JP2010049490A - Authentication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an access management system for preventing leakage of personal information while securing the convenience of the system. <P>SOLUTION: The access management system includes: an electric lock 2 for restricting the action of a user in a security space; an ID card reader 3 for acquiring the ID of the user;a fingerprint reader 4 for acquiring fingerprint information of the user; and an access controller 1 for authenticating the user based on the ID acquired by the ID card reader 3 and biometric information acquired by the fingerprint reader 4, to change the restriction state of the electronic lock 2 based on the authentication result of the access controller 1. The access controller 1 includes; an encryption information database storage part 13 for storing encryption information obtained by encrypting the ID using the biometric information; and a user ID restoration part 14 for decrypting the ID from the encryption information using the biometric information acquired by the fingerprint reader 4, and when the decrypted ID is same as the ID acquired by the ID card reader 3, permitting the authentication result. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an authentication system used for managing entry / exit into a predetermined security space.

  2. Description of the Related Art Conventionally, in an entrance / exit management system installed in an office building or the like, there are known ID information stored in an ID card and biometric information as in Patent Document 1 below.

  An entrance / exit management system that uses ID information in entrance / exit management stores ID information associated with an individual in an ID card, and acquires the ID information when an ID card is inserted into a card reader. When the ID information is valid, the unlocking operation is performed by the locking device provided in the security space.

In addition, in the entrance / exit management system, human body communication technology is put into practical use, and the ID card ID information can be obtained through the human body simply by touching the door knob at the entrance / exit of the security space without having to hold the ID card over the card reader. Developments have also been made to perform reading and unlocking operations of locking devices. In order to improve the security of such an entry / exit management system, conventionally, authentication using biometric authentication such as fingerprint or iris instead of ID card, or a combination of both ID card and biometric authentication is used. Hybrid systems that perform authentication have also been put into practical use.
JP 2001-195368 A

  However, in the case of the entrance / exit management system using the ID card described above, if the ID card is lost or stolen, there is a risk that it will be illegally used by others.

  In addition, in the case of the entrance / exit management system using the biometric information described above, if personal information such as fingerprints and irises used for biometric authentication is stored in the entrance / exit management system as it is, there is a possibility of personal information leakage. The problem arises that personal information must be strictly managed. Moreover, when it was set as the hybrid system which uses both ID information and biometric information, both ID card and biometric authentication had to be implemented, and there existed a problem which the convenience fell.

  Therefore, the present invention has been proposed in view of the above-described circumstances, and an object thereof is to provide an entrance / exit management system capable of avoiding leakage of personal information while ensuring convenience as a system.

  The present invention is acquired by a restriction unit that restricts a user's behavior, an ID information acquisition unit that acquires user ID information, a biometric information acquisition unit that acquires user biometric information, and an ID information acquisition unit. Based on the ID information and the biometric information acquired by the biometric information acquisition means, the authentication processing means for authenticating the user, and the restriction state by the restriction means is changed based on the authentication processing result by the authentication processing means. A restriction control means for performing encryption, and encryption information storage means for storing encryption information obtained by encrypting ID information using biometric information. In order to solve the above-mentioned problem, the present invention decrypts ID information from encrypted information using biometric information acquired by the biometric information acquisition means by the authentication processing means, and uses the decrypted ID information and ID information acquisition means. When the acquired ID information is the same, the result of the authentication process is permitted.

  According to the present invention, since the biometric information is not stored in the system in the same data format and the user ID information can be restored from the acquired ecological information, the result of the authentication process is permitted. Leakage of personal information such as ecological information can be avoided while ensuring convenience.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
The present invention is applied to an entrance / exit management system configured as shown in FIGS. 1 and 2, for example. This entrance / exit management system is configured by connecting an entrance / exit control device 1 to an electric lock 2, an ID card reader 3, and a fingerprint reader 4. In this entrance / exit management system, for example, each room in a building becomes a security space 6, and an entrance door 7 and an electric lock 2 are provided for each security space 6. For convenience, only a single security space 6 is shown. ing. In this entrance / exit management system, the ID card reader 3 and the fingerprint reader 4 are provided near the entrance door 7. This entrance / exit management system uses the ID information (user ID) and biometric information stored in the ID card 5 to control the locking / unlocking state of the electric lock 2 provided in the entrance door 7 of the predetermined security space 6. To do.

