JP2010066929A - Server system, electronic equipment, communication terminal, and authentication method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a server system, electronic equipment, a communication terminal, and an authentication method in which transmitted data of electronic equipment can be suitably utilized while authentication is simplified. <P>SOLUTION: The server system includes a user information storage unit which stores authentication information on a user as registered authentication information, an authentication unit which collates authentication information received from the communication terminal with the registered authentication information, and a data processing unit which performs processing for the transmitted data from the electronic equipment. The communication terminal transmits local identification information acquired by local communication by the electronic equipment as authentication information to the server system. The authentication unit collates the local identification information received as the authentication information from the communication terminal with registered local identification information to perform user authentication. The data processing unit receives the transmitted data from the electronic equipment received through a third-person's communication terminal and performs data processing even if the local identification information does not coincide with the registered local identification information. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a server system, an electronic device, a communication terminal, and an authentication method.

  A so-called third-generation mobile phone has an interface of a removable IC card such as a UIM (User Identification Module) card. This contact IC card stores personal information such as a telephone number and a subscriber number, and is uniquely associated with the user. The mobile phone is also given a terminal ID (manufacturing number).

  Authentication in a mobile phone includes terminal level authentication and user authentication, which is user level authentication. In terminal-level authentication, a UIM number (SIM number) is generally used for third-generation mobile phones and the like, and a terminal ID (manufacturing number) is generally used for mobile phones that do not have a UIM interface or the like. On the other hand, when personal authentication such as electronic payment is required, the user is required to input a password and a login ID.

  However, such an input operation of a password or the like is complicated for the user, and there is a problem that the convenience of the user is impaired. The conventional technique of user authentication in electronic payment or the like is disclosed in Patent Document 1.

  By the way, in recent mobile phones, in addition to the above-mentioned UIM interface, an increasing number of models incorporate a non-contact type IC chip that performs non-contact short-range wireless communication with an external read / write (R / W) device. . This non-contact type IC chip is used in a modular form as an IC chip even in a non-contact type IC card used in an automatic ticket gate, etc. By incorporating such an IC chip into a mobile phone, Various applications are realized. For example, using a mobile phone incorporating a non-contact type IC chip, applications such as enabling the passage of an automatic ticket gate, payment of a train fare, and shopping by electronic payment are realized.

  However, although various applications using non-contact type IC chips have been proposed, a technique for using information acquired by local communication using non-contact type IC chips for user authentication or the like is proposed. It has not been.

  In addition, in an electronic device such as an electrocardiograph, an unforeseen situation may occur for a user wearing the device.

  However, in an application using a non-contact IC chip so far, there has been no proposal for proper use of measurement data of an electronic device assuming such a situation.

JP 2003-36406 A

  According to some aspects of the present invention, it is possible to provide a server system, an electronic device, a communication terminal, and an authentication method capable of realizing appropriate use of transmission data of an electronic device while simplifying authentication.

  The present invention is a server system that is connected to a communication terminal that performs local communication with an electronic device via a communication network, the user information storage unit that stores user authentication information as registered authentication information, and the communication An authentication unit for verifying whether or not the user is a valid user by comparing authentication information received from a terminal with the registered authentication information stored in the user information storage unit, and from the electronic device A data processing unit that performs processing on transmission data, and the communication terminal transmits local identification information acquired by performing local communication with the electronic device to the server system as the authentication information. The local identification information received as the authentication information from the communication terminal is compared with the registered local identification information stored as the registration authentication information in the user information storage unit. The data processing unit performs transmission data from the electronic device received via a third party communication terminal even when the local identification information and the registered local identification information do not match. It relates to a server system that accepts and processes data.

  According to the present invention, the registered local identification information is stored as registration authentication information in the user information storage unit. When local identification information acquired by performing local communication with the electronic device is received, the received local identification information is collated with the registered local identification information stored in the user information storage unit, thereby realizing user authentication. Is done. In this way, user authentication can be simplified and user convenience can be improved. Further, by using local identification information obtained by local communication with the communication terminal, it is possible to ensure the certainty of user authentication.

Furthermore, according to the present invention, even if the local identification information and the registered local identification information do not match and authentication is not established, data for transmission data from the electronic device received via the third party communication terminal Processing is performed. Therefore, it is possible to realize appropriate use of transmission data of the electronic device while simplifying authentication. In the present invention, the data processing unit is configured to execute the third processing when the electronic device is determined to be in a predetermined mode. The data processing may be performed by receiving the transmission data received via the communication terminal of the person.

  In this way, when it is determined that the electronic device is in the predetermined mode, the local identification information and the registered local identification information do not match, and even if authentication is not established, the transmission data from the electronic device Data processing is performed.

  In the present invention, the electronic device transmits notification information for notifying that the mode is the predetermined mode in the transmission data, and the data processing unit includes the notification information included in the transmission data. Based on this, it may be determined whether or not the electronic device is in a predetermined mode.

In this way, the notification information included in the transmission data can be used to determine whether or not the electronic device is in a predetermined mode and determine whether or not to perform data processing on the transmission data. In the present invention, the electronic device may encrypt and transmit the transmission data, and the data processing unit may perform the data processing by decrypting the encrypted transmission data.

  In this way, it is possible to prevent a situation in which the content of the transmission data is known to a third party, and to protect the personal information of the user.

  In the present invention, the electronic device encrypts and transmits the transmission data by a reversible encryption process, encrypts the local identification information by an irreversible encryption process, and transmits the user information storage unit. The registration local identification information encrypted by irreversible encryption processing is stored as the registered local identification information, and the authentication unit is stored in the received local identification information and the user information storage unit. User authentication may be performed by collating with the encrypted registered local identification information.

  In this way, the registered local identification information is stored in the user information storage unit in an encrypted state, and user authentication is performed by comparing the encrypted information with each other. It is possible to prevent a situation where local identification information that becomes information is leaked, and to protect personal information. Since the transmission data is encrypted by a reversible encryption process, various data processing using the transmission data can be realized by decrypting the encrypted transmission data at the time of data processing. .

  In the present invention, as the local identification information, communication terminal side identification information that is identification information of a short-range wireless communication device provided on the communication terminal side, and electronic device that is identification information of a read / write device provided on the electronic device side Side identification information is acquired by local communication with the electronic device, and the acquired communication terminal side identification information and the electronic device side identification information are transmitted to a server system in association with the transmission data, and the authentication The unit may perform user authentication based on the communication terminal side identification information and the electronic device side identification information.

  In this way, the identification information of the short-range wireless communication device acquired for the first time by performing local communication between the short-range wireless communication device on the communication terminal side and the read / write device on the electronic device side and the read / write device User authentication can be performed using the identification information as local identification information. Thereby, the certainty of authentication can further be improved.

  In the present invention, the authentication unit may perform user authentication by comparing the electronic device side identification information acquired by local communication with the electronic device and the preregistered electronic device side identification information. Good.

  In this way, if the electronic device side identification information does not match the pre-registered electronic device side identification information, user authentication will not succeed, and an unauthorized electronic device will be used for authentication. You can prevent success.

  In the present invention, as the data processing, the data processing unit may perform a process of transferring the transmission data to a transfer destination corresponding to the transmission data from the electronic device.

  In this way, transmission data from an electronic device received via a third party communication terminal can be transferred to a transfer destination corresponding to the transmission data. Utilization can be realized.

  In the present invention, when the transmission data from the electronic device is received via the third-party communication terminal, a screen for the third party to input information regarding the third party, You may include the display control part which performs control for displaying on the display part of a communication terminal of a third party.

  In this way, the third party can input information about the third party through the communication terminal, and processing such as transferring the information about the third party to the transfer destination is also possible.

  Further, the present invention may include a display control unit that performs control for displaying a screen for notifying the third party of information related to the transfer destination of the transmission data on a display unit of the communication terminal of the third party. Good.

  In this way, the third party can know the information regarding the transfer destination of the transmission data by looking at the display unit of the communication terminal. For example, the third party can contact the transfer destination. Become.

  In the present invention, as the local identification information, communication terminal side identification information that is identification information of a short-range wireless communication device provided on the communication terminal side, and electronic device that is identification information of a read / write device provided on the electronic device side Side identification information is acquired by local communication with the electronic device, the acquired communication terminal side identification information and the electronic device side identification information are transmitted to a server system in association with the transmission data, and the data The processing unit may transfer the transmission data to a transfer destination associated in advance with the electronic device side identification information associated with the transmission data.

  In this way, for example, even if the communication terminal side identification information obtained by local communication does not match the registered communication terminal side identification information, the electronic device side identification obtained by local communication is used. By specifying the transfer destination, the transmission data can be transferred.

  In the present invention, the data processing unit includes a data registration unit that registers user data transmitted by the electronic device in the registration data storage unit as registration data, and a request for browsing the registration data of the user. May include a browsing permission unit that performs processing for permitting the browsing request.

  In this way, not only the data processing of the transmission data of the electronic device but also the third party viewing request can be accepted and permitted, and the third party can also browse the user registration data accumulated in the past. become able to.

  In the present invention, the browsing permission unit may permit the third party's browsing request on the condition that a specific person approved by the user permits browsing of the registered data.

  In this way, viewing by a third party is approved on the condition of permission of a specific person approved by the user, so that personal information of the user can be protected.

  In addition, the present invention is an electronic device that performs local communication with a communication terminal, and an identification information acquisition unit that acquires communication terminal side identification information from the communication terminal by performing local communication with the communication terminal. A transmission unit that transmits the communication terminal side identification information and the electronic device side identification information as local identification information for authenticating the user to the communication terminal by local communication, and the transmission unit is an electronic device Is related to an electronic device that transmits transmission data including notification information for notifying that the electronic device is in the predetermined mode to the communication terminal in association with the local identification information.

