken by displaying the image taken by the camera 30 in the window pane of an arbitrary replacement window.

  When a user starts an application program in the partial window lock state of the present invention, the partial window lock means 8 of the partial window lock system 1 refers to the information 9 of the lock target program for each security level. Confirm whether it is to be protected, and if it is determined to be protected, it protects without displaying the window, and at the same time displays a replacement window.

  In FIG. 8, the user activates the application program (# 3) 103, but since it is registered / published in the lock target program information 9 for each security level, it is determined as a protection target. At this time, the application program (# 3) 103 is not displayed because it is already in a partial window lock state.

  At the time of unlocking, the partial window locking means 8 of the present invention instructs the task manager / window manager 5 to hide the replacement window or the replacement icon, and at the same time, the application programs (# 1) 101, (# 2) Any or all of the displays 102 are instructed.

  The partial window locking means 8 of the partial window locking system 1 of the present invention refers to the display position and state of the window that the application program (# 3) 103 tried to open, and displays the replacement window 1d3. To do.

  A message that the application program (# 3) 103 is protected by the partial window lock system 1 displayed on the task bar or task tray 100 on the desktop window 10 is displayed in the window pane of the replacement window 1d3. . The user clicks on the partial window lock system 1, and the pop-up menu 1p that is displayed lists the application program (# 3 (103, 103) as well as the application program (# 3) 103 in the same way as # 1 (101, (# 2) 102). If the application program (# 3) 103 is uniquely selected and unlocked after authentication, the activated application program (# 3) 103 can be used.

  At the time of unlocking, the partial window lock means 8 of the partial window lock system 1 instructs the task manager / window manager 5 to hide the replacement window 1d3, and at the same time, instructs the application program (# 3) 103 to be displayed. The user can use the application program (# 3) 103.

  In the third embodiment of the present invention, the window of the already displayed application program is hidden and the replacement window is displayed. However, the window of the already displayed application program is not hidden and the window is not displayed. The same effect can be obtained by covering part of the constituent elements. For example, among the elements of the title bar and the menu bar of the component, the status bar, the toolbar, the window pane, and the scroll bar appropriately displayed in the window pane, the window that covers the menu bar and the window pane is partially included in the present invention. Window lock means is opened, and the data displayed in the window pane is concealed by overlaying it on the window of the application program already displayed, and the operation by the user after partial window lock is suppressed.

  As described above, the third embodiment of the present invention informs the user that the window is visually locked by minimizing the window to be protected and displaying the replacement window when partially locked. be able to. In addition, since the window or icon does not disappear from the desktop or task bar or the tray, the user can experience the original operation feeling of the window, the so-called look and feel, and does not give the user a sense of incongruity. The acceptability to the lock system can be increased, the barrier of system introduction is lowered and it leads to continuous use, and the security level is improved by introducing the system.

  Since the modification of the conventional application program is not required, the acceptability of the partial window lock system of the present invention can be increased, the barrier of system introduction is lowered and it is connected to continuous use, and the security level is improved by introducing the system.

  The operation flow for realizing the transition between the partial lock state, the logged-on state, and the lock state of the present invention and the trust ring formed by the trust backed by the authentication result will be described with reference to FIG.

  In FIG. 10, the information processing apparatus is first in the power stage, hibernation state, or locked state, and when the information processing apparatus is turned on and the OS 2 is started or returned (1001), user authentication is performed ( 1002).

  The authentication in FIG. 10 is premised on face authentication, but may be password authentication, biometric authentication using fingerprints, veins, and irises, or authentication using an authentication device.

  If the authentication is successful (1002), the OS 2 of the information processing apparatus transitions to a logon state, confirms whether a camera device as a tracking unit is connected and can be used (1004). Stop function. The partial window lock system of the present invention allows to use a combination of authentication other than face authentication and absence detection by face tracking. Prevents hang-ups.

  Credit is generated when the authentication (1002) is successful, but after logon, the credit is transferred to the tracking means 7 as the characteristic information of the user who has successfully logged on, that is, the tracking target, and is managed by the tracking means 7.

  In addition to the user information that can be identified by the OS 2 such as the logged-on user ID, the feature information is the user's feature information extracted by the authentication (1002) and the logon that was taken with the camera that is the tracking means at the time of logon. It is imaging including a user.