  The electric lock 2 is supplied with a control signal from the entrance / exit control device 1 and its locked / unlocked state is controlled. The entrance door 7 of the security space 6 can be opened and closed when the lock / unlock state of the electric lock 2 is controlled by the entrance / exit control device 1. Therefore, the electric lock 2 and the entrance door 7 serve as limiting means for limiting the user's behavior.

  As shown in FIG. 2, the ID card 5 includes a user ID storage unit 51 that stores a user ID, and an ID card reader interface unit 52 that communicates with the ID card reader 3. The ID card 5 transmits a user ID to the ID card reader 3 by the ID card reader interface unit 52 according to the control of the ID card reader 3.

  The ID card reader 3 functions as an ID information acquisition unit that acquires a user ID stored in an ID card 5 held by a user. As shown in FIG. 2, the ID card reader 3 includes an ID card reading unit 31 that reads a user ID from the ID card 5 and a control device interface unit 32. The ID card reader 3 acquires the user ID stored in the ID card 5 in a non-contact manner by the ID card reading unit 31 when the ID card 5 is placed on the user ID reading portion. Then, the ID card reader 3 outputs the acquired user ID to the entrance / exit control device 1 through the control device interface unit 32.

  The fingerprint reading device 4 includes a fingerprint reading unit 41 and a control device interface unit 42. The fingerprint reading device 4 is a fingerprint sensor that reads a fingerprint of the finger in response to the user's finger coming into contact and generates fingerprint image data as the user's fingerprint information. The fingerprint reading device 4 outputs the fingerprint information generated by the fingerprint reading unit 41 to the entrance / exit control device 1 by the control device interface unit 42.

  The entrance / exit control device 1 includes a user ID interface unit 11 connected to the ID card reader 3, a fingerprint information interface unit 12 connected to the fingerprint reader 4, an encryption information database storage unit 13, and a user ID restoration. Unit 14, authentication processing unit 15, user ID database storage unit 16, and door opening / closing control unit 17 connected to electric lock 2.

  The user ID interface unit 11 is supplied with the user ID when the ID card reader 3 acquires the user ID from the ID card 5. The user ID interface unit 11 outputs the user ID supplied from the ID card reader 3 to the user ID restoring unit 14.

  The fingerprint information interface unit 12 is supplied with the fingerprint information when the fingerprint reader 4 acquires the fingerprint information. The fingerprint information interface unit 12 outputs the fingerprint information supplied from the fingerprint reading device 4 to the user ID restoring unit 14.

  The encryption information database storage unit 13 stores an encryption information database in which encryption information obtained by encrypting a user ID using fingerprint information is registered. This encryption information database is registered in advance by an administrator of the entrance / exit management system. That is, by using the user ID stored in the ID card 5 distributed to the user whose entry / exit is managed by the entrance / exit management system and the fingerprint information acquired for each user, the user ID is obtained as fingerprint information. Encrypted (encoded) encryption information is generated and stored in the encryption information database storage unit 13 for each user.

  This encryption process is a process for converting the user ID with fingerprint information according to a predetermined rule or algorithm. The encryption process is performed by converting the user ID with the fingerprint information. However, it is a condition that the converted encrypted information can be restored to the user ID using the fingerprint information. As the encryption process, a biometric encryption method such as Fuzzy Vault Scheme can be used.