  According to this invention, communication terminal side identification information is acquired by performing local communication with a communication terminal. And the acquired communication terminal side identification information and electronic device side identification information are transmitted to a communication terminal as local identification information for authenticating a user. In this way, user authentication using the communication terminal side identification information and the electronic device side identification information becomes possible, and the probability of authentication can be increased.

  Further, according to the present invention, when the electronic device is in the predetermined mode, transmission data including notification information for notifying that the electronic device is in the predetermined mode is transmitted to the communication terminal in association with the local identification information. In this way, it is possible to determine whether or not the electronic device is in the predetermined mode based on the notification information of the transmission data, and to realize data processing or the like of the transmission data according to the determination.

  In the present invention, the transmission unit may transmit the transmission data including the notification information for notifying that the user is in an emergency state when the user is determined to be in an emergency state. May be sent to.

  In this way, it is possible to notify that the user is in an emergency state using the notification information included in the transmission data, and data processing corresponding to the user's emergency state can be realized.

  In the present invention, the transmitting unit may transmit biometric data measured for the user to the communication terminal as the transmission data.

  In this way, biometric data can be transmitted in the emergency state of the user, and appropriate measures for the user can be realized.

  In the present invention, the transmission unit encrypts the transmission data by a reversible encryption process and transmits the encrypted data to the communication terminal, and encrypts the local identification information by an irreversible encryption process and transmits the encrypted data to the communication terminal. May be.

  In this way, it is possible to prevent a situation in which the identification information on the communication terminal side, which becomes the user's personal information, is leaked, and to prevent a situation in which the content of the transmission data is known to a third party, etc. Protection can be achieved. Since the transmission data is encrypted by a reversible encryption process, various data processing using the transmission data can be realized by decrypting the encrypted transmission data at the time of data processing. It becomes like this.

  In the present invention, the identification information acquisition unit acquires identification information of a short-range wireless communication device provided on the communication terminal side from the communication terminal by local communication as the communication terminal side identification information, and the transmission unit The local identification of the communication terminal side identification information that is the acquired identification information of the short-range wireless communication device and the electronic device side identification information that is the identification information of the read / write device provided on the electronic device side As information, you may transmit to the said communication terminal by local communication.

  In this way, the identification information of the short-range wireless communication device and the identification information of the read-write device acquired for the first time by performing local communication between the short-range wireless communication device and the read / write device are used as the user authentication information. It is possible to use the data as authentication, and the reliability of authentication can be further increased.

  In addition, the present invention is a communication terminal that performs local communication with an electronic device and is connected to a server system via a communication network, and performs local communication with the electronic device, whereby communication terminal side identification information is obtained. An identification information acquisition unit that acquires electronic device side identification information as local identification information, and a transmission unit that transmits the local identification information as authentication information for authenticating a user to the server system, When the transmission unit receives transmission data including notification information for notifying that the electronic device is in the predetermined mode from the electronic device, the transmission unit associates the received transmission data with the local identification information. The present invention relates to a communication terminal that transmits to the server system.

  According to the present invention, the communication terminal side identification information and the electronic device side identification information are acquired by performing local communication with the electronic device. Then, the acquired communication terminal side identification information and electronic device side identification information are transmitted to the server system as user authentication information. If it does in this way, user authentication using communication terminal side identification information and electronic equipment side identification information can be realized, and user authentication can be simplified.

  Furthermore, according to the present invention, transmission data including notification information for notifying that the electronic device is in the predetermined mode is transmitted to the server system in association with the local identification information. In this way, it is possible to determine whether or not the electronic device is in the predetermined mode based on the notification information of the transmission data, and to realize data processing or the like of the transmission data according to the determination.

  In the present invention, when the communication terminal is a third party communication terminal different from the user of the electronic device, the display unit displays a screen for the third party to input information regarding the third party May be included.

  In this way, the third party can input information about the third party using the communication terminal, and processing such as transferring the information about the third party to the transfer destination is also possible.

  Further, in the present invention, when the communication terminal is a third party communication terminal different from the user of the electronic device, a display for displaying a screen for notifying the third party of information related to the transmission destination of the transmission data Part may be included.

  In this way, the third party can know the information regarding the transfer destination of the transmission data by looking at the display unit of the communication terminal. For example, the third party can contact the transfer destination. Become.

  In the present invention, the identification information acquisition unit includes communication terminal side identification information that is identification information of a short-range wireless communication device provided on the communication terminal side, and identification information of a read / write device provided on the electronic device side. The electronic device side identification information is acquired as the local identification information by local communication with the electronic device, and the transmitting unit obtains the identification information of the short-range wireless communication device and the identification information of the read / write device, The local identification information may be transmitted to the server system.

  In this way, the identification information of the short-range wireless communication device and the identification information of the read / write device that are acquired for the first time by performing local communication can be used as user authentication information.

  Further, the present invention acquires local identification information by local communication between an electronic device and a communication terminal at the time of user registration, and registers the acquired local identification information in a user information storage unit as user registration authentication information. The local identification information is acquired by local communication between the electronic device and the communication terminal during access from the electronic device after the user registration, and the local identification information acquired during access from the electronic device The registered local identification information stored in the user information storage unit as the registration authentication information is collated to authenticate whether the user of the communication terminal is a valid user, and the local identification information and the registration Relevant to an authentication method that accepts transmission data from the electronic device received via a third-party communication terminal and performs data processing even when the local identification information does not match That.

  Hereinafter, this embodiment will be described. In addition, this embodiment demonstrated below does not unduly limit the content of this invention described in the claim. In addition, all the configurations described in the present embodiment are not necessarily essential configuration requirements of the present invention.

1. System Configuration FIG. 1 shows a configuration example of an authentication system (data management system) and server system realized by this embodiment. This authentication system includes a communication terminal 100 (mobile terminal, portable communication terminal) such as a mobile phone owned by a user and a specific person such as a doctor (person in charge of a medical institution), a guardian (relative), or a system administrator. Communication with an information processing apparatus 300 such as a PC (personal computer) or a portable terminal to be operated, and a communication system 100 and a server system 20 (management server) connected to the information processing apparatus 300 via the communication network 10 The electronic device 200 is capable of local communication with the terminal 100 by short-range wireless communication or the like. The authentication system is not limited to the configuration shown in FIG. 1, and various modifications such as omitting some of these components (for example, the information processing apparatus) and adding other components are possible.

  The communication network 10 can include a public network such as a mobile communication network and the Internet network, or a fixed telephone network. A mobile communication network for communication connection with the communication terminal 100 includes a mobile telephone network such as a CDMA (Code Division Multiple Access) method, a PDC (Personal Digital Cellular) method, an IMT-2000 (International Mobile Telecommunication 2000) method, a PDC- Mobile data communication networks such as P (PDC-Packet), Wi-Fi (Wireless Fidelity), and WiMAX (Worldwide Interoperability for Microwave Access) can be included.

  The server system 20 (management server) performs authentication management and information processing of the communication terminal 100 and the information processing apparatus 300, and is connected to the communication terminal 100 and the information processing apparatus 300 via the communication network 10. The function of the server system 20 can be realized by hardware such as one or a plurality of information processing apparatuses (rental server, shared server) and a program such as a CGI program.

  The communication terminal 100 is a terminal having a communication function, such as a mobile phone, and is connected to the server system 20 via the communication network 10. In addition, local communication using short-range wireless communication or the like with the electronic device 200 is possible. Specifically, local communication separated from the communication network 10 is performed by the non-contact IC chip on the communication terminal 100 side and the read / write device on the electronic device 200 side. Communication terminal 100 is not limited to a mobile phone, and may be a portable information processing device such as a portable game machine or a PDA.

  The electronic device 200 (terminal device) is, for example, a device that is not connected to the communication network 10 and is a vital device for measuring various biological information such as an electrocardiograph, an electronic camera (digital still camera, video camera), or digital photo. Digital equipment (portable electronic devices) such as frames, music players, image viewers, PDAs and printers, home appliances such as rice cookers, refrigerators and microwave ovens, and game devices such as home game machines and portable game machines Can be assumed.

  The server system 20 that is a Web server includes an authentication unit 30, a user registration unit 32, a third party user registration unit 34, a data processing unit 36, and a display control unit 48. Each of these units can be realized by a CGI program written in a language such as PHP (PHP: Hypertext Preprocessor) or Perl. The server system 20 includes a database 50 realized by a storage device such as a hard disk. The server system 20 is not limited to the configuration of FIG. 1, and various modifications such as omitting some of these components or adding other components are possible.

  The database 50 is a relational database realized by, for example, MySQL or the like, and includes a user information storage unit 52 and a registration data storage unit 54. The user information storage unit 52 (user information table) stores various information related to the user. Specifically, the authentication information of the user of the communication terminal 100 is stored as registered authentication information. As registration authentication information in this case, local identification information (for example, idIC, R / W number) acquired by local communication between the communication terminal 100 and the electronic device 200, a communication terminal ID, a password, and the like can be assumed.

  The registration data storage unit 54 (registration data table) stores registration data. Specifically, transmission data from the electronic device 200 (application data such as vital data and game data) is stored as registration data.

  The authentication unit 30 performs various authentication processes. For example, the authentication information (local identification information, communication terminal ID, etc.) received from the communication terminal 100 and the registered authentication information (registered local identification information, communication terminal ID, etc.) stored in the user information storage unit 52 are collated. Thus, it is authenticated whether or not the user of the communication terminal 100 is a valid user. That is, it is determined whether or not the received authentication information matches the registered authentication information. If they do not match, an authentication error occurs.