  The tracking means 7 regards the feature information or the secondary feature information extracted from the imaging as credit generated at the time of logon, and determines that the credit is preserved as long as the tracking succeeds without interruption.

  If the authentication is successful again after the loss of trust and the ring of trust is interrupted, the user information that can be identified by the OS 2 such as the logged-on user ID matches the user information at the time of logon. It is considered that the information has been recovered, and other characteristic information is determined to be valid information, and is used for the determination of absence in the subsequent tracking.

  When the connection of the camera can be confirmed, the tracking target is detected (1007), it is determined whether it is in a partial lock state (1008), a certain time elapses after entering the partial lock state, or the user releases the partial lock. When the trial authentication fails, the state transitions to the lock (1020) (1112), and the OS 2 enters the lock state.

  Even if it is in a partially locked state, if it has not timed out or has not attempted to release the lock, it is confirmed whether there are a plurality of faces through confirmation of the release request (1009)? In (1010), it is determined whether a plurality of faces are detected. When the detected face is single, the tracking target feature information detected in the absence detection (1011) is statistically processed to determine the absence (1012), and detected when the person is not away (1007). ) (1100).

   If the user who has successfully authenticated (1003) and logged on is tracked and has never been determined to leave, the credit generated at the time of logon changes from detection (1007) to leaving (1012) through transition (1100). A route of return to detection (1007) is saved and a trust ring is formed.

  If it is determined that the user is away from the seat (1012), the partial lock (1019) of the partial window lock means 8 is called, and the tracking is returned to detection (1007). The partial window lock means 8 executes the called partial lock (1019) to enter the partial lock state. At this time, the OS 2 remains in the logged-on state, and the partial window lock means 8 is mainly used to maintain the partial lock state instead of the OS 2.

  2 faces? When a plurality of faces are detected in (1010), face authentication is performed individually in face authentication (1013), and whether or not authentication is successful for a face that is considered to be in the vicinity of the information processing apparatus with a large occupied area during imaging. Determination (1014) is made. If authentication fails, the distance between the person who failed authentication in the position determination (1015) and the information processing apparatus is identified or estimated from the occupied area of the imaging, and if it is determined that the distance is short, the distance is locked by the lock (1020). If it is determined that the user is not within the operable distance, a partial lock (1019) is called, and a transition is made to detection (1007) (1110).

  The tracking target loses trust when authentication (1014) fails, but tracking is attempted even after transitioning to detection (1007) (1110). During tracking, even if it returns to detection (1007) in the determination of leaving seat (1012) (1100), credit is not restored, and after returning to detection (1007) after calling the partial lock (1019) suspected of leaving (1110) Although it is in an untrustworthy state, as long as it returns to detection (1007), tracking is attempted.

  If the authentication (1014) is successful, the partial lock release (1018) is called, and then the flow goes to detection (1007) (1101). The partial window lock means 8 executes the called partial lock release (1018) to release the partial lock state. The success of the authentication (1014) restores the tracked credit, and the recovered credit thereafter passes the detection (1007), the absence determination (1012), the transition (1100), and the return to the detection (1007). Will be preserved and the circle of trust will be restored.

  When the partial window lock means 8 receives an unlock request from the user, it is notified to the tracking means 7 and authentication (1016) for release is performed by confirming the release request (1009). If the authentication is successful, after partial lock release (1018) is called, the process proceeds to detection (1007) (1101). The partial window lock means 8 executes the called partial lock release (1018) to release the partial lock state. The success of the authentication (1014) restores the tracked credit, and the recovered credit thereafter passes the detection (1007), the absence determination (1012), the transition (1100), and the return to the detection (1007). Will be preserved and the circle of trust will be restored.

  If the authentication fails, the authentication determination (1017) returns to the detection (1007) (1111), but as described above, the partial lock determination (1008) failed the authentication (1016) associated with the release request. It is assumed that the person is not operating the information processing apparatus, and the state shifts to the lock (1020) (1112), and the OS 2 enters the lock state.

  After the transition to the locked state by the lock (1020), when the authentication (1002) succeeds and the logged-on state is restored, the state before the lock is preserved. The window lock will continue.

  Even after losing sight of the tracking means in the confirmation (1004) of the tracking means when returning to the logged-on state and stopping the tracking (1005), the partial window lock means 8 calls the authentication means to authenticate and succeeds in the authentication. The lock of the partial window is released, and if it fails, the OS 2 is requested to lock and the state is shifted to the locked state.