  The user ID restoration unit 14 uses the fingerprint information acquired by the fingerprint information interface unit 12 to decrypt the encryption information stored in the encryption information database storage unit 13 and acquires the decrypted user ID. Then, the user ID restoration unit 14 compares the decrypted user ID with the user ID acquired by the user ID interface unit 11. When the decrypted information matches the user ID acquired by the user ID interface unit 11, the user ID restoring unit 14 outputs the user ID to the authentication processing unit 15 assuming that the user ID has been decrypted. .

  The user ID database storage unit 16 stores a user ID database in which user IDs that can enter a predetermined security space 6 are registered. In this user ID database, a security space 6 that can be entered for each user ID may be registered, or a user ID that may be entered for each security space 6 may be registered. This user ID database is registered in advance by an administrator of the entrance / exit management system.

  When the user ID is supplied from the user ID restoring unit 14, the authentication processing unit 15 determines whether or not the user ID to be authenticated is registered in the user ID database. When the user ID to be authenticated is registered in the user ID database, the result of the authentication process is “permitted”. On the other hand, if the user ID to be authenticated is not registered in the user ID database, the result of the authentication process is “prohibited”.

  The door opening / closing control unit 17 supplies the locking / unlocking control signal to the electric lock 2 based on the result of the authentication processing by the authentication processing unit 15. When the result of the authentication processing by the authentication processing unit 15 is “permitted”, the door opening / closing control unit 17 outputs a locking / unlocking control signal for opening the entrance door 7 with the electric lock 2 unlocked. On the other hand, when the result of the authentication processing by the authentication processing unit 15 is “prohibited”, the locking / unlocking control signal for opening the door 7 with the electric lock 2 in the unlocked state is not output.

  Next, the operation procedure of the entrance / exit management system configured as described above will be described with reference to FIG.

  When the ID card 5 is deceived against the ID card reader 3 in step S1, the entrance / exit management system stores the user ID stored in the user ID storage unit 51 in the ID card 5 in step S2. It is transmitted by the reader interface unit 52. Then, the transmitted user ID is read by the ID card reading unit 31 of the ID card reader 3 and transmitted to the fingerprint reading device 4 by the control device interface unit 32. This user ID is received by the user ID interface unit 11 and supplied to the user ID restoring unit 14.

  In step S3, when the user holds his / her finger over the fingerprint reading device 4, in step S4, the fingerprint reading unit 41 reads the user's fingerprint information, and the control device interface unit 42 controls the fingerprint information to enter and leave the room. Transmit to device 1. This fingerprint information is received by the fingerprint information interface unit 12 and supplied to the user ID restoration unit 14.

  Note that it does not matter which of the processes in steps S1 and S2 for reading the user ID and the processes in steps S3 and S4 for reading the fingerprint information is earlier or later.

  In the next step S5, the user ID restoring unit 14 of the entrance / exit control device 1 searches for a user ID that can be restored based on the fingerprint information received in step S4. At this time, the user ID restoration unit 14 decrypts the encryption information registered in the encryption information database using the received fingerprint information.

  In the next step S6, the user ID restoring unit 14 determines whether or not a user ID that can be decrypted is searched in step S5. If a user ID that can be decrypted is retrieved, the process proceeds to step S8. If a user ID that can be decrypted is not retrieved, the process proceeds to step S7.

  In step S7, the user ID restoring unit 14 determines that the user requesting authentication is an unregistered user, and performs error processing in step S13. In this error processing, for example, a control signal for displaying or outputting a message “Authentication failed” to the ID card reader 3 is transmitted to the ID card reader 3.

  In step S8, the user ID restoring unit 14 determines whether or not the user ID searched in step S5 is equal to the user ID received in step S2. If both user IDs are equal, the process proceeds to step S10, and if both user IDs are not equal, the process proceeds to step S9.