  Specifically, the communication terminal 100 uses the local identification information (for example, idIC, R / W number) acquired by performing local communication (short-range wireless communication) with the electronic device 200 as authentication information via the communication network 10. To the server system 20. The authentication unit 30 includes local identification information (identification information for specifying a device that has performed local communication) received as authentication information from the communication terminal 100, and registered local identification stored as registration authentication information in the user information storage unit 52. User authentication is performed by checking the information.

  In addition, when the local identification information received from the communication terminal 100 is encrypted, the user information storage unit 52 stores the registered local identification information in an encrypted state as the registered local identification information. Then, the authentication unit 30 performs user authentication by comparing the encrypted local identification information from the communication terminal 100 with the encrypted registered local identification information stored in the user information storage unit 52. That is, collation is performed between pieces of information that are still in the dark. By doing so, the personal information of the user can be protected. As an encryption method in this case, for example, a common key encryption method such as DES or AES, a public key encryption method, or the like may be adopted. The encryption is preferably irreversible encryption that cannot be decrypted. Collation for user authentication is performed between encrypted information, and there is no need to decrypt local identification information. By adopting an irreversible method, it is possible to thoroughly protect local identification information that is personal information. Because.

  The user registration unit 32 performs a user registration process. Specifically, the communication terminal 100 transmits user input authentication information such as a password input by the user to the communication network 10 in addition to the local identification information acquired by performing local communication with the electronic device 200 at the time of user registration. To the server system 20. The authentication unit 30 authenticates whether or not the user is a valid user based on user input authentication information such as a password received from the communication terminal 100 (performs personal authentication). When authenticated as a valid user, the user registration unit 32 registers the local identification information received from the communication terminal 100 in the user information storage unit 52 as registered local identification information. Thereafter, the local identification information received from the communication terminal 100 and the registered local identification information stored in the user information storage unit 52 are collated (matched) when there is an access such as data registration or data browsing from the electronic device 200 side. The user authentication is executed.

  Note that the electronic device side identification information (R / W number) of the electronic device 200 may be encrypted and pre-registered in the server system 20 before the electronic device 200 is distributed (sold) to the user. In this case, the server system 20 has an encryption unit, and the encryption unit encrypts the electronic device side identification information. Then, at the time of user authentication, the electronic device side identification information included in the local identification information received from the communication terminal 100 is collated with the preregistered electronic device side identification information. In this way, if the received electronic device side identification information does not match the preregistered electronic device side identification information, an authentication error occurs. Accordingly, the authentication is successful only when the authorized electronic device is used, and a situation where an unauthorized electronic device is used can be prevented. Thereby, it is possible to further increase the certainty of authentication.

  The third party user registration unit 34 performs registration processing for a third party user such as a guardian. Specifically, third-party user registration for permitting a third-party user (for example, a guardian such as a parent) to view registration data of the user (for example, a child) is performed.

  The data processing unit 36 performs various data processing. For example, processing for transmission data from the electronic device 200 is performed. The data processing unit 36 includes a data registration unit 38, a data browsing unit 40, a data transfer unit 42, a decryption unit 44, and a browsing permission unit 46.

  For example, when receiving transmission data such as vital data from the electronic device 200 via the communication terminal 100, the data processing unit 36 registers registration data based on the received transmission data in the registration data storage unit 54. Specifically, when the authentication unit 30 authenticates that the user is a valid user, the transmission data from the electronic device 200 is registered in the registration data storage unit 54 as the valid user data. This data registration process is performed by the data registration unit 38.

  Further, the data processing unit 36 performs a process for the user to browse the registration data stored in the registration data storage unit 54. Specifically, when the authentication unit 30 authenticates that the user is a valid user, the registration data browsing is permitted in response to the registration data browsing request from the communication terminal 100. This data browsing process is performed by the data browsing unit 40.

  In this embodiment, the data processing unit 36 also receives the electronic data received via the third-party communication terminal even when the local identification information and the registered local identification information do not match (when the idIC does not match). The transmission data from the device 200 is accepted. Then, data processing is performed on the transmission data. For example, as data processing, processing for transferring transmission data (processing for relaying data) is performed with respect to a transfer destination (for example, the information processing apparatus 300) corresponding to transmission data from the electronic device 200. For example, the data processing unit 36 transfers the transmission data to a transfer destination (for example, the information processing apparatus 300) associated in advance with the electronic device side identification information (for example, the R / W number) associated with the transmission data. To do. This data transfer process is performed by the data transfer unit 42.

  Specifically, when it is determined that the electronic device 200 is in a predetermined mode (for example, emergency mode, upload mode), the data processing unit 36 receives transmission data received via a third party communication terminal, Perform data processing. For example, the electronic device 200 transmits notification information (for example, emergency notification information and upload notification information) for notifying that the mode is the predetermined mode in the transmission data (transmits in association with the transmission data). Then, the data processing unit 36 determines whether or not the electronic device 200 is in a predetermined mode (predetermined state) based on the notification information included in the received transmission data. For example, when the electronic device 200 has an emergency button (switch), the electronic device 200 is set to the emergency mode when the user presses the emergency button. Then, the electronic device 200 set in the emergency mode transmits the transmission data that is the biometric data of the user including the emergency notification information. Based on the emergency notification information, the data processing unit 36 recognizes that the electronic device 200 is in the emergency mode (emergency state), and transmits the transmission data that is the biometric data to the doctor who is the doctor in charge of the user. A process of transferring to the information processing apparatus 300 is performed.

  In this case, the electronic device 200 encrypts transmission data and transmits it. The data processing unit 36 decrypts the encrypted transmission data and performs data processing such as data transfer to the information processing apparatus 300. This decoding is performed by the decoding unit 44.

  Specifically, electronic device 200 encrypts transmission data by a reversible encryption process and transmits the encrypted data. On the other hand, local identification information (idIC) is encrypted by irreversible encryption processing and transmitted. The user information storage unit 52 stores the registered local identification information encrypted by irreversible encryption processing as the registered local identification information. Then, the authentication unit 30 performs user authentication by comparing the received encrypted local identification information with the encrypted registered local identification information stored in the user information storage unit 52. The data processing unit 36 performs a data process such as a process of transferring the transmission data to the information processing apparatus 300 by performing a process of decrypting the transmission data encrypted by the reversible encryption process.

  The data registration unit 38 of the data processing unit 36 registers the user data transmitted by the electronic device 200 in the registration data storage unit 54 as registration data. And the browsing permission part 46 of the data processing part 36 performs the process for permitting a browsing request, when the browsing request of a user's registration data is made by the third party. Specifically, a specific person approved by the user permits a third-party viewing request on the condition that browsing of registered data is permitted. Here, the specific person is a person who has been previously approved by the user for browsing and permission of the registered data, such as a doctor (the user's primary doctor, the medical institution where the user visits), the user's guardian (relatives), and the like.

  The display control unit 48 performs display control processing of a screen (display image) displayed on the communication terminal. Specifically, when the transmission data from the electronic device 200 is received via a third-party communication terminal, the third-party information (for example, a contact number such as a telephone number or an e-mail address) is transmitted by the third party. Control for displaying the input screen on the display unit of the third-party communication terminal is performed. In addition, the display control unit 48 performs control for displaying a screen for informing a third party of information related to a transmission destination (for example, a doctor or a guardian) of transmission data on the display unit of the third party communication terminal.

2. Communication Terminal, Electronic Device FIG. 2A illustrates a configuration example of the communication terminal 100 and the electronic device 200. The communication terminal 100 includes a control unit 110, a storage unit 120, an operation unit 130, a display unit 140, a communication unit 150, and a short-range wireless communication device 170. It should be noted that various modifications such as omitting some of these components or adding other components (for example, UIM interface) are possible.

  The control unit 110 performs overall control of the communication terminal 100 and control of each unit, and the function can be realized by hardware such as a CPU and an ASIC and a program executed on the CPU. The storage unit 120 has a program storage area for storing various programs and a data storage area for storing various data, and the function can be realized by a memory such as a RAM, a ROM, or an EEPROM. In this program storage area, a program for browsing such as displaying a Web page described in HTML on the display unit 140 by accessing the server system 20, a program for sending and receiving e-mails, and the like. Remembered.

  The operation unit 130 includes operation buttons such as a numeric keypad (not shown), and the user uses the operation unit 130 to input a telephone number, mail text, or select various menu items. The display unit 140 is a display realized by a liquid crystal panel or an organic EL panel, and displays various display screens such as Web pages. The communication unit 150 performs communication processing for receiving various data via the antenna 160 and transmitting various data.

  The short-range wireless communication device 170 is a device that performs wireless communication with a short-range range of, for example, 0 to 10 cm as a communication range. The short-range wireless communication device 170 can include an antenna (closed loop coil), a tuning unit, a modem unit, a control unit, and a storage unit (not shown). The antenna is configured by a closed loop coil or the like, and transmits data by sending an electric current to the coil to transmit data, or detects data due to a change in magnetic flux passing through the coil and receives data. The tuning unit performs tuning, detection, and the like based on the current flowing through the antenna, and outputs the result to the modem unit. The modem unit demodulates the signal from the tuning unit and outputs the received data to the control unit or performs modulation for transmitting the data from the control unit via the antenna.