  As described above, the trust ring is maintained in the logged-on state, and is lost at the time of transition to the partial lock state. After that, tracking is continuously tried, and even if tracking is successful, trust will not be restored, but if multiple faces are detected or if the user requests partial release of the window lock, the authentication will succeed The window is unlocked and authentication is successful, so trust is restored. In other words, the ring of trust is preserved as long as it is not partially locked.

  According to the present invention, the tracking means 7 and the partial window lock system 8 can realize partial window lock in the partial lock state during the logged-on state, which is one state of the OS 2.

  In addition, according to the present invention, even when OS2 transitions between the logged-on state and the locked state, the window in the partially locked state remains locked by comparing the logged-on state before the transition to the locked state and after the return to the locked state. In addition, a partially locked window can be protected.

  Further, in the present invention, even if the tracking means is lost after returning, the partially locked window remains locked, and the partially locked window is protected.

  In addition, the user's partial block state release request is autonomously determined by using the biometric authentication engine 3 or password authentication which is an authentication means, and if successful, the lock is released to improve the convenience of the user. If the information processing apparatus is secured and fails, the OS 2 is requested to lock the information processing apparatus, and the information processing apparatus can be locked to protect each information processing apparatus.

  In the present invention, the partial lock state of the window can be realized without interfering with or contradicting the state transition of the OS 2 by the tracking means 7 and the partial window lock system 8.

The figure which shows the structure of the 1st Example of this invention. The figure which shows starting of the partial window lock after logon of the 1st Example of this invention, and starting of the application program by a user. The figure which shows the transfer to the partial window lock at the time of absence detection in the 1st Example of this invention, and the cancellation | release of a partial window lock. The figure which shows the structure in the locked state by OS in the 1st Example of this invention. The figure which shows transfer to the locked state by OS, and cancellation | release of a locked state in 1st Example of this invention. The figure which shows the state transition and operation | movement of 1st Example of this invention. The figure which shows the 2nd Example of this invention. The figure which shows the 3rd Example of this invention. The figure which shows the window lock system provided with the conventional absence detection. The figure explaining the operation | movement flow which implement | achieves the transition of the partial lock state of the present invention, a logged-on state, and a lock state, and the trust ring which the trust backed by the authentication result forms.

Explanation of symbols

1 ... Partial window lock system 2 ... OS
3 ... biometric authentication means 4 ... user manager 5 ... task manager / window manager 6 ... timer 7 ... tracking means,
8 ... Partial window locking means,
9 ... Information of lock target program for each security level 10 ... Desktop window after logon 11 ... Desktop window 30 on which screen saver to be displayed when locked is locked ... Camera 31 ... RFID tag reader
DESCRIPTION OF SYMBOLS 100 ... Taskbar and task trays 101-103 of the desktop window 10 ... The application program and the display 104 which are running ... Password authentication window 110 ... Screen saver 1d1 ... Replacement ball icon 1d2 ... Replacement ball window 1d3 ... Replacement ball window 1p ... Pop-up menu

Claims (16)

