JP2007068138A - Authentication system, reader/writer apparatus and storage warehouse - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an image display control system capable of improving the convenience and cost reduction with respect to the user. <P>SOLUTION: In an image forming apparatus 1, having a cellular phone 2 which built in an IC chip 30, an authentication device 6 which is prepared in a security protection object to communicate with the IC chip 30 and attests the using authority of the security protection object of interest, and an application management device 8 connected with the cellular phone 2 via the internet network INT; when the cellular phone 2 communicates with the authentication device 6 and the usage authorization of the security protection object of interest is attested, based on key registration intelligence which the cellular phone 2 downloaded from the application management device 8; the cellular phone 2 receives a key application start signal from the authentication device 6, starts the key application downloaded from the application management device 8, and it is made to display the predetermined screen on the display means 28 of the cellular phone 2. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an image display control system, an authentication system, and an application management apparatus that perform personal authentication when using a security protection object.

  In recent years, security protection for objects and information has been strongly demanded. As a means for security protection, for example, in the techniques described in Patent Literature 1 to Patent Literature 5, personal authentication is performed when a security protection object is used.

  The key management device described in Patent Document 1 authenticates a user using an IC card and permits use of a key stored in a key box. The key box includes a plurality of boxes for individually storing keys, and an electronic lock is attached to each door of the box. A card reader is attached to the key box. When the user passes the IC card through the card reader, the key management device acquires the IC card data, sends it to the management center, and receives a signal from the management center indicating that the user has been authenticated as a member. Then, a password input guide and a touch panel are displayed on the screen of the card reader. When the user enters a password using the touch panel, the key management device sends the password to the management center, receives a signal from the management center indicating that the password has been authenticated, and further includes a guidance for specifying the vehicle number and the touch panel. Is displayed on the card reader screen. Then, when the user inputs a car number to the card reader, the key management device unlocks the door of the box that stores the car key corresponding to the car number and makes the key usable.

  The authentication system described in Patent Document 2 performs personal authentication using a mobile phone and unlocks the door. The mobile phone stores an identification number for unlocking the door in a memory, and transmits the identification number to the receiving device by infrared rays by a user's operation. When the receiving apparatus authenticates the identification number, the receiving apparatus transmits a signal notifying that the identification number is valid to the electronic lock attached to the door, and unlocks the electronic lock.

  The garage door opening / closing system described in Patent Document 3 performs personal authentication using a mobile phone, and locks or unlocks the garage door. When the user parks the car in front of the garage door and makes a call from the mobile phone to the communication device to connect to the garage door opening / closing system homepage, the user will be prompted to enter the password on the mobile phone display and open / close the garage door. A selection button to select is displayed. When the user selects the password and “Open” and sends the data to the communication device, the communication device determines whether the password is correct. If the password is authenticated, the electronic lock attached to the garage door is unlocked. Lock it.

  The security remote control system described in Patent Document 4 performs personal authentication using a mobile phone, and locks and unlocks the door of the home entrance. The security remote operation system detects the position of its own device by the location information detection unit, and automatically sends a status notification request email to the security center to notify the locked / unlocked state when it goes out of the area including the home. . The security sensor transmits a state confirmation signal to the key unit provided at the door of the entrance, and receives the lock state investigation result from the key unit. The image display control system transmits a status notification mail including the key unit investigation result to the mobile phone. The user displays a status notification mail on the mobile phone to confirm the locked state, and when not locked, transmits a locking instruction signal to the key unit via the security center.

  The locker system described in Patent Document 5 confirms whether or not the user of the locker is an authorized user by using a mobile phone, and locks and unlocks the locker. In the locker system, electronic locks are provided on the lockers of the locker device. In addition, the locker device is provided with a numeric keypad for inputting a locker number and the like. For example, when the user enters the locker number into the numeric keypad and accesses the URL of the data center from the mobile phone according to the unique access URL information confirmation screen, personal authentication is performed between the mobile phone and the data center using the ID and password. The operation screen is transmitted from the data center to the mobile phone. When a user inputs an unlock request for a locker to be unlocked on the operation screen and sends it to the data center, the data center authenticates that the user has the right authority according to the locker number, ID and password. A lock instruction is transmitted to the locker device, and the locker designated by the user is unlocked.

JP 2004-300683 A JP 2002-339608 A JP 2003-319469 A JP 2005-155205 A JP 2003-278421 A

However, the systems described in Patent Documents 1 to 5 have the following problems.
(1) In the key management device described in Patent Document 1, password input guidance and guidance for specifying a car number are displayed on the screen of the card reader, and information is input using the touch panel displayed on the screen. A display, a display screen control program, a memory for storing various programs and data, and the like had to be provided, which was expensive. In addition, the key management device described in Patent Document 1 cannot use the IC card for the key management device in another image display control system, and the user owns a separate IC card for each image display control system. It was inconvenient.

(2) In the authentication system described in Patent Document 2, if a user displays a data transmission screen on a mobile phone and does not transmit data to the receiving device by operating a button, infrared data is transmitted to the receiving device. The data transmission operation took time and effort.

(3) In the systems described in Patent Document 3, Patent Document 4, and Patent Document 5, a mobile phone connects to a communication device, a security center, and a data center via the Internet, and a communication device using a public telephone line network, Since communication is performed between the security center and the data center, communication costs are incurred each time communication is performed. Also, in areas outside the communication area, mobile phones could not be connected to communication devices, security centers, and data centers, and the system could not be operated.

  Therefore, the present invention has been made to solve the above-described problems. By using a mobile phone incorporating a non-contact integrated circuit such as an IC chip, an IC card or a key using the Internet can be used. An object of the present invention is to provide an image display control system, an authentication system, and an application management device that can provide added value that could not be realized, and that can improve convenience for users and reduce costs.

In order to achieve the above object, the present invention has the following configuration.
(1) An image forming control system according to the present invention includes a mobile phone including a non-contact type integrated circuit having an identifier, a security protection object to be protected, a non-contact type integration provided in the security protection object. An authentication device that communicates with a circuit and authenticates the right to use a security protection object; and an application management device that is connected to the mobile phone via a communication means. Download source key application storage means for storing a key application for displaying a predetermined screen on a mobile phone in association with the key, download source key registration information storage means for storing key registration information corresponding to use authority, key application, and key registration Download means for downloading information to a mobile phone, Has a download destination key application storage means for storing the key application downloaded from the application management apparatus, and a download destination key registration information storage means for storing the key registration information downloaded from the application management apparatus. A key application activation signal for activating a key application is received from the authentication device when it is authenticated that the authentication device is authorized to use the security protection object based on the key registration information, and stored in the download destination key application storage means. And a predetermined screen is displayed on the display means of the mobile phone.

(2) In the image formation control system described in (1), a management apparatus that is connected to an authentication device via an internal communication unit and includes a display data storage unit that stores display data to be displayed on a display unit of a mobile phone Display data writing means for reading the display data from the display data storage means and writing it to the mobile phone when the authentication device communicates with the mobile phone and authenticates that the right to use the object to be protected is authorized. The mobile phone has display control means for displaying the display data written in the authentication device on the display means when the key application is activated.

(3) In the image display control system described in (1) or (2), the mobile phone has a password storage means for storing the password, and the key application displays the password input screen at the time of activation. The personal identification number displayed on the personal identification number input screen is compared with the personal identification number stored in the personal identification number storage means to determine whether or not the identification can be performed. .

(4) In the image display control system according to any one of (1) to (3), the key registration information includes a restriction condition that restricts the use of the security protection object, and the authentication device is a mobile phone. When the key registration information is received, it is determined whether the mobile phone is communicating with the authentication device within the range of the restriction condition, and the mobile phone is communicating with the authentication device within the range of the restriction condition And an activation signal transmission control means for transmitting a key application activation signal to the cellular phone and not transmitting the key application activation signal to the cellular phone when the cellular phone is not communicating with the authentication device within the limit conditions. It is characterized by this.

(5) In the image display control system according to any one of (1) to (4), the application management apparatus identifies a mobile phone based on an identifier of the non-contact type integrated circuit, and operates the mobile phone. It has key registration information rewriting means for rewriting the authentication ID included in the key registration information related to the cellular phone with another person's authentication ID, and transmission means for transmitting the rewritten key registration information to the authentication device. .

(6) Further, the image display control system of the present invention includes a mobile phone having a built-in non-contact type integrated circuit having an identifier, a storage to be protected, a non-contact type integrated circuit provided in the storage. A reader / writer device that communicates with the circuit and authenticates the authority to use the storage, and a download server connected to the mobile phone via a public telephone network, and the download server associates the mobile phone with the storage Download source key application storage means for storing a key application for displaying an input screen for inputting a personal identification number and a storage compartment on the mobile phone, and download source key registration information storage means for storing key registration information corresponding to use authority And downloading means for downloading the key application and the key registration information to the mobile phone. Download destination key application storage means for storing the key application downloaded from the application management apparatus, and download destination key registration information storage means for storing the key registration information downloaded from the application management apparatus. When the reader / writer device is authenticated based on the registered information as authorized to use the storage, a key application activation signal for activating the key application is received from the reader / writer device and stored in the download destination key application storage means. The key application is activated and an input screen is displayed on the display of the mobile phone.

(7) In the image display control system described in (6), the storage has an electronic lock that is controlled by the reader / writer device for unlocking, and the mobile phone has an operation unit on the input screen. And when the reader / writer device communicates with the mobile phone that has entered the security code and frontage, the electronic lock corresponding to the frontage specified by the mobile phone is unlocked. It has the unlocking means to do.

(8) An authentication system according to the present invention is provided in a mobile phone incorporating a non-contact type integrated circuit having an identifier and a security protection target to be protected, communicates with the non-contact type integrated circuit, and is subject to security protection. An authentication device that authenticates the right to use the object, and a key application storage unit that stores a key application in which the mobile phone associates the mobile phone with the security protection target object and displays a predetermined screen on the display unit; Key registration information storage means for storing key registration information corresponding to the use authority, and when the authentication device is authenticated as having the right to use the security protection object based on the key registration information, the key application is Receives the key application activation signal to be activated from the authentication device, activates the key application, and displays it on the display means of the mobile phone. To display the screen, and wherein the.

(9) The application management apparatus of the present invention has a built-in non-contact type integrated circuit having an identifier, and connects to a mobile phone that communicates with an authentication device and is authorized to use a security protection object through a communication means. A download source key application storage means for storing a key application for associating a mobile phone with a security protection object and displaying a predetermined screen on the mobile phone, and a download source for storing key registration information corresponding to the use authority It is characterized by comprising key registration information storage means and download means for downloading the key application and key registration information to the mobile phone.

The effect of having the said structure is demonstrated.
Here, the key application and key registration information are downloaded from the download server (application management device) to the mobile phone, and the reader / writer device (authentication device) provided in the storage (security protected object) communicates with the mobile phone. An example will be described in which an input screen (predetermined screen) for inputting a personal identification number and a frontage is displayed on the mobile phone when the authority to use the storage is authenticated.

  In the image display control system of the present invention, when a mobile phone is connected to a download server via a public telephone network (communication means), the download server stores the key application and key registration information in the download source key application storage means and the download source key. The information is read from the registration information storage means, and the read key application and key registration information are downloaded to the mobile phone via the public telephone line network. By downloading the key application to the mobile phone, it is possible to associate the storage with the mobile phone and display an input screen for inputting the personal identification number and the frontage on the display means of the mobile phone. In addition, by downloading the key registration information to the mobile phone, the use authority of the storage can be confirmed using the mobile phone.

  When the mobile phone that has downloaded the key application and key registration information is held over the reader / writer device, the contactless integrated circuit and the reader / writer device communicate with each other, and the presence or absence of the authority to use the storage is authenticated. When the reader / writer device authenticates that the user of the mobile phone has the authority to use the storage, the reader / writer device transmits a key application activation signal to the mobile phone. When the mobile phone receives the key application activation signal, it reads the key application downloaded from the download server from the download destination key application storage means and activates it, and automatically displays an input screen for entering the PIN and frontage on the display (display means). To display.

When using an IC card, it is necessary to create a separate IC card for other security protection items (such as an entrance / exit management system) in the storage, which is a burden on the system user in terms of cost and management. However, since the image display control system of the present invention can download and store a plurality of key applications from the download server to the mobile phone, it can store the keys of the storage and other security protection objects in one mobile phone. Can be managed by phone.
Further, when the right to use is authenticated by the IC card, the personal identification number, and the frontage, it is necessary to provide a liquid crystal panel for displaying an input screen on the reader / writer device because information cannot be displayed on the IC card. Since the image display control system displays an input screen for inputting a password and a frontage on a display of a mobile phone, an inexpensive reader / writer device without a liquid crystal display can be applied to the system.
Also, in the system using the Internet network and infrared rays, the specified screen is displayed after the communication is established by operating the mobile phone, so the operability is poor, the communication cost is high, and it cannot be used outside the service area. However, in the image display control system of the present invention, the mobile phone directly communicates with the reader / writer device only by holding the mobile phone over the reader / writer device, and an input screen for inputting the PIN number and frontage is automatically displayed on the display. Therefore, the system can be operated even when the mobile phone is out of the service area, and no communication cost is incurred when the mobile phone communicates with the reader / writer device.

  Therefore, according to the image display control system of the present invention, by using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an added value that could not be realized with an IC card or a key using the Internet. The convenience to the user can be improved and the cost can be reduced.

  Further, according to the image display control system of the present invention, the reader / writer device is connected to the management device via an internal communication means (for example, an intranet protected by a firewall, an in-house LAN, etc.). When the mobile phone user is authorized to use the vault, the display data is read from the management device and written to the mobile phone, and then the key application activation signal is transmitted to the mobile phone. . When the mobile phone activates the key application, it reads out the written display data and displays it on the display. Therefore, according to the image display control system of the present invention, even when the storage capacity of the reader / writer device is small, display data can be stored in the management device and appropriately displayed on the display of the mobile phone.

  In addition, according to the image display control system of the present invention, the personal identification number is set in advance in the mobile phone, and when the key application is activated, the personal identification number input screen is displayed on the display of the cellular phone to the user. In addition to authenticating identifiers for contactless integrated circuits, it prompts the user to enter a personal identification number and checks whether the personal identification number entered by the user and the personal identification number set in the mobile phone can be verified. , You can authenticate your PIN and raise the security level.

  In addition, according to the image display control system of the present invention, the key registration information includes a restriction condition for restricting use of the storage (such as the number of uses and the expiration date of use), and the key received by the reader / writer device from the mobile phone. If the mobile phone is communicating with the reader / writer device within the limit conditions based on the registered information, and the mobile phone is communicating with the reader / writer device within the limit conditions Sends a key application activation signal to the mobile phone and displays an input screen for entering the PIN and frontage on the mobile phone display, while the mobile phone is not communicating with the reader / writer device within the limits In this case, the key application activation signal is not sent, and the input screen for entering the security code and frontage is not displayed on the mobile phone display. Can not be used, to improve security level.

  In addition, the image display control system of the present invention identifies a mobile phone based on an identifier of a non-contact type integrated circuit incorporated in the mobile phone by the download server, and stores key registration information related to the mobile phone by operating the mobile phone. Since the included authentication ID is rewritten to another person's authentication ID, and the rewritten key registration information is transmitted to the reader / writer device, for example, a person using a mobile phone having the other person's authentication ID uses the mobile phone as a reader / writer. If you hold it over the device, you are allowed to use the storage. Therefore, the image display control system of the present invention can lend the right to use the storage to another person temporarily using a mobile phone, and is convenient.

  Further, according to the image display control system of the present invention, the personal identification number and the frontage are input to the mobile phone displaying the input screen for inputting the personal identification number and the frontage using the operation unit of the mobile phone. When the input mobile phone is held over the reader / writer device, the reader / writer device unlocks the electronic lock corresponding to the designated frontage and allows the storage to be used. Even without an operation unit such as the above, it is possible to input a personal identification number and frontage using the operation unit of a mobile phone, and to reduce costs by applying an inexpensive reader / writer device without an operation unit to the system be able to.

  In the authentication system of the present invention, when the mobile phone is held over the authentication device, the contactless integrated circuit and the authentication device communicate with each other, and the presence or absence of the right to use the security protection object is authenticated. When the authentication device authenticates that there is a use right, it transmits a key application activation signal to the mobile phone. Upon receiving the key application activation signal, the cellular phone activates the key application and automatically displays a predetermined screen on the display means. Therefore, when using the IC card and the personal identification number to authenticate the use authority, it is necessary to provide a liquid crystal panel for displaying an input screen on the authentication device because information cannot be displayed on the IC card. Since an input screen for a password is displayed on the display means of the cellular phone, an inexpensive authentication device without a liquid crystal display can be applied to the system. Also, in the system using the Internet network and infrared rays, the specified screen is displayed after the communication is established by operating the mobile phone, so the operability is poor, the communication cost is high, and it cannot be used outside the service area. However, the authentication system of the present invention has good operability because the mobile phone directly communicates with the authentication device and automatically displays a predetermined screen on the display means simply by holding the mobile phone over the authentication device. The system can be operated even when the phone is outside the service area, and no communication cost is incurred when the mobile phone communicates with the authentication device.

  Therefore, according to the authentication system of the present invention, by using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an added value that cannot be realized with an IC card or a key using the Internet is given. Therefore, it is possible to improve the convenience for the user and reduce the cost.

  Further, according to the application management device of the present invention, when there is a request to download the key application from the mobile phone, the mobile phone is associated with the security protection object on the mobile phone based on the mobile phone identifier. Download the key application to display the screen and the key registration information corresponding to the usage authority to the mobile phone. Therefore, when an IC card is used, it is necessary to create and possess an IC card for each security protection object. However, the application management apparatus of the present invention transmits a key application and key registration information to one mobile phone. Since downloading is performed as appropriate, a mobile phone can have a plurality of key applications and key registration information. Also, when managing multiple key applications with one 1C card, it was necessary to go to a place where the dedicated machine is located during business hours and add or delete the key application to the dedicated machine through the IC card. The application management apparatus of the present invention downloads a key application and key registration information in response to a request from the mobile phone, and the downloaded key application and key registration information can be arbitrarily deleted by operating the mobile phone. And the place and time for adding or deleting the key registration information are not limited, and convenience is good.

  Therefore, according to the application management apparatus of the present invention, by using a mobile phone that incorporates a non-contact type integrated circuit such as an IC chip, it provides added value that could not be realized with an IC card, and is convenient for the user. Improvement and cost reduction can be achieved.

Next, an embodiment according to the present invention will be described with reference to the drawings.
A. B. Overall Configuration of Image Display Control System According to First Embodiment DL server (application management device)
C. Cellular phone In-house security system Various processes in the image display control system E1. Download process of key application and key registration information E2. Key application activation processing Explanation of operation of image display control system Effects of image display control system, authentication system, and DL server Second Embodiment H1. Key application activation process with PIN input H2. Explanation of operation of image display control system H3. Effects of image display control system and authentication system Third Embodiment I1. Key registration information temporary lending process I2. Key application activation processing I3. Description of operation of image display control system I4. Effects of image display control system and DL server Modified example

A. Overall Configuration of Image Display Control System According to First Embodiment FIG. 1 is a schematic configuration diagram of an image display control system 1 according to the first embodiment.
The image display control system 1 downloads a key application and key registration information from a download server (hereinafter abbreviated as “DL server”) (application management device) 8 to a general-purpose mobile phone 2, thereby making the mobile phone 2 in-house. When controlling the office equipment by associating it with the office equipment (security protected object) of the security system 3 and holding the mobile phone 2 over the reader / writer device (hereinafter abbreviated as “R / W”) (authentication equipment) 6 The key application downloaded to the mobile phone 2 is activated to display a predetermined screen on the display unit (display means) 28 of the mobile phone 2. In the present embodiment, the mobile phone 2 and the R / W 6 constitute an “authentication system”.

  The in-house security system 3 is constructed in, for example, the company A ●● branch office, and is a client personal computer (hereinafter referred to as “client PC”) 4, a management server (management device) 5, entrance / exit management R / W 6 </ b> A, attendance / exit Multiple R / W6s such as management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, library R / W6G, etc., use in-house LAN (internal communication means) 7 Are connected to each other so as to be able to communicate with each other. The R / W 6 acquires the key information of the mobile phone 2 and authenticates the person, and office equipment that is subject to security protection, such as a time recorder, a door for entering and leaving the room, a valuable box, a desk, a key box, a locker, and a library. This is to determine whether or not there is an authority to use (security protected object).

  The mobile phone 2 is a general-purpose product. In addition to the telephone function, the mobile phone 2 includes a mail function for transmitting / receiving mail data and Web data by connecting to the Internet network (communication means) INT, a wireless communication function for performing wireless communication with each R / W 6, and the like.

  The DL server 8 downloads a key application and key registration information to the mobile phone 2. The “key application” is an application that identifies the mobile phone 2 from another mobile phone and associates it with the office device of the in-house network 3 to display a predetermined screen on the display unit 28 of the mobile phone 2. The “key registration information” refers to data necessary for personal authentication when using office equipment in the in-house network 3. For example, “authentication ID” individually assigned to the mobile phone 2, “PIN (PIN number)” set on the mobile phone 2 to confirm the user, “expiration date” that can be used for office equipment (security object), “number of times of use”, office equipment (security protection object) "Device ID" for identifying), "unlocking ID" for identifying a lockable frontage among office devices (security objects), and the like. Here, the key registration information can be rewritten on the DL server 8. For example, “PIN” included in the key registration information is initially set to “0000” in a state where the key application is downloaded, but the mobile phone 2 accesses the DL server 8 at a later date to arbitrarily enter the key registration information. It is possible to change to the value of.

B. DL Server FIG. 2 is an electrical block diagram of the DL server 8 shown in FIG.
The DL server 8 is a well-known computer, and includes a central processing unit (hereinafter referred to as “CPU”) 10, an input / output interface 11, a ROM 12, a RAM 13, a hard disk drive (hereinafter abbreviated as “HDD”) 14, and an operation unit 18. , A display unit 19, a communication unit 20, and the like. The DL server 8 stores data acquired from the communication unit 20 and the input / output interface 11 in the HDD 14, and the CPU 10 temporarily reads and executes the program stored in the ROM 12 in accordance with the operation of the operation unit 18, Data stored in the HDD 14 is processed, calculated, and displayed on the display unit 19 or output from the input / output interface 11 or the communication unit 20 to another device.

  In the HDD 14, an application database (hereinafter, "database" is abbreviated as "DB") (download source key application storage means) 15, a key registration information DB (download source key registration information storage means) 16, and a download program (download means). ) 17 is provided.

FIG. 3 is a diagram illustrating a data structure of the key application DB 15.
The application DB 16 stores various applications downloaded to the mobile phone 2 via the Internet INT in association with the URI. In this embodiment, for example, in addition to an application for using “Edy” (registered trademark) of electronic money, a key application or the like is associated with a URI (Uniform Resource Identifier) and stored in the application DB 16.

FIG. 4 is a diagram illustrating a data structure of the key registration information DB 16.
The key registration information DB 16 stores key registration information in association with a URI and key information. The reason why the “key registration information” is associated with the URI is to identify the key application to which the key registration information corresponds. The “key information” is used to identify the mobile phone 2 from other mobile phones, and more specifically, is information related to a key (identifier) of an IC chip (non-contact integrated circuit) 30 described later. . The reason for associating the “key registration information” with the “key information” is to associate the mobile phone 2 with the office equipment (security protected object) of the in-house security system 3.

  The download program 17 shown in FIG. 2 reads the key application from the key application DB 15 based on the IC chip 30 of the mobile phone 2 when the mobile phone requests download of the key application via the Internet network INT. The key registration information is read from the key registration information DB 16 and the read key application and key registration information are downloaded to the mobile phone 2.

C. Mobile Phone FIG. 5 is a diagram showing an electrical block configuration of the mobile phone 2.
The mobile phone 2 is connected to a CPU 21, a communication unit 22, a volatile memory 23, a nonvolatile memory 24, a display unit 28, an operation unit 29, an IC chip 30 and the like via a data bus.

  The communication unit 22 connects to the Internet network INT by wireless communication under the control of the CPU 21. The display unit 28 includes a display device such as a liquid crystal panel, and displays various information on the screen under the control of the CPU 21. The operation unit 29 includes various buttons such as push buttons and cursor keys. When an operation is performed by the user, the operation unit 29 outputs an operation signal to the CPU 21 according to the input operation.

  The CPU 21 controls each unit of the mobile phone 2 according to an application stored in the nonvolatile memory 24. The volatile memory 23 is used as a work area, and temporarily stores various applications executed by the CPU 21 and various data used when executing the applications.

  The nonvolatile memory 24 is provided with an EEPROM 25 and a ROM 27. In addition to various control information and various control programs, the ROM 27 stores various applications executed by the CPU 21. The EEPROM 25 is a rewritable memory. In the present embodiment, a table storage memory 26 is provided in the EEPROM 26, and the table storage memory 26 stores the type of downloaded application in association with the URI in order to manage the downloaded application.

FIG. 6 is an electrical block diagram of the IC chip 30 shown in FIG.
The IC chip 30 is formed by connecting a CPU 31, an antenna 32, a RAM 33, a ROM 34, an EEPROM 35, and the like such that signals can be transmitted and received. The IC chip 30 receives a radio wave emitted from the R / W 6 and converts it into energy to exchange data.

  The antenna 32 performs wireless communication with an external wireless communication device. In the present embodiment, for example, the antenna 32 performs wireless communication with the R / W 6 of the in-house security system 3. The CPU 31 processes and calculates data in accordance with applications stored in the ROM 34 and the EEPROM 35, and controls the operation of the mobile phone 2, for example. The RAM 33 is used as a work area, and temporarily stores various applications executed by the CPU 31, various data used when executing the applications, and the like. The ROM 34 is a non-rewritable memory, and stores various applications executed by the CPU 31 in addition to various control information and various control programs. The EEPROM 35 is a rewritable memory and stores various control information and various control programs, as well as various applications executed by the CPU 31, and can arbitrarily add or delete applications. The EEPROM 35 includes a key registration information common memory (download destination key registration information storage means, personal identification number storage means, key registration information storage means) 36, an application common memory (download destination key application storage means, key application storage means) 37, The embedded data memory 38, the key information memory 39, the PIN memory 40, and the like are stored.

The key registration information common memory 36 stores “key registration information” downloaded from the DL server 8. The key registration information common storage memory 36 stores a plurality of “key registration information” using a key, and protects the security of the “key registration information”.
The application common memory 37 associates the “key application” downloaded from the DL server 8 with the “URI” and stores it using a key to protect the security of the “key application”.
The write data memory 38 stores data written from the outside. In the present embodiment, for example, “display data” displayed on the display unit 28 of the mobile phone 2 is written in the write data memory 38.
The key information storage memory 39 stores the “key information” described above.
The PIN memory 40 stores the PIN input by the user of the mobile phone 2. The PIN memory 40 is provided to save the user from having to input the PIN when performing PIN authentication.

D. Internal Security System FIG. 7 is an electrical block diagram of the internal security system 3 shown in FIG.
The in-house security system 3 includes a client PC 4, a management server 5, an entrance / exit management R / W 6A,. The management server 5 manages the usage state of office equipment such as lockers, archives, and client PCs 4.

  In the management server 5, a CPU 51, an input / output interface 52, a ROM 53, a RAM 54, an HDD 55, an operation unit 59, a display unit 60, and the like are connected to each other via a data bus. Since the management server 5 is a well-known computer, a detailed description thereof will be omitted, but the HDD 55 is provided with a display data DB 56, a use authority information DB 57, and a device information DB 58.

The display data DB 56 stores “display data” to be displayed on the display unit 28 of the mobile phone 2, such as messages created for a specific user by the client PC 4 or an external terminal, usage history of office equipment, and the like. .
The use authority information DB 57 stores “use authority information” including use authority of office equipment. The “use authority information” corresponds to the “key registration information” described above. For example, among the office devices installed in the in-house security system 3, the “device ID” of the office device permitted to be used, Includes “valid period” and “use count” that can be used for office equipment.
The device information DB 58 stores “device information” including “device ID”, “usage history”, and the like of the office devices constituting the in-house security system 3 for each device.

  The client PC 4 is a known computer in which a CPU 71, an input / output interface 72, a ROM 73, a RAM 74, an HDD 75, an operation unit 76, a display unit 77, a communication unit 78, and the like are connected by a data bus. Therefore, detailed description is omitted here.

  Entrance / exit management R / W6A, attendance / exit management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, library R / W6G are managed via the in-house LAN 7. Is connected to and managed. The entry / exit management R / W6A, attendance / exit management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, and library R / W6G have almost the same configuration. Here, the library R / W 6G will be described as an example, and the description of other configurations of the R / W 6A to 6F will be omitted.

  As shown in the external view of FIG. 8, the library R / W 6G is provided in the library 90, and an electronic lock 94 (attached to each storage box 91A, 91B, 91C, 91D, 91E, 91F, 91G, 91H of the library 90 is provided. (See FIG. 7). In addition, the library 90 has installed the antenna 92 (refer FIG. 7) in each storage box 91A-91H, and has detected the IC tag 93 (refer FIG. 7) stuck on the document.