  The short-range wireless communication device 170 can be realized by, for example, a non-contact IC chip. This non-contact type IC chip is modularized and used as an IC chip even in a non-contact type IC card used for an automatic ticket gate or the like. By incorporating such a non-contact IC chip in the communication terminal 100, the communication terminal 100 can have the same function as the non-contact IC card. That is, just by touching the communication terminal 100 to the read / write device 250 of the electronic device 200 like a non-contact type IC card, data of the communication terminal 100 can be transmitted to the electronic device 200, Data can be received. The communication protocol of the short-range wireless communication device 170 includes, for example, NFC (Near Field Communication), ISO / IEC 14443, ISO / IEC 15693, Bluetooth, UWB (Ultra Wide Band), IEEE 802.11b, etc. that regulate RF tag communication. Various communication protocols can be exemplified.

  The electronic device 200 includes a control unit 210, a storage unit 220, an operation unit 230, and a display unit 240. Various modifications such as omitting some of these components or adding other components are possible. The read / write device 250 may be built in the electronic device 200 or may be connected to the electronic device 200 via a USB or the like.

  The control unit 210 performs overall control of the electronic device 200 and control of each unit, and can be realized by hardware such as a CPU or ASIC, or a program. The storage unit 220 is realized by a memory such as a RAM, a ROM, or an EEPROM, and stores various data. The operation unit 230 is for the user to operate the electronic device 200 and can be realized by an operation button, a touch panel, or the like. The display unit 240 displays various types of information on the electronic device, and can be realized by, for example, a liquid crystal panel or an organic EL panel. The read / write device 250 is a device for reading data and writing data by local communication (short-range wireless communication) with the short-range wireless communication device 170 of the communication terminal 100.

  FIG. 2B shows an example of a mode selection screen (menu screen) displayed on the display unit 240 of the electronic device 200. The user selects the data transmission mode when transmitting data of the electronic device 200 to the server system 20 side, and selects the data browsing mode when browsing the registered data of the server system 20. Further, when performing registration processing of a guardian who is a third party user, the guardian registration mode is selected, and when changing the model of the communication terminal 100 or the like, the model change mode is selected.

  When setting the electronic device 200 to the emergency mode, the emergency mode is selected on the mode selection screen. The setting of the emergency mode (predetermined mode in a broad sense) may be realized by selection on such a mode selection screen, or may be realized by pressing the emergency button 232 provided on the operation unit 230. Good. Alternatively, an abnormality in the user's biometric data may be detected and automatically set to the emergency mode.

  As shown in FIG. 2A, the control unit 210 of the electronic device 200 includes an identification information acquisition unit 212, a transmission unit 214, and an encryption unit 218. Each of these units can be realized by firmware, an application program, or the like that controls the electronic device 200.

  The identification information acquisition unit 212 performs identification information acquisition processing. Specifically, communication terminal side identification information is acquired from the communication terminal 100 by performing local communication with the communication terminal 100 using the read / write device 250 and the short-range wireless communication device 170. Here, the communication terminal side identification information is identification information for uniquely identifying a device on the communication terminal 100 side that has performed local communication. For example, the identification of the short-range wireless communication device 170 that is a device on the communication terminal 100 side. Information can be adopted. Specifically, the communication terminal side identification information is, for example, idIC that is identification information of a non-contact type IC chip constituting the short-range wireless communication device 170. The idIC is equivalent to a serial number unique to the IC chip, and for example, manufacturing number information called idm assigned at the time of manufacturing a non-contact type IC chip (module) may be used. Note that the communication terminal side identification information is not limited to idIC, and may be identification information for specifying a device on the communication terminal 100 side that has performed local communication.

  The transmission unit 214 performs transmission processing for the communication terminal 100. Specifically, the communication terminal side identification information (idIC) acquired from the communication terminal 100 and the electronic device side identification information are transmitted to the communication terminal 100 by local communication as authentication information for authenticating the user. Here, the electronic device side identification information is identification information for uniquely specifying the device on the electronic device 200 side that has performed local communication, and is, for example, the identification information of the read / write device 250 that is the device on the electronic device 200 side. is there. Specifically, the electronic device side identification information is, for example, an R / W number that is a manufacturing number of the read / write device 250. This R / W number is assigned when the read / write device 250 is manufactured, and is a serial number unique to the read / write device 250. The electronic device side identification information is not limited to the R / W number, and may be identification information for specifying the device on the electronic device 200 side that has performed local communication.

  The encryption unit 218 performs encryption processing of information transmitted to the communication terminal side. For example, local identification information such as communication terminal side identification information and electronic device side identification information is encrypted by irreversible encryption processing. On the other hand, transmission data is encrypted by a reversible encryption process. The encryption unit 218 may be provided in the read / write device 250.

  For example, idIC (identification information on the communication terminal side in a broad sense) is information that the communication terminal 100 cannot know alone to protect the personal information of the user, and during local communication with the read / write device 250, It is transmitted to the read / write device 250. Therefore, the transmission unit 214 returns the idIC received from the communication terminal 100 in this manner to the communication terminal 100 and uses it for user authentication information. At this time, by encrypting the idIC and transmitting it to the communication terminal 100, protection of the user's personal information can also be realized. Here, the underline drawn to the idIC in FIG. 2A means that it is an encrypted idIC.

  Note that both the idIC and the R / W number may be encrypted and transmitted. In this case, it is desirable to individually encrypt the idIC and R / W number. The reason for this is that, assuming a usage scene in which the R / W number is used and associated with the location information where the electronic device 200 is installed, it is better to individually encrypt each of the idIC and the R / W number. This is because convenience is high. Therefore, it is desirable to handle the idIC and R / W number individually without combining the information. As a typical example, as described above, only the idIC is encrypted, and the R / W number is not encrypted. That is, since the idIC is identification information that is always added to the non-contact type IC, encryption is desirable from the viewpoint of personal information protection. In comparison, the R / W number is information on the electronic device 200 side, and encryption is not particularly essential. However, if idIC information leaks for some reason, the security level can be increased by encrypting the R / W number and authenticating with a combination of the idIC and the R / W number.

  Further, as the local identification information transferred by the local communication between the communication terminal 100 and the electronic device 200, it is possible to use only the idIC, and a modification without using the R / W number (electronic device side identification information in a broad sense) is possible. is there. Alternatively, it is possible to perform a modification such that the idIC and the R / W number are not transmitted to the communication terminal 100 at the same timing but are transmitted at a different timing.

  When the user selects the data transmission mode on the mode selection screen in FIG. 2B and registers the transmission data from the electronic device 200 in the server system 20, the transmission unit 214 transmits the transmission data and the transmission data. URL (Uniform Resource Locator) information for registration, idIC, and R / W number are associated with each other and transmitted to the communication terminal 100. That is, idIC and R / W number are transmitted as parameters added to the URL information. By doing this, when the communication terminal 100 accesses the URL to the server system 20, the idIC and R / W number can be passed as parameters (arguments) to the CGI program of the server system 20, etc. Increase efficiency.

  When the user selects the data browsing mode and browses the data of the server system 20 on the mode selection screen of FIG. 2B, the transmission unit 214 displays the URL information, idIC, and R / W number. The data is transmitted to the communication terminal 100 in association with each other.

  When the user selects the guardian registration mode (third-party user registration mode in a broad sense) on the mode selection screen in FIG. Registration that is permitted to (three-party users) is performed. In this case, the identification information acquisition unit 212 performs local communication with the communication terminal 100 to acquire idIC1 (first communication terminal side identification information in a broad sense) from the user communication terminal 100. Moreover, idIC2 (2nd communication terminal side identification information in a broad sense) is acquired from a guardian's communication terminal by performing local communication with a guardian's communication terminal (not shown). Then, the transmission unit 214 transmits the acquired idIC1, idIC2, and R / W number to the communication terminal 100.

  The identification information acquisition unit 112 on the communication terminal 100 side acquires the idIC and the R / W number as local identification information by performing local communication with the electronic device 200. Then, the transmission unit 114 transmits the idIC and R / W number, which are local identification information, to the server system 20 as authentication information for authenticating the user of the communication terminal 100.

  2B, when the user selects the guardian registration mode, the identification information acquisition unit 112 displays the user's idIC1 (first local identification information) and the guardian's idIC2 (second local identification information). ) Is acquired by local communication with the electronic device 200. Then, the transmission unit 114 transmits idIC1, idIC2, and the R / W number to the server system 20 as user authentication information.

  When the electronic device 200 is set to a predetermined mode such as the emergency mode, the transmission unit 214 transmits transmission data including notification information for notifying that the electronic device 200 is in the predetermined mode to the communication terminal side. It is transmitted in association with local identification information such as identification information (idIC) and electronic device side identification information (R / W number). In this case, local identification information is encrypted and transmitted by an irreversible encryption process, and transmission data is encrypted and transmitted by a reversible encryption process. Specifically, when it is determined that the user is in an emergency state, the transmission unit 214 transmits transmission data including notification information for reporting that the user is in an emergency state to the communication terminal 100 (a third party's To the communication terminal). For example, biometric data (such as electrocardiographic waveform data) measured for the user is transmitted as transmission data.

  When the transmission unit 114 of the communication terminal 100 receives transmission data including notification information for notifying that the electronic device 200 is in the predetermined mode from the electronic device 200, the transmission unit 114 converts the received transmission data into local identification information (idIC, R / W number) is transmitted to the server system 20.

  For example, it is assumed that the communication terminal 100 is a communication terminal of a third party different from the user of the electronic device 200 (a third party who has discovered the user's emergency or a rescue worker). In this case, after the transmission data is transmitted to the server system 20, the display unit 140 allows the third party to input information related to the third party (contact information such as a third party's telephone number and email address). Display the screen. In addition, a screen for informing a third party of information related to the destination of the transmission data (contact information such as a doctor's or guardian's telephone number or e-mail address) is displayed.