  In step S9, the user ID restoring unit 14 determines that the user who requests authentication is not the owner of the valid ID card 5, and performs error processing in step S13. In this error process, in addition to the process of displaying or voice outputting a message “authentication failed” to the ID card reader 3 described above, the person who currently owns the ID card 5 Since there is a possibility that the ID card 5 has been acquired, it is desirable to perform processing such as backing up fingerprint information in a storage unit (not shown).

  In step S <b> 10, the authentication processing unit 15 acquires a user ID from the user ID restoration unit 14 and determines whether or not the user ID is registered in the user ID database as a user ID that can enter the security space 6. . If it is registered in the user ID database, the process proceeds to step S12. If it is not registered in the user ID database, the process proceeds to step S11.

  In step S11, the authentication processing unit 15 determines that the user requesting authentication is not permitted to enter the security space 6 because the user requesting authentication is not permitted, and performs error processing in step S13. . In this error processing, for example, a control signal for displaying or outputting a message “Authentication failed” to the ID card reader 3 is transmitted to the ID card reader 3.

  In step S12, the authentication processing unit 15 outputs to the door opening / closing control unit 17 that the result of the authentication processing in step S10 is “permitted”, and the door opening / closing control unit 17 puts the electric lock 2 into the unlocked state. A lock / unlock control signal is output. Thereby, the entrance / exit management system opens the entrance door 7.

  As described above in detail, according to the entrance / exit management system according to the first embodiment to which the present invention is applied, fingerprint information as biometric information is stored in the same data format on the system including the entrance / exit control device 1. Is not stored, the possibility of leakage of fingerprint information, which is personal information, can be reduced, and the security of confidential information can be improved. That is, according to this entrance / exit management system, even if the cryptographic information registered in the cryptographic information database is leaked, the fingerprint information cannot be restored, so that the confidentiality of the fingerprint information can be improved. it can.

  Also, according to this entrance / exit management system, authentication is not permitted if the user ID cannot be decrypted using the fingerprint information. Therefore, even if the ID card 5 is lost or stolen, the third party can use the ID card. 5 can not be easily used.

  Furthermore, according to this entrance / exit management system, it is possible to determine the ID card 5 and an authorized owner of the ID card 5 by a single authentication process, and the convenience of the system can be improved.

  Thus, according to the entrance / exit management system, leakage of personal information can be avoided while ensuring convenience as the system.

[Second Embodiment]
Next, an entrance / exit management system according to a second embodiment to which the present invention is applied will be described. In addition, about the same part as the entrance / exit management system mentioned above, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIG. 4, the entrance / exit management system according to the second embodiment stores encryption information obtained by encrypting a user ID using fingerprint information in the ID card 5, and the encryption information is transmitted from the entrance / exit control device 1. The difference from the first embodiment is that the database storage unit 13 is removed.

  In the ID card 5 in this entrance / exit management system, encryption information obtained by encrypting the user ID with fingerprint information is stored in the encryption information storage unit 51 ′. The encrypted information stored in the encrypted information storage unit 51 ′ is read by the ID card reader 3 and supplied to the user ID restoring unit 14 of the fingerprint reading device 4. Then, the fingerprint reading device 4 uses the fingerprint information acquired by the fingerprint reading device 4 by the user ID restoring unit 14 to decrypt the encrypted information acquired from the ID card reader 3 to obtain the user ID, and the authentication processing The authentication process is performed by the unit 15.

  As shown in FIG. 5, such an entrance / exit management system is configured such that when the ID card 5 is trapped by the ID card reader 3 in step S1, the encryption information in the ID card 5 is transferred to the ID card reader in step S21. 3 is transmitted to the entrance / exit control device 1. Further, the entrance / exit control device 1 acquires fingerprint information from the fingerprint reading device 4 in step S3 and step S4, and then proceeds to step S22.

  In step S <b> 22, the entrance / exit control device 1 determines whether the user ID can be restored by using the fingerprint information acquired from the fingerprint reader 4 by the user ID restoration unit 14.