  As shown in FIG. 7, the archive R / W 6G is a computer in which a CPU 81, an input / output interface 82, a ROM 83, a RAM 84, an HDD 85, and a wireless communication unit 86 are connected by a data bus, such as a display unit such as a liquid crystal display or a numeric keypad. The operation unit is not provided. The HDD 85 stores a use authority information DB 87 and an application activation program 88. The use authority information DB 87 stores “use authority information” distributed from the management server 5 via the in-house LAN 7. Specifically, for example, who can open and close which door of the library and what documents can be used is stored in the use authority information DB 87 as “use authority information”. The application activation program 88 defines a process for activating the key application downloaded to the mobile phone 2. The wireless communication unit 86 transmits and receives data to and from an external device by wireless communication. The speaker 89 generates a buzzer sound and sound.

  In the library R / W 6G, the input / output interface 82 is communicably connected to the antenna 92 installed in the storage boxes 91A to 91H, and the detection result of the antenna 92 detecting the IC tag 93 is input from the input / output interface 82. Then, by transmitting the detection result to the management server 5 via the in-house LAN 7, the document usage history is recorded in the management server 5. Further, the library R / W 6G is communicably connected to the electronic lock 94, detects the locked / unlocked state of the electronic lock 94, and transmits a locking command or an unlocking command to the electronic lock 94.

E. Various processes in the image display control system E1. Key Application and Key Registration Information Download Process FIG. 9 is a flowchart showing a process in which the mobile phone 2 downloads the key application.
When the mobile phone 2 downloads the key application, first, in step 1 (hereinafter abbreviated as “S1”), initial setting is performed. Next, in S2, the DL server 8 is requested to download the key application. In S3, it is determined whether or not there is a response from the DL server 8.

  If it is determined that there is a response from the DL server 8 (S3: YES), the key application and key registration information are downloaded from the DL server 8 in S4. In step S5, an employee ID screen is displayed on the display unit 28 to prompt the user to confirm the contents of the downloaded key registration information. It waits as it is until the content confirmation is made by the user (S6: NO). When the user confirms the contents (S6: YES), a communication network disconnection request is transmitted in S7. In S8, it is determined whether or not there is a response to the communication network disconnection request. If it is determined that there is a response to the communication network disconnection request (S8: YES), the mobile phone 2 is disconnected from the Internet network INT in S9, and the process is terminated. On the other hand, when it is determined that there is no response to the communication network disconnection request (S8: NO), the process returns to S7 and transmits the communication network disconnection request again.

  On the other hand, if the DL server 8 does not respond to the request for downloading the key application in S2, (S3: NO), in S10, 1 is set to the flag f1 which is set to zero in the initial setting of S1. to add. Then, in S11, it is determined whether or not the flag f1 has become 3. At this time, since the flag f1 is not 3 (S11: NO), the process returns to S2 and requests download of the key application again. At this time, if there is a response from the DL server 8 (S3: YES), the processing after S4 is executed.

  On the other hand, if it is determined that there is no response from the DL server 8 (S3: NO), 1 is added to the flag f1 in S10, and it is determined whether or not the flag f1 is 3 in S11. At this point, since the flag f1 is not 3 (S11: NO), the process returns to S2 to request download of the key application again. In S3, if there is a response from the DL server 8, the processing from S4 is executed. On the other hand, if it is determined that there is no response from the DL server 8 (S3: NO), 1 is added to the flag f1 in S10, and it is determined whether or not the flag f1 is 3 in S11. . At this time, since the flag f1 becomes 3 (S11: YES), the process proceeds to S12, an error message is displayed on the display unit 28 of the mobile phone 2, and then the mobile phone 2 is disconnected from the Internet network INT in S9. To finish the process.

FIG. 10 is a flowchart showing a process in which the DL server 8 downloads the key application to the mobile phone 2.
When the DL server 8 recognizes that the key application has requested the key application, the DL server 8 reads and executes the download program 17 stored in the HDD 14 into the RAM 13 and downloads the key application and key registration information to the mobile phone 2.

  That is, first, in S21 of FIG. 10, in response to the key application request, the mobile phone 2 is notified that the request for the key application has been recognized, and communication with the mobile phone 2 is established. Then, in S22, “key information” is read from the mobile phone 2, and in S23, it is determined whether or not the user of the mobile phone 2 has a proper authority to download the key application. If it is determined that the user of the mobile phone 2 has a legitimate authority to download the key application (S23: YES), in S24, the key application is read from the application DB 15 and the key registration information is registered as a key. Read from the information DB 16 and download to the mobile phone 2. In S26, an employee ID screen display instruction for instructing to display the employee ID screen on the display unit 28 of the mobile phone 2 is transmitted to the mobile phone 2, and whether or not the key registration information and the contents of the key application are correct. Encourage judgment. In S27, if there is no confirmation from the mobile phone 2 that the content displayed on the employee ID screen is correct (S27: NO), the process stands by.

  On the other hand, if there is confirmation that the content displayed on the employee ID screen from the mobile phone 2 is correct (S27: YES). In S28, it is determined whether there is a communication network disconnection request. If it is determined that there is no request for disconnecting the communication network (S28: NO), the process waits as it is. On the other hand, if it is determined that there is a communication network disconnection request from the mobile phone 2, a signal responding to the communication network disconnection request is transmitted to the mobile phone 2 in S29, and then the communication network is disconnected in S31. The process is terminated.

  In S23, when key authentication cannot be performed (S23: NO). An error message is displayed on the display unit 28 of the mobile phone 2 to inform the user of the mobile phone 2 that the key application cannot be downloaded. In S31, the communication network is disconnected.

E2. Key application activation process The screen display control system 1 activates the key application by transmitting a key application activation signal from the R / W 6 to the mobile phone 2 when the mobile phone 2 is held over the R / W 6 for authentication. Then, a predetermined screen is displayed on the display unit 28 of the mobile phone 2.

FIG. 11 is a flowchart showing key application activation processing on the R / W 6 side.
The R / W 6 always executes the application activation program 88 stored in the HDD 87. The R / W 6 performs polling at predetermined time intervals, and when there is a response from the mobile phone 2, performs R / W authentication and transmits display data to the mobile phone 2.

  That is, the R / W 6 first performs polling at predetermined time intervals in S31, and determines whether or not there is a response to the polling from the mobile phone 2 in S32. When it is determined that the response to the polling is not received from the mobile phone 2 (S32: NO), it waits while polling. On the other hand, if it is determined that the response to the polling is from the mobile phone 2 (S32: YES), the key registration information is read from the mobile phone 2 in S33. In S34, it is determined whether or not key authentication is possible. That is, the key registration information read from the mobile phone 2 is collated with the use right information written in the use right information writing unit 87, and if the key registration information matches the use right information, It is determined that the user has a legitimate authority to use office equipment, and key authentication is performed. If it is determined that key authentication cannot be performed (S34: NO), a buzzer is launched from the speaker 89 in S35 to inform the user of the mobile phone 2 that the personal authentication has failed, and the process returns to S31.

  On the other hand, if it is determined that key authentication is possible (S34: YES), the security object is controlled in S36. Then, in S37, it is determined whether or not there is display data for the mobile phone 2 performing communication. If there is no display data (S37: NO), the process proceeds to S40 as it is. On the other hand, if there is display data (S37: YES), after writing the display data to the IC chip 30 of the mobile phone 2 in S38, it is determined in S39 whether the display data has been successfully written. to decide. If it is determined that the display data has been successfully written (S39: YES), a key application activation signal is transmitted to the mobile phone 2 and the process returns to S31. On the other hand, if the writing of the display data fails, the key application of the mobile phone 2 is not activated at this time, and the mobile phone 2 cannot display a screen for displaying an error message or the like. A warning such as a warning sound or a warning message is generated from the speaker 89. As a result, the user of the mobile phone 2 learns that the display data writing is insufficient, and prompts the user to hold the mobile phone 2 over the R / W 6 and rewrite the display data. it can.

FIG. 12 is a flowchart showing key application activation processing on the mobile phone 2 side.
The mobile phone 2 is authenticated by holding it over the R / W 6, and a predetermined screen is automatically displayed on the display unit 28.

  That is, when the mobile phone 2 receives the polling request over the R / W 6, the mobile phone 2 transmits a response to the polling to the R / W 6 in S 51. Then, in S52, it is determined whether or not there is a key registration information read request from R / W6. If it is determined that there is no key registration information read request, the process returns to S52 and waits as it is. On the other hand, if it is determined that there is a key registration information read request, the key registration information is transmitted to the R / W 6 in S53. Then, in S54, it is determined whether or not there is a display data write request from R / W6. If it is determined that the display data write request is not received from R / W 6 (S54: NO), the process directly proceeds to S56.

  On the other hand, if it is determined that the display data write request is from the R / W 6 (S54: YES), the display data is stored in the write data memory 38 of the IC chip 30 in S55, and then the process proceeds to S56. . In S56, it is determined whether a key application activation signal is received from the R / W 6. If it is determined that the key application activation signal has not been received from the R / W 6 (S56: NO), the process returns to S56 and waits as it is. On the other hand, when it is determined that the key application activation signal has been received from the R / W 6 (S56: YES), the key application stored in the application common memory 37 of the IC chip 30 is activated in S57. In S58, the type of R / W6 (any of R / W6A to 6G) is detected, and in S59, a predetermined screen is automatically displayed on the display unit 28 of the mobile phone 2.

F. Description of Operation of Image Display Control System Next, the operation of the image display control system 1 of the present embodiment will be described with a specific example. FIG. 13 is a conceptual diagram showing an example of signal exchange in the image display control system 1 shown in FIG. 1, and signal exchange between the mobile phone 2 and the DL server 8, and between the mobile phone 2 and the entrance / exit management R / W 6A. Indicates. 14 is a conceptual diagram showing an example of signal exchange in the image display control system shown in FIG. 1, and shows signal exchange between the mobile phone 2 and the library R / W 6G.
As a precondition for the explanation of the operation, the user A of the mobile phone 2 is an employee of Company A ●● branch office, has the authority to unlock the entrance / exit door, and is stored in the storages 91A, 91C, 91G of the library 90 Have the authority to use the document.

  In order for the user A to authenticate himself / herself using the mobile phone 2 in the in-house network system 3, the user A needs to store the key application C and key registration information for unlocking the entrance / exit door and the archive 90. It is necessary to download the key application D and key registration information for unlocking the boxes 91A, 91C, 91G from the DL server 8.

  Therefore, as shown in FIG. 13, the user A inputs the URI “http: //www.○. Ne.jp/□□c” to the mobile phone 2 and transmits the DL server 8 via the Internet network INT. To the DL server 8 to request communication start (see S2 in FIG. 10). When the DL server 8 responds to the communication start request from the mobile phone 2, communication is established between the mobile phone 2 and the DL server 8 (S3 in FIG. 9: YES, see S21 in FIG. 10). The DL server checks the URI input by the user A against a table stored in the application DB 14 and recognizes that the user A requests the download of the key application C. Also, the DL server 8 collates the URI and “key information” transmitted from the mobile phone 2 with the key registration information DB 16 to identify the key registration information. Then, the DL server 8 downloads the key application C and the specified key registration information to the mobile phone 2 (see S22, S23: YES, S24, S25 in FIG. 10).

  The mobile phone 2 stores the downloaded key application C in the application common memory 37 of the IC chip 30. In addition, the mobile phone 2 stores the downloaded key registration information in the key registration information common memory 36 of the IC chip 30 (see S4 in FIG. 9). When the mobile phone 2 receives a signal indicating that the data transmission has been completed from the DL server 8, the employee ID display screen shown in FIG. 15 is displayed on the display unit 28 (see S5 in FIG. 9). The user A checks the contents of the employee ID display screen to confirm whether the contents of the key registration information are correct, and if so, clicks a confirmation button (see S6 in FIG. 9: YES). Thereby, the mobile phone 2 determines that the download has been completed, and requests the DL server 8 to disconnect from the Internet network INT (see S7 in FIG. 9).

  When the DL server 8 receives the confirmation of the contents of the key registration information from the mobile phone 2 and the communication network disconnection request, the DL server 8 responds to the communication network disconnection request (see S27 in FIG. 10: YES, S28). Thereby, the mobile phone 2 and the DL server 8 are disconnected from the Internet network INT, and the line is disconnected (see S9 in FIG. 9 and S29 in FIG. 10).

  Here, since the key application C is an application related to unlocking the entrance / exit door, the user A holds the mobile phone 2 over the library 90 only by storing the key application C in the application common memory 37. The library 90 cannot be unlocked. Therefore, the user A inputs the URI “http://www.xxx.ne.jp/◇◇di” to the mobile phone 2 and connects to the DL server 8 via the Internet network INT, and the key application D Request download of. Since the download of the key application D and the key registration information is performed in the same procedure as the download of the key application C, illustration and description are omitted.

  Thus, the user A adds the key application C and the key application D to the application common memory 37 of the mobile phone 2 in a state where the key is locked (encrypted). In addition, the user A locks the key registration information related to unlocking the entrance / exit door and the key registration information related to unlocking the library in the key registration information common memory 36 of the mobile phone 2 (with encryption). To memorize). The EEPROM 35 is a readable / writable nonvolatile memory. Therefore, for example, when the user A loses the authority to unlock the entrance / exit door at a later date, the key application C can be deleted from the mobile phone 2. That is, the user A can arbitrarily add or delete the key application to or from the mobile phone 2 to expand or reduce the function of the mobile phone 2 for in-house security.

  When the key applications C and D are added to the cellular phone 2 as described above, the user A simply unlocks the entrance / exit door or holds the library 90 by simply holding the cellular phone 2 over the R / W 6A or 6G. Boxes 91A, 91C, 91G can be unlocked.

  That is, when the user A holds the mobile phone 2 over the entrance / exit management R / W 6A, the mobile phone 2 reads “key information” from the key information memory 39 of the IC chip 30 as shown in FIG. It transmits to R / W6A and responds with respect to polling of entrance / exit management R / W6A (refer S51 of FIG. 12). When the “key information” is for the mobile phone 2 used in the in-house security system 3, wireless communication is established between the mobile phone 2 and the entrance / exit management R / W 6A, and the entrance / exit management R / W A key registration information read signal is transmitted from W6A to mobile phone 2 (see S33 in FIG. 11).

  When the mobile phone 2 receives the key registration information reading signal from the entrance / exit management R / W 6A, the mobile phone 2 reads key registration information necessary for unlocking the entrance / exit door from the key registration information common memory 36 of the IC chip 30, and enters / exits management. It transmits to R / W6A (refer S53 of FIG. 12).

  The entry / exit management R / W 6A is preliminarily distributed from the management server 5 with the use authority information regarding the authority to unlock the entrance / exit door, and stores it in the use authority information writing unit 87. The entrance / exit management R / W 6A compares the key registration information received from the mobile phone 2 with the use authority information writing unit 87, and determines that the key authentication can be performed if there is use authority information that matches the key registration information. Then, an unlocking instruction is transmitted to the electronic lock of the entrance / exit door (see S34: YES, S36 in FIG. 11). Thereby, the entrance / exit door is unlocked.

  Thereafter, the entrance / exit management R / W 6A accesses the display data DB 56 of the management server 5 and searches for “display data” for the user A. “Display data” input from the operation unit 77 of the client PC 4 is transmitted to the management server 5 and stored in the display data DB 56 of the management server 5. For example, when Taro Otono of □□ company visits user A during XX month XX day XX, “message M” is input to the operation unit of client PC 4 and the display data of management server 5 is displayed. Store in the DB 56. In this case, when the entrance / exit management R / W 6A accesses the display data DB 56 of the management server 8 and searches for “display data” for the user A, “message M” is hit. Therefore, the entrance / exit management R / W 6A reads “message M” from the management server 5 and writes “message M” to the IC chip 30 of the mobile phone 2 (see S37 in FIG. 11: YES, S38).

  The mobile phone 2 stores the message M written from the entry / exit management R / W 6A in the write data memory 38 (see S54 in FIG. 12, YES, S55).

  The entrance / exit management R / W 6A, when writing “message M” to the mobile phone 2, determines whether or not the writing of “message M” has succeeded (see S39 in FIG. 11). For example, if the user A holds the mobile phone 2 over the entrance / exit management R / W 6A for a short time, the entrance / exit management R / W 6A may not be able to write the “message M”. In this case, the entrance / exit management R / W 6A issues a warning and informs the user that “Message M” could not be written to the mobile phone 2 (see S39 in FIG. 11: NO, S41). On the other hand, when the entry / exit management R / W 6A succeeds in writing the “message M”, the entry / exit management R / W 6A transmits a key application activation signal for activating the key application C to the mobile phone 2 (S39 in FIG. 11: YES, S40). reference).

  When receiving the key application activation signal from the entrance / exit management R / W 6A, the cellular phone 2 reads the key application C from the application common memory 37, stores it in the RAM 33, and executes it (see S56 in FIG. 12, YES, S57). When the key application C is executed, the mobile phone 2 reads “message M” from the write data memory 38 of the IC chip 30 and displays “message M” 105 on the screen of the display unit 28 as shown in FIG. (See S58 and S59 in FIG. 12). When the “message M” is displayed on the screen, it is automatically deleted from the write data memory 38 to free up a storage area.

  Further, as shown in FIG. 14, when the user A holds the mobile phone 2 over the library R / W 6G, the electronic lock 94 of the predetermined storage box 91 is unlocked on the condition that the user is authenticated. That is, the key registration information received by the library R / W 6G from the mobile phone 2 includes the “unlocking door ID” that identifies the storage boxes 91A, 91C, 91G that the user can unlock. The R / W 6G unlocks the electronic lock 94 of the storage boxes 91A, 91C, 91G by authenticating the “unlocking door ID” (see S31, S32: YES, S33, S34: YES, S36 in FIG. 11). ). Thereby, the user A can take out the documents stored in the storage boxes 91A, 91C, 91G.

  Here, the library 90 detects the IC tag 93 attached to the document with the antenna 92 and records the detection result in the management server 5. The record is stored in the display data DB 56 as “document history” and is displayed to the person using the archive 90. Therefore, when the library R / W 6G accesses the display data DB 56 of the management server 5 and searches for display data addressed to the user A, “document usage history” is hit. Therefore, the library R / W 6G acquires the “document usage history” from the management server 5 and writes it in the mobile phone 2. (See S37 in FIG. 11: YES, S38)

  The mobile phone 2 stores the “document usage history” written from the archive R / W 6G in the write data memory 38 (see S54 in FIG. 12: YES, S55).

  When the archive R / W 6G has successfully written the “document usage history”, the archive R / W 6G transmits a key application activation signal for activating the key application D to the mobile phone 2 (see S39 in FIG. 11: YES, S40).

  When the cellular phone 2 receives the key application activation signal from the archive R / W 6G, the cellular phone 2 reads the key application D from the application common memory 37, stores it in the RAM 33, and writes it in the write data memory 38 as shown in FIG. "Document usage history" is displayed on the display unit 28 of the mobile phone 2 (see S56: YES, S57, S58, S59 in FIG. 12).

  The library 90 may be locked by the user back after unlocking the storage boxes 91A, 91C, 91G, or the user back closed the doors of the storage boxes 91A, 91C, 91G. May be detected and automatically locked.

G. Operational Effects of Image Display Control System, Authentication System, and DL Server The image display control system 1 first downloads a key application and key registration information from the DL server 8 to the mobile phone 2. By downloading the key application to the mobile phone 2, it becomes possible to associate the office device of the in-house security system 3 with the mobile phone 2 and display a predetermined screen on the display unit 28 of the mobile phone 2. Here, “predetermined screen” means, for example, private matters, public matters, matters related to security protection objects, such as planned visit date and time, internal notices, document usage history, PIN number input screen, security A screen that displays protection-related matters. Further, by downloading the key registration information to the mobile phone 2, it is possible to confirm the authority to use the office equipment constituting the in-house security system 3 using the mobile phone 2.

  When the mobile phone 2 that has downloaded the key application and the key registration information is held over the R / W 6, the IC chip 30 and the R / W 6 communicate with each other, and the presence / absence of the authority to use the office equipment is authenticated. When the R / W 6 authenticates that the user of the mobile phone 2 has the right to use, the R / W 6 transmits a key application activation signal to the mobile phone 2. When receiving the key application activation signal, the cellular phone 2 activates the downloaded key application and automatically displays a predetermined screen on the display unit 28.

When using an IC card, it is necessary to create an IC card for each office device such as an entrance / exit door, a desk, a locker, and a library, which places a burden on the system user in terms of cost and management. However, since the image display control system 1 of the present embodiment can download a plurality of key applications from the DL server 8 to the mobile phone 2 and store them in the application common memory 37 of the IC chip 30, Can be managed by one mobile phone 2.
In addition, when information is to be transmitted to the user when entering or leaving the room or when taking out the document from the library 90, information cannot be displayed on the IC card, so it is necessary to provide a liquid crystal panel in the card reader. However, since the image display control system 1 of the present embodiment displays a message display screen, a history screen, and the like as predetermined screens on the display unit 28 of the mobile phone, an inexpensive R / W 6 without a liquid crystal display can be applied to the system. .
In addition, in the system using the Internet network or infrared rays, the mobile phone 2 is operated to establish communication, and then a predetermined screen is displayed on the liquid crystal display. It was not possible to use. However, the image display control system 1 according to the present embodiment is configured such that the mobile phone 2 directly communicates with the R / W 6 just by holding the mobile phone 2 over the R / W 6, and a predetermined screen (in this embodiment, (Message M, document usage history) is automatically displayed, so that the operability is good, the system can be operated even when the mobile phone 2 is out of service area, and when the mobile phone 2 communicates with the R / W 6 No communication costs are incurred.

  Therefore, according to the image display control system 1 of the present embodiment, by using the mobile phone 2 incorporating the IC chip 30, added value that could not be realized by using a key using an IC card or the Internet network INT, etc. It is possible to improve the convenience for the user and reduce the cost.

  Further, according to the image display control system 1 of the present embodiment, the R / W 6 is connected to the management server 5 via the in-house LAN 7, and communicates with the mobile phone 2 to give the user of the mobile phone 2 office equipment. When it is authenticated that the user has the right to use, the display data is read from the management server 5 and written to the mobile phone 2, and then the key application activation signal is transmitted to the mobile phone 2. When the mobile phone 2 starts the key application, it reads out the written display data and displays it on the display unit 28. Therefore, according to the image display control system 1 of the present embodiment, even when the storage capacity of the R / W 6 is small, the display data is stored in the management server 5 and appropriately displayed on the display unit 28 of the mobile phone 2. Can do.

  The authentication system according to the present embodiment includes the mobile phone 2 and the R / W 6. When the mobile phone 2 is held over the R / W 6, the IC chip 30 communicates with the R / W 6, and the authority to use office equipment is obtained. Existence is authenticated. When the R / W 6 authenticates that the user of the mobile phone 2 has the right to use, the R / W 6 transmits a key application activation signal to the mobile phone 2. When the cellular phone 2 receives the key application activation signal from the R / W 6, it activates the key application stored in the application common memory 37 and automatically displays a predetermined screen on the display unit 28. For this reason, when using the IC card and the personal identification number to authenticate the use authority, information cannot be displayed on the IC card. Therefore, it is necessary to provide a liquid crystal panel for displaying an input screen on the card reader. Displays an input screen for a personal identification number on the display unit 28 of the mobile phone 2, so that an inexpensive R / W 6 without a liquid crystal display can be applied to the system. In addition, in the system using the Internet network INT and infrared rays, the mobile phone 2 is operated to establish communication, and a predetermined screen is displayed, so that the operability is poor and the communication cost is high, and it is used outside the service area. Although not possible, the authentication system according to the present embodiment, by simply holding the mobile phone 2 over the R / W 6, the mobile phone 2 communicates directly with the R / W 6 and automatically displays a predetermined screen on the display unit 28. Therefore, the operability is good, the system can be operated even when the mobile phone 2 is outside the service area, and no communication cost is incurred when the mobile phone 2 communicates with the R / W 6.

  Therefore, according to the authentication system of the present invention, the use of the mobile phone 2 incorporating the IC chip 30 gives added value that could not be realized with an IC card or a key using the Internet, and is convenient for the user. Improvement and cost reduction can be achieved.

  In addition, according to the DL server 8 of the present embodiment, when there is a request for downloading a key application from the mobile phone 2, the mobile phone 2 can carry the mobile phone based on the identifier (key information) built into the IC chip 30 of the mobile phone 2. A key application for associating the telephone 2 with an office device to display a predetermined screen on the mobile phone 2 and key registration information corresponding to the use authority are downloaded to the mobile phone 2. Therefore, when using an IC card, it was necessary to create and possess an IC card for each office device. However, the DL server 8 of this embodiment stores a key application and key registration information in one mobile phone 2. Since downloading is performed as appropriate, the mobile phone 2 can have a plurality of key applications and key registration information. Also, when managing multiple key applications with one 1C card, it was necessary to go to a place where the dedicated machine is located during business hours and add or delete the key application to the dedicated machine through the IC card. The DL server 8 of the present embodiment downloads a key application and key registration information via the Internet network INT in response to a request from the mobile phone 2, and the downloaded key application and key registration information operate the mobile phone 2. Therefore, the location and time for adding or deleting the key application and key registration information are not limited, and convenience is good.

  Therefore, according to the DL server 8 of the present embodiment, the use of the mobile phone 2 incorporating the IC chip 30 gives added value that could not be realized with the IC card, and improved convenience and cost for the user. Reduction can be achieved.

H. Second Embodiment Next, a second embodiment of the present invention will be described with reference to the drawings.
The image display control system according to the second embodiment is the first in that the PIN as a personal identification number is input, whether or not the user of the mobile phone 2 is a valid user, and the security level is raised. This is different from the image display control system 1 of the embodiment. Therefore, here, it demonstrates centering on a different point from 1st Embodiment, and attaches | subjects the same code | symbol as 1st Embodiment to drawing in common, and abbreviate | omits description suitably.

H1. Key Application Activation Processing with PIN Input FIG. 18 is a flowchart showing key application activation processing on the R / W 6 side in the image display control system according to the second embodiment.
The R / W 6 transmits the key application activation signal to the mobile phone 2 after performing the user authentication basically in the same manner as in the first embodiment, but prompts the user of the mobile phone 2 to enter the PIN after the user authentication. ing.

  That is, if the R / W 6 determines that the key authentication has been successful (S34: YES), it transmits a key application activation signal to the mobile phone 2 in S200. In step S201, the mobile phone 2 is requested to perform PIN authentication. In step S202, a PIN authentication result is acquired. In S203, it is determined whether or not the PIN authentication is performed by the mobile phone 2. When it is determined that the PIN authentication has been performed by the mobile phone 2 (S203: YES), the processing after S36 is performed. On the other hand, if it is determined that the PIN authentication could not be performed by the mobile phone 2 (S203: NO), after adding 1 to the retry count r in S204, it is determined whether or not the retry count r is 3 in S205. To do. If the retry count r is not 3 (S205: NO), in S206, an instruction to display the PIN input and frontage designation screen is transmitted to the mobile phone 2, and the process returns to S201. On the other hand, if the retry count r is 3 (S205: YES), the retry count r is reset to zero in S207, and then the process ends.

FIG. 19 is a flowchart showing key application activation processing on the mobile phone 2 side in the image display control system according to the second embodiment.
After transmitting the key registration information in S53, the mobile phone 2 determines whether or not a key application activation signal has been received in S210. While the key application activation signal is not received from the R / W 6 (S210: NO), it waits as it is. On the other hand, when the key application activation signal is received from the R / W 6 (S210: YES), the key application is activated in S211. In step S212, it is determined whether a PIN authentication request has been received from the R / W 6. If it is determined that the PIN authentication request has not been received (S212: NO), the process stands by until there is a PIN authentication request. On the other hand, if it is determined that the PIN authentication request has been received (S212: YES), it is determined whether or not the PIN authentication is possible in S213, and the determination result is transmitted to the R / W 6. The PIN authentication is determined based on whether or not the PIN set in the mobile phone 2 (included in the key registration information) matches the PIN input to the mobile phone 2. In step S214, it is determined whether an instruction to display a PIN input and frontage designation screen is received from the R / W 6. If it is determined that the instruction to display the PIN input and frontage designation screen is not received from the R / W 6 (S214: NO), the process proceeds to S54 as it is.

  On the other hand, if it is determined that an instruction to display the PIN input and frontage designation screen has been received from the R / W 6 (S214: YES), the PIN input and frontage designation screen is displayed on the display unit 28 in S215. Then, in S216, it is determined whether the PIN and frontage designation are input on the PIN input and frontage designation screen using the operation unit 29 of the mobile phone 2 and transmitted to the R / W 6 or not. When the PIN and frontage designation are input (S216: YES), the process returns to S213. On the other hand, when the PIN and the frontage designation are not input (S216: NO), the process waits as it is.

H2. Description of Operation of Image Display Control System Next, the operation of the image display control system of the second embodiment will be described. FIG. 20 is a diagram showing an example of signal exchange in the image display control system according to the second embodiment, and particularly shows signal exchange between the mobile phone 2 and the library R / W 6G.
In the description of the operation of the present embodiment, the case where the user A uses the library 90 will be described as an example, as in the first embodiment.

  As shown in FIG. 20, when the user A downloads the key application C, the employee ID display screen shown in FIG. 15 is displayed on the display unit 28 of the mobile phone 2. On the employee ID display screen, an employee ID 101 is displayed with a photo, an “END” button 102 for informing the DL server 8 of content confirmation, and an “INFO” button 103 for displaying information, are displayed. “PIN input with enter key” 104 and “notification icon” 100 displayed in blue when the PIN has been input and displayed in red when the PIN has not been input are displayed. When the user A sees that the “notification icon” on the employee ID display screen is displayed in red and inputs the PIN in advance, the mobile phone 2 with the employee ID display screen displayed. By pressing the enter key in the operation unit 29, the PIN input screen can be displayed.