3. Authentication Method Next, the authentication method of the present embodiment will be specifically described with reference to FIGS. In the following, the identification information on the communication terminal side is idIC, the identification information on the electronic device side is an R / W number, the communication terminal 100 is a mobile phone, and the electronic device 200 is a vital device such as an electronic body weight composition meter. An example will be described. As shown in FIG. 3A, a terminal manufacturing number (TID) or UIM number (SIM number) is used as the communication terminal ID. For example, when the communication terminal 100 does not include the UIM interface, the terminal manufacturing number is used as the communication terminal ID. When the communication terminal 100 includes the UIM interface, the UIM number is used as the communication terminal ID.

  In FIG. 3B, information such as the user ID, age, and sex used in advance is input to the electronic device 200 that is a vital device (biological information device), and vital data that is biometric data can be recorded. It is configured as follows.

  Although this electronic device 200 is not connected to the communication network 10, according to the method of this embodiment, the measured vital data can be linked to the server system 20 by interposing the communication terminal 100.

  When such cooperation is performed, the user touches the communication terminal 100 on the read / write device 250 (interface unit) on the electronic device 200 side as indicated by A1 in FIG. Then, the idIC of the communication terminal 100 is transmitted to the electronic device 200 by local communication, and the encrypted idIC, R / W number, and URL information are returned to the communication terminal 100 as local identification information. Then, as shown at A2, the communication terminal 100 accesses the server system 20 via the communication network 10, and the data registration program and data browsing program specified by the URL are called. In this case, idIC and R / W number are passed to these programs as parameters. At this time, if the user is not registered, a user registration screen is displayed on the display unit 140 of the communication terminal 100, and the user performs user registration by inputting a password or the like.

  Next, as shown by A3 in FIG. 3B, the received idIC and R / W number (local identification information), and the idIC and R / W number registered in the user information storage unit 52 of the server system 20 (Registered local identification information) is compared and user authentication is performed. In this case, the received idIC is encrypted, and the registered idIC is also encrypted. Both are collated in the encrypted state, and user authentication is performed. Thereby, it is possible to thoroughly protect the personal information of the user. If the R / W number is also encrypted, the received R / W number may be collated with the registered R / W number in an encrypted state.

  And if it is authenticated by a user authentication that it is a legitimate user, as shown to A4, a user will register the registration data based on the vital data (transmission data) measured with the electronic device 200 of the server system 20. Registration in the registration data storage unit 54 and registration data (measured vital data itself, its processed data and analysis data) in the registration data storage unit 54 can be viewed on the communication terminal 100 or the like.

  As described above, according to the present embodiment, vital data (biological information) is transmitted to the server system 20 only by the user touching the electronic device 200 with the communication terminal 100 such as a mobile phone, and the server system 20 is registered. Data can be referenced. In the server system 20, the transmitted data can be used for user health management by analyzing the transmitted data in time series, and the vital data can be used effectively.

  In addition, according to the present embodiment, when performing personal authentication in the server system 20 that is a Web server, an idIC that cannot be known unless the user touches the electronic device 200 without entering the password, and is necessary. By authenticating by adding the R / W number, it is possible to realize the personal authentication more safely without the user's trouble. That is, identity authentication can be realized by combining a key that can be acquired on the Internet and a key that can be acquired on the electronic device 200 (real device).

  For example, authentication in a service using the communication terminal 100 includes terminal level authentication and personal authentication with a higher authentication level. Conventionally, in this personal authentication, the user is required to input a password or the like, which is complicated for the user.

  In this regard, according to the present embodiment, after entering a password or the like and performing user registration, it is only necessary to collate the received idIC and R / W number with the registered idIC and R / W number. Since user authentication is performed, the user's trouble can be saved greatly. That is, when the user simply touches the communication terminal 100, the idIC and R / W number are automatically sent to the server system 20, and personal authentication is performed without entering a password. It can be easily registered in the server system 20. In this case, the idIC and R / W number are sent to the server system 20 together with the URL, and a data registration program or the like is automatically started by this URL, so that the convenience for the user can be further improved. The idIC is sent to the read / write device 250 for the first time by a touch operation on the communication terminal 100, and authentication using this idIC has a high security level. This high security level can be maintained by encrypting the idIC. In addition to using the idIC and R / W number, user authentication may be performed using a password and a login ID in addition to this.

  Next, a case where the user who is the user gives permission to view the registered data of the user on the Web to a third party such as a guardian will be described with reference to FIG.

  First, the guardian registration mode is selected on the mode selection screen in FIG. Then, as shown in B1 of FIG. 4, the person touches the electronic device 200 with the communication terminal 100. As a result, the identification number idIC1 of the non-contact IC chip built in the communication terminal 100 is sent from the communication terminal 100 to the electronic device 200.

  Next, as shown in B <b> 2 of FIG. 4, the guardian touches the electronic device 200 with the communication terminal 101. Thereby, in addition to idIC1, the identification number idIC2 of the non-contact type IC chip built in the communication terminal 101 is acquired. Then, the encrypted idIC1, idIC2, R / W number, and URL information are transmitted from the electronic device 200 side to the communication terminal 101, and the communication terminal 101 accesses the server system as indicated by B3, and the URL is transmitted. The designated third-party user registration program is called. In this case, idIC1, idIC2, and R / W number are passed to the program as parameters, and a guardian's browsing request is registered in the database 50 of the server system 20 as indicated by B4. Then, the user's communication terminal 100 is notified by e-mail or the like that a browsing request has been requested. If the guardian is not registered during the URL access shown in B3, a user registration screen is displayed on the display unit 140 of the communication terminal 100, and the guardian performs user registration by entering a password or the like. .

  Next, a list of guardians requesting browsing is displayed on the browsing screen of the person's communication terminal 100, and the person gives permission (confirmation) to the browsing request as shown in B5 of FIG. Can do. When browsing is permitted, the guardian can browse the registered data of the person as shown in B6.

  As described above, according to the method of FIG. 4, first, the person touches with the communication terminal 100, then the guardian touches with the communication terminal 101, and then the person confirms, so that the guardian You can view registered data. Therefore, since the guardian registration can be realized by a simple operation of continuous touch and confirmation, user convenience can be improved. In this case, in FIG. 4, the guardian registration is performed using the idIC1 of the person's communication terminal 100 and the idIC2 of the guardian's communication terminal 101. Such idIC1 and idIC2 prove that the person and the guardian (third-party user in a broad sense) exist in the place where the electronic device 200 is present, and the person gives the guardian permission to browse. On the other hand, it gives more certainty.

  FIG. 5 shows an example of user information stored in the user information storage unit 52. This user information includes a user table, a model change table, a vital data table, and a browsing request table.

  In the user table of FIG. 5, a user ID, a login ID issued to the user, and a password input by the user are associated with each other. In the model change table, the model change ID, the user ID, the encrypted idIC, the R / W number, the communication terminal ID, and the creation date and time are associated with each other. These idIC and R / W number correspond to registered local identification information. The communication terminal ID is a terminal manufacturing number or UIM number as shown in FIG. The model change table is updated when the model of the communication terminal 100 is changed.

  In the vital data table, the user ID, the measurement date and time of vital data, and vital data transmitted from the electronic device 200 and registered are associated with each other.

  In the browsing request table, the user ID of the person himself / herself, the user ID of the guardian, and the permission flag for viewing the guardian are associated with each other. For example, in B5 of FIG. 4, when the principal permits the guardian's browsing, the permission flag of the browsing request table is set to 1. Thereby, it is registered in the database 50 that the guardian is permitted to view the person's data.

4). As described above, in the present embodiment, authentication is executed by touching the communication terminal to the electronic device by the user or a guardian approved by the user, and the measurement data of the electronic device. Can be registered and the registered data can be viewed.

  However, for example, when a third party other than the user or guardian encounters an emergency situation in which the user who owns the electrocardiograph has lost consciousness and falls, the third party electronically connects his / her communication terminal. Even if the device is touched, the measurement data of the electronic device cannot be transmitted. Since the idIC of such a third party communication terminal is not registered in the server, even if the idIC is transmitted to the server system together with the measurement data of the electronic device, the authentication shown in A3 of FIG. This is because an authentication error occurs. For this reason, there is a problem that it is impossible to report the user's emergency situation to the user's doctor in charge or to transfer the measurement data before losing consciousness.

  Therefore, in the present embodiment, emergency data can be transmitted when a third party different from a specific person such as a user, a doctor, or a guardian touches the electronic device. In this case, when the emergency button attached to the electrocardiograph, which is an electronic device, is pressed down, “emergency data” is transmitted from the electrocardiograph to the communication terminal, and the server is connected via the touched third-party communication terminal. Sent to the system. And even if there is no prior registration of this third party and an authentication error occurs, the server system notifies the emergency person to a specific person such as a doctor or a guardian as an emergency situation and also obtains it from the electrocardiograph The measured data is transferred, or the location information acquired by the user name or GPS is transferred. Thus, by transmitting the emergency request level to the server system by the operation of the emergency button, appropriate data for communicating from the server system to another communication terminal together with the registration information of the user of the communication terminal. The processing mode is selected. That is, the user authentication is performed based on the local identification information, and the processing content in the server system is set according to the request level information set in the electronic device or the communication terminal.

  Next, the transmission data transfer method of this embodiment will be described in detail with reference to FIG.