  In the next step S23, the entrance / exit control device 1 determines whether or not it is determined in step S22 that the user ID can be restored. If the user ID is not recoverable, the user ID restoring unit 14 determines in step S9 that the user requesting authentication is not the owner of the valid ID card 5, and in step S13. Perform error handling. On the other hand, if the user ID can be restored, the authentication process after step S10 is performed.

  As described above, according to the entrance / exit management system according to the second embodiment to which the present invention is applied, the user ID is encrypted and registered in the ID card 5 using the fingerprint information, so the first embodiment The same effect can be demonstrated.

[Third Embodiment]
Next, an entrance / exit management system according to a third embodiment to which the present invention is applied will be described. In addition, about the same part as the entrance / exit management system mentioned above, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIGS. 6 and 7, the entrance / exit management system according to the third embodiment includes an ID card reader function 3 ′ including an ID card reader unit 31 and a control device interface unit 32, and an ID card reader 3. It differs from the entrance / exit management system according to the second embodiment described above in that it includes a fingerprint reading unit 34, which is the fingerprint reading function 4 ', and a user ID restoring unit 33 having the same function as the user ID restoring unit 14. .

  As shown in FIG. 8, the entrance / exit management system reads the encryption information in the ID card 5 in step S1 and step S21 by the ID card reader 3, and in step S31, the fingerprint reading unit in the ID card reader 3 The fingerprint information is read by 34.

  In the next step S32, the user ID restoration unit 33 of the ID card reader 3 determines whether or not the user ID can be restored using the fingerprint information acquired by the fingerprint reading unit 34 of the ID card reader 3. Then, in the next step S23, the user ID restoration unit 33 of the ID card reader 3 determines whether or not it is determined in step S32 that the user ID can be restored. If the user ID is not recoverable, the user ID restoring unit 33 determines in step S9 that the user requesting authentication is not the owner of the valid ID card 5, and in step S13. Perform error handling.

  On the other hand, if the user ID can be restored, the decrypted user ID is transmitted to the entrance / exit control device 1 via the control device interface unit 32 in step S33. And in the entrance / exit control apparatus 1, the authentication process after step S10 is performed.

  As described above, according to the entrance / exit management system according to the third embodiment to which the present invention is applied, the user ID is encrypted and registered in the ID card 5 using the fingerprint information, so the first embodiment The same effect can be demonstrated.

[Fourth Embodiment]
Next, an entrance / exit management system according to a fourth embodiment to which the present invention is applied will be described. In addition, about the same part as the entrance / exit management system mentioned above, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIGS. 9 and 10, the entrance / exit management system according to the fourth embodiment is provided in an ID card 5 as an information storage medium storing a user ID held by the user. In addition, the entrance / exit management system includes an ID card reader 30 with a fingerprint reading function as an operation unit that is operated at the entrance door 7 to request a restriction release operation by the user.

  In the ID card reader 30 with the fingerprint reading function, a message for pressing a predetermined portion with a user's finger is written on the surface of the casing as an operation unit. The ID card reader 30 with the fingerprint reading function is touched by the user's finger when the user enters the security space 6. Note that the operation unit of the ID card reader 30 with the fingerprint reading function may also be used as the fingerprint reading unit 34 of the ID card reader 3, and examples thereof include buttons and touch panels.

  The ID card 5 in this entrance / exit management system includes a human body communication interface unit 52 ′ for performing communication via the user's human body instead of the ID card reader interface unit 52. The ID card reader 3 includes a human body communication interface unit 31 ′ corresponding to the human body communication interface unit 52 ′. The human body communication interface unit 52 ′ and the human body communication interface unit 31 ′ communicate according to a common human body communication protocol. As a result, in the entrance / exit management system, when the user operates the ID card reader 30 with the fingerprint reading function with the finger of the user, the human body communication interface unit 31 ′ communicates with the human body communication interface unit 52 ′. The user ID stored in the user ID storage unit 51 can be acquired by the human body communication interface unit 31 ′.