  The PIN input screen shown in FIG. 21 includes a PIN input column 201 for setting a PIN, a device setting column 202 for setting a device, a door setting column 203 for setting a door to be unlocked, and an “end” button for forcibly terminating the PIN input. 204. A “decision” button 205 for determining the setting contents is displayed. The device setting column 202 and the door setting column 203 are set in advance according to “device ID” and “unlocking door ID” included in the key registration information, but the PIN input column 201 is blank. Therefore, the user A uses the operation unit 29 of the mobile phone 2 to input a 4-digit number in the PIN input field 201 and clicks the “OK” button 205. If the PIN is not properly entered in the PIN entry field 201, an error message is displayed on the display unit 28 to prompt the user to reset the PIN. On the other hand, when the PIN is appropriately input in the PIN input field 201, the PIN is stored in the PIN memory 40 of the IC chip 30.

  Thereafter, when the user A holds the mobile phone 2 over the library R / W 6G, the library R / W 6G determines whether the key authentication (person authentication) can be performed. When the key R can be authenticated, the library R / W 6 activates the key application of the mobile phone 2 and requests the mobile phone 2 for PIN authentication (see S34: YES, S200, S201 in FIG. 18). The reason for requesting the PIN authentication is to confirm whether the user A of the mobile phone 2 is a valid owner of the mobile phone 2 or not.

  When the mobile phone 2 starts the key application, the PIN is stored in the PIN memory 40, and it is determined whether or not the unlocking door is specified. If the PIN input and the front door are specified, the PIN is entered. It is determined whether or not the PIN stored in the memory 40 matches the PIN set in the mobile phone 2. When the PIN stored in the PIN memory 40 matches the PIN set in the mobile phone 2, it is determined that the PIN authentication has been performed, and the determination result to that effect is transmitted to the library R / W 6G (FIG. 19). S210, S211, S212: YES, see S213).

  When the archive R / W 6G receives the authentication signal indicating that the PIN authentication has been made from the mobile phone 2, the designated storage boxes 91A, 91C, 91G of the archive 90 are unlocked. "History" is acquired and written in the IC chip 30 of the mobile phone 2 (see S203: YES, S36, S37: YES, S38 in FIG. 18).

  On the other hand, there is a case where the user A inputs a PIN before using the library 90 and does not store it in the PIN memory 40 or inputs an incorrect PIN. In this case, since the mobile phone 2 cannot authenticate the PIN, the mobile phone 2 transmits a determination result indicating that the PIN authentication cannot be performed to the library R / W 6G (see S213 in FIG. 19).

  When the archive R / W 6G receives the determination result indicating that the PIN authentication cannot be performed from the mobile phone 2, it gives the mobile phone 2 an instruction to display the PIN input and the frontage designation screen (see S206 in FIG. 18).

  The cellular phone 2 displays the PIN input and frontage designation screen shown in FIG. On the PIN entry and frontage designation screen, a “PIN input field” 211 for inputting a PIN, a “frontage designation field” for displaying a usable frontage, an “end” button 213 for forcibly closing the screen, and confirming input contents “ The “OK” button 214 is displayed. The user A uses the operation unit 29 of the mobile phone 2 to enter the PIN in the PIN input field 211 on the PIN input and frontage designation screen, and designates the frontage to be unlocked from the frontage designation field 212. When the “OK” button 214 is clicked, the mobile phone 2 determines whether PIN authentication can be performed using the entered PIN. If it is determined that the PIN authentication can be performed based on the input PIN, the mobile phone 2 transmits a determination result indicating that the PIN authentication is possible to the library R / W 6G (see S214: YES, S215, S216: YES, S213 in FIG. 19). . On the other hand, if it is determined that PIN authentication cannot be performed with the input PIN, a determination result indicating that the PIN cannot be input is transmitted to the R / W 6G (see S214: YES, S215, S216: YES, S213 in FIG. 19).

  In the present embodiment, PIN input is permitted up to three times in order to ensure security. When the user A continues to input the PIN and fails three times, the library R / W 6G forcibly ends the key application download process (see S204, S205: NO, S207 in FIG. 18).

H3. Effects of the Image Display Control System and the Authentication System According to the image display control system of the present embodiment, when the PIN is preset in the mobile phone 2 and the key application is activated, the display unit 28 of the mobile phone 2 is activated. Since the PIN input screen is displayed to prompt the user to enter the PIN, and the PIN input by the user and the PIN set in the mobile phone 2 are collated to determine whether or not authentication is possible. In addition to lock authentication by 30, PIN authentication can be performed to raise the security level.

  Further, according to the image display control system of the present embodiment, for example, when the user A does not input a PIN and the user wants to take out a document from the storage box 91C, the user A of the mobile phone 2 stores the library. After authenticating that the user has authority to use 90, when the PIN input for entering the PIN and frontage and the frontage designation screen (see FIG. 22) are displayed on the mobile phone 2, the user A When the front door number of the PIN and the storage box 91C is input using the operation unit 29 and is held over the library R / W6G, the library R / W6G unlocks the electronic lock 94 of the storage box 91C corresponding to the designated front door. Since the user A can use the storage box 91C, it is possible to use the operation unit 29 of the mobile phone 2 without using an operation unit such as a numeric keypad or a touch panel in the archive R / W 6G. No. and frontage number of the storage box 91C can enter, it is possible to reduce the cost by applying inexpensive archive R / W6G not an operation unit in the system.

I. Third Embodiment Next, a third embodiment of the present invention will be described with reference to the drawings.
The image display control system of the third embodiment is different from the image display control system 1 of the first embodiment in that use authority is temporarily lent to another person. Therefore, here, it demonstrates centering on a different point from 1st Embodiment, and attaches | subjects the same code | symbol as 1st Embodiment to drawing in common, and abbreviate | omits description suitably.

I1. Key Temporary Lending Process FIG. 23 is a flowchart showing a key temporary lending process on the DL server 8 side in the image display control system according to the third embodiment.
When the DL server 8 responds to the key registration information rewrite request received from the mobile phone 2 in S311, the DL server 8 reads “key information” from the mobile phone 2 in S312 and determines whether or not key authentication can be performed in S23. If key authentication can be performed (S23: YES), an instruction to display the key registration information rewriting screen on the display unit 28 of the mobile phone 2 is transmitted to the mobile phone 2 in S313. In step S <b> 314, it is determined whether rewrite information is received from the mobile phone 2. When the rewrite information is not received from the mobile phone 2 (S314: NO), the process stands by until the rewrite information is received. On the other hand, when the rewrite information is received from the mobile phone 2 (S314: YES), the existing key registration information is rewritten in S315. In S316, an instruction to display a rewrite content confirmation screen for displaying the rewritten key registration information on the display unit 28 of the mobile phone 2 is given to the mobile phone 2, and in S317, the rewrite content is accepted from the mobile phone 2. It is determined whether or not a signal to that effect has been received. When a signal indicating acceptance of the rewrite content is received from the mobile phone 2 (S317: YES), the key registration information is updated to the rewritten one in S318. If a signal indicating acceptance of the rewrite content is not received from the mobile phone 2 (S317: NO), the process returns to S313 to prompt the user to re-enter the rewrite content.

FIG. 24 is a flowchart showing a temporary key lending process on the mobile phone 2 side in the image display control system according to the third embodiment.
After the initial setting in S1, the mobile phone 2 requests the DL server 8 to rewrite the key registration information in S301. When there is a response to the key registration information rewrite request from the DL server 8 in S3, the key registration information rewrite screen instruction is received from the DL server 8 and the key registration information rewrite screen is displayed on the display unit 28 in S302. In S303, the rewriting information is input to the key registration information rewriting screen using the operation unit 29 of the mobile phone 2, and is transmitted to the library R / W 6G.

  When the mobile phone 2 receives a rewrite content confirmation screen display instruction from the library R / W 6G in S304, the mobile phone 2 displays a screen for displaying the rewrite content on the display unit 28. In S305, it is determined whether or not to approve the rewriting content. The approval of the rewrite content is determined by whether or not the “approval” button displayed on the rewrite content confirmation screen is clicked. When approving the contents of rewriting (S305: YES), the communication network is requested to be disconnected in S7. On the other hand, if the rewrite content is not approved (S305: NO), the process returns to S302 to prompt the re-input of rewrite information.

I2. Key Application Activation Process FIG. 25 is a flowchart showing a key application activation process on the R / W side in the image display control system according to the third embodiment.
If the key authentication can be performed (S34: YES), the R / W 6 determines whether or not the use count flag f2 is equal to or less than the use count limit n in S321. If the use count flag f2 is equal to or less than the use count limit n (S321: YES), in S322, it is determined whether or not the key is within the valid period of use. If it is within the expiration date (S322: YES), the security object is controlled in S36.

  On the other hand, if the use count flag f2 is not equal to or less than the use count limit n (S321: NO), the person has lost the authority to use the library 90, and thus the process is terminated. Even if the use count flag f2 is less than or equal to the use count limit n (S321: YES), if the expiration date has passed (S322), the person has lost the authority to use the library 90. The process is terminated as it is.

FIG. 26 is a flowchart showing key application activation processing on the mobile phone 2 side in the image display control system according to the third embodiment.
The mobile phone 2 activates the key application, displays a predetermined screen on the display unit 28 (S57, S58, S59), and then adds 1 to the use count flag f2. As a result, the fact that the person who has accessed the R / W 6 has used the library 90 is recorded in the IC chip 30.

I3. Description of Operation of Image Display Control System Next, the operation of the image display control system of the third embodiment will be described.
As a precondition for explaining the operation of the image display control system of the present embodiment, it is necessary for the user A to check the contents of documents stored in the storage box 91A of the library 90 while going out. An example will be given in which a subordinate who does not have a document takes out a document and confirms the contents.

  The user A connects the cellular phone 2 to the DL server 8 via the Internet network INT and requests rewriting of the key registration information (see S301 in FIG. 24). Then, data related to the key registration information rewriting screen is transmitted from the DL server 8 to the mobile phone 2, and the key registration information rewriting screen is displayed on the display unit 28 of the mobile phone 2 (S 311, S 312, S 23 in FIG. 23: YES, (See S313). Using the operation unit 29 of the mobile phone 2, the user A uses the “ID” of the user A, “ID” of the subordinate B, “PIN” of the user A, “equipment ID” of the library 90, The key is the "unlocking door ID" of the storage box 91A, the "lending expiry date" for lending the key (for example, 1 month to 15:00 on the month, month, day 1), and the "usage number n" (for example, 3 times) that the key can be used The registration information rewriting screen is input, and the input content is transmitted as “rewriting information” to the DL server 8 (see S302 and S303 in FIG. 24).

  When the DL server 8 receives the “rewrite information” from the mobile phone 2, the DL server 8 reads the key registration information of the user “A”, rewrites the existing key registration information according to the “rewrite information”, and confirms the rewritten key registration information. Data relating to the prompting confirmation screen for rewriting content is transmitted to the mobile phone 2 (see S315 and S316 in FIG. 23).

  The user A confirms the content of the “rewrite content confirmation screen” displayed on the display unit 28 of the mobile phone 2 and clicks the “approval” button if it is correct. Thereby, the mobile phone 2 transmits a signal notifying that the user A has approved the rewritten key registration information to the R / W 6 (see S304 and S305 in FIG. 24: YES).

  When the R / W 6 receives a signal indicating that the rewritten key registration information has been approved from the mobile phone 2, the R / W 6 updates the rewritten key registration information (see S317 in FIG. 23: YES, S318). As a result, the key used by the user A to use the storage box 91A of the library 90 is temporarily lent to his subordinates under the restriction conditions (number of uses, use expiration date).

  The rewritten key registration information is encrypted and transmitted to the management server 5. The management server 5 changes and registers the usage authority information in the usage authority information DB 57 according to the contents of the key registration information rewritten. Thereafter, the management server 5 distributes the rewritten use authority information to the archive R / W 6G. As a result, the library R / W 6 recognizes that the user A has been temporarily granted to his subordinates the authority to unlock the storage box 91A of the library 90.

  Thereafter, the user A informs his subordinate that the key has been temporarily lent, confirms the contents of the documents stored in the storage box 91A of the library 90, and instructs the user A to contact the user A.

  The subordinate B connects the mobile phone 2 ′ to the DL server 8 and acquires the key application D and key registration information. The DL server 8 stores the “authentication ID” of the subordinate B along with the “authentication ID” of the user A when rewriting the key registration information, and recognizes that the key of the user A is lent to the subordinate B. ing. Therefore, when the subordinate B accesses the DL server 8 from the mobile phone 2 ′ and requests download of the key application D, the key registration information of the user A is downloaded to the mobile phone 2 ′ together with the key application D.

  When the subordinate B holds the mobile phone 2 'downloaded with the key application and key registration information over the archive R / W 6G, it is determined whether the key registration information is read out to the R / W 6G and can be authenticated. Since the user's key registration information is downloaded to the subordinate's mobile phone 2 ', when the subordinate's mobile phone 2' is held over, the key authentication information is stored based on the user's key registration information. The electronic lock 94 of the box 91A is unlocked (S321: YES in FIG. 25, S322: YES, S36, see S313 in FIG. 26). As a result, the subordinate B can take out the documents stored in the storage box 91A, confirm the contents, and contact the user A.

When the subordinate B unlocks the storage box 91A three times, even if he or she tries to unlock the storage box 91A by holding the mobile phone 2 'over the library R / W6G, the number of uses n set by the user A is set. Since it exceeds (three times), the storage box 91A cannot be unlocked.
Further, even if the subordinate B has not unlocked the storage box 91A three times, the storage box 91A is unlocked at 16:00 on the month, month, day, 16:00, after the expiration date (1 month to 15:00). Therefore, the storage box 91A cannot be unlocked even if the mobile phone 2 ′ is held over the library R / W 6G (see S321: NO, S322: NO in FIG. 25).

I4. Effects of Image Display Control System and DL Server According to the image display control system of the present embodiment, the key registration information includes the number of uses n for restricting the use of office equipment and the use expiration date (restriction condition). However, based on the key registration information received from the mobile phone 2, it is determined whether the mobile phone 2 communicates with the R / W 6 within the range of the number of uses and the range of the use expiration date. When communicating with the R / W 6 within the range of the number of uses n and the range of the expiration date of use, a key application activation signal is transmitted to the mobile phone 2, and a predetermined screen is displayed on the display unit 28 of the mobile phone 2. On the other hand, when the mobile phone 2 is not communicating with the R / W 6 within the range of the number of uses n or within the range of the use expiration date, the key application activation signal is not transmitted, and the display unit 28 of the mobile phone 2 is displayed. A predetermined screen. Since it is not shown, the office equipment cannot be used beyond the number of times of use n or the valid use period, and the security level is improved.

  In the image display control system of the present embodiment, the DL server 8 identifies the mobile phone 2 based on the IC chip 30 built in the mobile phone 2, and the key registration involving the mobile phone 2 by the operation of the mobile phone 2 is performed. Since the authentication ID of the user A included in the information is rewritten to the authentication ID of the subordinate B and the rewritten key registration information is transmitted to the R / W 6 via the Internet network INT, the management server 5 and the in-house LAN 7, for example, the subordinate When the user holds his / her mobile phone 2 'over the R / W 6, the use is permitted even for office equipment that is not originally authorized for use. Therefore, the image display control system of this embodiment can lend the use authority of office equipment temporarily to others using the mobile phone 2, and is convenient.

J. et al. Modifications The present invention is not limited to the above-described embodiment, and various applications are possible.
(1) For example, in the above-described embodiment, the image formation control system, the authentication system, and the application management apparatus have been described for the in-house network 3, but the present invention may be applied to general households and schools. For example, when the image forming control system is used in a general home, the parent creates a message addressed to the child by the client server 4 and stores it in the management server 5, the child returns home, and the mobile phone 2 is connected to the entrance. When holding it over the R / W6 attached to the door, the door is unlocked, and a message from the parent (for example, “Since you are out, dinner is in the refrigerator.” ") May be displayed on the screen. In this case, when the management server 5 detects that the R / W 6 has written a message on the mobile phone 2, the management server 5 creates and sends an e-mail notifying that the child has returned home to the parent mobile phone. May be. As a result, the parent can know the child's return time even when he / she is away from home. Also, for example, when using an image formation control system in a school, a message from the school when a student holds the mobile phone 2 over the R / W 6 provided on the entrance / exit door and unlocks the entrance / exit door. (For example, “XX month XX day (Wednesday) 2nd period is closed”) may be displayed on the display unit 28 of the mobile phone 2.

(2) In the above embodiment, Company A ●● branch internal network 3 is targeted, but as shown in FIG. 27, in addition to the key application and key registration information corresponding to Company A ●● branch, Company A The key application and key registration information corresponding to the branch office may be stored in the mobile phone 2 so that the screen of the company company's internal network 3A of the branch office A can be displayed at the time of personal authentication. In this case, if the user obtains the key application and key registration information before making a business trip to the branch office, regardless of the business hours of the business trip destination, etc., the user can enter or leave the branch office or use office equipment. can do.

(3) In the second embodiment, the screen for the user A to select and input the storage box (frontage) of the library is displayed on the mobile phone 2, but the layout of the library is displayed as image data, and the image data A frontage that can be used by the user may be displayed above, and a frontage to be unlocked may be specified from among the frontage where the user back is displayed. In this case, it is not necessary for the user A to remember the front door number of the library, which is convenient. In the second embodiment, the frontage is designated when the PIN input is inappropriate. However, a screen for designating the frontage may be displayed on the mobile phone 2 regardless of the presence or absence of the PIN input. . In this case, since only the frontage specified by the user A is unlocked, it is possible to prevent the user A from forgetting to lock the unlocked frontage after taking out the document or the like.

(4) In the second embodiment, the PIN is set as a four-digit number, but it may be set in English letters, hiragana, kanji, etc. by the operation unit 29 of the mobile phone 2. In this case, PIN variations are widened and the security level is improved.

(5) In the third embodiment, the subordinate B can unlock the library 90 only by holding the mobile phone 2 '. However, the subordinate B may be further prompted to enter a PIN and raise the security level. .

  In the above embodiment, the processes of S37 to S39 correspond to “display data writing means”, S55 to S59 correspond to “display control means”, and S321 to S322 and S36 of FIG. It corresponds to “control means”, S314 to S318 correspond to “key registration information rewriting means”, and S319 corresponds to “transmission means”.

1 is a schematic configuration diagram of an image display control system according to a first embodiment of the present invention. It is an electrical block diagram of the DL server shown in FIG. It is a figure which shows the data structure of application DB. It is a figure which shows the data structure of key registration information DB. It is an electrical block diagram of the mobile phone shown in FIG. FIG. 6 is an electrical block diagram of the IC chip shown in FIG. 5. It is an electrical block diagram of the in-house security system shown in FIG. It is an external appearance perspective view of a library. It is a flow which shows the process in which a mobile telephone downloads a key application. It is a flowchart which shows the process in which a DL server downloads a key application to a mobile phone. It is a flowchart which shows the key application starting process by the side of R / W. It is a flowchart which shows the key application starting process by the side of a mobile telephone. It is a conceptual diagram which shows an example of signal transmission / reception in the image display control system shown in FIG. 1, Comprising: Signal transmission / reception with a mobile telephone and DL server and a mobile telephone and entrance / exit management R / W is shown. It is a conceptual diagram which shows an example of signal transmission / reception in the image display control system shown in FIG. 1, Comprising: Signal transmission / reception with a mobile telephone and library R / W is shown. It is a figure which shows an employee ID display screen. It is a figure which shows a message display screen. It is a figure which shows a log | history display screen. It is a flowchart which shows the key application starting process by the side of R / W in the image display control system which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the key application starting process by the side of a mobile telephone in the image display control system which concerns on 2nd Embodiment of this invention. It is a figure which shows an example of signal transmission / reception in the image display control system which concerns on 2nd Embodiment of this invention, and shows signal transmission / reception especially with a mobile telephone and library R / W. It is a figure which shows a PIN input screen. It is a figure which shows a PIN input and frontage designation | designated screen. It is a flowchart which shows the temporary lending process of the key in the DL server side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the temporary lending process of the key in the mobile telephone side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the key application starting process in the R / W side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the key application starting process in the mobile telephone side in the image display control system which concerns on 3rd Embodiment of this invention. It is a modification of the image display control system of this invention.

Explanation of symbols

1 Image display control system 2 Mobile phone 3 Internal security system 6 R / W (authentication equipment)
8 DL server (application management device)
30 IC chip (non-contact integrated circuit)
90 Library (Security protection object)

The present invention, in use of the security object, the authentication rows cormorants authentication system, a reader-writer device and a vault.

  In recent years, security protection for objects and information has been strongly demanded. As a means for security protection, for example, in the techniques described in Patent Literature 1 to Patent Literature 5, personal authentication is performed when a security protection object is used.

  The key management device described in Patent Document 1 authenticates a user using an IC card and permits use of a key stored in a key box. The key box includes a plurality of boxes for individually storing keys, and an electronic lock is attached to each door of the box. A card reader is attached to the key box. When the user passes the IC card through the card reader, the key management device acquires the IC card data, sends it to the management center, and receives a signal from the management center indicating that the user has been authenticated as a member. Then, a password input guide and a touch panel are displayed on the screen of the card reader. When the user enters a password using the touch panel, the key management device sends the password to the management center, receives a signal from the management center indicating that the password has been authenticated, and further includes a guidance for specifying the vehicle number and the touch panel. Is displayed on the card reader screen. Then, when the user inputs a car number to the card reader, the key management device unlocks the door of the box that stores the car key corresponding to the car number and makes the key usable.

  The authentication system described in Patent Document 2 performs personal authentication using a mobile phone and unlocks the door. The mobile phone stores an identification number for unlocking the door in a memory, and transmits the identification number to the receiving device by infrared rays by a user's operation. When the receiving apparatus authenticates the identification number, the receiving apparatus transmits a signal notifying that the identification number is valid to the electronic lock attached to the door, and unlocks the electronic lock.

  The garage door opening / closing system described in Patent Document 3 performs personal authentication using a mobile phone, and locks or unlocks the garage door. When the user parks the car in front of the garage door and makes a call from the mobile phone to the communication device to connect to the garage door opening / closing system homepage, the user will be prompted to enter the password on the mobile phone display and open / close the garage door. A selection button to select is displayed. When the user selects the password and “Open” and sends the data to the communication device, the communication device determines whether the password is correct. If the password is authenticated, the electronic lock attached to the garage door is unlocked. Lock it.

  The security remote control system described in Patent Document 4 performs personal authentication using a mobile phone, and locks and unlocks the door of the home entrance. The security remote operation system detects the position of its own device by the location information detection unit, and automatically sends a status notification request email to the security center to notify the locked / unlocked state when it goes out of the area including the home. . The security sensor transmits a state confirmation signal to the key unit provided at the door of the entrance, and receives the lock state investigation result from the key unit. The image display control system transmits a status notification mail including the key unit investigation result to the mobile phone. The user displays a status notification mail on the mobile phone to confirm the locked state, and when not locked, transmits a locking instruction signal to the key unit via the security center.

The locker system described in Patent Document 5 uses a mobile phone to check whether or not the locker user is an authorized user, and locks and unlocks the locker. In the locker system, electronic locks are provided on the lockers of the locker device. Further, the locker device is provided with a numeric keypad for inputting a locker number and the like. For example, when the user enters the locker number into the numeric keypad and accesses the URL of the data center from the mobile phone according to the unique access URL information confirmation screen, personal authentication is performed between the mobile phone and the data center using the ID and password. The operation screen is transmitted from the data center to the mobile phone. When the user inputs an unlock request for the locker to be unlocked on the operation screen and sends it to the data center, the data center authenticates that the user has the right authority according to the locker number, ID and password. A lock instruction is transmitted to the locker device, and the locker specified by the user is unlocked.

JP 2004-300683 A JP 2002-339608 A JP 2003-319469 A JP 2005-155205 A JP 2003-278421 A

However, the systems described in Patent Documents 1 to 5 have the following problems.
(1) In the key management device described in Patent Document 1, password input guidance and guidance for specifying a car number are displayed on the screen of the card reader, and information is input using the touch panel displayed on the screen. A display, a display screen control program, a memory for storing various programs and data, and the like had to be provided, which was expensive. In addition, the key management device described in Patent Document 1 cannot use the IC card for the key management device in another image display control system, and the user owns a separate IC card for each image display control system. It was inconvenient.

(2) In the authentication system described in Patent Document 2, if a user displays a data transmission screen on a mobile phone and does not transmit data to the receiving device by operating a button, infrared data is transmitted to the receiving device. The data transmission operation took time and effort.

(3) In the systems described in Patent Document 3, Patent Document 4, and Patent Document 5, a mobile phone connects to a communication device, a security center, and a data center via the Internet, and a communication device using a public telephone line network, Since communication is performed between the security center and the data center, communication costs are incurred each time communication is performed. Also, in areas outside the communication area, mobile phones could not be connected to communication devices, security centers, and data centers, and the system could not be operated.

Therefore, the present invention has been made to solve the above-described problems. By using a mobile phone incorporating a non-contact integrated circuit such as an IC chip, an IC card or a key using the Internet can be used. add value which could not have been realized, authentication system that can be improved and cost reduction of the convenience to the user, and an object thereof is to provide a reader-writer device and a vault.

In order to achieve the above object, the present invention has the following configuration.
(1) and a mobile phone equipped with an IC chip, provided in the vault with the electronic lock, and the reader-writer device for authenticating use authority of the depot in communication with the IC chip, is composed of the mobile phone The IC chip stores key registration information for unlocking the electronic lock and a key application for displaying a predetermined screen on the display unit of the mobile phone, and the reader / writer device is connected to the IC chip. A key authentication step of performing key authentication by acquiring the key registration information from the IC chip when communicating and authenticating use authority of the storage; and when the key authentication is performed in the key authentication step, the reader A writer device transmits an activation signal that activates the key application to the IC chip, and the IC chip transmits in the activation signal transmission step. A screen display step of activating the key application and displaying a screen showing information related to the storage on the display unit of the mobile phone when the activated activation signal is received. And

(2) In the authentication system described in (1), the storage is provided with an electronic lock that is controlled by the reader / writer device for each frontage, and from the mobile phone to the frontage. And a reader / writer device having an unlocking step of unlocking the electronic lock for the frontage designated in the frontage designation step .

(3 ) In the authentication system described in ( 2), when the reader / writer device authenticates the key, a frontage designation screen displaying a frontage that can be used with the use authority is displayed on the display means. A display instruction step for giving an instruction to the mobile phone, and a frontage designation for causing the display means to display the frontage designation screen instructed to be displayed in the display instruction step when the IC chip activates the key application A screen display step, and the IC chip transmits a frontage designated on the frontage designation screen using the operation unit of the mobile phone to the reader / writer device, unlocking process receives frontage the IC chip is transmitted in the frontage designated transmission step, characterized by unlocking the electronic lock corresponding to the frontage

(4) In the authentication system according to any one of (1) to (3), the key application is configured such that the mobile phone is connected to a download server via the public telephone line network, and the download server It is downloaded to the IC chip .

(5) A reader / writer device used in the authentication system according to any one of (1) to (4) .

(6) A storage that is used in the authentication system according to any one of (1) to (4).

Describing the effect of the invention having an upper Symbol configuration.
Here, the key application and key registration information are downloaded from the download server (application management device) to the mobile phone, and the reader / writer device (authentication device) provided in the storage (security protected object) communicates with the mobile phone. An example will be described in which an input screen (predetermined screen) for inputting a personal identification number and a frontage is displayed on the mobile phone when the authority to use the storage is authenticated.

  In the image display control system of the present invention, when a mobile phone is connected to a download server via a public telephone network (communication means), the download server stores the key application and key registration information in the download source key application storage means and the download source key. The information is read from the registration information storage means, and the read key application and key registration information are downloaded to the mobile phone via the public telephone line network. By downloading the key application to the mobile phone, it is possible to associate the storage with the mobile phone and display an input screen for inputting the personal identification number and the frontage on the display means of the mobile phone. In addition, by downloading the key registration information to the mobile phone, the use authority of the storage can be confirmed using the mobile phone.

  When the mobile phone that has downloaded the key application and key registration information is held over the reader / writer device, the contactless integrated circuit and the reader / writer device communicate with each other, and the presence or absence of the authority to use the storage is authenticated. When the reader / writer device authenticates that the user of the mobile phone has the authority to use the storage, the reader / writer device transmits a key application activation signal to the mobile phone. When the mobile phone receives the key application activation signal, it reads the key application downloaded from the download server from the download destination key application storage means and activates it, and automatically displays an input screen for entering the PIN and frontage on the display (display means). To display.

When using an IC card, it is necessary to create a separate IC card for other security protection items (such as an entrance / exit management system) in the storage, which is a burden on the system user in terms of cost and management. However, since the image display control system of the present invention can download and store a plurality of key applications from the download server to the mobile phone, it can store the keys of the storage and other security protection objects in one mobile phone. Can be managed by phone.
Further, when the right to use is authenticated by the IC card, the personal identification number, and the frontage, it is necessary to provide a liquid crystal panel for displaying an input screen on the reader / writer device because information cannot be displayed on the IC card. Since the image display control system displays an input screen for inputting a password and a frontage on a display of a mobile phone, an inexpensive reader / writer device without a liquid crystal display can be applied to the system.
Also, in the system using the Internet network and infrared rays, the specified screen is displayed after the communication is established by operating the mobile phone, so the operability is poor, the communication cost is high, and it cannot be used outside the service area. However, in the image display control system of the present invention, the mobile phone directly communicates with the reader / writer device only by holding the mobile phone over the reader / writer device, and an input screen for inputting the PIN number and frontage is automatically displayed on the display. Therefore, the system can be operated even when the mobile phone is out of the service area, and no communication cost is incurred when the mobile phone communicates with the reader / writer device.