  When the emergency button of the electronic device 200 is pressed as indicated by H1 in FIG. 6, the electronic device 200 is set to the emergency mode (predetermined mode). The emergency button is pressed by the user when the user is not completely unconscious, for example, and is pressed by a third party when the user is unconscious.

  Next, as shown at H2 in FIG. 6, a third party who encounters an emergency situation of the user touches the electronic device 200 with the communication terminal 102 such as the mobile phone. Then, the communication terminal side identification information idIC3 of the third party communication terminal 102 is transmitted to the electronic device 200 side by local communication, and the encrypted idIC3, the R / W number, and the URL information are communicated as the local identification information. It is returned to the terminal 102. Furthermore, transmission data from the electronic device 200 is returned in association with the local identification information. This transmission data includes, for example, user biometric data measured in the electronic device 200 and emergency notification information (notification flag in a predetermined state) for reporting that the user is in an emergency state. The local identification information such as idIC3 is encrypted and returned by an irreversible encryption process, while the transmission data is encrypted and returned by a reversible encryption process. By encrypting the transmission data in this way, it is possible to prevent a situation in which the content of the measurement data is seen by a third party possessing the communication terminal 102 and to protect personal information. Further, by performing reversible encryption, the server system 20 can decrypt the transmission data and transfer it to a specific person such as a doctor.

  The transmission data may include user position information acquired by GPS or the like. The measurement data included in the transmission data may be data measured in a predetermined period before shifting to the predetermined mode, for example. The setting of the emergency state (predetermined state) is not limited to pressing the emergency button. For example, the emergency state can be set by an operation member other than the emergency button, or an abnormal state of the user can be automatically detected from the measurement data. The state may be set.

  Next, as indicated by H3 in FIG. 6, the communication terminal 102 accesses the server system 20 corresponding to the URL information returned from the electronic device 200, and the corresponding program is called. In this case, idIC3, R / W number, and transmission data are passed to the program as parameters.

  Next, as indicated by H4, the server system 20 decodes the transmission data passed as a parameter. Based on the emergency notification information included in the transmission data, it is determined that the user of the electronic device 200 is in an emergency state, and processing corresponding thereto is performed.

  Specifically, as shown in H5, an emergency notification is sent to the information processing device (PC, portable information terminal) such as a doctor (medical institution) who is a doctor in charge of the user to notify the user's emergency state. The transmission data (measurement data) from the electronic device 200 is transferred. Thereby, the doctor in charge can know the user's emergency state and can know the user's state (electrocardiographic waveform, etc.) at that time based on the measurement data from the electronic device 200. This makes it possible for the attending physician to take appropriate measures.

  As described above, when there is no pre-registration for a third party and the user is not authenticated as a specific person such as a doctor, the server system 20 performs only relaying (mediation) of data transmission / reception. Since the measurement data of the principal recorded in the server system 20 need only be browsed and manipulated by only the principal, an approved doctor, or a guardian, the third party need only mediate data transmission / reception. Also at this time, the measurement data of the electronic device 200 is transmitted to the server system 20 to be stored and used, and an emergency such as a heart attack is detected and information is transferred to the doctor or the like. Appropriate treatment is possible.

  On the other hand, as shown in H6, the third party communication terminal 102 receives information on the destination of transmission data such as a doctor's (medical institution) contact information (telephone number, mail address) and the like. Displayed on the display. Then, as shown in H7, when a third party inputs information related to the third party such as a contact information in the communication terminal 102, this information is transmitted from the communication terminal 102 to the server system 20. As shown in H8, the information about the third party is transferred to the information processing apparatus 300 such as a doctor by e-mail or the like.

  In order to realize the transfer processing of the transmission data to the transfer destination as indicated by H5 in FIG. 6, it is necessary to specify the transfer destination of the transmission data corresponding to the user. For this reason, in FIG. 7A, information related to a transfer destination such as a doctor is associated in advance with an R / W number (electronic device side identification information in a broad sense) associated with transmission data. Specifically, information related to the transfer destination is associated with the user's idIC and R / W number and stored in, for example, the user information storage unit 52 of FIG.

  Then, using the R / W number received from the electronic device 200 via the third party communication terminal 102 in the emergency mode, the contact information such as the mail address of the transfer destination is acquired from the data table of FIG. . Then, as shown at H5 in FIG. 6, an urgent notice is given to the contact or transmission data is transferred. In this way, even when the idIC does not match because the third-party communication terminal 102 is being used, the user of the electronic device 200 is identified based on the R / W number sent together with the transmission data. In addition, transmission data or the like can be transferred to a transfer destination corresponding to the user.

  FIGS. 7B and 7C show examples of screens displayed on the display unit of the third-party communication terminal 102 in the emergency mode. In FIG. 7B, a screen for notifying a third party of information related to the destination of transmission data is displayed on the display unit of the communication terminal 102 by the information transfer of H6 in FIG. Specifically, the telephone number and mail address of the doctor who is the transfer destination, the telephone number and mail address of the guardian, and the like are displayed. By selecting these telephone numbers and mail addresses, a third party can call a doctor or send mail. Thereby, the doctor can hear the state of the user who is the person himself / herself directly from a third party near the user, and an appropriate treatment according to the state of the user is possible.

  7C, a screen for the third party to input information regarding the third party is displayed on the display unit of the communication terminal 102 by the information transfer in H7 of FIG. Specifically, an input screen for a telephone number, an e-mail address, or a third party comment, which is a third party contact, is displayed. Then, the inputted third party information is transferred to a doctor or the like as a transfer destination as indicated by H8 in FIG. As a result, a doctor or the like can contact a third party near the user to hear the user's state or know the state of the user based on a comment from the third party. For example, even when the communication connection with the third-party communication terminal 102 is disconnected, it is possible to contact the third-party based on the transferred third-party contact information.

  According to the transmission data transfer method of the present embodiment described above, it is possible to transfer transmission data from an electronic device to a transfer destination such as a doctor using a third-party communication terminal that is not pre-registered. It becomes possible. As a result, when the user is in an emergency state, the emergency state can be notified to a doctor or the like, and the measurement data of the electronic device can be transferred, so that appropriate measures can be taken for the user in the emergency state. In addition, since the third-party communication terminal only relays the transmission data, it is possible to prevent a situation where the user information is leaked to the third party and to protect the personal information of the user.

5). Permitting viewing to a third party Now, if the third party is an ambulance ambulance crew, for example, not only will the measurement data be transferred to the forwarding destination, but the ambulance crew itself will be able to You may want to know past measurement data. By knowing such user's past measurement data, emergency personnel can take appropriate first aid measures for the user.

  However, in order to perform pre-registration such as the guardian of FIG. 4 for such emergency personnel, it is necessary to register communication terminals of all emergency personnel, so such pre-registration is difficult. On the other hand, since the idIC does not match between the communication terminal of the third party emergency crew and the communication terminal of the user, and authentication is not established, the registration data of the user is unconditionally viewed by such a third party. It is not possible.

  Therefore, in the present embodiment, a technique is adopted in which the registered data of the user is permitted to be browsed by a third party such as an ambulance crew on the condition that a specific person such as a doctor or a guardian approves. This browsing permission method will be described in detail with reference to FIG.

  After the emergency button is pressed as shown at I1 in FIG. 8 and the electronic device 200 is set to the emergency mode, the emergency crew touches the communication terminal 102 on the electronic device 200 as shown at I2. Then, idIC3 of the communication terminal 102 is acquired by local communication. The acquired idIC3, R / W number, URL information, and transmission data are sent from the electronic device 200 to the communication terminal 102, and the communication terminal 102 accesses the server system and is designated by the URL as indicated by I3. The program is called. Then, the transmission data is decrypted as indicated by I4, and as shown in I5, an urgent notification to the information processing apparatus 300 that is the transfer destination and the transmission of the transmission data are performed. Further, as shown at I6, information on the destination of transmission data is displayed on the emergency crew communication terminal 102. Also, as shown in I7, when information about emergency personnel as a third party is input by the communication terminal 102, the information is transmitted to the information processing apparatus 300 as a transfer destination by e-mail or the like as shown in I8. .

  And in this embodiment, as shown to I7, when the emergency member wants to know the past measurement data of the user registered in the server system 20, he / she inputs a request for viewing using the communication terminal 102. . Then, as shown at I8, this browsing request is transmitted to the information processing apparatus 300 of the doctor in charge of the user by e-mail or the like. When the attending physician permits viewing as shown at I9, viewing by the ambulance crew is approved as shown at I12. As a result, the ambulance crew can browse the user's past measurement data stored in the server system 20 using his / her communication terminal 102, which can be used for the user's emergency measures.

  The ambulance crew makes a browsing request as shown in I7, and waits for the approval of browsing shown in I12 while performing, for example, a page updating operation of the communication terminal 102 as needed. In this case, the communication connection of the communication terminal 102 may be temporarily disconnected, and the doctor who is informed of the contact information may be notified at I6 to inform the user that the request for browsing is desired. If it does in this way, viewing permission by the doctor shown to I9 can be obtained immediately, and it can be used for a user's emergency measure.

  Further, as indicated by I10, a browsing request or information on a third party may be transferred to the communication terminal 101 of the user's guardian. Also in this case, as shown in I11, when the guardian grants the browsing permission, the browsing of the measurement data by the ambulance crew is approved. In addition, when both a doctor and a guardian give browsing permission, the browsing permission of the one performed earlier becomes effective.