  The operation procedure of the entrance / exit management system according to the fourth embodiment will be described with reference to FIG.

  When the user holding the ID card 5 touches the fingerprint reader 34 of the ID card reader 3 in step S41, the fingerprint reader 34 displays the fingerprint information of the user in step S42. The reading / control device interface unit 32 transmits the fingerprint information to the entrance / exit control device 1. This fingerprint information is received by the interface unit 11 ′ that can receive both the user ID and the fingerprint information, and is supplied to the user ID restoring unit 14.

  In addition, when the finger is touched to the fingerprint reading unit 34 in step S41, the entrance / exit management system receives the ID card 5 via the human body communication interface unit 52 ′ and the human body communication interface unit 31 ′ in step S43. The user ID is read by the ID card reader 3. The user ID is supplied from the human body communication interface unit 31 ′ to the control device interface unit 32, and is transferred from the control device interface unit 32 to the user ID restoration unit 14 via the interface unit 11 ′ of the entrance / exit control device 1. Sent.

  Here, if the ID card 5 is held by the human body communication function of the human body communication interface unit 52 ′ so as to come into contact with the human body of the user or indirectly to the human body such as a pocket, the ID card reader 3. The user ID can be read by the human body communication interface unit 31 ′.

  It does not matter which of the process for reading the user ID and the process for reading the fingerprint information is earlier or later.

  Then, the entrance / exit management system is a user ID in which a user ID that can be restored using fingerprint information is read from the ID card 5 by performing the processing of step S5 to step S12, as in the first embodiment. When the decrypted user ID is the user ID of a user who can enter the room registered in the user ID database storage unit 16, the authentication result is “permitted”.

  As described above in detail, according to the entrance / exit management system according to the fourth embodiment to which the present invention is applied, once for the operation unit (fingerprint reading unit 34) provided in the ID card reader 30 with the fingerprint reading function. The user ID and fingerprint information stored in the ID card 5 can be acquired only by the finger operation. Therefore, according to this entrance / exit management system, it is possible to perform an authentication operation quickly while maintaining the confidentiality of the personal information and the high security for the security space 6, and the convenience can be improved.

[Fifth Embodiment]
Next, an entrance / exit management system according to a fifth embodiment to which the present invention is applied will be described. In addition, about the same part as the entrance / exit management system mentioned above, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIG. 12, the entrance / exit management system according to the fifth embodiment stores the encryption information obtained by encrypting the user ID using the fingerprint information in the ID card 5 and transmits the encryption information from the entrance / exit control device 1. The fourth embodiment is different from the fourth embodiment in that the database storage unit 13 is removed.

  The ID card 5 in this entrance / exit management system stores encryption information obtained by encrypting the user ID with fingerprint information in the encryption information storage unit 51 ′, and the human body communication interface unit 31 ′ and the human body communication interface unit of the ID card reader 3 The encryption information is read by the ID card reader 3 through the user's human body by 52 '. In this entrance / exit management system, fingerprint information is also read by the ID card reader 3.

  In such an entrance / exit management system, as shown in FIG. 13, the fingerprint reading unit 34 of the ID card reader 3 reads the fingerprint information and transmits it to the entrance / exit control device 1 in steps S41 and S42 described in FIG. To do. In step S51, the human body communication interface unit 52 'reads the encryption information from the encryption information storage unit 51' and transmits the encryption information. The encrypted information is received by the human body communication interface unit 31 ′ and transmitted to the entrance / exit control device 1 via the control device interface unit 32.

  After that, the entrance / exit management system performs the processing from step S22 onward in the same manner as in FIG. 5, whereby the user ID that can be restored using the fingerprint information is the user ID read from the ID card 5, and the decrypted When the user ID is a user ID of a user who can enter the room registered in the user ID database storage unit 16, the authentication result is “permitted”.