  Therefore, according to the image display control system of the present invention, by using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an added value that could not be realized with an IC card or a key using the Internet. The convenience to the user can be improved and the cost can be reduced.

  Further, according to the image display control system of the present invention, the reader / writer device is connected to the management device via an internal communication means (for example, an intranet protected by a firewall, an in-house LAN, etc.). When the mobile phone user is authorized to use the vault, the display data is read from the management device and written to the mobile phone, and then the key application activation signal is transmitted to the mobile phone. . When the mobile phone activates the key application, it reads out the written display data and displays it on the display. Therefore, according to the image display control system of the present invention, even when the storage capacity of the reader / writer device is small, display data can be stored in the management device and appropriately displayed on the display of the mobile phone.

  In addition, according to the image display control system of the present invention, the personal identification number is set in advance in the mobile phone, and when the key application is activated, the personal identification number input screen is displayed on the display of the cellular phone to the user. In addition to authenticating identifiers for contactless integrated circuits, it prompts the user to enter a personal identification number and checks whether the personal identification number entered by the user and the personal identification number set in the mobile phone can be verified. , You can authenticate your PIN and raise the security level.

  In addition, according to the image display control system of the present invention, the key registration information includes a restriction condition for restricting use of the storage (such as the number of uses and the expiration date of use), and the key received by the reader / writer device from the mobile phone. If the mobile phone is communicating with the reader / writer device within the limit conditions based on the registered information, and the mobile phone is communicating with the reader / writer device within the limit conditions Sends a key application activation signal to the mobile phone and displays an input screen for entering the PIN and frontage on the mobile phone display, while the mobile phone is not communicating with the reader / writer device within the limits In this case, the key application activation signal is not sent, and the input screen for entering the security code and frontage is not displayed on the mobile phone display. Can not be used, to improve security level.

  In addition, the image display control system of the present invention identifies a mobile phone based on an identifier of a non-contact type integrated circuit incorporated in the mobile phone by the download server, and stores key registration information related to the mobile phone by operating the mobile phone. Since the included authentication ID is rewritten to another person's authentication ID, and the rewritten key registration information is transmitted to the reader / writer device, for example, a person using a mobile phone having the other person's authentication ID uses the mobile phone as a reader / writer. If you hold it over the device, you are allowed to use the storage. Therefore, the image display control system of the present invention can lend the right to use the storage to another person temporarily using a mobile phone, and is convenient.

  Further, according to the image display control system of the present invention, the personal identification number and the frontage are input to the mobile phone displaying the input screen for inputting the personal identification number and the frontage using the operation unit of the mobile phone. When the input mobile phone is held over the reader / writer device, the reader / writer device unlocks the electronic lock corresponding to the designated frontage and allows the storage to be used. Even without an operation unit such as the above, it is possible to input a personal identification number and frontage using the operation unit of a mobile phone, and to reduce costs by applying an inexpensive reader / writer device without an operation unit to the system be able to.

  In the authentication system of the present invention, when the mobile phone is held over the authentication device, the contactless integrated circuit and the authentication device communicate with each other, and the presence or absence of the right to use the security protection object is authenticated. When the authentication device authenticates that there is a use right, it transmits a key application activation signal to the mobile phone. Upon receiving the key application activation signal, the cellular phone activates the key application and automatically displays a predetermined screen on the display means. Therefore, when using the IC card and the personal identification number to authenticate the use authority, it is necessary to provide a liquid crystal panel for displaying an input screen on the authentication device because information cannot be displayed on the IC card. Since an input screen for a password is displayed on the display means of the cellular phone, an inexpensive authentication device without a liquid crystal display can be applied to the system. Also, in the system using the Internet network and infrared rays, the specified screen is displayed after the communication is established by operating the mobile phone, so the operability is poor, the communication cost is high, and it cannot be used outside the service area. However, the authentication system of the present invention has good operability because the mobile phone directly communicates with the authentication device and automatically displays a predetermined screen on the display means simply by holding the mobile phone over the authentication device. The system can be operated even when the phone is outside the service area, and no communication cost is incurred when the mobile phone communicates with the authentication device.

  Therefore, according to the authentication system of the present invention, by using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an added value that cannot be realized with an IC card or a key using the Internet is given. Therefore, it is possible to improve the convenience for the user and reduce the cost.

Further, according to the application management device of the present invention, when there is a request to download the key application from the mobile phone, the mobile phone is associated with the security protection object on the mobile phone based on the mobile phone identifier. Download the key application to display the screen and the key registration information corresponding to the usage authority to the mobile phone. Therefore, when an IC card is used, it is necessary to create and possess an IC card for each security protection object. However, the application management apparatus of the present invention transmits a key application and key registration information to one mobile phone. Since downloading is performed as appropriate, a mobile phone can have a plurality of key applications and key registration information. Also, when managing multiple key applications with one 1C card, it was necessary to go to a place where the dedicated machine is located during business hours and add or delete the key application to the dedicated machine through the IC card. The application management apparatus of the present invention downloads a key application and key registration information in response to a request from the mobile phone, and the downloaded key application and key registration information can be arbitrarily deleted by operating the mobile phone. And the place and time for adding or deleting the key registration information are not limited, and convenience is good.

  Therefore, according to the application management apparatus of the present invention, by using a mobile phone that incorporates a non-contact type integrated circuit such as an IC chip, it provides added value that could not be realized with an IC card, and is convenient for the user. Improvement and cost reduction can be achieved.

Next, an embodiment according to the present invention will be described with reference to the drawings.
A. B. Overall Configuration of Image Display Control System According to First Embodiment DL server (application management device)
C. Cellular phone In-house security system Various processes in the image display control system E1. Download process of key application and key registration information E2. Key application activation processing Explanation of operation of image display control system Effects of image display control system, authentication system, and DL server Second Embodiment H1. Key application activation process with PIN input H2. Explanation of operation of image display control system H3. Effects of image display control system and authentication system Third Embodiment I1. Key registration information temporary lending process I2. Key application activation processing I3. Description of operation of image display control system I4. Effects of image display control system and DL server Modified example

A. Overall Configuration of Image Display Control System According to First Embodiment FIG. 1 is a schematic configuration diagram of an image display control system 1 according to the first embodiment.
The image display control system 1 downloads a key application and key registration information from a download server (hereinafter abbreviated as “DL server”) (application management device) 8 to a general-purpose mobile phone 2, thereby making the mobile phone 2 in-house. When controlling the office equipment by associating it with the office equipment (security protected object) of the security system 3 and holding the mobile phone 2 over the reader / writer device (hereinafter abbreviated as “R / W”) (authentication equipment) 6 The key application downloaded to the mobile phone 2 is activated to display a predetermined screen on the display unit (display means) 28 of the mobile phone 2. In the present embodiment, the mobile phone 2 and the R / W 6 constitute an “authentication system”.

The in-house security system 3 is constructed in, for example, the company A ●● branch office, and is a client personal computer (hereinafter referred to as “client PC”) 4, a management server (management device) 5, an entrance / exit management R / W 6 </ b> A, an attendance / exit Multiple R / W6 such as management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, library R / W6G, etc., establish in-house LAN (internal communication means) 7 Are connected to each other so as to be able to communicate with each other. The R / W 6 acquires the key information of the mobile phone 2 and authenticates the person, and office equipment that is subject to security protection, such as a time recorder, a door for entering and leaving the room, a valuable box, a desk, a key box, a locker, and a library. This is to determine whether or not there is a right to use (security protected object).

  The mobile phone 2 is a general-purpose product. In addition to the telephone function, the mobile phone 2 includes a mail function for transmitting / receiving mail data and Web data by connecting to the Internet network (communication means) INT, a wireless communication function for performing wireless communication with each R / W 6, and the like.

  The DL server 8 downloads a key application and key registration information to the mobile phone 2. The “key application” is an application that identifies the mobile phone 2 from another mobile phone and associates it with the office device of the in-house network 3 to display a predetermined screen on the display unit 28 of the mobile phone 2. The “key registration information” refers to data necessary for personal authentication when using office equipment in the in-house network 3. For example, “authentication ID” individually assigned to the mobile phone 2, “PIN (PIN number)” set on the mobile phone 2 to confirm the user, “expiration date” that can be used for office equipment (security object), “number of times of use”, office equipment (security protection object) "Device ID" for identifying), "unlocking ID" for identifying a lockable frontage among office devices (security objects), and the like. Here, the key registration information can be rewritten on the DL server 8. For example, “PIN” included in the key registration information is initially set to “0000” in a state where the key application is downloaded, but the mobile phone 2 accesses the DL server 8 at a later date to arbitrarily enter the key registration information. It is possible to change to the value of.

B. DL Server FIG. 2 is an electrical block diagram of the DL server 8 shown in FIG.
The DL server 8 is a well-known computer, and includes a central processing unit (hereinafter referred to as “CPU”) 10, an input / output interface 11, a ROM 12, a RAM 13, a hard disk drive (hereinafter abbreviated as “HDD”) 14, and an operation unit 18. , A display unit 19, a communication unit 20, and the like. The DL server 8 stores data acquired from the communication unit 20 and the input / output interface 11 in the HDD 14, and the CPU 10 temporarily reads and executes the program stored in the ROM 12 in accordance with the operation of the operation unit 18, Data stored in the HDD 14 is processed, calculated, and displayed on the display unit 19 or output from the input / output interface 11 or the communication unit 20 to another device.

  In the HDD 14, an application database (hereinafter, "database" is abbreviated as "DB") (download source key application storage means) 15, a key registration information DB (download source key registration information storage means) 16, and a download program (download means). ) 17 is provided.

FIG. 3 is a diagram illustrating a data structure of the key application DB 15.
The application DB 16 stores various applications downloaded to the mobile phone 2 via the Internet INT in association with the URI. In this embodiment, for example, in addition to an application for using “Edy” (registered trademark) of electronic money, a key application or the like is associated with a URI (Uniform Resource Identifier) and stored in the application DB 16.

FIG. 4 is a diagram illustrating a data structure of the key registration information DB 16.
The key registration information DB 16 stores key registration information in association with a URI and key information. The reason why the “key registration information” is associated with the URI is to identify the key application to which the key registration information corresponds. The “key information” is used to identify the mobile phone 2 from other mobile phones, and more specifically, is information related to a key (identifier) of an IC chip (non-contact integrated circuit) 30 described later. . The reason for associating the “key registration information” with the “key information” is to associate the mobile phone 2 with the office equipment (security protected object) of the in-house security system 3.

  The download program 17 shown in FIG. 2 reads the key application from the key application DB 15 based on the IC chip 30 of the mobile phone 2 when the mobile phone requests download of the key application via the Internet network INT. The key registration information is read from the key registration information DB 16 and the read key application and key registration information are downloaded to the mobile phone 2.

C. Mobile Phone FIG. 5 is a diagram showing an electrical block configuration of the mobile phone 2.
The mobile phone 2 is connected to a CPU 21, a communication unit 22, a volatile memory 23, a nonvolatile memory 24, a display unit 28, an operation unit 29, an IC chip 30 and the like via a data bus.

  The communication unit 22 connects to the Internet network INT by wireless communication under the control of the CPU 21. The display unit 28 includes a display device such as a liquid crystal panel, and displays various information on the screen under the control of the CPU 21. The operation unit 29 includes various buttons such as push buttons and cursor keys. When an operation is performed by the user, the operation unit 29 outputs an operation signal to the CPU 21 according to the input operation.

  The CPU 21 controls each unit of the mobile phone 2 according to an application stored in the nonvolatile memory 24. The volatile memory 23 is used as a work area, and temporarily stores various applications executed by the CPU 21 and various data used when executing the applications.

  The nonvolatile memory 24 is provided with an EEPROM 25 and a ROM 27. In addition to various control information and various control programs, the ROM 27 stores various applications executed by the CPU 21. The EEPROM 25 is a rewritable memory. In the present embodiment, a table storage memory 26 is provided in the EEPROM 26, and the table storage memory 26 stores the type of downloaded application in association with the URI in order to manage the downloaded application.

FIG. 6 is an electrical block diagram of the IC chip 30 shown in FIG.
The IC chip 30 is formed by connecting a CPU 31, an antenna 32, a RAM 33, a ROM 34, an EEPROM 35, and the like such that signals can be transmitted and received. The IC chip 30 receives a radio wave emitted from the R / W 6 and converts it into energy to exchange data.

The antenna 32 performs wireless communication with an external wireless communication device. In the present embodiment, for example, the antenna 32 performs wireless communication with the R / W 6 of the in-house security system 3. The CPU 31 processes and calculates data in accordance with applications stored in the ROM 34 and the EEPROM 35, and controls the operation of the mobile phone 2, for example. The RAM 33 is used as a work area, and temporarily stores various applications executed by the CPU 31, various data used when executing the applications, and the like. The ROM 34 is a non-rewritable memory, and stores various applications to be executed by the CPU 31 in addition to various control information and various control programs. The EEPROM 35 is a rewritable memory and stores various control information and various control programs, as well as various applications executed by the CPU 31, and can arbitrarily add or delete applications. The EEPROM 35 includes a key registration information common memory (download destination key registration information storage means, personal identification number storage means, key registration information storage means) 36, an application common memory (download destination key application storage means, key application storage means) 37, The embedded data memory 38, the key information memory 39, the PIN memory 40, and the like are stored.

The key registration information common memory 36 stores “key registration information” downloaded from the DL server 8. The key registration information common storage memory 36 stores a plurality of “key registration information” using a key, and protects the security of the “key registration information”.
The application common memory 37 associates the “key application” downloaded from the DL server 8 with the “URI” and stores it using a key to protect the security of the “key application”.
The write data memory 38 stores data written from the outside. In the present embodiment, for example, “display data” displayed on the display unit 28 of the mobile phone 2 is written in the write data memory 38.
The key information storage memory 39 stores the “key information” described above.
The PIN memory 40 stores the PIN input by the user of the mobile phone 2. The PIN memory 40 is provided to save the user from having to input the PIN when performing PIN authentication.

D. Internal Security System FIG. 7 is an electrical block diagram of the internal security system 3 shown in FIG.
The in-house security system 3 includes a client PC 4, a management server 5, an entrance / exit management R / W 6A,. The management server 5 manages the usage state of office equipment such as lockers, archives, and client PCs 4.

  In the management server 5, a CPU 51, an input / output interface 52, a ROM 53, a RAM 54, an HDD 55, an operation unit 59, a display unit 60, and the like are connected to each other via a data bus. Since the management server 5 is a well-known computer, a detailed description thereof will be omitted, but the HDD 55 is provided with a display data DB 56, a use authority information DB 57, and a device information DB 58.

The display data DB 56 stores “display data” to be displayed on the display unit 28 of the mobile phone 2, such as messages created for a specific user by the client PC 4 or an external terminal, usage history of office equipment, and the like. .
The use authority information DB 57 stores “use authority information” including use authority of office equipment. The “use authority information” corresponds to the “key registration information” described above. For example, among the office devices installed in the in-house security system 3, the “device ID” of the office device permitted to be used, Includes “valid period” and “use count” that can be used for office equipment.
The device information DB 58 stores “device information” including “device ID”, “usage history”, and the like of the office devices constituting the in-house security system 3 for each device.

  The client PC 4 is a known computer in which a CPU 71, an input / output interface 72, a ROM 73, a RAM 74, an HDD 75, an operation unit 76, a display unit 77, a communication unit 78, and the like are connected by a data bus. Therefore, detailed description is omitted here.

  Entrance / exit management R / W6A, attendance / exit management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, library R / W6G are managed via the in-house LAN 7. Is connected to and managed. The entry / exit management R / W6A, attendance / exit management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, and library R / W6G have almost the same configuration. Here, the library R / W 6G will be described as an example, and the description of other configurations of the R / W 6A to 6F will be omitted.

  As shown in the external view of FIG. 8, the library R / W 6G is provided in the library 90, and an electronic lock 94 (attached to each storage box 91A, 91B, 91C, 91D, 91E, 91F, 91G, 91H of the library 90 is provided. (See FIG. 7). In addition, the library 90 has installed the antenna 92 (refer FIG. 7) in each storage box 91A-91H, and has detected the IC tag 93 (refer FIG. 7) stuck on the document.

  As shown in FIG. 7, the archive R / W 6G is a computer in which a CPU 81, an input / output interface 82, a ROM 83, a RAM 84, an HDD 85, and a wireless communication unit 86 are connected by a data bus, such as a display unit such as a liquid crystal display or a numeric keypad. The operation unit is not provided. The HDD 85 stores a use authority information DB 87 and an application activation program 88. The use authority information DB 87 stores “use authority information” distributed from the management server 5 via the in-house LAN 7. Specifically, for example, who can open and close which door of the library and what documents can be used is stored in the use authority information DB 87 as “use authority information”. The application activation program 88 defines a process for activating the key application downloaded to the mobile phone 2. The wireless communication unit 86 transmits and receives data to and from an external device by wireless communication. The speaker 89 generates a buzzer sound and sound.

  In the library R / W 6G, the input / output interface 82 is communicably connected to the antenna 92 installed in the storage boxes 91A to 91H, and the detection result of the antenna 92 detecting the IC tag 93 is input from the input / output interface 82. Then, by transmitting the detection result to the management server 5 via the in-house LAN 7, the document usage history is recorded in the management server 5. Further, the library R / W 6G is communicably connected to the electronic lock 94, detects the locked / unlocked state of the electronic lock 94, and transmits a locking command or an unlocking command to the electronic lock 94.

E. Various processes in the image display control system E1. Key Application and Key Registration Information Download Process FIG. 9 is a flowchart showing a process in which the mobile phone 2 downloads the key application.
When the mobile phone 2 downloads the key application, first, in step 1 (hereinafter abbreviated as “S1”), initial setting is performed. Next, in S2, the DL server 8 is requested to download the key application. In S3, it is determined whether or not there is a response from the DL server 8.

If it is determined that there is a response from the DL server 8 (S3: YES), the key application and key registration information are downloaded from the DL server 8 in S4. In step S5, an employee ID screen is displayed on the display unit 28 to prompt the user to confirm the contents of the downloaded key registration information. It waits as it is until the content confirmation is made by the user (S6: NO). When the user confirms the contents (S6: YES), a communication network disconnection request is transmitted in S7. In S8, it is determined whether or not there is a response to the communication network disconnection request. If it is determined that there is a response to the communication network disconnection request (S8: YES), the mobile phone 2 is disconnected from the Internet network INT in S9, and the process is terminated. On the other hand, when it is determined that there is no response to the communication network disconnection request (S8: NO), the process returns to S7 and transmits the communication network disconnection request again.

  On the other hand, if the DL server 8 does not respond to the request for downloading the key application in S2, (S3: NO), in S10, 1 is set to the flag f1 which is set to zero in the initial setting of S1. to add. Then, in S11, it is determined whether or not the flag f1 has become 3. At this time, since the flag f1 is not 3 (S11: NO), the process returns to S2 and requests download of the key application again. At this time, if there is a response from the DL server 8 (S3: YES), the processing after S4 is executed.

  On the other hand, if it is determined that there is no response from the DL server 8 (S3: NO), 1 is added to the flag f1 in S10, and it is determined whether or not the flag f1 is 3 in S11. At this point, since the flag f1 is not 3 (S11: NO), the process returns to S2 to request download of the key application again. In S3, if there is a response from the DL server 8, the processing from S4 is executed. On the other hand, if it is determined that there is no response from the DL server 8 (S3: NO), 1 is added to the flag f1 in S10, and it is determined whether or not the flag f1 is 3 in S11. . At this time, since the flag f1 becomes 3 (S11: YES), the process proceeds to S12, an error message is displayed on the display unit 28 of the mobile phone 2, and then the mobile phone 2 is disconnected from the Internet network INT in S9. To finish the process.

FIG. 10 is a flowchart showing a process in which the DL server 8 downloads the key application to the mobile phone 2.
When the DL server 8 recognizes that the key application has requested the key application, the DL server 8 reads and executes the download program 17 stored in the HDD 14 into the RAM 13 and downloads the key application and key registration information to the mobile phone 2.

  That is, first, in S21 of FIG. 10, in response to the key application request, the mobile phone 2 is notified that the request for the key application has been recognized, and communication with the mobile phone 2 is established. Then, in S22, “key information” is read from the mobile phone 2, and in S23, it is determined whether or not the user of the mobile phone 2 has a proper authority to download the key application. If it is determined that the user of the mobile phone 2 has a legitimate authority to download the key application (S23: YES), in S24, the key application is read from the application DB 15 and the key registration information is registered as a key. Read from the information DB 16 and download to the mobile phone 2. In S26, an employee ID screen display instruction for instructing to display the employee ID screen on the display unit 28 of the mobile phone 2 is transmitted to the mobile phone 2, and whether or not the key registration information and the contents of the key application are correct. Encourage judgment. In S27, if there is no confirmation from the mobile phone 2 that the content displayed on the employee ID screen is correct (S27: NO), the process stands by.

  On the other hand, if there is confirmation that the content displayed on the employee ID screen from the mobile phone 2 is correct (S27: YES). In S28, it is determined whether there is a communication network disconnection request. If it is determined that there is no request for disconnecting the communication network (S28: NO), the process waits as it is. On the other hand, if it is determined that there is a communication network disconnection request from the mobile phone 2, a signal responding to the communication network disconnection request is transmitted to the mobile phone 2 in S29, and then the communication network is disconnected in S31. The process is terminated.

  In S23, when key authentication cannot be performed (S23: NO). An error message is displayed on the display unit 28 of the mobile phone 2 to inform the user of the mobile phone 2 that the key application cannot be downloaded. In S31, the communication network is disconnected.

E2. Key application activation process The screen display control system 1 activates the key application by transmitting a key application activation signal from the R / W 6 to the mobile phone 2 when the mobile phone 2 is held over the R / W 6 for authentication. Then, a predetermined screen is displayed on the display unit 28 of the mobile phone 2.

FIG. 11 is a flowchart showing key application activation processing on the R / W 6 side.
The R / W 6 always executes the application activation program 88 stored in the HDD 87. The R / W 6 performs polling at predetermined time intervals, and when there is a response from the mobile phone 2, performs R / W authentication and transmits display data to the mobile phone 2.

  That is, the R / W 6 first performs polling at predetermined time intervals in S31, and determines whether or not there is a response to the polling from the mobile phone 2 in S32. When it is determined that the response to the polling is not received from the mobile phone 2 (S32: NO), it waits while polling. On the other hand, if it is determined that the response to the polling is from the mobile phone 2 (S32: YES), the key registration information is read from the mobile phone 2 in S33. In S34, it is determined whether or not key authentication is possible. That is, the key registration information read from the mobile phone 2 is collated with the use right information written in the use right information writing unit 87, and if the key registration information matches the use right information, It is determined that the user has a legitimate authority to use office equipment, and key authentication is performed. If it is determined that key authentication cannot be performed (S34: NO), a buzzer is launched from the speaker 89 in S35 to inform the user of the mobile phone 2 that the personal authentication has failed, and the process returns to S31.

  On the other hand, if it is determined that key authentication is possible (S34: YES), the security object is controlled in S36. Then, in S37, it is determined whether or not there is display data for the mobile phone 2 performing communication. If there is no display data (S37: NO), the process proceeds to S40 as it is. On the other hand, if there is display data (S37: YES), after writing the display data to the IC chip 30 of the mobile phone 2 in S38, it is determined in S39 whether the display data has been successfully written. to decide. If it is determined that the display data has been successfully written (S39: YES), a key application activation signal is transmitted to the mobile phone 2 and the process returns to S31. On the other hand, if the writing of the display data fails, the key application of the mobile phone 2 is not activated at this time, and the mobile phone 2 cannot display a screen for displaying an error message or the like. A warning such as a warning sound or a warning message is generated from the speaker 89. As a result, the user of the mobile phone 2 learns that the display data writing is insufficient, and prompts the user to hold the mobile phone 2 over the R / W 6 and rewrite the display data. it can.

FIG. 12 is a flowchart showing key application activation processing on the mobile phone 2 side.
The mobile phone 2 is authenticated by holding it over the R / W 6, and a predetermined screen is automatically displayed on the display unit 28.

  That is, when the mobile phone 2 receives the polling request over the R / W 6, the mobile phone 2 transmits a response to the polling to the R / W 6 in S 51. Then, in S52, it is determined whether or not there is a key registration information read request from R / W6. If it is determined that there is no key registration information read request, the process returns to S52 and waits as it is. On the other hand, if it is determined that there is a key registration information read request, the key registration information is transmitted to the R / W 6 in S53. Then, in S54, it is determined whether or not there is a display data write request from R / W6. If it is determined that the display data write request is not received from R / W 6 (S54: NO), the process directly proceeds to S56.

  On the other hand, if it is determined that the display data write request is from the R / W 6 (S54: YES), the display data is stored in the write data memory 38 of the IC chip 30 in S55, and then the process proceeds to S56. . In S56, it is determined whether a key application activation signal is received from the R / W 6. If it is determined that the key application activation signal has not been received from the R / W 6 (S56: NO), the process returns to S56 and waits as it is. On the other hand, when it is determined that the key application activation signal has been received from the R / W 6 (S56: YES), the key application stored in the application common memory 37 of the IC chip 30 is activated in S57. In S58, the type of R / W6 (any of R / W6A to 6G) is detected, and in S59, a predetermined screen is automatically displayed on the display unit 28 of the mobile phone 2.

F. Description of Operation of Image Display Control System Next, the operation of the image display control system 1 of the present embodiment will be described with a specific example. FIG. 13 is a conceptual diagram showing an example of signal exchange in the image display control system 1 shown in FIG. 1, and signal exchange between the mobile phone 2 and the DL server 8, and between the mobile phone 2 and the entrance / exit management R / W 6A. Indicates. 14 is a conceptual diagram showing an example of signal exchange in the image display control system shown in FIG. 1, and shows signal exchange between the mobile phone 2 and the library R / W 6G.
As a precondition for the explanation of the operation, the user A of the mobile phone 2 is an employee of Company A ●● branch office, has the authority to unlock the entrance / exit door, and is stored in the storages 91A, 91C, 91G of the library 90 Have the authority to use the document.

  In order for the user A to authenticate himself / herself using the mobile phone 2 in the in-house network system 3, the user A needs to store the key application C and key registration information for unlocking the entrance / exit door and the archive 90. It is necessary to download the key application D and key registration information for unlocking the boxes 91A, 91C, 91G from the DL server 8.

Therefore, as shown in FIG. 13, the user A inputs the URI “http: //www.○. Ne.jp/□□c” to the mobile phone 2 and transmits the DL server 8 via the Internet network INT. To the DL server 8 to request communication start (see S2 in FIG. 10). When the DL server 8 responds to the communication start request from the mobile phone 2, communication is established between the mobile phone 2 and the DL server 8 (S3 in FIG. 9: YES, see S21 in FIG. 10). The DL server checks the URI input by the user A against a table stored in the application DB 14 and recognizes that the user A requests the download of the key application C. Also, the DL server 8 collates the URI and “key information” transmitted from the mobile phone 2 with the key registration information DB 16 to identify the key registration information. Then, the DL server 8 downloads the key application C and the specified key registration information to the mobile phone 2 (see S22, S23: YES, S24, S25 in FIG. 10).

  The mobile phone 2 stores the downloaded key application C in the application common memory 37 of the IC chip 30. In addition, the mobile phone 2 stores the downloaded key registration information in the key registration information common memory 36 of the IC chip 30 (see S4 in FIG. 9). When the mobile phone 2 receives a signal indicating that the data transmission has been completed from the DL server 8, the employee ID display screen shown in FIG. 15 is displayed on the display unit 28 (see S5 in FIG. 9). The user A checks the contents of the employee ID display screen to confirm whether the contents of the key registration information are correct, and if so, clicks a confirmation button (see S6 in FIG. 9: YES). Thereby, the mobile phone 2 determines that the download has been completed, and requests the DL server 8 to disconnect from the Internet network INT (see S7 in FIG. 9).

When the DL server 8 receives the confirmation of the contents of the key registration information from the mobile phone 2 and the communication network disconnection request, the DL server 8 responds to the communication network disconnection request (see S27 in FIG. 10: YES, S28).
. Thereby, the cellular phone 2 and the DL server 8 are disconnected from the Internet network INT, and the line is disconnected (see S9 in FIG. 9 and S29 in FIG. 10).

Here, since the key application C is an application related to the unlocking of the entrance / exit door, the user A holds the mobile phone 2 over the library 90 only by storing the key application C in the application common memory 37. The library 90 cannot be unlocked. Therefore, the user A has a URI “http: //www.○.ne.jp/◇◇di” on the mobile phone 2.
Is input to connect to the DL server 8 via the Internet network INT, and download of the key application D is requested. Since the download of the key application D and the key registration information is performed in the same procedure as the download of the key application C, illustration and description are omitted.