  For the browsing request / permission, for example, the server system 20 assigns a reception number (request / permission number). As shown in I8 and I10, this reception number is notified to the doctor and the guardian. In addition, as shown in I12, this reception number is also notified to the ambulance crew. If an acceptance number is assigned to the browsing request / permission in this way, even if a problem occurs later regarding the factual relationship between the browsing request / permission, the browsing request / permission log is used using this acceptance number. Can manage such problems. For example, the ambulance crew can use this receipt number to prove who has been authorized to view the data.

  9A and 9B show examples of screens displayed on the display unit of the emergency crew communication terminal 102. FIG. In FIG. 9 (B), a screen for inputting information relating to emergency personnel is displayed. Specifically, a telephone number, an e-mail address, an emergency crew member's affiliation (affiliation), and a comment input screen are displayed. As indicated by I8 and I10 in FIG. 8, these pieces of information are transmitted to a doctor and a guardian. Therefore, doctors and guardians can confirm that the third party requesting browsing is a legitimate emergency personnel by seeing these pieces of information, and can appropriately determine whether or not to permit browsing.

  Further, in FIG. 9B, a screen for inputting whether or not an emergency member makes a browsing request is displayed. When an ambulance crew member selects a browsing request on this input screen, the doctor or guardian is notified that the browsing request is desired, as indicated by I8 and I10 in FIG.

  According to the above-described browsing permission method of the present embodiment, an emergency worker who rescues a user can also view user's past measurement data by obtaining subsequent approval from the user's doctor or guardian. It is possible to make use for the user's first aid measures.

6). Detailed Data Flow Next, the method of the present embodiment will be described in further detail using the data flows of FIGS.

  10 and 11 are data flows when the data transmission mode is selected on the mode selection screen of the electronic device 200 of FIG. 2B, and FIG. 10 is an example when the user is not registered. Is an example when the user has already been registered. Note that the underline drawn in the idIC indicates an encrypted idIC.

  In the data transmission mode, as shown by C1 in FIG. 10, when the user performs a touch operation, the idIC is transmitted from the communication terminal 100 to the electronic device 200, and the encrypted idIC, the R / W number, and the transmission are transmitted. Data and a URL for data registration are returned to the communication terminal 100. Then, as shown in C2, the communication terminal 100 accesses by URL, and the idIC and R / W number are passed as parameters to the data registration program of the server system 20 specified by the URL. At this time, since the user is not registered, a user registration screen is displayed on the communication terminal 100 as shown in C3, and the user inputs a password or the like. Then, as shown in C4, a password, a communication terminal ID, and the like are transmitted to the server system 20, and user authentication and user registration using the password and the like are performed as shown in C5. Then, as shown at C6, the login ID is sent to the user by e-mail or the like. As shown in C7, the transmission data is registered in the registration data storage unit 54 (the vital data table in FIG. 5).

  In D1 and D2 in FIG. 11, the same information transmission / reception as C1 and C2 in FIG. 10 is performed. However, in FIG. 11, since the user has been registered, user authentication using idIC and R / W number is performed as shown in D3. That is, it is determined whether or not the idIC and R / W number received at D2 match the idIC and R / W number registered in the model change table of FIG. The transmission data is registered in the registered data storage unit 54 (vital data table). On the other hand, if they do not match, an authentication error occurs.

  FIG. 12 is a data flow when the data browsing mode is selected on the mode selection screen of FIG.

  When the user performs a touch operation on the communication terminal 100 in the data browsing mode, the encrypted idIC, the R / W number, and the data browsing URL are returned to the communication terminal 100 as indicated by E1 in FIG. . Then, as shown at E2, the communication terminal 100 accesses the server system 20 by the URL. If this URL is bookmarked, data can be browsed without touching the electronic device 200 with the communication terminal 100.

  Next, a login screen is displayed as indicated by E3, and when the user inputs a password, a password, a communication terminal ID, and the like are transmitted to the server system 20 as indicated by E4. Then, as shown in E5, user authentication is performed with the idIC, R / W number, password, communication terminal ID, etc., and when the authentication is established, data browsing processing is performed as shown in E6. And as shown to E7, registration data are transmitted to the communication terminal 100, and a browsing screen is displayed on the display part 140 of the communication terminal 100. FIG.

  Note that although E3 in FIG. 12 requests the user to input a password when browsing the data, browsing of registered data may be permitted without requesting such password input. For example, for data that is strongly requested to protect personal information, such as vital data, a password input is requested, and for such data that is not so requested, a password input is not requested and idIC is required as in the case of data registration. User authentication may be performed using only the R / W number.

  FIG. 13 is a data flow when the electronic device 200 is set to the emergency mode.

  When a third party other than the user performs a touch operation on the communication terminal 102 in the emergency mode, the idIC3 encrypted (irreversible), the R / W number, the URL, and the encryption as shown in F1 of FIG. The converted (reversible) transmission data is returned to the communication terminal 102. This transmission data includes measurement data and emergency notification information. Then, as indicated by F2, the communication terminal 102 accesses the server system 20 through the URL, and the idIC3, R / W number, and transmission data are transmitted to the server system 20.

  Next, authentication processing based on the local identification information is performed. However, since the idIC of the user communication terminal 100 and the idIC3 of the third party communication terminal 102 do not match, an authentication error occurs. Therefore, in this case, as shown in F3, the transmission data is decoded to determine whether or not the electronic device 200 is set in the emergency mode. Specifically, it is determined whether or not the emergency mode is set based on emergency notification information (emergency notification flag) included in the transmission data.

  If it is determined that the electronic device 200 is set to the emergency mode, the transfer destination associated with the R / W number is specified as indicated by F4. That is, as shown in FIG. 7A, a transfer destination such as a doctor or a guardian is specified based on the information about the transfer destination associated with the R / W number of the user's electronic device 200. And as shown to F5, while notifying that the user is an emergency state to the transfer destination, the transmission data (measurement data) from the electronic device 200 are transferred. In addition, as shown in F6, information about a forwarding destination such as a doctor's contact address is transmitted to the third-party communication terminal 102. As a result, a screen as shown in FIG. 7B can be displayed on the third-party communication terminal 102.

  On the other hand, when information about a third party is input on the input screen as shown in FIG. 7C, this information is transmitted to the server system 20 as shown in F7. Then, as shown in F8, the information related to the third party is transferred to the information processing apparatus 300 as the transfer destination. This makes it possible for doctors and the like to know third-party contact information.

  FIG. 14 is a data flow when the emergency member makes a browsing request in the emergency mode. Since G1 to G6 in FIG. 14 are substantially the same as F1 to F6 in FIG.

  As shown in G7 of FIG. 14, when an emergency member makes a browsing request using the communication terminal 102, as shown in G8, the server system 20 notifies the information processing apparatus 300 such as a doctor of the browsing request. In G7 and G8, the transfer of information related to the third party and the transfer of the browsing request are performed at the same timing, but may be performed at different timings.

  When a doctor or the like permits a browsing request by an emergency member, the browsing permission is notified to the server system 20 as indicated by G9. Then, as indicated by G10, the server system 20 notifies the ambulance crew communication terminal 102 of the browsing approval.

  Thereafter, as shown in G11, the emergency member uses the communication terminal 102 to request browsing of the registration data stored in the registration data storage unit 54 of the server system 20. Then, as indicated by G12, the server system 20 transmits past measurement data, which is user registration data, to the communication terminal 102. As a result, the ambulance crew can take emergency measures by referring to the past measurement data of the user.

7). In the above, the case where the electronic device is a vital device such as an electrocardiograph has been described as an example, but the present embodiment is not limited to this. For example, FIG. 15 shows a modification in the case where the electronic device is an image reproduction device such as a digital photo frame.

  For example, the user of the digital photo frame 203 not only uploads image data to the server system 20 by touching the digital photo frame 203 with his / her communication terminal 100 (not shown), but also the digital photo frame from the server system 20. User authority is assigned to all data processing such as downloading image data to 203.

  On the other hand, only the authority to upload image data (transmission data) stored in the digital photo frame 203 is given to a third party such as a user's friend, and the digital photo frame 203 is set to the transmission only mode. In other words, the user of the digital photo frame 203 (storage) can give a certain authority for other communications to a third party other than the user within a limited range.

  For example, when the user's friend touches the user's digital photo frame 203 with the communication terminal 102, the idIC does not match, so an authentication error occurs and the authority regarding data processing is limited, but only the transmission of image data is allowed. Therefore, when the friend touches the communication terminal 102, the image data of the digital photo frame 203 can be uploaded to the server system 20 via the communication terminal 102 and the communication network 10. After that, the friend returns home, and touches the communication terminal 102 on the digital photo frame 204 owned by the friend, so that the uploaded user image data is displayed on the digital photo frame 204 and viewed. Is possible. Thereby, it becomes possible to share and appreciate image data owned by each other.

  In this case, the user and his / her friend can upload an image data and the like simply by touching the communication terminal, so that a simple and highly convenient interface can be provided. Further, without providing a communication interface with a communication network in the digital photo frame, it is possible to easily upload or download image data to a server system by effectively utilizing the communication function of a communication terminal such as a mobile phone. This can reduce the cost of the digital photo frame. FIG. 15 shows an example in which only the authority to upload image data is given to a third party such as a friend, but conversely, only the authority to view or download image data is given. Good. 15 shows an example in which the electronic device is a digital photo frame, the electronic device may be an electronic camera such as a digital camera having a storage function of image data, a portable game device, or the like. .

  Although the present embodiment has been described in detail as described above, it will be easily understood by those skilled in the art that many modifications can be made without departing from the novel matters and effects of the present invention. Accordingly, all such modifications are intended to be included in the scope of the present invention. For example, in the specification or drawings, terms (emergency mode, idIC, etc.) described at least once together with different terms (predetermined mode, communication terminal side identification information, electronic device side identification information, third party, etc.) in a broader sense or the same meaning R / W number, ambulance crew, etc.) may be replaced by the different terms anywhere in the specification or drawings. Further, the configurations and operations of the server system, the electronic device, and the communication terminal are not limited to those described in the present embodiment, and various modifications can be made.