A biometric authentication unit, a display unit, a tracking unit, a partial window lock unit, a camera, an OS having an authentication function, a task management function, an OS having a window management function, and an application program In the installed information processing device,
The user management function is a function of performing user authentication using either the authentication function or the biometric authentication means, and logging on the user when the authentication is successful.
The window management function is a function of displaying a desktop window on the display unit,
The task management function is a function for starting an application program automatically by the OS or by an operation of the logged-on user,
The tracking means is means for detecting whether the logged-on user is present in front of the information processing apparatus, and if not present, means for notifying the partial window lock means of absence,
The partial window lock means, when receiving the notification of the absence, partially locks the window by requesting the window management means to hide the window opened by the application program. An information processing apparatus characterized by being a means. The information processing apparatus according to claim 1,
Said partial window locking means comprises:
Iconically resides on the desktop window of the information processing device without opening the window, minimizes the window that is locked when the window is locked, suppresses the display of the minimized window icon, and retains the minimized window identifier. ,
When the user clicks the lock means for the iconified partial window, a menu listing the names of the minimized windows based on the identifier held is displayed.
An information processing apparatus, which is means for requesting authentication from a user when a user selects a window to be restored from the menu. The information processing apparatus according to claim 1,
The partial window lock means is a means for setting the timer after the log-on or when a user operation is interrupted and a predetermined time elapses, and locking the window according to an event of the set timer thereafter. Information processing device. The information processing apparatus according to claim 3,
The information processing apparatus according to claim 1, wherein the partial window locking means is means for locking in a stepwise manner in order from a window having a higher sensitivity according to a ranking of the sensitivity in a stepwise manner over time. The information processing apparatus according to claim 1,
Furthermore, it comprises an absence detection means for tracking a user who has been successfully authenticated at the time of logon,
The absence detection means is a means for setting the timer when a user's absence is detected, and for gradually locking in order from a window with higher confidentiality according to the order of confidentiality over time. Partial information processing equipment. The information processing apparatus according to claim 5,
The absence detection means detects the person using the camera, and when the user is successfully authenticated and logs on, the person detected during the imaging of the camera is tracked during the imaging, and it is determined that the person is away from the imaging. An information processing apparatus, characterized in that The information processing apparatus according to claim 5,
Furthermore, it has a radio that communicates with the wireless tag,
The user carries the wireless tag,
The absence detection means communicates with the wireless tag using the wireless device,
The absence detection means is means for continuing communication with the wireless tag communicated at the time of logon when the user has successfully authenticated and logged on, and determining that the user is away when communication with the wireless tag is disabled. An information processing apparatus characterized by that. The information processing apparatus according to claim 5,
Equipped with a sensor,
The absence detection means senses the reflected light of the electromagnetic wave emitted by the information processing apparatus or the user's own radiation using the camera or sensor, and leaves the seat when the reflected light or the radiation is not sensed. An information processing apparatus characterized by being a means for determining. The information processing apparatus according to claim 1,
When the user requests restoration of the locked window or explicitly attempts to unlock it, authentication is performed by the biometric authentication means, and if the biometric authentication is successful, the requested window or all locked windows are authenticated. An information processing apparatus for unlocking a window. The information processing apparatus according to claim 5,
An information processing apparatus according to claim 1, wherein when the absence detection means detects a person after detecting the absence, biometric authentication is performed, and when the biometric authentication is successful, all locked windows are unlocked. The information processing apparatus according to claim 1,
When a user requests restoration of a locked window or explicitly attempts to unlock it, password authentication is performed, and if the password authentication is successful, the requested window or all locked windows are locked. An information processing apparatus characterized by being released. The information processing apparatus according to claim 1,
Whether the user requests to restore a locked window or explicitly attempts to unlock it, keeps the partial window locked or locks all windows if authentication fails and authentication fails Or an information processing apparatus that requests a lock from the OS and transitions to a lock state defined by the OS. A biometric authentication unit, a display unit, a tracking unit, a partial window lock unit, a camera, an OS having an authentication function, a task management function, an OS having a window management function, and an application program A program for operating an installed information processing apparatus,
When there is a user authentication request when the information processing apparatus is in the logout state or the locked state, the authentication function of the user management function or the biometric authentication unit executes user authentication; and
If the authentication is successful, the application is transitioned to the logged-on state;
Determining whether the tracking means is available;
Detecting the tracking object when the tracking means is available;
Determining whether it is in a partial lock state;
Determining whether a plurality of faces are detected in the screen when the release request cannot be confirmed when in the partial lock state;
Obtaining feature information of a tracking target when there is one detected face;
Statistically processing the tracked feature information to determine absence,
A program for operating an information processing apparatus, comprising: setting a partially locked application that is in a logged-on state when it is determined that the user is away from the desk. A program for operating the information processing apparatus according to claim 13,
A program for operating an information processing apparatus, comprising: a step of shifting the information processing apparatus to a locked state when it is determined that the person has left the seat in the step of determining the absence. A program for operating the information processing apparatus according to claim 13,
A step of biometric authentication using one face when a plurality of faces are detected in the step of determining whether a plurality of faces are detected in the screen;
Determining whether the face is close or far if face authentication fails;
Locking the information processing device when at a short distance;
A program for operating an information processing apparatus, comprising a step of partially locking the application when the user is at a long distance. A program for operating the information processing apparatus according to claim 13,
If the release request can be confirmed when in the partial lock state, performing face authentication;
A program for operating an information processing apparatus comprising a step of releasing partial lock when face authentication is successful.

Images