  Thus, the user A adds the key application C and the key application D to the application common memory 37 of the mobile phone 2 in a state where the key is locked (encrypted). In addition, the user A locks the key registration information related to unlocking the entrance / exit door and the key registration information related to unlocking the library in the key registration information common memory 36 of the mobile phone 2 (with encryption). To memorize). The EEPROM 35 is a readable / writable nonvolatile memory. Therefore, for example, when the user A loses the authority to unlock the entrance / exit door at a later date, the key application C can be deleted from the mobile phone 2. That is, the user A can arbitrarily add or delete the key application to or from the mobile phone 2 to expand or reduce the function of the mobile phone 2 for in-house security.

  When the key applications C and D are added to the cellular phone 2 as described above, the user A simply unlocks the entrance / exit door or holds the library 90 by simply holding the cellular phone 2 over the R / W 6A or 6G. Boxes 91A, 91C, 91G can be unlocked.

  That is, when the user A holds the mobile phone 2 over the entrance / exit management R / W 6A, the mobile phone 2 reads “key information” from the key information memory 39 of the IC chip 30 as shown in FIG. It transmits to R / W6A and responds with respect to polling of entrance / exit management R / W6A (refer S51 of FIG. 12). When the “key information” is for the mobile phone 2 used in the in-house security system 3, wireless communication is established between the mobile phone 2 and the entrance / exit management R / W 6A, and the entrance / exit management R / W A key registration information read signal is transmitted from W6A to mobile phone 2 (see S33 in FIG. 11).

  When the mobile phone 2 receives the key registration information reading signal from the entrance / exit management R / W 6A, the mobile phone 2 reads key registration information necessary for unlocking the entrance / exit door from the key registration information common memory 36 of the IC chip 30, and enters / exits management. It transmits to R / W6A (refer S53 of FIG. 12).

  The entry / exit management R / W 6A is preliminarily distributed from the management server 5 with the use authority information regarding the authority to unlock the entrance / exit door, and stores it in the use authority information writing unit 87. The entrance / exit management R / W 6A compares the key registration information received from the mobile phone 2 with the use authority information writing unit 87, and determines that the key authentication can be performed if there is use authority information that matches the key registration information. Then, an unlocking instruction is transmitted to the electronic lock of the entrance / exit door (see S34: YES, S36 in FIG. 11). Thereby, the entrance / exit door is unlocked.

Thereafter, the entrance / exit management R / W 6A accesses the display data DB 56 of the management server 5 and searches for “display data” for the user A. “Display data” input from the operation unit 77 of the client PC 4 is transmitted to the management server 5 and stored in the display data DB 56 of the management server 5. For example, when Taro Otono of □□ company visits user A during XX month XX day XX, “message M” is input to the operation unit of client PC 4 and the display data of management server 5 is displayed. Stored in the DB 56. In this case, when the entrance / exit management R / W 6A accesses the display data DB 56 of the management server 8 and searches for “display data” for the user A, “message M” is hit. Therefore, the entrance / exit management R / W 6A reads “message M” from the management server 5 and writes “message M” to the IC chip 30 of the mobile phone 2 (see S37 in FIG. 11: YES, S38).

  The mobile phone 2 stores the message M written from the entry / exit management R / W 6A in the write data memory 38 (see S54 in FIG. 12, YES, S55).

  The entrance / exit management R / W 6A, when writing “message M” to the mobile phone 2, determines whether or not the writing of “message M” has succeeded (see S39 in FIG. 11). For example, if the user A holds the mobile phone 2 over the entrance / exit management R / W 6A for a short time, the entrance / exit management R / W 6A may not be able to write the “message M”. In this case, the entrance / exit management R / W 6A issues a warning and informs the user that “Message M” could not be written to the mobile phone 2 (see S39 in FIG. 11: NO, S41). On the other hand, when the entry / exit management R / W 6A succeeds in writing the “message M”, the entry / exit management R / W 6A transmits a key application activation signal for activating the key application C to the mobile phone 2 (S39 in FIG. 11: YES, S40). reference).

  When receiving the key application activation signal from the entrance / exit management R / W 6A, the cellular phone 2 reads the key application C from the application common memory 37, stores it in the RAM 33, and executes it (see S56 in FIG. 12, YES, S57). When the key application C is executed, the mobile phone 2 reads “message M” from the write data memory 38 of the IC chip 30 and displays “message M” 105 on the screen of the display unit 28 as shown in FIG. (See S58 and S59 in FIG. 12). When the “message M” is displayed on the screen, it is automatically deleted from the write data memory 38 to free up a storage area.

  Further, as shown in FIG. 14, when the user A holds the mobile phone 2 over the library R / W 6G, the electronic lock 94 of the predetermined storage box 91 is unlocked on the condition that the user is authenticated. That is, the key registration information received by the library R / W 6G from the mobile phone 2 includes the “unlocking door ID” that identifies the storage boxes 91A, 91C, 91G that the user can unlock. The R / W 6G unlocks the electronic lock 94 of the storage boxes 91A, 91C, 91G by authenticating the “unlocking door ID” (see S31, S32: YES, S33, S34: YES, S36 in FIG. 11). ). Thereby, the user A can take out the documents stored in the storage boxes 91A, 91C, 91G.

  Here, the library 90 detects the IC tag 93 attached to the document with the antenna 92 and records the detection result in the management server 5. The record is stored in the display data DB 56 as “document history” and is displayed to the person using the archive 90. Therefore, when the library R / W 6G accesses the display data DB 56 of the management server 5 and searches for display data addressed to the user A, “document usage history” is hit. Therefore, the library R / W 6G acquires the “document usage history” from the management server 5 and writes it in the mobile phone 2. (See S37 in FIG. 11: YES, S38)

  The mobile phone 2 stores the “document usage history” written from the archive R / W 6G in the write data memory 38 (see S54 in FIG. 12: YES, S55).

  When the archive R / W 6G has successfully written the “document usage history”, the archive R / W 6G transmits a key application activation signal for activating the key application D to the mobile phone 2 (see S39 in FIG. 11: YES, S40).

  When the cellular phone 2 receives the key application activation signal from the archive R / W 6G, the cellular phone 2 reads the key application D from the application common memory 37, stores it in the RAM 33, and writes it in the write data memory 38 as shown in FIG. "Document usage history" is displayed on the display unit 28 of the mobile phone 2 (see S56: YES, S57, S58, S59 in FIG. 12).

  The library 90 may be locked by the user back after unlocking the storage boxes 91A, 91C, 91G, or the user back closed the doors of the storage boxes 91A, 91C, 91G. May be detected and automatically locked.

G. Operational Effects of Image Display Control System, Authentication System, and DL Server The image display control system 1 first downloads a key application and key registration information from the DL server 8 to the mobile phone 2. By downloading the key application to the mobile phone 2, it becomes possible to associate the office device of the in-house security system 3 with the mobile phone 2 and display a predetermined screen on the display unit 28 of the mobile phone 2. Here, “predetermined screen” means, for example, private matters, public matters, matters related to security protection objects, such as planned visit date and time, internal notices, document usage history, PIN number input screen, security A screen that displays protection-related matters. Further, by downloading the key registration information to the mobile phone 2, it is possible to confirm the authority to use the office equipment constituting the in-house security system 3 using the mobile phone 2.

  When the mobile phone 2 that has downloaded the key application and the key registration information is held over the R / W 6, the IC chip 30 and the R / W 6 communicate with each other, and the presence / absence of the authority to use the office equipment is authenticated. When the R / W 6 authenticates that the user of the mobile phone 2 has the right to use, the R / W 6 transmits a key application activation signal to the mobile phone 2. When receiving the key application activation signal, the cellular phone 2 activates the downloaded key application and automatically displays a predetermined screen on the display unit 28.

When using an IC card, it is necessary to create an IC card for each office device such as an entrance / exit door, a desk, a locker, and a library, which places a burden on the system user in terms of cost and management. However, since the image display control system 1 of the present embodiment can download a plurality of key applications from the DL server 8 to the mobile phone 2 and store them in the application common memory 37 of the IC chip 30, Can be managed by one mobile phone 2.
In addition, when information is to be transmitted to the user when entering or leaving the room or when taking out the document from the library 90, information cannot be displayed on the IC card, so it is necessary to provide a liquid crystal panel in the card reader. However, since the image display control system 1 of the present embodiment displays a message display screen, a history screen, and the like as predetermined screens on the display unit 28 of the mobile phone, an inexpensive R / W 6 without a liquid crystal display can be applied to the system. .
In addition, in the system using the Internet network or infrared rays, the mobile phone 2 is operated to establish communication, and then a predetermined screen is displayed on the liquid crystal display. It was not possible to use. However, the image display control system 1 according to the present embodiment is configured such that the mobile phone 2 directly communicates with the R / W 6 just by holding the mobile phone 2 over the R / W 6, and a predetermined screen (in this embodiment, (Message M, document usage history) is automatically displayed, so that the operability is good, the system can be operated even when the mobile phone 2 is out of service area, and when the mobile phone 2 communicates with the R / W 6 No communication costs are incurred.

Therefore, according to the image display control system 1 of the present embodiment, by using the mobile phone 2 incorporating the IC chip 30, added value that could not be realized by using a key using an IC card or the Internet network INT, etc. It is possible to improve the convenience for the user and reduce the cost.

  Further, according to the image display control system 1 of the present embodiment, the R / W 6 is connected to the management server 5 via the in-house LAN 7, and communicates with the mobile phone 2 to give the user of the mobile phone 2 office equipment. When it is authenticated that the user has the right to use, the display data is read from the management server 5 and written to the mobile phone 2, and then the key application activation signal is transmitted to the mobile phone 2. When the mobile phone 2 starts the key application, it reads out the written display data and displays it on the display unit 28. Therefore, according to the image display control system 1 of the present embodiment, even when the storage capacity of the R / W 6 is small, the display data is stored in the management server 5 and appropriately displayed on the display unit 28 of the mobile phone 2. Can do.

  The authentication system according to the present embodiment includes the mobile phone 2 and the R / W 6. When the mobile phone 2 is held over the R / W 6, the IC chip 30 communicates with the R / W 6, and the authority to use office equipment is obtained. Existence is authenticated. When the R / W 6 authenticates that the user of the mobile phone 2 has the right to use, the R / W 6 transmits a key application activation signal to the mobile phone 2. When the cellular phone 2 receives the key application activation signal from the R / W 6, it activates the key application stored in the application common memory 37 and automatically displays a predetermined screen on the display unit 28. For this reason, when using the IC card and the personal identification number to authenticate the use authority, information cannot be displayed on the IC card. Therefore, it is necessary to provide a liquid crystal panel for displaying an input screen on the card reader. Displays an input screen for a personal identification number on the display unit 28 of the mobile phone 2, so that an inexpensive R / W 6 without a liquid crystal display can be applied to the system. In addition, in the system using the Internet network INT and infrared rays, the mobile phone 2 is operated to establish communication, and a predetermined screen is displayed, so that the operability is poor and the communication cost is high, and it is used outside the service area. Although not possible, the authentication system according to the present embodiment, by simply holding the mobile phone 2 over the R / W 6, the mobile phone 2 communicates directly with the R / W 6 and automatically displays a predetermined screen on the display unit 28. Therefore, the operability is good, the system can be operated even when the mobile phone 2 is outside the service area, and no communication cost is incurred when the mobile phone 2 communicates with the R / W 6.

  Therefore, according to the authentication system of the present invention, the use of the mobile phone 2 incorporating the IC chip 30 gives added value that could not be realized with an IC card or a key using the Internet, and is convenient for the user. Improvement and cost reduction can be achieved.

  In addition, according to the DL server 8 of the present embodiment, when there is a request for downloading a key application from the mobile phone 2, the mobile phone 2 can carry the mobile phone based on the identifier (key information) built into the IC chip 30 of the mobile phone 2. A key application for associating the telephone 2 with an office device to display a predetermined screen on the mobile phone 2 and key registration information corresponding to the use authority are downloaded to the mobile phone 2. Therefore, when using an IC card, it was necessary to create and possess an IC card for each office device. However, the DL server 8 of this embodiment stores a key application and key registration information in one mobile phone 2. Since downloading is performed as appropriate, the mobile phone 2 can have a plurality of key applications and key registration information. Also, when managing multiple key applications with one 1C card, it was necessary to go to a place where the dedicated machine is located during business hours and add or delete the key application to the dedicated machine through the IC card. The DL server 8 of the present embodiment downloads a key application and key registration information via the Internet network INT in response to a request from the mobile phone 2, and the downloaded key application and key registration information operate the mobile phone 2. Therefore, the location and time for adding or deleting the key application and key registration information are not limited, and convenience is good.

  Therefore, according to the DL server 8 of the present embodiment, the use of the mobile phone 2 incorporating the IC chip 30 gives added value that could not be realized with the IC card, and improved convenience and cost for the user. Reduction can be achieved.

H. Second Embodiment Next, a second embodiment of the present invention will be described with reference to the drawings.
The image display control system according to the second embodiment is the first in that the PIN as a personal identification number is input, whether or not the user of the mobile phone 2 is a valid user, and the security level is raised. This is different from the image display control system 1 of the embodiment. Therefore, here, it demonstrates centering on a different point from 1st Embodiment, and attaches | subjects the same code | symbol as 1st Embodiment to drawing in common, and abbreviate | omits description suitably.

H1. Key Application Activation Processing with PIN Input FIG. 18 is a flowchart showing key application activation processing on the R / W 6 side in the image display control system according to the second embodiment.
The R / W 6 transmits the key application activation signal to the mobile phone 2 after performing the user authentication basically in the same manner as in the first embodiment, but prompts the user of the mobile phone 2 to enter the PIN after the user authentication. ing.

  That is, if the R / W 6 determines that the key authentication has been successful (S34: YES), it transmits a key application activation signal to the mobile phone 2 in S200. In step S201, the mobile phone 2 is requested to perform PIN authentication. In step S202, a PIN authentication result is acquired. In S203, it is determined whether or not the PIN authentication is performed by the mobile phone 2. When it is determined that the PIN authentication has been performed by the mobile phone 2 (S203: YES), the processing after S36 is performed. On the other hand, if it is determined that the PIN authentication could not be performed by the mobile phone 2 (S203: NO), after adding 1 to the retry count r in S204, it is determined whether or not the retry count r is 3 in S205. To do. If the retry count r is not 3 (S205: NO), in S206, an instruction to display the PIN input and frontage designation screen is transmitted to the mobile phone 2, and the process returns to S201. On the other hand, if the retry count r is 3 (S205: YES), the retry count r is reset to zero in S207, and then the process ends.

FIG. 19 is a flowchart showing key application activation processing on the mobile phone 2 side in the image display control system according to the second embodiment.
After transmitting the key registration information in S53, the mobile phone 2 determines whether or not a key application activation signal has been received in S210. While the key application activation signal is not received from the R / W 6 (S210: NO), it waits as it is. On the other hand, when the key application activation signal is received from the R / W 6 (S210: YES), the key application is activated in S211. In step S212, it is determined whether a PIN authentication request has been received from the R / W 6. If it is determined that the PIN authentication request has not been received (S212: NO), the process stands by until there is a PIN authentication request. On the other hand, if it is determined that the PIN authentication request has been received (S212: YES), it is determined whether or not the PIN authentication is possible in S213, and the determination result is transmitted to the R / W 6. The PIN authentication is determined based on whether or not the PIN set in the mobile phone 2 (included in the key registration information) matches the PIN input to the mobile phone 2. In step S214, it is determined whether an instruction to display a PIN input and frontage designation screen is received from the R / W 6. If it is determined that the instruction to display the PIN input and frontage designation screen is not received from the R / W 6 (S214: NO), the process proceeds to S54 as it is.

On the other hand, if it is determined that an instruction to display the PIN input and frontage designation screen has been received from the R / W 6 (S214: YES), the PIN input and frontage designation screen is displayed on the display unit 28 in S215. Then, in S216, it is determined whether the PIN and frontage designation are input on the PIN input and frontage designation screen using the operation unit 29 of the mobile phone 2 and transmitted to the R / W 6 or not. When the PIN and frontage designation are input (S216: YES), the process returns to S213. On the other hand, when the PIN and the frontage designation are not input (S216: NO), the process waits as it is.

H2. Description of Operation of Image Display Control System Next, the operation of the image display control system of the second embodiment will be described. FIG. 20 is a diagram showing an example of signal exchange in the image display control system according to the second embodiment, and particularly shows signal exchange between the mobile phone 2 and the library R / W 6G.
In the description of the operation of the present embodiment, the case where the user A uses the library 90 will be described as an example, as in the first embodiment.

  As shown in FIG. 20, when the user A downloads the key application C, the employee ID display screen shown in FIG. 15 is displayed on the display unit 28 of the mobile phone 2. On the employee ID display screen, an employee ID 101 is displayed with a photo, an “END” button 102 for informing the DL server 8 of content confirmation, and an “INFO” button 103 for displaying information, are displayed. “PIN input with enter key” 104 and “notification icon” 100 displayed in blue when the PIN has been input and displayed in red when the PIN has not been input are displayed. When the user A sees that the “notification icon” on the employee ID display screen is displayed in red and inputs the PIN in advance, the mobile phone 2 with the employee ID display screen displayed. By pressing the enter key in the operation unit 29, the PIN input screen can be displayed.

  The PIN input screen shown in FIG. 21 includes a PIN input column 201 for setting a PIN, a device setting column 202 for setting a device, a door setting column 203 for setting a door to be unlocked, and an “end” button for forcibly terminating the PIN input. 204. A “decision” button 205 for determining the setting contents is displayed. The device setting column 202 and the door setting column 203 are set in advance according to “device ID” and “unlocking door ID” included in the key registration information, but the PIN input column 201 is blank. Therefore, the user A uses the operation unit 29 of the mobile phone 2 to input a 4-digit number in the PIN input field 201 and clicks the “OK” button 205. If the PIN is not properly entered in the PIN entry field 201, an error message is displayed on the display unit 28 to prompt the user to reset the PIN. On the other hand, when the PIN is appropriately input in the PIN input field 201, the PIN is stored in the PIN memory 40 of the IC chip 30.

  Thereafter, when the user A holds the mobile phone 2 over the library R / W 6G, the library R / W 6G determines whether the key authentication (person authentication) can be performed. When the key R can be authenticated, the library R / W 6 activates the key application of the mobile phone 2 and requests the mobile phone 2 for PIN authentication (see S34: YES, S200, S201 in FIG. 18). The reason for requesting the PIN authentication is to confirm whether the user A of the mobile phone 2 is a valid owner of the mobile phone 2 or not.

  When the mobile phone 2 starts the key application, the PIN is stored in the PIN memory 40, and it is determined whether or not the unlocking door is specified. If the PIN input and the front door are specified, the PIN is entered. It is determined whether or not the PIN stored in the memory 40 matches the PIN set in the mobile phone 2. When the PIN stored in the PIN memory 40 matches the PIN set in the mobile phone 2, it is determined that the PIN authentication has been performed, and the determination result to that effect is transmitted to the library R / W 6G (FIG. 19). S210, S211, S212: YES, see S213).

  When the archive R / W 6G receives the authentication signal indicating that the PIN authentication has been made from the mobile phone 2, the designated storage boxes 91A, 91C, 91G of the archive 90 are unlocked. "History" is acquired and written in the IC chip 30 of the mobile phone 2 (see S203: YES, S36, S37: YES, S38 in FIG. 18).

  On the other hand, there is a case where the user A inputs a PIN before using the library 90 and does not store it in the PIN memory 40 or inputs an incorrect PIN. In this case, since the mobile phone 2 cannot authenticate the PIN, the mobile phone 2 transmits a determination result indicating that the PIN authentication cannot be performed to the library R / W 6G (see S213 in FIG. 19).

  When the archive R / W 6G receives the determination result indicating that the PIN authentication cannot be performed from the mobile phone 2, it gives the mobile phone 2 an instruction to display the PIN input and the frontage designation screen (see S206 in FIG. 18).

  The cellular phone 2 displays the PIN input and frontage designation screen shown in FIG. On the PIN entry and frontage designation screen, a “PIN input field” 211 for inputting a PIN, a “frontage designation field” for displaying a usable frontage, an “end” button 213 for forcibly closing the screen, and confirming input contents “ The “OK” button 214 is displayed. The user A uses the operation unit 29 of the mobile phone 2 to enter the PIN in the PIN input field 211 on the PIN input and frontage designation screen, and designates the frontage to be unlocked from the frontage designation field 212. When the “OK” button 214 is clicked, the mobile phone 2 determines whether PIN authentication can be performed using the entered PIN. If it is determined that the PIN authentication can be performed based on the input PIN, the mobile phone 2 transmits a determination result indicating that the PIN authentication is possible to the library R / W 6G (see S214: YES, S215, S216: YES, S213 in FIG. 19). . On the other hand, if it is determined that PIN authentication cannot be performed with the input PIN, a determination result indicating that the PIN cannot be input is transmitted to the R / W 6G (see S214: YES, S215, S216: YES, S213 in FIG. 19).

  In the present embodiment, PIN input is permitted up to three times in order to ensure security. When the user A continues to input the PIN and fails three times, the library R / W 6G forcibly ends the key application download process (see S204, S205: NO, S207 in FIG. 18).

H3. Effects of the Image Display Control System and the Authentication System According to the image display control system of the present embodiment, when the PIN is preset in the mobile phone 2 and the key application is activated, the display unit 28 of the mobile phone 2 is activated. Since the PIN input screen is displayed to prompt the user to enter the PIN, and the PIN input by the user and the PIN set in the mobile phone 2 are collated to determine whether or not authentication is possible. In addition to lock authentication by 30, PIN authentication can be performed to raise the security level.

  Further, according to the image display control system of the present embodiment, for example, when the user A does not input a PIN and the user wants to take out a document from the storage box 91C, the user A of the mobile phone 2 stores the library. After authenticating that the user has authority to use 90, when the PIN input for entering the PIN and frontage and the frontage designation screen (see FIG. 22) are displayed on the mobile phone 2, the user A When the front door number of the PIN and the storage box 91C is input using the operation unit 29 and is held over the library R / W6G, the library R / W6G unlocks the electronic lock 94 of the storage box 91C corresponding to the designated front door. Since the user A can use the storage box 91C, it is possible to use the operation unit 29 of the mobile phone 2 without using an operation unit such as a numeric keypad or a touch panel in the archive R / W 6G. No. and frontage number of the storage box 91C can enter, it is possible to reduce the cost by applying inexpensive archive R / W6G not an operation unit in the system.

I. Third Embodiment Next, a third embodiment of the present invention will be described with reference to the drawings.
The image display control system of the third embodiment is different from the image display control system 1 of the first embodiment in that use authority is temporarily lent to another person. Therefore, here, it demonstrates centering on a different point from 1st Embodiment, and attaches | subjects the same code | symbol as 1st Embodiment to drawing in common, and abbreviate | omits description suitably.

I1. Key Temporary Lending Process FIG. 23 is a flowchart showing a key temporary lending process on the DL server 8 side in the image display control system according to the third embodiment.
When the DL server 8 responds to the key registration information rewrite request received from the mobile phone 2 in S311, the DL server 8 reads “key information” from the mobile phone 2 in S312 and determines whether or not key authentication can be performed in S23. If key authentication can be performed (S23: YES), an instruction to display the key registration information rewriting screen on the display unit 28 of the mobile phone 2 is transmitted to the mobile phone 2 in S313. In step S <b> 314, it is determined whether rewrite information is received from the mobile phone 2. When the rewrite information is not received from the mobile phone 2 (S314: NO), the process stands by until the rewrite information is received. On the other hand, when the rewrite information is received from the mobile phone 2 (S314: YES), the existing key registration information is rewritten in S315. In S316, an instruction to display a rewrite content confirmation screen for displaying the rewritten key registration information on the display unit 28 of the mobile phone 2 is given to the mobile phone 2, and in S317, the rewrite content is accepted from the mobile phone 2. It is determined whether or not a signal to that effect has been received. When a signal indicating acceptance of the rewrite content is received from the mobile phone 2 (S317: YES), the key registration information is updated to the rewritten one in S318. If a signal indicating acceptance of the rewrite content is not received from the mobile phone 2 (S317: NO), the process returns to S313 to prompt the user to re-enter the rewrite content.

FIG. 24 is a flowchart showing a temporary key lending process on the mobile phone 2 side in the image display control system according to the third embodiment.
After the initial setting in S1, the mobile phone 2 requests the DL server 8 to rewrite the key registration information in S301. When there is a response to the key registration information rewrite request from the DL server 8 in S3, the key registration information rewrite screen instruction is received from the DL server 8 and the key registration information rewrite screen is displayed on the display unit 28 in S302. In S303, the rewriting information is input to the key registration information rewriting screen using the operation unit 29 of the mobile phone 2, and is transmitted to the library R / W 6G.

  When the mobile phone 2 receives a rewrite content confirmation screen display instruction from the library R / W 6G in S304, the mobile phone 2 displays a screen for displaying the rewrite content on the display unit 28. In S305, it is determined whether or not to approve the rewriting content. The approval of the rewrite content is determined by whether or not the “approval” button displayed on the rewrite content confirmation screen is clicked. When approving the contents of rewriting (S305: YES), the communication network is requested to be disconnected in S7. On the other hand, if the rewrite content is not approved (S305: NO), the process returns to S302 to prompt the re-input of rewrite information.

I2. Key Application Activation Process FIG. 25 is a flowchart showing a key application activation process on the R / W side in the image display control system according to the third embodiment.
If the key authentication can be performed (S34: YES), the R / W 6 determines whether or not the use count flag f2 is equal to or less than the use count limit n in S321. If the use count flag f2 is equal to or less than the use count limit n (S321: YES), in S322, it is determined whether or not the key is within the valid period of use. If it is within the expiration date (S322: YES), the security object is controlled in S36.

On the other hand, if the use count flag f2 is not equal to or less than the use count limit n (S321: NO), the person has lost the authority to use the library 90, and thus the process is terminated. Even if the use count flag f2 is less than or equal to the use count limit n (S321: YES), if the expiration date has passed (S322), the person has lost the authority to use the library 90. The process is terminated as it is.

FIG. 26 is a flowchart showing key application activation processing on the mobile phone 2 side in the image display control system according to the third embodiment.
The mobile phone 2 activates the key application, displays a predetermined screen on the display unit 28 (S57, S58, S59), and then adds 1 to the use count flag f2. As a result, the fact that the person who has accessed the R / W 6 has used the library 90 is recorded in the IC chip 30.

I3. Description of Operation of Image Display Control System Next, the operation of the image display control system of the third embodiment will be described.
As a precondition for explaining the operation of the image display control system of the present embodiment, it is necessary for the user A to check the contents of documents stored in the storage box 91A of the library 90 while going out. An example will be given in which a subordinate who does not have a document takes out a document and confirms the contents.

  The user A connects the cellular phone 2 to the DL server 8 via the Internet network INT and requests rewriting of the key registration information (see S301 in FIG. 24). Then, data related to the key registration information rewriting screen is transmitted from the DL server 8 to the mobile phone 2, and the key registration information rewriting screen is displayed on the display unit 28 of the mobile phone 2 (S 311, S 312, S 23 in FIG. 23: YES, (See S313). Using the operation unit 29 of the mobile phone 2, the user A uses the “ID” of the user A, “ID” of the subordinate B, “PIN” of the user A, “equipment ID” of the library 90, The key is the "unlocking door ID" of the storage box 91A, the "lending expiry date" for lending the key (for example, 1 month to 15:00 on the month, month, day 1), and the "usage number n" (for example, 3 times) that the key can be used The registration information rewriting screen is input, and the input content is transmitted as “rewriting information” to the DL server 8 (see S302 and S303 in FIG. 24).

  When the DL server 8 receives the “rewrite information” from the mobile phone 2, the DL server 8 reads the key registration information of the user “A”, rewrites the existing key registration information according to the “rewrite information”, and confirms the rewritten key registration information. Data relating to the prompting confirmation screen for rewriting content is transmitted to the mobile phone 2 (see S315 and S316 in FIG. 23).

  The user A confirms the content of the “rewrite content confirmation screen” displayed on the display unit 28 of the mobile phone 2 and clicks the “approval” button if it is correct. Thereby, the mobile phone 2 transmits a signal notifying that the user A has approved the rewritten key registration information to the R / W 6 (see S304 and S305 in FIG. 24: YES).

  When the R / W 6 receives a signal indicating that the rewritten key registration information has been approved from the mobile phone 2, the R / W 6 updates the rewritten key registration information (see S317 in FIG. 23: YES, S318). As a result, the key used by the user A to use the storage box 91A of the library 90 is temporarily lent to his subordinates under the restriction conditions (number of uses, use expiration date).

  The rewritten key registration information is encrypted and transmitted to the management server 5. The management server 5 changes and registers the usage authority information in the usage authority information DB 57 according to the contents of the key registration information rewritten. Thereafter, the management server 5 distributes the rewritten use authority information to the archive R / W 6G. As a result, the library R / W 6 recognizes that the user A has been temporarily granted to his subordinates the authority to unlock the storage box 91A of the library 90.

Thereafter, the user A informs his subordinate that the key has been temporarily lent, confirms the contents of the documents stored in the storage box 91A of the library 90, and instructs the user A to contact the user A.

  The subordinate B connects the mobile phone 2 ′ to the DL server 8 and acquires the key application D and key registration information. The DL server 8 stores the “authentication ID” of the subordinate B along with the “authentication ID” of the user A when rewriting the key registration information, and recognizes that the key of the user A is lent to the subordinate B. ing. Therefore, when the subordinate B accesses the DL server 8 from the mobile phone 2 ′ and requests download of the key application D, the key registration information of the user A is downloaded to the mobile phone 2 ′ together with the key application D.