  As described above, according to the entrance / exit management system according to the fifth embodiment to which the present invention is applied, the user ID is encrypted using the fingerprint information and registered in the ID card 5, so that the fourth embodiment In the same manner as above, the encryption information and fingerprint information stored in the ID card 5 can be acquired with a single finger operation, and the confidentiality of the personal information and the high security of the security space 6 are maintained. Thus, the authentication operation can be performed quickly and the convenience can be improved.

[Sixth Embodiment]
Next, an entrance / exit management system according to a sixth embodiment to which the present invention is applied will be described. In addition, about the same part as the entrance / exit management system mentioned above, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIG. 14, the entrance / exit management system according to the sixth embodiment is different from the entrance / exit management system according to the fifth embodiment described above in that the ID card reader 3 includes a user ID restoration unit 33. Different.

  In this entrance / exit management system, as shown in FIG. 15, the fingerprint reader 34 reads the fingerprint information by the ID card reader 3 in steps S41 and S61. In step S62, the human body communication interface unit 52 ′ transmits the cryptographic information stored in the cryptographic information storage unit 51 ′. In step S63, the user ID restoring unit 33 of the ID card reader 3 restores the user ID. .

  After that, the entrance / exit management system performs the processing after step S23 in the same manner as the processing shown in FIG. 8, thereby obtaining the fingerprint information acquired by the fingerprint reading unit 34 by the user ID restoration unit 33 of the ID card reader 3. When the user ID that can be restored by using the user ID is a user ID of a user who can enter the room by the entrance / exit control device 1, the authentication result is “permitted”.

  As described above, according to the entrance / exit management system according to the sixth embodiment to which the present invention is applied, it is possible to acquire the encryption information and the fingerprint information stored in the ID card 5 by only one finger operation. In addition, while maintaining the confidentiality of the personal information and the high security for the security space 6, the authentication operation can be performed quickly and the convenience can be improved.

[Seventh Embodiment]
Next, an entrance / exit management system according to a seventh embodiment to which the present invention is applied will be described. In addition, about the same part as the entrance / exit management system mentioned above, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIG. 16, the entrance / exit management system according to the seventh embodiment is provided with a door knob type handle portion 8 in the entrance door 7 of the security space 6, and the handle portion 8 incorporates a fingerprint reading portion 34. is there. The fingerprint reading unit 34 is connected to the ID card reader 30 with a fingerprint reading function.

  Such an entrance / exit management system can employ any of the configurations of the fourth to sixth embodiments. For example, referring to FIG. 10, the fingerprint reading unit 34 of the ID card reader 3 is built in the handle unit 8. When the user holding the ID card 5 grips the handle portion 8, the human body communication interface unit 52 ′ transmits the user ID stored in the encryption information storage unit 51 ′ to the ID card reader 3, and the human body communication interface unit 31 ′ acquires the user ID transmitted from the ID card 5. At the same time, the ID card reader 3 transmits fingerprint information from the fingerprint reading unit 34.

  As a result, the control device interface unit 32 of the ID card reader 3 transmits the user ID and fingerprint information to the entrance / exit control device 1, and the entrance / exit control device 1 uses the read user ID and fingerprint information to perform encryption. The user ID can be restored from the information, and the authentication process can be performed using the decrypted user ID.

  According to such an entry / exit management system according to the seventh embodiment, fingerprint information and a user ID can be acquired only by the user holding the handle portion 8, and the convenience of the entry / exit management system is improved. be able to.

  The above-described embodiment is an example of the present invention. For this reason, the present invention is not limited to the above-described embodiment, and various modifications can be made depending on the design and the like as long as the technical idea according to the present invention is not deviated from this embodiment. Of course, it is possible to change.