The structural example of the authentication system and server system which are implement | achieved by this embodiment. FIG. 2A is a configuration example of the electronic device and the communication terminal of this embodiment, and FIG. 2B is an example of a mode selection screen. 3A and 3B are explanatory diagrams of the authentication method of the present embodiment. Explanatory drawing of the authentication method of this embodiment relevant to guardian registration. The example of the user information memorize | stored in a user information storage part. Explanatory drawing of the transfer method of the transmission data of this embodiment. FIG. 7A is an example of table data in which information about the transfer destination is associated with the R / W number. FIGS. 7B and 7C are screens displayed on the display unit of the communication terminal. Example. Explanatory drawing of the browsing permission technique to a third party. 9A and 9B are examples of screens displayed on the display unit of the communication terminal. The data flow for demonstrating the authentication method of this embodiment. The data flow for demonstrating the authentication method of this embodiment. The data flow for demonstrating the authentication method of this embodiment. The data flow for demonstrating the transfer method of the transmission data of this embodiment. The data flow for demonstrating the browsing permission technique to the third party of this embodiment. Explanatory drawing of the modification of this embodiment.

Explanation of symbols

10 communication network, 20 server system, 30 authentication unit, 32 user registration unit,
34 third party user registration unit, 36 data processing unit, 38 data registration unit,
40 data browsing section, 42 data transfer section, 44 decryption section, 46 browsing permission section,
48 display control unit, 50 database, 52 user information storage unit,
54 registration data storage unit, 100, 102 communication terminal, 110 control unit,
112 identification information acquisition unit, 114 transmission unit, 120 storage unit, 130 operation unit,
140 display unit, 150 communication unit, 160 antenna, 170 short-range wireless communication device,
200 electronic device, 210 control unit, 212 identification information acquisition unit, 214 transmission unit,
218 encryption unit, 220 storage unit, 230 operation unit, 232 emergency button,
240 display unit, 250 read / write device, 300 information processing device

Claims (23)

A server system that is connected to a communication terminal that performs local communication with an electronic device via a communication network,
A user information storage unit for storing user authentication information as registered authentication information;
An authentication unit for verifying whether or not the user is a valid user by comparing authentication information received from the communication terminal and the registration authentication information stored in the user information storage unit;
A data processing unit that performs processing on transmission data from the electronic device,
The communication terminal is
The local identification information acquired by performing local communication with the electronic device is transmitted to the server system as the authentication information,
The authentication unit
The local identification information received as the authentication information from the communication terminal and the registered local identification information stored as the registration authentication information in the user information storage unit are collated, and user authentication is performed.
The data processing unit
Even when the local identification information and the registered local identification information do not match, transmission data from the electronic device received via a third-party communication terminal is received and data processing is performed. Server system. In claim 1,
The data processing unit
When it is determined that the electronic apparatus is in a predetermined mode, the server system receives the transmission data received via the third-party communication terminal and performs the data processing. In claim 2,
The electronic device is
Sending notification information for notifying that it is the predetermined mode included in the transmission data,
The data processing unit
A server system characterized by determining whether or not the electronic device is in a predetermined mode based on the notification information included in the transmission data. In any one of Claims 1 thru | or 3,
The electronic device is
The transmission data is encrypted and transmitted,
The data processing unit
A server system characterized by decrypting the encrypted transmission data and performing the data processing. In claim 4,
The electronic device is
The transmission data is encrypted and transmitted by a reversible encryption process, and the local identification information is encrypted and transmitted by an irreversible encryption process.
The user information storage unit
Storing the registered local identification information encrypted by irreversible cryptographic processing as the registered local identification information;
The authentication unit
A server system characterized in that user authentication is performed by comparing the received local identification information thus encrypted with the encrypted registered local identification information stored in the user information storage unit. In any one of Claims 1 thru | or 5,
As the local identification information, there are communication terminal side identification information which is identification information of a short-range wireless communication device provided on the communication terminal side, and electronic device side identification information which is identification information of a read / write device provided on the electronic device side. The communication terminal side identification information and the electronic device side identification information acquired by local communication with the electronic device are transmitted to the server system in association with the transmission data,
The authentication unit
A server system that performs user authentication based on the communication terminal side identification information and the electronic device side identification information. In claim 6,
The authentication unit
A server system characterized in that user authentication is performed by comparing the electronic device side identification information acquired by local communication with the electronic device and preregistered electronic device side identification information. In any one of Claims 1 thru | or 7,
The data processing unit
The server system characterized by performing the process which transfers the said transmission data with respect to the transfer destination corresponding to the said transmission data from the said electronic device as said data processing. In claim 8,
When the transmission data from the electronic device is received via the communication terminal of the third party, a screen for the third party to input information regarding the third party is displayed. A server system including a display control unit that performs control for display on a display unit of a terminal. In claim 8,
A server comprising: a display control unit that performs control for displaying a screen for notifying the third party of information regarding the transfer destination of the transmission data on a display unit of the communication terminal of the third party system. In any one of Claims 8 thru | or 10.
As the local identification information, there are communication terminal side identification information which is identification information of a short-range wireless communication device provided on the communication terminal side, and electronic device side identification information which is identification information of a read / write device provided on the electronic device side. The communication terminal side identification information and the electronic device side identification information acquired by local communication with the electronic device are transmitted to the server system in association with the transmission data,
The data processing unit
A server system, wherein the transmission data is transferred to a transfer destination associated in advance with the electronic device side identification information associated with the transmission data. In any one of Claims 1 thru | or 11,
The data processing unit
A data registration unit for registering user data transmitted by the electronic device as registration data in a registration data storage unit;
The server system characterized by including the browsing permission part which performs the process which permits the said browsing request, when the said third party makes the browsing request of the said registration data of the said user. In claim 12,
The browsing permission unit
The server system, wherein a specific person approved by the user permits browsing of the third party on the condition that browsing of the registered data is permitted. An electronic device that performs local communication with a communication terminal,
An identification information acquisition unit for acquiring communication terminal side identification information from the communication terminal by performing local communication with the communication terminal;
Including the acquired communication terminal side identification information and the electronic device side identification information as local identification information for authenticating the user, and a transmission unit that transmits the communication terminal to the communication terminal by local communication,
The transmitter is
When the electronic device is in a predetermined mode, transmission data including notification information for notifying that the electronic device is in the predetermined mode is transmitted to the communication terminal in association with the local identification information. Electronic equipment. In claim 14,
The transmitter is
When the user is determined to be in an emergency state, the transmission data including the notification information for notifying that the user is in an emergency state is transmitted to the communication terminal. . In claim 15,
The transmitter is
An electronic apparatus, wherein biometric data measured for the user is transmitted to the communication terminal as the transmission data. In any of claims 14 to 16,
The transmitter is
An electronic apparatus, wherein the transmission data is encrypted by a reversible encryption process and transmitted to the communication terminal, and the local identification information is encrypted by an irreversible encryption process and transmitted to the communication terminal. In any of claims 14 to 17,
The identification information acquisition unit
The identification information of the short-range wireless communication device provided on the communication terminal side is acquired from the communication terminal by local communication as the communication terminal side identification information,
The transmitter is
The local identification information includes the communication terminal side identification information that is the acquired identification information of the short-range wireless communication device, and the electronic device side identification information that is identification information of a read / write device provided on the electronic device side. As an electronic device, the information is transmitted to the communication terminal by local communication. A communication terminal that performs local communication with an electronic device and is connected to a server system via a communication network,
By performing local communication with the electronic device, the communication terminal side identification information, the identification information acquisition unit for acquiring the electronic device side identification information as local identification information,
A transmitter that transmits the local identification information to the server system as authentication information for authenticating a user;
The transmitter is
When the transmission data including notification information for notifying that the electronic device is in the predetermined mode is received from the electronic device, the received transmission data is transmitted to the server system in association with the local identification information. A communication terminal. In claim 19,
When the communication terminal is a communication terminal of a third party different from the user of the electronic device, the communication terminal includes a display unit that displays a screen for the third party to input information regarding the third party. Communication terminal. In claim 19,
Including a display unit for displaying a screen for notifying the third party of information related to the transfer destination of the transmission data when the communication terminal is a third party communication terminal different from the user of the electronic device. A characteristic communication terminal. A device according to any one of claims 19 to 21.
The identification information acquisition unit
The local identification includes communication terminal side identification information that is identification information of a short-range wireless communication device provided on the communication terminal side, and electronic device side identification information that is identification information of a read / write device provided on the electronic device side. As information, acquired by local communication with the electronic device, the transmission unit,
A communication terminal that transmits identification information of the short-range wireless communication device and identification information of the read / write device to the server system as the local identification information. At the time of user registration, local identification information is acquired by local communication between the electronic device and the communication terminal,
The acquired local identification information is registered in the user information storage unit as user registration authentication information,
Upon access from the electronic device after the user registration, local identification information is obtained by local communication between the electronic device and the communication terminal,
The local identification information acquired at the time of access from the electronic device is compared with the registered local identification information stored in the user information storage unit as the registration authentication information, and the user of the communication terminal is a valid user. Authenticate whether or not
Even when the local identification information and the registered local identification information do not match, transmission data from the electronic device received via a third-party communication terminal is received and data processing is performed. Authentication method to use.

Images