  When the subordinate B holds the mobile phone 2 'downloaded with the key application and key registration information over the archive R / W 6G, it is determined whether the key registration information is read out to the R / W 6G and can be authenticated. Since the user's key registration information is downloaded to the subordinate's mobile phone 2 ', when the subordinate's mobile phone 2' is held over, the key authentication information is stored based on the user's key registration information. The electronic lock 94 of the box 91A is unlocked (S321: YES in FIG. 25, S322: YES, S36, see S313 in FIG. 26). As a result, the subordinate B can take out the documents stored in the storage box 91A, confirm the contents, and contact the user A.

When the subordinate B unlocks the storage box 91A three times, even if he or she tries to unlock the storage box 91A by holding the mobile phone 2 'over the library R / W6G, the number of uses n set by the user A is set. Since it exceeds (three times), the storage box 91A cannot be unlocked.
Further, even if the subordinate B has not unlocked the storage box 91A three times, the storage box 91A is unlocked at 16:00 on the month, month, day, 16:00, after the expiration date (1 month to 15:00). Therefore, the storage box 91A cannot be unlocked even if the mobile phone 2 ′ is held over the library R / W 6G (see S321: NO, S322: NO in FIG. 25).

I4. Effects of Image Display Control System and DL Server According to the image display control system of the present embodiment, the key registration information includes the number of uses n for restricting the use of office equipment and the use expiration date (restriction condition). However, based on the key registration information received from the mobile phone 2, it is determined whether the mobile phone 2 communicates with the R / W 6 within the range of the number of uses and the range of the use expiration date. When communicating with the R / W 6 within the range of the number of uses n and the range of the expiration date of use, a key application activation signal is transmitted to the mobile phone 2, and a predetermined screen is displayed on the display unit 28 of the mobile phone 2. On the other hand, when the mobile phone 2 is not communicating with the R / W 6 within the range of the number of uses n or within the range of the use expiration date, the key application activation signal is not transmitted, and the display unit 28 of the mobile phone 2 is displayed. A predetermined screen. Since it is not shown, the office equipment cannot be used beyond the number of times of use n or the valid use period, and the security level is improved.

  In the image display control system of the present embodiment, the DL server 8 identifies the mobile phone 2 based on the IC chip 30 built in the mobile phone 2, and the key registration involving the mobile phone 2 by the operation of the mobile phone 2 is performed. Since the authentication ID of the user A included in the information is rewritten to the authentication ID of the subordinate B and the rewritten key registration information is transmitted to the R / W 6 via the Internet network INT, the management server 5 and the in-house LAN 7, for example, the subordinate When the user holds his / her mobile phone 2 'over the R / W 6, the use is permitted even for office equipment that is not originally authorized for use. Therefore, the image display control system of this embodiment can lend the use authority of office equipment temporarily to others using the mobile phone 2, and is convenient.

J. et al. Modifications The present invention is not limited to the above-described embodiment, and various applications are possible.
(1) For example, in the above-described embodiment, the image formation control system, the authentication system, and the application management apparatus have been described for the in-house network 3, but the present invention may be applied to general households and schools. For example, when the image forming control system is used in a general home, the parent creates a message addressed to the child by the client server 4 and stores it in the management server 5, the child returns home, and the mobile phone 2 is connected to the entrance. When holding it over the R / W6 attached to the door, the door is unlocked, and a message from the parent (for example, “Since you are out, dinner is in the refrigerator.” ") May be displayed on the screen. In this case, when the management server 5 detects that the R / W 6 has written a message on the mobile phone 2, the management server 5 creates and sends an e-mail notifying that the child has returned home to the parent mobile phone. May be. As a result, the parent can know the child's return time even when he / she is away from home. Also, for example, when using an image formation control system in a school, a message from the school when a student holds the mobile phone 2 over the R / W 6 provided on the entrance / exit door and unlocks the entrance / exit door. (For example, “XX month XX day (Wednesday) 2nd period is closed”) may be displayed on the display unit 28 of the mobile phone 2.

(2) In the above embodiment, Company A ●● branch internal network 3 is targeted, but as shown in FIG. 27, in addition to the key application and key registration information corresponding to Company A ●● branch, Company A The key application and key registration information corresponding to the branch office may be stored in the mobile phone 2 so that the screen of the company company's internal network 3A of the branch office A can be displayed at the time of personal authentication. In this case, if the user obtains the key application and key registration information before making a business trip to the branch office, regardless of the business hours of the business trip destination, etc., the user can enter or leave the branch office or use office equipment. can do.

(3) In the second embodiment, the screen for the user A to select and input the storage box (frontage) of the library is displayed on the mobile phone 2, but the layout of the library is displayed as image data, and the image data A frontage that can be used by the user may be displayed above, and a frontage to be unlocked may be specified from among the frontage where the user back is displayed. In this case, it is not necessary for the user A to remember the front door number of the library, which is convenient. In the second embodiment, the frontage is designated when the PIN input is inappropriate. However, a screen for designating the frontage may be displayed on the mobile phone 2 regardless of the presence or absence of the PIN input. . In this case, since only the frontage specified by the user A is unlocked, it is possible to prevent the user A from forgetting to lock the unlocked frontage after taking out the document or the like.

(4) In the second embodiment, the PIN is set as a four-digit number, but it may be set in English letters, hiragana, kanji, etc. by the operation unit 29 of the mobile phone 2. In this case, PIN variations are widened and the security level is improved.

(5) In the third embodiment, the subordinate B can unlock the library 90 only by holding the mobile phone 2 '. However, the subordinate B may be further prompted to enter a PIN and raise the security level. .

  In the above embodiment, the processes of S37 to S39 correspond to “display data writing means”, S55 to S59 correspond to “display control means”, and S321 to S322 and S36 of FIG. It corresponds to “control means”, S314 to S318 correspond to “key registration information rewriting means”, and S319 corresponds to “transmission means”.

1 is a schematic configuration diagram of an image display control system according to a first embodiment of the present invention. It is an electrical block diagram of the DL server shown in FIG. It is a figure which shows the data structure of application DB. It is a figure which shows the data structure of key registration information DB. It is an electrical block diagram of the mobile phone shown in FIG. FIG. 6 is an electrical block diagram of the IC chip shown in FIG. 5. It is an electrical block diagram of the in-house security system shown in FIG. It is an external appearance perspective view of a library. It is a flow which shows the process in which a mobile telephone downloads a key application. It is a flowchart which shows the process in which a DL server downloads a key application to a mobile phone. It is a flowchart which shows the key application starting process by the side of R / W. It is a flowchart which shows the key application starting process by the side of a mobile telephone. It is a conceptual diagram which shows an example of signal transmission / reception in the image display control system shown in FIG. 1, Comprising: Signal transmission / reception with a mobile telephone and DL server and a mobile telephone and entrance / exit management R / W is shown. It is a conceptual diagram which shows an example of signal transmission / reception in the image display control system shown in FIG. 1, Comprising: Signal transmission / reception with a mobile telephone and library R / W is shown. It is a figure which shows an employee ID display screen. It is a figure which shows a message display screen. It is a figure which shows a log | history display screen. It is a flowchart which shows the key application starting process by the side of R / W in the image display control system which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the key application starting process by the side of a mobile telephone in the image display control system which concerns on 2nd Embodiment of this invention. It is a figure which shows an example of signal transmission / reception in the image display control system which concerns on 2nd Embodiment of this invention, and shows signal transmission / reception especially with a mobile telephone and library R / W. It is a figure which shows a PIN input screen. It is a figure which shows a PIN input and frontage designation | designated screen. It is a flowchart which shows the temporary lending process of the key in the DL server side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the temporary lending process of the key in the mobile telephone side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the key application starting process in the R / W side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the key application starting process in the mobile telephone side in the image display control system which concerns on 3rd Embodiment of this invention. It is a modification of the image display control system of this invention.

Explanation of symbols

1 Image display control system 2 Mobile phone 3 Internal security system 6 R / W (authentication equipment)
8 DL server (application management device)
30 IC chip (non-contact integrated circuit)
90 Library (Security protection object)

  The present invention relates to an authentication system, a reader / writer device, and a storage for performing personal authentication when using an object to be protected.

  In recent years, security protection for objects and information has been strongly demanded. As a means for security protection, for example, in the techniques described in Patent Literature 1 to Patent Literature 5, personal authentication is performed when a security protection object is used.

  The key management device described in Patent Document 1 authenticates a user using an IC card and permits use of a key stored in a key box. The key box includes a plurality of boxes for individually storing keys, and an electronic lock is attached to each door of the box. A card reader is attached to the key box. When the user passes the IC card through the card reader, the key management device acquires the IC card data, sends it to the management center, and receives a signal from the management center indicating that the user has been authenticated as a member. Then, a password input guide and a touch panel are displayed on the screen of the card reader. When the user enters a password using the touch panel, the key management device sends the password to the management center, receives a signal from the management center indicating that the password has been authenticated, and further includes a guidance for specifying the vehicle number and the touch panel. Is displayed on the card reader screen. Then, when the user inputs a car number to the card reader, the key management device unlocks the door of the box that stores the car key corresponding to the car number and makes the key usable.

The authentication system described in Patent Document 2 performs personal authentication using a mobile phone and unlocks the door. The mobile phone stores an identification number for unlocking the door in a memory, and transmits the identification number to the receiving device by infrared rays by a user's operation. When the receiving apparatus authenticates the identification number, the receiving apparatus transmits a signal notifying that the identification number is valid to the electronic lock attached to the door, and unlocks the electronic lock.

  The garage door opening / closing system described in Patent Document 3 performs personal authentication using a mobile phone, and locks or unlocks the garage door. When the user parks the car in front of the garage door and makes a call from the mobile phone to the communication device to connect to the garage door opening / closing system homepage, the user will be prompted to enter the password on the mobile phone display and open / close the garage door. A selection button to select is displayed. When the user selects the password and “Open” and sends the data to the communication device, the communication device determines whether the password is correct. If the password is authenticated, the electronic lock attached to the garage door is unlocked. Lock it.

  The security remote control system described in Patent Document 4 performs personal authentication using a mobile phone, and locks and unlocks the door of the home entrance. The security remote operation system detects the position of its own device by the location information detection unit, and automatically sends a status notification request email to the security center to notify the locked / unlocked state when it goes out of the area including the home. . The security sensor transmits a state confirmation signal to the key unit provided at the door of the entrance, and receives the lock state investigation result from the key unit. The image display control system transmits a status notification mail including the key unit investigation result to the mobile phone. The user displays a status notification mail on the mobile phone to confirm the locked state, and when not locked, transmits a locking instruction signal to the key unit via the security center.

  The locker system described in Patent Document 5 confirms whether or not the user of the locker is an authorized user by using a mobile phone, and locks and unlocks the locker. In the locker system, electronic locks are provided on the lockers of the locker device. In addition, the locker device is provided with a numeric keypad for inputting a locker number and the like. For example, when the user enters the locker number into the numeric keypad and accesses the URL of the data center from the mobile phone according to the unique access URL information confirmation screen, personal authentication is performed between the mobile phone and the data center using the ID and password. The operation screen is transmitted from the data center to the mobile phone. When a user inputs an unlock request for a locker to be unlocked on the operation screen and sends it to the data center, the data center authenticates that the user has the right authority according to the locker number, ID and password. A lock instruction is transmitted to the locker device, and the locker designated by the user is unlocked.

JP 2004-300683 A JP 2002-339608 A JP 2003-319469 A JP 2005-155205 A JP 2003-278421 A

However, the systems described in Patent Documents 1 to 5 have the following problems.
(1) In the key management device described in Patent Document 1, password input guidance and guidance for specifying a car number are displayed on the screen of the card reader, and information is input using the touch panel displayed on the screen. A display, a display screen control program, a memory for storing various programs and data, and the like had to be provided, which was expensive. In addition, the key management device described in Patent Document 1 cannot use the IC card for the key management device in another image display control system, and the user owns a separate IC card for each image display control system. It was inconvenient.

(2) In the authentication system described in Patent Document 2, if a user displays a data transmission screen on a mobile phone and does not transmit data to the receiving device by operating a button, infrared data is transmitted to the receiving device. The data transmission operation took time and effort.

(3) In the systems described in Patent Document 3, Patent Document 4, and Patent Document 5, a mobile phone connects to a communication device, a security center, and a data center via the Internet, and a communication device using a public telephone line network, Since communication is performed between the security center and the data center, communication costs are incurred each time communication is performed. Also, in areas outside the communication area, mobile phones could not be connected to communication devices, security centers, and data centers, and the system could not be operated.

  Therefore, the present invention has been made to solve the above-described problems. By using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an IC card or a key using the Internet can be used. An object of the present invention is to provide an authentication system, a reader / writer device, and a storage that can provide added value that could not be realized and can improve convenience for users and reduce costs.

To achieve the above object, the present onset Ming has the following configuration.
(1) and a mobile phone equipped with an IC chip, provided in the vault with a separate electronic lock for a plurality of frontage, by holding up the mobile phone, a plurality of the depot in communication with the IC chip A reader / writer device that authenticates use authority for each frontage, and the IC chip includes an identifier, key registration information, and a key application program for displaying a predetermined screen on the display means of the mobile phone; the are remembers, the interrogator is in communication with the IC chip, when authenticating the identifier of the IC chip activates the key application program of the IC chip, the key of the IC chip based on the registration information, the display means of the mobile phone, and the screen display step of displaying the unlocking possible the frontage, from among the unlocking possible frontage, specific A frontage specific step of inputting frontage by the mobile phone of the operation unit, an authentication system characterized by comprising a unlocking step of unlocking the electronic lock of the frontage identified in the frontage particular step.

(2) In the authentication system described in (1), the key application program displays the frontage usage history information in the screen display step .

( 3 ) In the authentication system described in ( 1 ) or ( 2 ), the key application program is downloaded from the download server to the IC chip when the mobile phone is connected to the download server via the public telephone network. It is characterized by being made.

( 4 ) A reader / writer device used in any one of the authentication systems described in (1) to ( 3 ).

( 5 ) A storage that is used in any one of the authentication systems described in (1) to ( 3 ).

The effects of the invention having the above-described configuration will be described.
Here, the key application and key registration information are downloaded from the download server (application management device) to the mobile phone, and the reader / writer device (authentication device) provided in the storage (security protected object) communicates with the mobile phone. An example will be described in which an input screen (predetermined screen) for inputting a personal identification number and a frontage is displayed on the mobile phone when the authority to use the storage is authenticated.

  In the image display control system of the present invention, when a mobile phone is connected to a download server via a public telephone network (communication means), the download server stores the key application and key registration information in the download source key application storage means and the download source key. The information is read from the registration information storage means, and the read key application and key registration information are downloaded to the mobile phone via the public telephone line network. By downloading the key application to the mobile phone, it is possible to associate the storage with the mobile phone and display an input screen for inputting the personal identification number and the frontage on the display means of the mobile phone. In addition, by downloading the key registration information to the mobile phone, the use authority of the storage can be confirmed using the mobile phone.

  When the mobile phone that has downloaded the key application and key registration information is held over the reader / writer device, the contactless integrated circuit and the reader / writer device communicate with each other, and the presence or absence of the authority to use the storage is authenticated. When the reader / writer device authenticates that the user of the mobile phone has the authority to use the storage, the reader / writer device transmits a key application activation signal to the mobile phone. When the mobile phone receives the key application activation signal, it reads the key application downloaded from the download server from the download destination key application storage means and activates it, and automatically displays an input screen for entering the PIN and frontage on the display (display means). To display.

When using an IC card, it is necessary to create a separate IC card for other security protection items (such as an entrance / exit management system) in the storage, which is a burden on the system user in terms of cost and management. However, since the image display control system of the present invention can download and store a plurality of key applications from the download server to the mobile phone, it can store the keys of the storage and other security protection objects in one mobile phone. Can be managed by phone.
Further, when the right to use is authenticated by the IC card, the personal identification number, and the frontage, it is necessary to provide a liquid crystal panel for displaying an input screen on the reader / writer device because information cannot be displayed on the IC card. Since the image display control system displays an input screen for inputting a password and a frontage on a display of a mobile phone, an inexpensive reader / writer device without a liquid crystal display can be applied to the system.
Also, in the system using the Internet network and infrared rays, the specified screen is displayed after the communication is established by operating the mobile phone, so the operability is poor, the communication cost is high, and it cannot be used outside the service area. However, in the image display control system of the present invention, the mobile phone directly communicates with the reader / writer device only by holding the mobile phone over the reader / writer device, and an input screen for inputting the PIN number and frontage is automatically displayed on the display. Therefore, the system can be operated even when the mobile phone is out of the service area, and no communication cost is incurred when the mobile phone communicates with the reader / writer device.

  Therefore, according to the image display control system of the present invention, by using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an added value that could not be realized with an IC card or a key using the Internet. The convenience to the user can be improved and the cost can be reduced.

  Further, according to the image display control system of the present invention, the reader / writer device is connected to the management device via an internal communication means (for example, an intranet protected by a firewall, an in-house LAN, etc.). When the mobile phone user is authorized to use the vault, the display data is read from the management device and written to the mobile phone, and then the key application activation signal is transmitted to the mobile phone. . When the mobile phone activates the key application, it reads out the written display data and displays it on the display. Therefore, according to the image display control system of the present invention, even when the storage capacity of the reader / writer device is small, display data can be stored in the management device and appropriately displayed on the display of the mobile phone.

  In addition, according to the image display control system of the present invention, the personal identification number is set in advance in the mobile phone, and when the key application is activated, the personal identification number input screen is displayed on the display of the cellular phone to the user. In addition to authenticating identifiers for contactless integrated circuits, it prompts the user to enter a personal identification number and checks whether the personal identification number entered by the user and the personal identification number set in the mobile phone can be verified. , You can authenticate your PIN and raise the security level.

  In addition, according to the image display control system of the present invention, the key registration information includes a restriction condition for restricting use of the storage (such as the number of uses and the expiration date of use), and the key received by the reader / writer device from the mobile phone. If the mobile phone is communicating with the reader / writer device within the limit conditions based on the registered information, and the mobile phone is communicating with the reader / writer device within the limit conditions Sends a key application activation signal to the mobile phone and displays an input screen for entering the PIN and frontage on the mobile phone display, while the mobile phone is not communicating with the reader / writer device within the limits In this case, the key application activation signal is not sent, and the input screen for entering the security code and frontage is not displayed on the mobile phone display. Can not be used, to improve security level.

  In addition, the image display control system of the present invention identifies a mobile phone based on an identifier of a non-contact type integrated circuit incorporated in the mobile phone by the download server, and stores key registration information related to the mobile phone by operating the mobile phone. Since the included authentication ID is rewritten to another person's authentication ID, and the rewritten key registration information is transmitted to the reader / writer device, for example, a person using a mobile phone having the other person's authentication ID uses the mobile phone as a reader / writer. If you hold it over the device, you are allowed to use the storage. Therefore, the image display control system of the present invention can lend the right to use the storage to another person temporarily using a mobile phone, and is convenient.

  Further, according to the image display control system of the present invention, the personal identification number and the frontage are input to the mobile phone displaying the input screen for inputting the personal identification number and the frontage using the operation unit of the mobile phone. When the input mobile phone is held over the reader / writer device, the reader / writer device unlocks the electronic lock corresponding to the designated frontage and allows the storage to be used. Even without an operation unit such as the above, it is possible to input a personal identification number and frontage using the operation unit of a mobile phone, and to reduce costs by applying an inexpensive reader / writer device without an operation unit to the system be able to.

  In the authentication system of the present invention, when the mobile phone is held over the authentication device, the contactless integrated circuit and the authentication device communicate with each other, and the presence or absence of the right to use the security protection object is authenticated. When the authentication device authenticates that there is a use right, it transmits a key application activation signal to the mobile phone. Upon receiving the key application activation signal, the cellular phone activates the key application and automatically displays a predetermined screen on the display means. Therefore, when using the IC card and the personal identification number to authenticate the use authority, it is necessary to provide a liquid crystal panel for displaying an input screen on the authentication device because information cannot be displayed on the IC card. Since an input screen for a password is displayed on the display means of the cellular phone, an inexpensive authentication device without a liquid crystal display can be applied to the system. Also, in the system using the Internet network and infrared rays, the specified screen is displayed after the communication is established by operating the mobile phone, so the operability is poor, the communication cost is high, and it cannot be used outside the service area. However, the authentication system of the present invention has good operability because the mobile phone directly communicates with the authentication device and automatically displays a predetermined screen on the display means simply by holding the mobile phone over the authentication device. The system can be operated even when the phone is outside the service area, and no communication cost is incurred when the mobile phone communicates with the authentication device.

  Therefore, according to the authentication system of the present invention, by using a mobile phone incorporating a non-contact type integrated circuit such as an IC chip, an added value that cannot be realized with an IC card or a key using the Internet is given. Therefore, it is possible to improve the convenience for the user and reduce the cost.

  Further, according to the application management device of the present invention, when there is a request to download the key application from the mobile phone, the mobile phone is associated with the security protection object on the mobile phone based on the mobile phone identifier. Download the key application to display the screen and the key registration information corresponding to the usage authority to the mobile phone. Therefore, when an IC card is used, it is necessary to create and possess an IC card for each security protection object. However, the application management apparatus of the present invention transmits a key application and key registration information to one mobile phone. Since downloading is performed as appropriate, a mobile phone can have a plurality of key applications and key registration information. Also, when managing multiple key applications with one 1C card, it was necessary to go to a place where the dedicated machine is located during business hours and add or delete the key application to the dedicated machine through the IC card. The application management apparatus of the present invention downloads a key application and key registration information in response to a request from the mobile phone, and the downloaded key application and key registration information can be arbitrarily deleted by operating the mobile phone. And the place and time for adding or deleting the key registration information are not limited, and convenience is good.

  Therefore, according to the application management apparatus of the present invention, by using a mobile phone that incorporates a non-contact type integrated circuit such as an IC chip, it provides added value that could not be realized with an IC card, and is convenient for the user. Improvement and cost reduction can be achieved.

Next, will be described with reference to the drawings an embodiment of the present onset bright.
A. B. Overall Configuration of Image Display Control System According to First Embodiment DL server (application management device)
C. Cellular phone In-house security system Various processes in the image display control system E1. Download process of key application and key registration information E2. Key application activation processing Explanation of operation of image display control system Effects of image display control system, authentication system, and DL server Second Embodiment H1. Key application activation process with PIN input H2. Explanation of operation of image display control system H3. Effects of image display control system and authentication system Third Embodiment I1. Key registration information temporary lending process I2. Key application activation processing I3. Description of operation of image display control system I4. Effects of image display control system and DL server Modified example

A. Overall Configuration of Image Display Control System According to First Embodiment FIG. 1 is a schematic configuration diagram of an image display control system 1 according to the first embodiment.
It should be noted that the first embodiment is a reference example of the present invention. The image display control system 1 of the first embodiment downloads a key application and key registration information from a download server (hereinafter abbreviated as “DL server”) (application management device) 8 to a general-purpose mobile phone 2. The cellular phone 2 is associated with the office device (security protection object) of the in-house security system 3, and the cellular phone 2 is held over the reader / writer device (hereinafter abbreviated as “R / W”) (authentication device) 6 to the office device. Is controlled, the key application downloaded to the mobile phone 2 is activated and a predetermined screen is displayed on the display unit (display means) 28 of the mobile phone 2. In the present embodiment, the mobile phone 2 and the R / W 6 constitute an “authentication system”.

  The in-house security system 3 is constructed in, for example, the company A ●● branch office, and is a client personal computer (hereinafter referred to as “client PC”) 4, a management server (management device) 5, entrance / exit management R / W 6 </ b> A, attendance / exit Multiple R / W6s such as management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, library R / W6G, etc., use in-house LAN (internal communication means) 7 Are connected to each other so as to be able to communicate with each other. The R / W 6 acquires the key information of the mobile phone 2 and authenticates the person, and office equipment that is subject to security protection, such as a time recorder, a door for entering and leaving the room, a valuable box, a desk, a key box, a locker, and a library. This is to determine whether or not there is an authority to use (security protected object).

  The mobile phone 2 is a general-purpose product. In addition to the telephone function, the mobile phone 2 includes a mail function for transmitting / receiving mail data and Web data by connecting to the Internet network (communication means) INT, a wireless communication function for performing wireless communication with each R / W 6, and the like.

  The DL server 8 downloads a key application and key registration information to the mobile phone 2. The “key application” is an application that identifies the mobile phone 2 from another mobile phone and associates it with the office device of the in-house network 3 to display a predetermined screen on the display unit 28 of the mobile phone 2. The “key registration information” refers to data necessary for personal authentication when using office equipment in the in-house network 3. For example, “authentication ID” individually assigned to the mobile phone 2, “PIN (PIN number)” set on the mobile phone 2 to confirm the user, “expiration date” that can be used for office equipment (security object), “number of times of use”, office equipment (security protection object) "Device ID" for identifying), "unlocking ID" for identifying a lockable frontage among office devices (security objects), and the like. Here, the key registration information can be rewritten on the DL server 8. For example, “PIN” included in the key registration information is initially set to “0000” in a state where the key application is downloaded, but the mobile phone 2 accesses the DL server 8 at a later date to arbitrarily enter the key registration information. It is possible to change to the value of.

B. DL Server FIG. 2 is an electrical block diagram of the DL server 8 shown in FIG.
The DL server 8 is a well-known computer, and includes a central processing unit (hereinafter referred to as “CPU”) 10, an input / output interface 11, a ROM 12, a RAM 13, a hard disk drive (hereinafter abbreviated as “HDD”) 14, and an operation unit 18. , A display unit 19, a communication unit 20, and the like. The DL server 8 stores data acquired from the communication unit 20 and the input / output interface 11 in the HDD 14, and the CPU 10 temporarily reads and executes the program stored in the ROM 12 in accordance with the operation of the operation unit 18, Data stored in the HDD 14 is processed, calculated, and displayed on the display unit 19 or output from the input / output interface 11 or the communication unit 20 to another device.

  In the HDD 14, an application database (hereinafter, "database" is abbreviated as "DB") (download source key application storage means) 15, a key registration information DB (download source key registration information storage means) 16, and a download program (download means). ) 17 is provided.

FIG. 3 is a diagram illustrating a data structure of the key application DB 15.
The application DB 16 stores various applications downloaded to the mobile phone 2 via the Internet INT in association with the URI. In this embodiment, for example, in addition to an application for using “Edy” (registered trademark) of electronic money, a key application or the like is associated with a URI (Uniform Resource Identifier) and stored in the application DB 16.

FIG. 4 is a diagram illustrating a data structure of the key registration information DB 16.
The key registration information DB 16 stores key registration information in association with a URI and key information. The reason why the “key registration information” is associated with the URI is to identify the key application to which the key registration information corresponds. The “key information” is used to identify the mobile phone 2 from other mobile phones, and more specifically, is information related to a key (identifier) of an IC chip (non-contact integrated circuit) 30 described later. . The reason for associating the “key registration information” with the “key information” is to associate the mobile phone 2 with the office equipment (security protected object) of the in-house security system 3.

  The download program 17 shown in FIG. 2 reads the key application from the key application DB 15 based on the IC chip 30 of the mobile phone 2 when the mobile phone requests download of the key application via the Internet network INT. The key registration information is read from the key registration information DB 16 and the read key application and key registration information are downloaded to the mobile phone 2.

C. Mobile Phone FIG. 5 is a diagram showing an electrical block configuration of the mobile phone 2.
The mobile phone 2 is connected to a CPU 21, a communication unit 22, a volatile memory 23, a nonvolatile memory 24, a display unit 28, an operation unit 29, an IC chip 30 and the like via a data bus.

  The communication unit 22 connects to the Internet network INT by wireless communication under the control of the CPU 21. The display unit 28 includes a display device such as a liquid crystal panel, and displays various information on the screen under the control of the CPU 21. The operation unit 29 includes various buttons such as push buttons and cursor keys. When an operation is performed by the user, the operation unit 29 outputs an operation signal to the CPU 21 according to the input operation.

  The CPU 21 controls each unit of the mobile phone 2 according to an application stored in the nonvolatile memory 24. The volatile memory 23 is used as a work area, and temporarily stores various applications executed by the CPU 21 and various data used when executing the applications.

  The nonvolatile memory 24 is provided with an EEPROM 25 and a ROM 27. In addition to various control information and various control programs, the ROM 27 stores various applications executed by the CPU 21. The EEPROM 25 is a rewritable memory. In the present embodiment, a table storage memory 26 is provided in the EEPROM 26, and the table storage memory 26 stores the type of downloaded application in association with the URI in order to manage the downloaded application.

FIG. 6 is an electrical block diagram of the IC chip 30 shown in FIG.
The IC chip 30 is formed by connecting a CPU 31, an antenna 32, a RAM 33, a ROM 34, an EEPROM 35, and the like such that signals can be transmitted and received. The IC chip 30 receives a radio wave emitted from the R / W 6 and converts it into energy to exchange data.

  The antenna 32 performs wireless communication with an external wireless communication device. In the present embodiment, for example, the antenna 32 performs wireless communication with the R / W 6 of the in-house security system 3. The CPU 31 processes and calculates data in accordance with applications stored in the ROM 34 and the EEPROM 35, and controls the operation of the mobile phone 2, for example. The RAM 33 is used as a work area, and temporarily stores various applications executed by the CPU 31, various data used when executing the applications, and the like. The ROM 34 is a non-rewritable memory, and stores various applications executed by the CPU 31 in addition to various control information and various control programs. The EEPROM 35 is a rewritable memory and stores various control information and various control programs, as well as various applications executed by the CPU 31, and can arbitrarily add or delete applications. The EEPROM 35 includes a key registration information common memory (download destination key registration information storage means, personal identification number storage means, key registration information storage means) 36, an application common memory (download destination key application storage means, key application storage means) 37, The embedded data memory 38, the key information memory 39, the PIN memory 40, and the like are stored.