It is a block diagram which shows the whole structure of the entrance / exit management system which concerns on 1st Embodiment to which this invention is applied. It is a block diagram which shows the functional structure in the entrance / exit management system which concerns on 1st Embodiment to which this invention is applied. It is a flowchart which shows the operation | movement procedure of the entrance / exit management system which concerns on 1st Embodiment to which this invention is applied. It is a block diagram which shows the functional structure in the entrance / exit management system which concerns on 2nd Embodiment to which this invention is applied. It is a flowchart which shows the operation | movement procedure of the entrance / exit management system which concerns on 2nd Embodiment to which this invention is applied. It is a block diagram which shows the whole structure of the entrance / exit management system which concerns on 3rd Embodiment to which this invention is applied. It is a block diagram which shows the functional structure in the entrance / exit management system which concerns on 3rd Embodiment to which this invention is applied. It is a flowchart which shows the operation | movement procedure of the entrance / exit management system which concerns on 3rd Embodiment to which this invention is applied. It is a block diagram which shows the whole structure of the entrance / exit management system which concerns on 4th Embodiment to which this invention is applied. It is a block diagram which shows the functional structure in the entrance / exit management system which concerns on 4th Embodiment to which this invention is applied. It is a flowchart which shows the operation | movement procedure of the entrance / exit management system which concerns on 4th Embodiment to which this invention is applied. It is a block diagram which shows the functional structure in the entrance / exit management system which concerns on 5th Embodiment to which this invention is applied. It is a flowchart which shows the operation | movement procedure of the entrance / exit management system which concerns on 5th Embodiment to which this invention is applied. It is a block diagram which shows the functional structure in the entrance / exit management system which concerns on 6th Embodiment to which this invention is applied. It is a flowchart which shows the operation | movement procedure of the entrance / exit management system which concerns on 6th Embodiment to which this invention is applied. It is a block diagram which shows the whole structure of the entrance / exit management system which concerns on 7th Embodiment to which this invention is applied.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Entrance / exit control apparatus 2 Electric lock 3 ID card reader 4 Fingerprint reader 5 ID card 6 Security space 7 Entrance door 8 Handle part 11 Interface part 12 Interface part for fingerprint information 13 Encryption information database storage part 14 Restoration part 15 Authentication processing part Reference Signs List 16 database storage unit 17 door opening / closing control unit 30 ID card reader 31 ID card reading unit 31 'human body interface unit 32 control device interface unit 33 user ID restoration unit 34, 41 fingerprint reading unit 42 control device interface unit 51 user ID Storage unit 51 ′ Encryption information storage unit 52 ID card reader interface unit 52 ′ Human body communication interface unit

Claims (3)

Restriction means to restrict user behavior,
ID information acquisition means for acquiring user ID information;
Biometric information acquisition means for acquiring biometric information of the user;
Authentication processing means for performing user authentication processing based on the ID information acquired by the ID information acquisition means and the biological information acquired by the biological information acquisition means;
Restriction control means for changing the restriction state by the restriction means based on the result of the authentication processing by the authentication processing means;
Encryption information storage means for storing encryption information obtained by encrypting the ID information using the biometric information,
The authentication processing unit decrypts the ID information from the encryption information using the biometric information acquired by the biometric information acquisition unit, and the decrypted ID information and the ID information acquired by the ID information acquisition unit are the same. An authentication system characterized in that the result of authentication processing is permitted in some cases. An information storage medium storing ID information held by the user;
The restriction means includes an operation unit operated to request a restriction release operation by a user,
The biometric information acquisition unit acquires the biometric information of the user at the time of a user operation on the operation unit provided in the restriction unit,
The ID information acquisition unit acquires the ID information stored in the information storage medium via a human body when a user operates the operation unit provided in the restriction unit. The described authentication system.   The restriction means has a part gripped by a user, the ID information acquisition means obtains ID information from the information storage medium via the part of the restriction means, and the biological information acquisition means is the restriction means. The authentication system according to claim 1, wherein fingerprint information as biometric information is read through the part.

Images