The key registration information common memory 36 stores “key registration information” downloaded from the DL server 8. The key registration information common storage memory 36 stores a plurality of “key registration information” using a key, and protects the security of the “key registration information”.
The application common memory 37 associates the “key application” downloaded from the DL server 8 with the “URI” and stores it using a key to protect the security of the “key application”.
The write data memory 38 stores data written from the outside. In the present embodiment, for example, “display data” displayed on the display unit 28 of the mobile phone 2 is written in the write data memory 38.
The key information storage memory 39 stores the “key information” described above.
The PIN memory 40 stores the PIN input by the user of the mobile phone 2. The PIN memory 40 is provided to save the user from having to input the PIN when performing PIN authentication.

D. Internal Security System FIG. 7 is an electrical block diagram of the internal security system 3 shown in FIG.
The in-house security system 3 includes a client PC 4, a management server 5, an entrance / exit management R / W 6A,. The management server 5 manages the usage state of office equipment such as lockers, archives, and client PCs 4.

  In the management server 5, a CPU 51, an input / output interface 52, a ROM 53, a RAM 54, an HDD 55, an operation unit 59, a display unit 60, and the like are connected to each other via a data bus. Since the management server 5 is a well-known computer, a detailed description thereof will be omitted, but the HDD 55 is provided with a display data DB 56, a use authority information DB 57, and a device information DB 58.

The display data DB 56 stores “display data” to be displayed on the display unit 28 of the mobile phone 2, such as messages created for a specific user by the client PC 4 or an external terminal, usage history of office equipment, and the like. .
The use authority information DB 57 stores “use authority information” including use authority of office equipment. The “use authority information” corresponds to the “key registration information” described above. For example, among the office devices installed in the in-house security system 3, the “device ID” of the office device permitted to be used, Includes “valid period” and “use count” that can be used for office equipment.
The device information DB 58 stores “device information” including “device ID”, “usage history”, and the like of the office devices constituting the in-house security system 3 for each device.

  The client PC 4 is a known computer in which a CPU 71, an input / output interface 72, a ROM 73, a RAM 74, an HDD 75, an operation unit 76, a display unit 77, a communication unit 78, and the like are connected by a data bus. Therefore, detailed description is omitted here.

  Entrance / exit management R / W6A, attendance / exit management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, library R / W6G are managed via the in-house LAN 7. Is connected to and managed. The entry / exit management R / W6A, attendance / exit management R / W6B, valuables box R / W6C, desk R / W6D, key box R / W6E, locker R / W6F, and library R / W6G have almost the same configuration. Here, the library R / W 6G will be described as an example, and the description of other configurations of the R / W 6A to 6F will be omitted.

  As shown in the external view of FIG. 8, the library R / W 6G is provided in the library 90, and an electronic lock 94 (attached to each storage box 91A, 91B, 91C, 91D, 91E, 91F, 91G, 91H of the library 90 is provided. (See FIG. 7). In addition, the library 90 has installed the antenna 92 (refer FIG. 7) in each storage box 91A-91H, and has detected the IC tag 93 (refer FIG. 7) stuck on the document.

As shown in FIG. 7, the archive R / W 6G is a computer in which a CPU 81, an input / output interface 82, a ROM 83, a RAM 84, an HDD 85, and a wireless communication unit 86 are connected by a data bus, such as a display unit such as a liquid crystal display or a numeric keypad. The operation unit is not provided. The HDD 85 stores a use authority information DB 87 and an application activation program 88. The use authority information DB 87 stores “use authority information” distributed from the management server 5 via the in-house LAN 7. Specifically, for example, who can open and close which door of the library and what kind of document can be used is used authority information DB 87 as “usage authority information”.
Is remembered. The application activation program 88 defines a process for activating the key application downloaded to the mobile phone 2. The wireless communication unit 86 transmits and receives data to and from an external device by wireless communication. The speaker 89 generates a buzzer sound and sound.

  In the library R / W 6G, the input / output interface 82 is communicably connected to the antenna 92 installed in the storage boxes 91A to 91H, and the detection result of the antenna 92 detecting the IC tag 93 is input from the input / output interface 82. Then, by transmitting the detection result to the management server 5 via the in-house LAN 7, the document usage history is recorded in the management server 5. Further, the library R / W 6G is communicably connected to the electronic lock 94, detects the locked / unlocked state of the electronic lock 94, and transmits a locking command or an unlocking command to the electronic lock 94.

E. Various processes in the image display control system E1. Key Application and Key Registration Information Download Process FIG. 9 is a flowchart showing a process in which the mobile phone 2 downloads the key application.
When the mobile phone 2 downloads the key application, first, in step 1 (hereinafter abbreviated as “S1”), initial setting is performed. Next, in S2, the DL server 8 is requested to download the key application. In S3, it is determined whether or not there is a response from the DL server 8.

  If it is determined that there is a response from the DL server 8 (S3: YES), the key application and key registration information are downloaded from the DL server 8 in S4. In step S5, an employee ID screen is displayed on the display unit 28 to prompt the user to confirm the contents of the downloaded key registration information. It waits as it is until the content confirmation is made by the user (S6: NO). When the user confirms the contents (S6: YES), a communication network disconnection request is transmitted in S7. In S8, it is determined whether or not there is a response to the communication network disconnection request. If it is determined that there is a response to the communication network disconnection request (S8: YES), the mobile phone 2 is disconnected from the Internet network INT in S9, and the process is terminated. On the other hand, when it is determined that there is no response to the communication network disconnection request (S8: NO), the process returns to S7 and transmits the communication network disconnection request again.

  On the other hand, if the DL server 8 does not respond to the request for downloading the key application in S2, (S3: NO), in S10, 1 is set to the flag f1 which is set to zero in the initial setting of S1. to add. Then, in S11, it is determined whether or not the flag f1 has become 3. At this time, since the flag f1 is not 3 (S11: NO), the process returns to S2 and requests download of the key application again. At this time, if there is a response from the DL server 8 (S3: YES), the processing after S4 is executed.

  On the other hand, if it is determined that there is no response from the DL server 8 (S3: NO), 1 is added to the flag f1 in S10, and it is determined whether or not the flag f1 is 3 in S11. At this point, since the flag f1 is not 3 (S11: NO), the process returns to S2 to request download of the key application again. In S3, if there is a response from the DL server 8, the processing from S4 is executed. On the other hand, if it is determined that there is no response from the DL server 8 (S3: NO), 1 is added to the flag f1 in S10, and it is determined whether or not the flag f1 is 3 in S11. . At this time, since the flag f1 becomes 3 (S11: YES), the process proceeds to S12, an error message is displayed on the display unit 28 of the mobile phone 2, and then the mobile phone 2 is disconnected from the Internet network INT in S9. To finish the process.

FIG. 10 is a flowchart showing a process in which the DL server 8 downloads the key application to the mobile phone 2.
When the DL server 8 recognizes that the key application has requested the key application, the DL server 8 reads and executes the download program 17 stored in the HDD 14 into the RAM 13 and downloads the key application and key registration information to the mobile phone 2.

  That is, first, in S21 of FIG. 10, in response to the key application request, the mobile phone 2 is notified that the request for the key application has been recognized, and communication with the mobile phone 2 is established. Then, in S22, “key information” is read from the mobile phone 2, and in S23, it is determined whether or not the user of the mobile phone 2 has a proper authority to download the key application. If it is determined that the user of the mobile phone 2 has a legitimate authority to download the key application (S23: YES), in S24, the key application is read from the application DB 15 and the key registration information is registered as a key. Read from the information DB 16 and download to the mobile phone 2. In S26, an employee ID screen display instruction for instructing to display the employee ID screen on the display unit 28 of the mobile phone 2 is transmitted to the mobile phone 2, and whether or not the key registration information and the contents of the key application are correct. Encourage judgment. In S27, if there is no confirmation from the mobile phone 2 that the content displayed on the employee ID screen is correct (S27: NO), the process stands by.

  On the other hand, if there is confirmation that the content displayed on the employee ID screen from the mobile phone 2 is correct (S27: YES). In S28, it is determined whether there is a communication network disconnection request. If it is determined that there is no request for disconnecting the communication network (S28: NO), the process waits as it is. On the other hand, if it is determined that there is a communication network disconnection request from the mobile phone 2, a signal responding to the communication network disconnection request is transmitted to the mobile phone 2 in S29, and then the communication network is disconnected in S31. The process is terminated.

  In S23, when key authentication cannot be performed (S23: NO). An error message is displayed on the display unit 28 of the mobile phone 2 to inform the user of the mobile phone 2 that the key application cannot be downloaded. In S31, the communication network is disconnected.

E2. Key application activation process The screen display control system 1 activates the key application by transmitting a key application activation signal from the R / W 6 to the mobile phone 2 when the mobile phone 2 is held over the R / W 6 for authentication. Then, a predetermined screen is displayed on the display unit 28 of the mobile phone 2.

FIG. 11 is a flowchart showing key application activation processing on the R / W 6 side.
The R / W 6 always executes the application activation program 88 stored in the HDD 87. The R / W 6 performs polling at predetermined time intervals, and when there is a response from the mobile phone 2, performs R / W authentication and transmits display data to the mobile phone 2.

  That is, the R / W 6 first performs polling at predetermined time intervals in S31, and determines whether or not there is a response to the polling from the mobile phone 2 in S32. When it is determined that the response to the polling is not received from the mobile phone 2 (S32: NO), it waits while polling. On the other hand, if it is determined that the response to the polling is from the mobile phone 2 (S32: YES), the key registration information is read from the mobile phone 2 in S33. In S34, it is determined whether or not key authentication is possible. That is, the key registration information read from the mobile phone 2 is collated with the use right information written in the use right information writing unit 87, and if the key registration information matches the use right information, It is determined that the user has a legitimate authority to use office equipment, and key authentication is performed. If it is determined that key authentication cannot be performed (S34: NO), a buzzer is launched from the speaker 89 in S35 to inform the user of the mobile phone 2 that the personal authentication has failed, and the process returns to S31.

  On the other hand, if it is determined that key authentication is possible (S34: YES), the security object is controlled in S36. Then, in S37, it is determined whether or not there is display data for the mobile phone 2 performing communication. If there is no display data (S37: NO), the process proceeds to S40 as it is. On the other hand, if there is display data (S37: YES), after writing the display data to the IC chip 30 of the mobile phone 2 in S38, it is determined in S39 whether the display data has been successfully written. to decide. If it is determined that the display data has been successfully written (S39: YES), a key application activation signal is transmitted to the mobile phone 2 and the process returns to S31. On the other hand, if the writing of the display data fails, the key application of the mobile phone 2 is not activated at this time, and the mobile phone 2 cannot display a screen for displaying an error message or the like. A warning such as a warning sound or a warning message is generated from the speaker 89. As a result, the user of the mobile phone 2 learns that the display data writing is insufficient, and prompts the user to hold the mobile phone 2 over the R / W 6 and rewrite the display data. it can.

FIG. 12 is a flowchart showing key application activation processing on the mobile phone 2 side.
The mobile phone 2 is authenticated by holding it over the R / W 6, and a predetermined screen is automatically displayed on the display unit 28.

  That is, when the mobile phone 2 receives the polling request over the R / W 6, the mobile phone 2 transmits a response to the polling to the R / W 6 in S 51. Then, in S52, it is determined whether or not there is a key registration information read request from R / W6. If it is determined that there is no key registration information read request, the process returns to S52 and waits as it is. On the other hand, if it is determined that there is a key registration information read request, the key registration information is transmitted to the R / W 6 in S53. Then, in S54, it is determined whether or not there is a display data write request from R / W6. If it is determined that the display data write request is not received from R / W 6 (S54: NO), the process directly proceeds to S56.

  On the other hand, if it is determined that the display data write request is from the R / W 6 (S54: YES), the display data is stored in the write data memory 38 of the IC chip 30 in S55, and then the process proceeds to S56. . In S56, it is determined whether a key application activation signal is received from the R / W 6. If it is determined that the key application activation signal has not been received from the R / W 6 (S56: NO), the process returns to S56 and waits as it is. On the other hand, when it is determined that the key application activation signal has been received from the R / W 6 (S56: YES), the key application stored in the application common memory 37 of the IC chip 30 is activated in S57. In S58, the type of R / W6 (any of R / W6A to 6G) is detected, and in S59, a predetermined screen is automatically displayed on the display unit 28 of the mobile phone 2.

F. Description of Operation of Image Display Control System Next, the operation of the image display control system 1 of the present embodiment will be described with a specific example. FIG. 13 is a conceptual diagram showing an example of signal exchange in the image display control system 1 shown in FIG. 1, and signal exchange between the mobile phone 2 and the DL server 8, and between the mobile phone 2 and the entrance / exit management R / W 6A. Indicates. 14 is a conceptual diagram showing an example of signal exchange in the image display control system shown in FIG. 1, and shows signal exchange between the mobile phone 2 and the library R / W 6G.
As a precondition for the explanation of the operation, the user A of the mobile phone 2 is an employee of Company A ●● branch office, has the authority to unlock the entrance / exit door, and is stored in the storages 91A, 91C, 91G of the library 90 Have the authority to use the document.

  In order for the user A to authenticate himself / herself using the mobile phone 2 in the in-house network system 3, the user A needs to store the key application C and key registration information for unlocking the entrance / exit door and the archive 90. It is necessary to download the key application D and key registration information for unlocking the boxes 91A, 91C, 91G from the DL server 8.

  Therefore, as shown in FIG. 13, the user A inputs the URI “http: //www.○. Ne.jp/□□c” to the mobile phone 2 and transmits the DL server 8 via the Internet network INT. To the DL server 8 to request communication start (see S2 in FIG. 10). When the DL server 8 responds to the communication start request from the mobile phone 2, communication is established between the mobile phone 2 and the DL server 8 (S3 in FIG. 9: YES, see S21 in FIG. 10). The DL server checks the URI input by the user A against a table stored in the application DB 14 and recognizes that the user A requests the download of the key application C. Also, the DL server 8 collates the URI and “key information” transmitted from the mobile phone 2 with the key registration information DB 16 to identify the key registration information. Then, the DL server 8 downloads the key application C and the specified key registration information to the mobile phone 2 (see S22, S23: YES, S24, S25 in FIG. 10).

  The mobile phone 2 stores the downloaded key application C in the application common memory 37 of the IC chip 30. In addition, the mobile phone 2 stores the downloaded key registration information in the key registration information common memory 36 of the IC chip 30 (see S4 in FIG. 9). When the mobile phone 2 receives a signal indicating that the data transmission has been completed from the DL server 8, the employee ID display screen shown in FIG. 15 is displayed on the display unit 28 (see S5 in FIG. 9). The user A checks the contents of the employee ID display screen to confirm whether the contents of the key registration information are correct, and if so, clicks a confirmation button (see S6 in FIG. 9: YES). Thereby, the mobile phone 2 determines that the download has been completed, and requests the DL server 8 to disconnect from the Internet network INT (see S7 in FIG. 9).

  When the DL server 8 receives the confirmation of the contents of the key registration information from the mobile phone 2 and the communication network disconnection request, the DL server 8 responds to the communication network disconnection request (see S27 in FIG. 10: YES, S28). Thereby, the mobile phone 2 and the DL server 8 are disconnected from the Internet network INT, and the line is disconnected (see S9 in FIG. 9 and S29 in FIG. 10).

  Here, since the key application C is an application related to unlocking the entrance / exit door, the user A holds the mobile phone 2 over the library 90 only by storing the key application C in the application common memory 37. The library 90 cannot be unlocked. Therefore, the user A inputs the URI “http://www.xxx.ne.jp/◇◇di” to the mobile phone 2 and connects to the DL server 8 via the Internet network INT, and the key application D Request download of. Since the download of the key application D and the key registration information is performed in the same procedure as the download of the key application C, illustration and description are omitted.

  Thus, the user A adds the key application C and the key application D to the application common memory 37 of the mobile phone 2 in a state where the key is locked (encrypted). In addition, the user A locks the key registration information related to unlocking the entrance / exit door and the key registration information related to unlocking the library in the key registration information common memory 36 of the mobile phone 2 (with encryption). To memorize). The EEPROM 35 is a readable / writable nonvolatile memory. Therefore, for example, when the user A loses the authority to unlock the entrance / exit door at a later date, the key application C can be deleted from the mobile phone 2. That is, the user A can arbitrarily add or delete the key application to or from the mobile phone 2 to expand or reduce the function of the mobile phone 2 for in-house security.

  When the key applications C and D are added to the cellular phone 2 as described above, the user A simply unlocks the entrance / exit door or holds the library 90 by simply holding the cellular phone 2 over the R / W 6A or 6G. Boxes 91A, 91C, 91G can be unlocked.

  That is, when the user A holds the mobile phone 2 over the entrance / exit management R / W 6A, the mobile phone 2 reads “key information” from the key information memory 39 of the IC chip 30 as shown in FIG. It transmits to R / W6A and responds with respect to polling of entrance / exit management R / W6A (refer S51 of FIG. 12). When the “key information” is for the mobile phone 2 used in the in-house security system 3, wireless communication is established between the mobile phone 2 and the entrance / exit management R / W 6A, and the entrance / exit management R / W A key registration information read signal is transmitted from W6A to mobile phone 2 (see S33 in FIG. 11).

  When the mobile phone 2 receives the key registration information reading signal from the entrance / exit management R / W 6A, the mobile phone 2 reads key registration information necessary for unlocking the entrance / exit door from the key registration information common memory 36 of the IC chip 30, and enters / exits management. It transmits to R / W6A (refer S53 of FIG. 12).

  The entry / exit management R / W 6A is preliminarily distributed from the management server 5 with the use authority information regarding the authority to unlock the entrance / exit door, and stores it in the use authority information writing unit 87. The entrance / exit management R / W 6A compares the key registration information received from the mobile phone 2 with the use authority information writing unit 87, and determines that the key authentication can be performed if there is use authority information that matches the key registration information. Then, an unlocking instruction is transmitted to the electronic lock of the entrance / exit door (see S34: YES, S36 in FIG. 11). Thereby, the entrance / exit door is unlocked.

  Thereafter, the entrance / exit management R / W 6A accesses the display data DB 56 of the management server 5 and searches for “display data” for the user A. “Display data” input from the operation unit 77 of the client PC 4 is transmitted to the management server 5 and stored in the display data DB 56 of the management server 5. For example, when Taro Otono of □□ company visits user A during XX month XX day XX, “message M” is input to the operation unit of client PC 4 and the display data of management server 5 is displayed. Store in the DB 56. In this case, when the entrance / exit management R / W 6A accesses the display data DB 56 of the management server 8 and searches for “display data” for the user A, “message M” is hit. Therefore, the entrance / exit management R / W 6A reads “message M” from the management server 5 and writes “message M” to the IC chip 30 of the mobile phone 2 (see S37 in FIG. 11: YES, S38).

  The mobile phone 2 stores the message M written from the entry / exit management R / W 6A in the write data memory 38 (see S54 in FIG. 12, YES, S55).

  The entrance / exit management R / W 6A, when writing “message M” to the mobile phone 2, determines whether or not the writing of “message M” has succeeded (see S39 in FIG. 11). For example, if the user A holds the mobile phone 2 over the entrance / exit management R / W 6A for a short time, the entrance / exit management R / W 6A may not be able to write the “message M”. In this case, the entrance / exit management R / W 6A issues a warning and informs the user that “Message M” could not be written to the mobile phone 2 (see S39 in FIG. 11: NO, S41). On the other hand, when the entry / exit management R / W 6A succeeds in writing the “message M”, the entry / exit management R / W 6A transmits a key application activation signal for activating the key application C to the mobile phone 2 (S39 in FIG. 11: YES, S40). reference).

  When receiving the key application activation signal from the entrance / exit management R / W 6A, the cellular phone 2 reads the key application C from the application common memory 37, stores it in the RAM 33, and executes it (see S56 in FIG. 12, YES, S57). When the key application C is executed, the mobile phone 2 reads “message M” from the write data memory 38 of the IC chip 30 and displays “message M” 105 on the screen of the display unit 28 as shown in FIG. (See S58 and S59 in FIG. 12). When the “message M” is displayed on the screen, it is automatically deleted from the write data memory 38 to free up a storage area.

  Further, as shown in FIG. 14, when the user A holds the mobile phone 2 over the library R / W 6G, the electronic lock 94 of the predetermined storage box 91 is unlocked on the condition that the user is authenticated. That is, the key registration information received by the library R / W 6G from the mobile phone 2 includes the “unlocking door ID” that identifies the storage boxes 91A, 91C, 91G that the user can unlock. The R / W 6G unlocks the electronic lock 94 of the storage boxes 91A, 91C, 91G by authenticating the “unlocking door ID” (see S31, S32: YES, S33, S34: YES, S36 in FIG. 11). ). Thereby, the user A can take out the documents stored in the storage boxes 91A, 91C, 91G.

Here, the library 90 detects the IC tag 93 attached to the document with the antenna 92, and records the detection result in the management server 5. The record is stored in the display data DB 56 as “document history” and is displayed to the person using the archive 90. Therefore, when the library R / W 6G accesses the display data DB 56 of the management server 5 and searches for display data addressed to the user A, “document usage history” is hit. Therefore, the archive R / W6G is, acquired from the management server 5, "Using history of the document", write no written to the mobile phone 2 (S37 in FIG. 11: reference YES, S38).

  The mobile phone 2 stores the “document usage history” written from the archive R / W 6G in the write data memory 38 (see S54 in FIG. 12: YES, S55).

  When the archive R / W 6G has successfully written the “document usage history”, the archive R / W 6G transmits a key application activation signal for activating the key application D to the mobile phone 2 (see S39 in FIG. 11: YES, S40).

  When the cellular phone 2 receives the key application activation signal from the archive R / W 6G, the cellular phone 2 reads the key application D from the application common memory 37, stores it in the RAM 33, and writes it in the write data memory 38 as shown in FIG. "Document usage history" is displayed on the display unit 28 of the mobile phone 2 (see S56: YES, S57, S58, S59 in FIG. 12).

  The library 90 may be locked by the user back after unlocking the storage boxes 91A, 91C, 91G, or the user back closed the doors of the storage boxes 91A, 91C, 91G. May be detected and automatically locked.

G. Operational Effects of Image Display Control System, Authentication System, and DL Server The image display control system 1 first downloads a key application and key registration information from the DL server 8 to the mobile phone 2. By downloading the key application to the mobile phone 2, it becomes possible to associate the office device of the in-house security system 3 with the mobile phone 2 and display a predetermined screen on the display unit 28 of the mobile phone 2. Here, “predetermined screen” refers to, for example, scheduled visitor date / time, internal notifications, document usage history, personal identification number input screens, etc. A screen that displays protection-related items. Further, by downloading the key registration information to the mobile phone 2, it is possible to confirm the authority to use the office equipment constituting the in-house security system 3 using the mobile phone 2.

  When the mobile phone 2 that has downloaded the key application and the key registration information is held over the R / W 6, the IC chip 30 and the R / W 6 communicate with each other, and the presence / absence of the authority to use the office equipment is authenticated. When the R / W 6 authenticates that the user of the mobile phone 2 has the right to use, the R / W 6 transmits a key application activation signal to the mobile phone 2. When receiving the key application activation signal, the cellular phone 2 activates the downloaded key application and automatically displays a predetermined screen on the display unit 28.

When using an IC card, it is necessary to create an IC card for each office device such as an entrance / exit door, a desk, a locker, and a library, which places a burden on the system user in terms of cost and management. However, since the image display control system 1 of the present embodiment can download a plurality of key applications from the DL server 8 to the mobile phone 2 and store them in the application common memory 37 of the IC chip 30, Can be managed by one mobile phone 2.
In addition, when information is to be transmitted to the user when entering or leaving the room or when taking out the document from the library 90, information cannot be displayed on the IC card, so it is necessary to provide a liquid crystal panel in the card reader. However, since the image display control system 1 of the present embodiment displays a message display screen, a history screen, and the like as predetermined screens on the display unit 28 of the mobile phone, an inexpensive R / W 6 without a liquid crystal display can be applied to the system. .
In addition, in the system using the Internet network or infrared rays, the mobile phone 2 is operated to establish communication, and then a predetermined screen is displayed on the liquid crystal display. It was not possible to use. However, the image display control system 1 according to the present embodiment is configured such that the mobile phone 2 directly communicates with the R / W 6 just by holding the mobile phone 2 over the R / W 6, and a predetermined screen (in this embodiment, (Message M, document usage history) is automatically displayed, so that the operability is good, the system can be operated even when the mobile phone 2 is out of service area, and when the mobile phone 2 communicates with the R / W 6 No communication costs are incurred.

  Therefore, according to the image display control system 1 of the present embodiment, by using the mobile phone 2 incorporating the IC chip 30, added value that could not be realized by using a key using an IC card or the Internet network INT, etc. It is possible to improve the convenience for the user and reduce the cost.

  Further, according to the image display control system 1 of the present embodiment, the R / W 6 is connected to the management server 5 via the in-house LAN 7, and communicates with the mobile phone 2 to give the user of the mobile phone 2 office equipment. When it is authenticated that the user has the right to use, the display data is read from the management server 5 and written to the mobile phone 2, and then the key application activation signal is transmitted to the mobile phone 2. When the mobile phone 2 starts the key application, it reads out the written display data and displays it on the display unit 28. Therefore, according to the image display control system 1 of the present embodiment, even when the storage capacity of the R / W 6 is small, the display data is stored in the management server 5 and appropriately displayed on the display unit 28 of the mobile phone 2. Can do.

  The authentication system according to the present embodiment includes the mobile phone 2 and the R / W 6. When the mobile phone 2 is held over the R / W 6, the IC chip 30 communicates with the R / W 6, and the authority to use office equipment is obtained. Existence is authenticated. When the R / W 6 authenticates that the user of the mobile phone 2 has the right to use, the R / W 6 transmits a key application activation signal to the mobile phone 2. When the cellular phone 2 receives the key application activation signal from the R / W 6, it activates the key application stored in the application common memory 37 and automatically displays a predetermined screen on the display unit 28. For this reason, when using the IC card and the personal identification number to authenticate the use authority, information cannot be displayed on the IC card. Therefore, it is necessary to provide a liquid crystal panel for displaying an input screen on the card reader. Displays an input screen for a personal identification number on the display unit 28 of the mobile phone 2, so that an inexpensive R / W 6 without a liquid crystal display can be applied to the system. In addition, in the system using the Internet network INT and infrared rays, the mobile phone 2 is operated to establish communication, and a predetermined screen is displayed, so that the operability is poor and the communication cost is high, and it is used outside the service area. Although not possible, the authentication system according to the present embodiment, by simply holding the mobile phone 2 over the R / W 6, the mobile phone 2 communicates directly with the R / W 6 and automatically displays a predetermined screen on the display unit 28. Therefore, the operability is good, the system can be operated even when the mobile phone 2 is outside the service area, and no communication cost is incurred when the mobile phone 2 communicates with the R / W 6.

  Therefore, according to the authentication system of the present invention, the use of the mobile phone 2 incorporating the IC chip 30 gives added value that could not be realized with an IC card or a key using the Internet, and is convenient for the user. Improvement and cost reduction can be achieved.

  In addition, according to the DL server 8 of the present embodiment, when there is a request for downloading a key application from the mobile phone 2, the mobile phone 2 can carry the mobile phone based on the identifier (key information) built into the IC chip 30 of the mobile phone 2. A key application for associating the telephone 2 with an office device to display a predetermined screen on the mobile phone 2 and key registration information corresponding to the use authority are downloaded to the mobile phone 2. Therefore, when using an IC card, it was necessary to create and possess an IC card for each office device. However, the DL server 8 of this embodiment stores a key application and key registration information in one mobile phone 2. Since downloading is performed as appropriate, the mobile phone 2 can have a plurality of key applications and key registration information. Also, when managing multiple key applications with one 1C card, it was necessary to go to a place where the dedicated machine is located during business hours and add or delete the key application to the dedicated machine through the IC card. The DL server 8 of the present embodiment downloads a key application and key registration information via the Internet network INT in response to a request from the mobile phone 2, and the downloaded key application and key registration information operate the mobile phone 2. Therefore, the location and time for adding or deleting the key application and key registration information are not limited, and convenience is good.

  Therefore, according to the DL server 8 of the present embodiment, the use of the mobile phone 2 incorporating the IC chip 30 gives added value that could not be realized with the IC card, and improved convenience and cost for the user. Reduction can be achieved.

H. Second Embodiment Next, a second embodiment of the present invention will be described with reference to the drawings.
The second embodiment is the best mode of the present invention. The image display control system according to the second embodiment is the first in that the PIN as a personal identification number is input, whether or not the user of the mobile phone 2 is a valid user, and the security level is raised. This is different from the image display control system 1 of the embodiment. Therefore, here, it demonstrates centering on a different point from 1st Embodiment, and attaches | subjects the same code | symbol as 1st Embodiment to drawing in common, and abbreviate | omits description suitably.

H1. Key Application Activation Processing with PIN Input FIG. 18 is a flowchart showing key application activation processing on the R / W 6 side in the image display control system according to the second embodiment.
The R / W 6 transmits the key application activation signal to the mobile phone 2 after performing the user authentication basically in the same manner as in the first embodiment, but prompts the user of the mobile phone 2 to enter the PIN after the user authentication. ing.

  That is, if the R / W 6 determines that the key authentication has been successful (S34: YES), it transmits a key application activation signal to the mobile phone 2 in S200. In step S201, the mobile phone 2 is requested to perform PIN authentication. In step S202, a PIN authentication result is acquired. In S203, it is determined whether or not the PIN authentication is performed by the mobile phone 2. When it is determined that the PIN authentication has been performed by the mobile phone 2 (S203: YES), the processing after S36 is performed. On the other hand, if it is determined that the PIN authentication could not be performed by the mobile phone 2 (S203: NO), after adding 1 to the retry count r in S204, it is determined whether or not the retry count r is 3 in S205. To do. If the retry count r is not 3 (S205: NO), in S206, an instruction to display the PIN input and frontage designation screen is transmitted to the mobile phone 2, and the process returns to S201. On the other hand, if the retry count r is 3 (S205: YES), the retry count r is reset to zero in S207, and then the process ends.

FIG. 19 is a flowchart showing key application activation processing on the mobile phone 2 side in the image display control system according to the second embodiment.
After transmitting the key registration information in S53, the mobile phone 2 determines whether or not a key application activation signal has been received in S210. While the key application activation signal is not received from the R / W 6 (S210: NO), it waits as it is. On the other hand, when the key application activation signal is received from the R / W 6 (S210: YES), the key application is activated in S211. In step S212, it is determined whether a PIN authentication request has been received from the R / W 6. If it is determined that the PIN authentication request has not been received (S212: NO), the process stands by until there is a PIN authentication request. On the other hand, if it is determined that the PIN authentication request has been received (S212: YES), it is determined whether or not the PIN authentication is possible in S213, and the determination result is transmitted to the R / W 6. The PIN authentication is determined based on whether or not the PIN set in the mobile phone 2 (included in the key registration information) matches the PIN input to the mobile phone 2. In step S214, it is determined whether an instruction to display a PIN input and frontage designation screen is received from the R / W 6. If it is determined that the instruction to display the PIN input and frontage designation screen is not received from the R / W 6 (S214: NO), the process proceeds to S54 as it is.

  On the other hand, if it is determined that an instruction to display the PIN input and frontage designation screen has been received from the R / W 6 (S214: YES), the PIN input and frontage designation screen is displayed on the display unit 28 in S215. Then, in S216, it is determined whether the PIN and frontage designation are input on the PIN input and frontage designation screen using the operation unit 29 of the mobile phone 2 and transmitted to the R / W 6 or not. When the PIN and frontage designation are input (S216: YES), the process returns to S213. On the other hand, when the PIN and the frontage designation are not input (S216: NO), the process waits as it is.

H2. Description of Operation of Image Display Control System Next, the operation of the image display control system of the second embodiment will be described. FIG. 20 is a diagram showing an example of signal exchange in the image display control system according to the second embodiment, and particularly shows signal exchange between the mobile phone 2 and the library R / W 6G.
In the description of the operation of the present embodiment, the case where the user A uses the library 90 will be described as an example, as in the first embodiment.

  As shown in FIG. 20, when the user A downloads the key application C, the employee ID display screen shown in FIG. 15 is displayed on the display unit 28 of the mobile phone 2. On the employee ID display screen, an employee ID 101 is displayed with a photo, an “END” button 102 for informing the DL server 8 of content confirmation, and an “INFO” button 103 for displaying information, are displayed. “PIN input with enter key” 104 and “notification icon” 100 displayed in blue when the PIN has been input and displayed in red when the PIN has not been input are displayed. When the user A sees that the “notification icon” on the employee ID display screen is displayed in red and inputs the PIN in advance, the mobile phone 2 with the employee ID display screen displayed. By pressing the enter key in the operation unit 29, the PIN input screen can be displayed.

  The PIN input screen shown in FIG. 21 includes a PIN input column 201 for setting a PIN, a device setting column 202 for setting a device, a door setting column 203 for setting a door to be unlocked, and an “end” button for forcibly terminating the PIN input. 204. A “decision” button 205 for determining the setting contents is displayed. The device setting column 202 and the door setting column 203 are set in advance according to “device ID” and “unlocking door ID” included in the key registration information, but the PIN input column 201 is blank. Therefore, the user A uses the operation unit 29 of the mobile phone 2 to input a 4-digit number in the PIN input field 201 and clicks the “OK” button 205. If the PIN is not properly entered in the PIN entry field 201, an error message is displayed on the display unit 28 to prompt the user to reset the PIN. On the other hand, when the PIN is appropriately input in the PIN input field 201, the PIN is stored in the PIN memory 40 of the IC chip 30.

  Thereafter, when the user A holds the mobile phone 2 over the library R / W 6G, the library R / W 6G determines whether the key authentication (person authentication) can be performed. When the key R can be authenticated, the library R / W 6 activates the key application of the mobile phone 2 and requests the mobile phone 2 for PIN authentication (see S34: YES, S200, S201 in FIG. 18). The reason for requesting the PIN authentication is to confirm whether the user A of the mobile phone 2 is a valid owner of the mobile phone 2 or not.

  When the mobile phone 2 starts the key application, the PIN is stored in the PIN memory 40, and it is determined whether or not the unlocking door is specified. If the PIN input and the front door are specified, the PIN is entered. It is determined whether or not the PIN stored in the memory 40 matches the PIN set in the mobile phone 2. When the PIN stored in the PIN memory 40 matches the PIN set in the mobile phone 2, it is determined that the PIN authentication has been performed, and the determination result to that effect is transmitted to the library R / W 6G (FIG. 19). S210, S211, S212: YES, see S213).

  When the archive R / W 6G receives the authentication signal indicating that the PIN authentication has been made from the mobile phone 2, the designated storage boxes 91A, 91C, 91G of the archive 90 are unlocked. "History" is acquired and written in the IC chip 30 of the mobile phone 2 (see S203: YES, S36, S37: YES, S38 in FIG. 18).

  On the other hand, there is a case where the user A inputs a PIN before using the library 90 and does not store it in the PIN memory 40 or inputs an incorrect PIN. In this case, since the mobile phone 2 cannot authenticate the PIN, the mobile phone 2 transmits a determination result indicating that the PIN authentication cannot be performed to the library R / W 6G (see S213 in FIG. 19).

  When the archive R / W 6G receives the determination result indicating that the PIN authentication cannot be performed from the mobile phone 2, it gives the mobile phone 2 an instruction to display the PIN input and the frontage designation screen (see S206 in FIG. 18).

  The cellular phone 2 displays the PIN input and frontage designation screen shown in FIG. On the PIN entry and frontage designation screen, a “PIN input field” 211 for inputting a PIN, a “frontage designation field” for displaying a usable frontage, an “end” button 213 for forcibly closing the screen, and confirming input contents “ The “OK” button 214 is displayed. The user A uses the operation unit 29 of the mobile phone 2 to enter the PIN in the PIN input field 211 on the PIN input and frontage designation screen, and designates the frontage to be unlocked from the frontage designation field 212. When the “OK” button 214 is clicked, the mobile phone 2 determines whether PIN authentication can be performed using the entered PIN. If it is determined that the PIN authentication can be performed based on the input PIN, the mobile phone 2 transmits a determination result indicating that the PIN authentication is possible to the library R / W 6G (see S214: YES, S215, S216: YES, S213 in FIG. 19). . On the other hand, if it is determined that PIN authentication cannot be performed with the input PIN, a determination result indicating that the PIN cannot be input is transmitted to the R / W 6G (see S214: YES, S215, S216: YES, S213 in FIG. 19).

  In the present embodiment, PIN input is permitted up to three times in order to ensure security. When the user A continues to input the PIN and fails three times, the library R / W 6G forcibly ends the key application download process (see S204, S205: NO, S207 in FIG. 18).

H3. Effects of the Image Display Control System and the Authentication System According to the image display control system of the present embodiment, when the PIN is preset in the mobile phone 2 and the key application is activated, the display unit 28 of the mobile phone 2 is activated. Since the PIN input screen is displayed to prompt the user to enter the PIN, and the PIN input by the user and the PIN set in the mobile phone 2 are collated to determine whether or not authentication is possible. In addition to lock authentication by 30, PIN authentication can be performed to raise the security level.

  Further, according to the image display control system of the present embodiment, for example, when the user A does not input a PIN and the user wants to take out a document from the storage box 91C, the user A of the mobile phone 2 stores the library. After authenticating that the user has authority to use 90, when the PIN input for entering the PIN and frontage and the frontage designation screen (see FIG. 22) are displayed on the mobile phone 2, the user A When the front door number of the PIN and the storage box 91C is input using the operation unit 29 and is held over the library R / W6G, the library R / W6G unlocks the electronic lock 94 of the storage box 91C corresponding to the designated front door. Since the user A can use the storage box 91C, it is possible to use the operation unit 29 of the mobile phone 2 without using an operation unit such as a numeric keypad or a touch panel in the archive R / W 6G. No. and frontage number of the storage box 91C can enter, it is possible to reduce the cost by applying inexpensive archive R / W6G not an operation unit in the system.

I. Third Embodiment Next, a third embodiment of the present invention will be described with reference to the drawings.
The image display control system of the third embodiment is different from the image display control system 1 of the first embodiment in that use authority is temporarily lent to another person. Therefore, here, it demonstrates centering on a different point from 1st Embodiment, and attaches | subjects the same code | symbol as 1st Embodiment to drawing in common, and abbreviate | omits description suitably.

I1. Key Temporary Lending Process FIG. 23 is a flowchart showing a key temporary lending process on the DL server 8 side in the image display control system according to the third embodiment.
When the DL server 8 responds to the key registration information rewrite request received from the mobile phone 2 in S311, the DL server 8 reads “key information” from the mobile phone 2 in S312 and determines whether or not key authentication can be performed in S23. If key authentication can be performed (S23: YES), an instruction to display the key registration information rewriting screen on the display unit 28 of the mobile phone 2 is transmitted to the mobile phone 2 in S313. In step S <b> 314, it is determined whether rewrite information is received from the mobile phone 2. When the rewrite information is not received from the mobile phone 2 (S314: NO), the process stands by until the rewrite information is received. On the other hand, when the rewrite information is received from the mobile phone 2 (S314: YES), the existing key registration information is rewritten in S315. In S316, an instruction to display a rewrite content confirmation screen for displaying the rewritten key registration information on the display unit 28 of the mobile phone 2 is given to the mobile phone 2, and in S317, the rewrite content is accepted from the mobile phone 2. It is determined whether or not a signal to that effect has been received. When a signal indicating acceptance of the rewrite content is received from the mobile phone 2 (S317: YES), the key registration information is updated to the rewritten one in S318. If a signal indicating acceptance of the rewrite content is not received from the mobile phone 2 (S317: NO), the process returns to S313 to prompt the user to re-enter the rewrite content.

FIG. 24 is a flowchart showing a temporary key lending process on the mobile phone 2 side in the image display control system according to the third embodiment.
After the initial setting in S1, the mobile phone 2 requests the DL server 8 to rewrite the key registration information in S301. When there is a response to the key registration information rewrite request from the DL server 8 in S3, the key registration information rewrite screen instruction is received from the DL server 8 and the key registration information rewrite screen is displayed on the display unit 28 in S302. In S303, the rewriting information is input to the key registration information rewriting screen using the operation unit 29 of the mobile phone 2, and is transmitted to the library R / W 6G.

  When the mobile phone 2 receives a rewrite content confirmation screen display instruction from the library R / W 6G in S304, the mobile phone 2 displays a screen for displaying the rewrite content on the display unit 28. In S305, it is determined whether or not to approve the rewriting content. The approval of the rewrite content is determined by whether or not the “approval” button displayed on the rewrite content confirmation screen is clicked. When approving the contents of rewriting (S305: YES), the communication network is requested to be disconnected in S7. On the other hand, if the rewrite content is not approved (S305: NO), the process returns to S302 to prompt the re-input of rewrite information.

I2. Key Application Activation Process FIG. 25 is a flowchart showing a key application activation process on the R / W side in the image display control system according to the third embodiment.
If the key authentication can be performed (S34: YES), the R / W 6 determines whether or not the use count flag f2 is equal to or less than the use count limit n in S321. If the use count flag f2 is equal to or less than the use count limit n (S321: YES), in S322, it is determined whether or not the key is within the valid period of use. If it is within the expiration date (S322: YES), the security object is controlled in S36.

  On the other hand, if the use count flag f2 is not equal to or less than the use count limit n (S321: NO), the person has lost the authority to use the library 90, and thus the process is terminated. Even if the use count flag f2 is less than or equal to the use count limit n (S321: YES), if the expiration date has passed (S322), the person has lost the authority to use the library 90. The process is terminated as it is.

FIG. 26 is a flowchart showing key application activation processing on the mobile phone 2 side in the image display control system according to the third embodiment.
The mobile phone 2 activates the key application, displays a predetermined screen on the display unit 28 (S57, S58, S59), and then adds 1 to the use count flag f2. As a result, the fact that the person who has accessed the R / W 6 has used the library 90 is recorded in the IC chip 30.

I3. Description of Operation of Image Display Control System Next, the operation of the image display control system of the third embodiment will be described.
As a precondition for explaining the operation of the image display control system of the present embodiment, it is necessary for the user A to check the contents of documents stored in the storage box 91A of the library 90 while going out. An example will be given in which a subordinate who does not have a document takes out a document and confirms the contents.

  The user A connects the cellular phone 2 to the DL server 8 via the Internet network INT and requests rewriting of the key registration information (see S301 in FIG. 24). Then, data related to the key registration information rewriting screen is transmitted from the DL server 8 to the mobile phone 2, and the key registration information rewriting screen is displayed on the display unit 28 of the mobile phone 2 (S 311, S 312, S 23 in FIG. 23: YES, (See S313). Using the operation unit 29 of the mobile phone 2, the user A uses the “ID” of the user A, “ID” of the subordinate B, “PIN” of the user A, “equipment ID” of the library 90, The key is the "unlocking door ID" of the storage box 91A, the "lending expiry date" for lending the key (for example, 1 month to 15:00 on the month, month, day 1), and the "usage number n" (for example, 3 times) that the key can be used The registration information rewriting screen is input, and the input content is transmitted as “rewriting information” to the DL server 8 (see S302 and S303 in FIG. 24).

  When the DL server 8 receives the “rewrite information” from the mobile phone 2, the DL server 8 reads the key registration information of the user “A”, rewrites the existing key registration information according to the “rewrite information”, and confirms the rewritten key registration information. Data relating to the prompting confirmation screen for rewriting content is transmitted to the mobile phone 2 (see S315 and S316 in FIG. 23).

  The user A confirms the content of the “rewrite content confirmation screen” displayed on the display unit 28 of the mobile phone 2 and clicks the “approval” button if it is correct. Thereby, the mobile phone 2 transmits a signal notifying that the user A has approved the rewritten key registration information to the R / W 6 (see S304 and S305 in FIG. 24: YES).

  When the R / W 6 receives a signal indicating that the rewritten key registration information has been approved from the mobile phone 2, the R / W 6 updates the rewritten key registration information (see S317 in FIG. 23: YES, S318). As a result, the key used by the user A to use the storage box 91A of the library 90 is temporarily lent to his subordinates under the restriction conditions (number of uses, use expiration date).

  The rewritten key registration information is encrypted and transmitted to the management server 5. The management server 5 changes and registers the usage authority information in the usage authority information DB 57 according to the contents of the key registration information rewritten. Thereafter, the management server 5 distributes the rewritten use authority information to the archive R / W 6G. As a result, the library R / W 6 recognizes that the user A has been temporarily granted to his subordinates the authority to unlock the storage box 91A of the library 90.

  Thereafter, the user A informs his subordinate that the key has been temporarily lent, confirms the contents of the documents stored in the storage box 91A of the library 90, and instructs the user A to contact the user A.

  The subordinate B connects the mobile phone 2 ′ to the DL server 8 and acquires the key application D and key registration information. The DL server 8 stores the “authentication ID” of the subordinate B along with the “authentication ID” of the user A when rewriting the key registration information, and recognizes that the key of the user A is lent to the subordinate B. ing. Therefore, when the subordinate B accesses the DL server 8 from the mobile phone 2 ′ and requests download of the key application D, the key registration information of the user A is downloaded to the mobile phone 2 ′ together with the key application D.

  When the subordinate B holds the mobile phone 2 'downloaded with the key application and key registration information over the archive R / W 6G, it is determined whether the key registration information is read out to the R / W 6G and can be authenticated. Since the user's key registration information is downloaded to the subordinate's mobile phone 2 ', when the subordinate's mobile phone 2' is held over, the key authentication information is stored based on the user's key registration information. The electronic lock 94 of the box 91A is unlocked (S321: YES in FIG. 25, S322: YES, S36, see S313 in FIG. 26). As a result, the subordinate B can take out the documents stored in the storage box 91A, confirm the contents, and contact the user A.

When the subordinate B unlocks the storage box 91A three times, even if he or she tries to unlock the storage box 91A by holding the mobile phone 2 'over the library R / W6G, the number of uses n set by the user A is set. Since it exceeds (three times), the storage box 91A cannot be unlocked.
Further, even if the subordinate B has not unlocked the storage box 91A three times, the storage box 91A is unlocked at 16:00 on the month, month, day, 16:00, after the expiration date (1 month to 15:00). Therefore, the storage box 91A cannot be unlocked even if the mobile phone 2 ′ is held over the library R / W 6G (see S321: NO, S322: NO in FIG. 25).

I4. Effects of Image Display Control System and DL Server According to the image display control system of the present embodiment, the key registration information includes the number of uses n for restricting the use of office equipment and the use expiration date (restriction condition). However, based on the key registration information received from the mobile phone 2, it is determined whether the mobile phone 2 communicates with the R / W 6 within the range of the number of uses and the range of the use expiration date. When communicating with the R / W 6 within the range of the number of uses n and the range of the expiration date of use, a key application activation signal is transmitted to the mobile phone 2, and a predetermined screen is displayed on the display unit 28 of the mobile phone 2. On the other hand, when the mobile phone 2 is not communicating with the R / W 6 within the range of the number of uses n or within the range of the use expiration date, the key application activation signal is not transmitted, and the display unit 28 of the mobile phone 2 is displayed. A predetermined screen. Since it is not shown, the office equipment cannot be used beyond the number of times of use n or the valid use period, and the security level is improved.

  In the image display control system of the present embodiment, the DL server 8 identifies the mobile phone 2 based on the IC chip 30 built in the mobile phone 2, and the key registration involving the mobile phone 2 by the operation of the mobile phone 2 is performed. Since the authentication ID of the user A included in the information is rewritten to the authentication ID of the subordinate B and the rewritten key registration information is transmitted to the R / W 6 via the Internet network INT, the management server 5 and the in-house LAN 7, for example, the subordinate When the user holds his / her mobile phone 2 'over the R / W 6, the use is permitted even for office equipment that is not originally authorized for use. Therefore, the image display control system of this embodiment can lend the use authority of office equipment temporarily to others using the mobile phone 2, and is convenient.

J. et al. Modifications The present invention is not limited to the above-described embodiment, and various applications are possible.
(1) For example, in the above-described embodiment, the image formation control system, the authentication system, and the application management apparatus have been described for the in-house network 3, but the present invention may be applied to general households and schools. For example, when the image forming control system is used in a general home, the parent creates a message addressed to the child by the client server 4 and stores it in the management server 5, the child returns home, and the mobile phone 2 is connected to the entrance. When holding it over the R / W6 attached to the door, the door is unlocked, and a message from the parent (for example, “Since you are out, dinner is in the refrigerator.” ") May be displayed on the screen. In this case, when the management server 5 detects that the R / W 6 has written a message on the mobile phone 2, the management server 5 creates and sends an e-mail notifying that the child has returned home to the parent mobile phone. May be. As a result, the parent can know the child's return time even when he / she is away from home. Also, for example, when using an image formation control system in a school, a message from the school when a student holds the mobile phone 2 over the R / W 6 provided on the entrance / exit door and unlocks the entrance / exit door. (For example, “XX month XX day (Wednesday) 2nd period is closed”) may be displayed on the display unit 28 of the mobile phone 2.

(2) In the above embodiment, Company A ●● branch internal network 3 is targeted, but as shown in FIG. 27, in addition to the key application and key registration information corresponding to Company A ●● branch, Company A The key application and key registration information corresponding to the branch office may be stored in the mobile phone 2 so that the screen of the company company's internal network 3A of the branch office A can be displayed at the time of personal authentication. In this case, if the user obtains the key application and key registration information before making a business trip to the branch office, regardless of the business hours of the business trip destination, etc., the user can enter or leave the branch office or use office equipment. can do.

(3) In the second embodiment, the screen for the user A to select and input the storage box (frontage) of the library is displayed on the mobile phone 2, but the layout of the library is displayed as image data, and the image data A frontage that can be used by the user may be displayed above, and a frontage to be unlocked may be specified from among the frontage where the user back is displayed. In this case, it is not necessary for the user A to remember the front door number of the library, which is convenient. In the second embodiment, the frontage is designated when the PIN input is inappropriate. However, a screen for designating the frontage may be displayed on the mobile phone 2 regardless of the presence or absence of the PIN input. . In this case, since only the frontage specified by the user A is unlocked, it is possible to prevent the user A from forgetting to lock the unlocked frontage after taking out the document or the like.

(4) In the second embodiment, the PIN is set as a four-digit number, but it may be set in English letters, hiragana, kanji, etc. by the operation unit 29 of the mobile phone 2. In this case, PIN variations are widened and the security level is improved.

(5) In the third embodiment, the subordinate B can unlock the library 90 only by holding the mobile phone 2 '. However, the subordinate B may be further prompted to enter a PIN and raise the security level. .

  In the above embodiment, the processes of S37 to S39 correspond to “display data writing means”, S55 to S59 correspond to “display control means”, and S321 to S322 and S36 of FIG. It corresponds to “control means”, S314 to S318 correspond to “key registration information rewriting means”, and S319 corresponds to “transmission means”.

1 is a schematic configuration diagram of an image display control system according to a first embodiment of the present invention. It is an electrical block diagram of the DL server shown in FIG. It is a figure which shows the data structure of application DB. It is a figure which shows the data structure of key registration information DB. It is an electrical block diagram of the mobile phone shown in FIG. FIG. 6 is an electrical block diagram of the IC chip shown in FIG. 5. It is an electrical block diagram of the in-house security system shown in FIG. It is an external appearance perspective view of a library. It is a flow which shows the process in which a mobile telephone downloads a key application. It is a flowchart which shows the process in which a DL server downloads a key application to a mobile phone. It is a flowchart which shows the key application starting process by the side of R / W. It is a flowchart which shows the key application starting process by the side of a mobile telephone. It is a conceptual diagram which shows an example of signal transmission / reception in the image display control system shown in FIG. 1, Comprising: Signal transmission / reception with a mobile telephone and DL server and a mobile telephone and entrance / exit management R / W is shown. It is a conceptual diagram which shows an example of signal transmission / reception in the image display control system shown in FIG. 1, Comprising: Signal transmission / reception with a mobile telephone and library R / W is shown. It is a figure which shows an employee ID display screen. It is a figure which shows a message display screen. It is a figure which shows a log | history display screen. It is a flowchart which shows the key application starting process by the side of R / W in the image display control system which concerns on 2nd Embodiment of this invention. It is a flowchart which shows the key application starting process by the side of a mobile telephone in the image display control system which concerns on 2nd Embodiment of this invention. It is a figure which shows an example of signal transmission / reception in the image display control system which concerns on 2nd Embodiment of this invention, and shows signal transmission / reception especially with a mobile telephone and library R / W. It is a figure which shows a PIN input screen. It is a figure which shows a PIN input and frontage designation | designated screen. It is a flowchart which shows the temporary lending process of the key in the DL server side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the temporary lending process of the key in the mobile telephone side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the key application starting process in the R / W side in the image display control system which concerns on 3rd Embodiment of this invention. It is a flowchart which shows the key application starting process in the mobile telephone side in the image display control system which concerns on 3rd Embodiment of this invention. It is a modification of the image display control system of this invention.

Explanation of symbols

1 Image display control system 2 Mobile phone 3 Internal security system 6 R / W (authentication equipment)
8 DL server (application management device)
30 IC chip (non-contact integrated circuit)
90 Library (Security protection object)

Claims (9)

A mobile phone incorporating a contactless integrated circuit with an identifier;
Security objects to be protected,
An authentication device that is provided in the security protection object, communicates with the non-contact type integrated circuit, and authenticates the right to use the security protection object;
An application management device connected to the mobile phone via a communication means,
The application management device is
Download source key application storage means for storing a key application for associating the mobile phone with the security object and displaying a predetermined screen on the mobile phone;
Download source key registration information storage means for storing key registration information corresponding to the use authority;
Download means for downloading the key application and the key registration information to the mobile phone;
The mobile phone
Download destination key application storage means for storing the key application downloaded from the application management device;
Download destination key registration information storage means for storing the key registration information downloaded from the application management device,
The mobile phone receives a key application activation signal for activating the key application from the authentication device when the authentication device is authenticated based on the key registration information as being authorized to use the security protection object. An image display control system, wherein the key application stored in the download destination key application storage means is activated and the predetermined screen is displayed on the display means of the mobile phone. In the image display control system according to claim 1,
A management apparatus that is connected to the authentication device via an internal communication means and includes a display data storage means for storing display data to be displayed on the display means of the mobile phone;
The authentication device is
Display data writing means for reading the display data from the display data storage means and writing it to the mobile phone when communicating with the mobile phone and authenticating that the right to use the security protection object is authorized ,
The mobile phone
An image display control system comprising display control means for displaying the display data written in the authentication device on the display means when the key application is activated. In the image display control system according to claim 1 or 2,
The mobile phone has a password storage means for storing a password,
The key application displays a personal identification number input screen on the display unit of the mobile phone at the time of activation, and collates the personal identification number input on the personal identification number input screen with the personal identification number stored in the personal identification number storage unit An image display control system for determining whether or not authentication is possible. In the image display control system according to any one of claims 1 to 3,
The key registration information includes a restriction condition for restricting use of the security protection object,
The authentication device is
Receiving the key registration information from the mobile phone, determining whether the mobile phone is communicating with the authentication device within the limit condition, and the mobile phone is within the limit condition When communicating with an authentication device, the key application activation signal is transmitted to the mobile phone, and when the mobile phone is not communicating with the authentication device within the range of the restriction condition, An image display control system comprising activation signal transmission control means for not transmitting the key application activation signal to a mobile phone. In the image display control system according to any one of claims 1 to 4,
The application management device
Key registration information that identifies the mobile phone based on the identifier of the non-contact type integrated circuit, and rewrites an authentication ID included in the key registration information related to the mobile phone by an operation of the mobile phone with another person's authentication ID Rewriting means,
An image display control system, comprising: a transmission unit configured to transmit the rewritten key registration information to the authentication device. A mobile phone incorporating a contactless integrated circuit with an identifier;
A vault that is subject to security protection;
A reader / writer device that is provided in the storage, communicates with the non-contact integrated circuit, and authenticates the authority to use the storage;
A download server connected to the mobile phone via a public telephone network,
The download server is
Download source key application storage means for storing a key application for displaying an input screen for inputting a personal identification number and a frontage of the storage on the mobile phone by associating the mobile phone with the storage;
Download source key registration information storage means for storing key registration information corresponding to the use authority;
Download means for downloading the key application and the key registration information to the mobile phone;
The mobile phone
Download destination key application storage means for storing the key application downloaded from the application management device;
Download destination key registration information storage means for storing the key registration information downloaded from the application management device,
The mobile phone receives a key application activation signal for activating the key application from the reader / writer device when the reader / writer device is authenticated based on the key registration information as having authority to use the storage. An image display control system, wherein the key application stored in the download destination key application storage means is activated to display the input screen on the display of the mobile phone. The image display control system according to claim 6,
The storage has an electronic lock controlled by the reader / writer device for unlocking for each frontage;
The mobile phone is input the password and the frontage using the operation unit on the input screen;
The reader / writer device has unlocking means for unlocking the electronic lock corresponding to the frontage designated by the mobile phone when the reader / writer device communicates with the mobile phone to which the personal identification number and the frontage are input. , And an image display control system. A mobile phone incorporating a contactless integrated circuit with an identifier;
An authentication device that is provided in a security protection object to be protected, communicates with the non-contact type integrated circuit, and authenticates the right to use the security protection object; and
The mobile phone
A key application storage unit that stores a key application that associates the mobile phone with the security object and displays a predetermined screen on a display unit;
Key registration information storage means for storing key registration information corresponding to the use authority,
Based on the key registration information, when the authentication device is authenticated as having the right to use the security protection object, a key application activation signal for activating the key application is received from the authentication device, and the key application is An authentication system which is activated and displays the predetermined screen on a display unit of the mobile phone. A non-contact type integrated circuit having an identifier is built in, and communicates with an authentication device to connect to a mobile phone that is authorized to use a security protection object through a communication means.
Download source key application storage means for storing a key application for associating the mobile phone with the security object and displaying a predetermined screen on the mobile phone;
Download source key registration information storage means for storing key registration information corresponding to the use authority;
An application management apparatus comprising: download means for downloading the key application and the key registration information to the mobile phone.

Images