JP2010079731A - Information processing apparatus and its use restriction system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To eliminate the use of a radio ID module by a person who has illegally acquired the radio ID module with high reliability. <P>SOLUTION: Schedule information including ID unique to a user and a use time zone when the user is allowed to use the radio ID module is preliminarily stored. While an input from the input part is inhibited, radio communication with the radio ID module each of which is carried by a user, and which transmits the ID unique to the user, is performed. Then, the ID of the user that uses a time at the point clocked by a clocking means as the use time zone is acquired from the schedule information. Then, the user ID is verified with the ID received from the radio ID module. An input inhibition state is released under such conditions that the verified both IDs are matched with each other. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an information processing apparatus that restricts a user and a use restriction system thereof.

  Known methods for restricting users (users) of an information processing apparatus include a method of performing user authentication using a user ID and password, and a method of performing user authentication using user biometric information. Yes. Recently, a method for restricting users by performing user authentication using a wireless ID module is also known.

  For example, Patent Literature 1 discloses a user restriction system including an identification signal transmission unit and a use restriction release unit. Each user carries an identification signal transmission unit which is an aspect of the wireless ID module. The use restriction release unit is attached to an information processing apparatus that is subject to user restriction.

  The identification signal transmission unit includes a transmitter and a receiver, and sends out an identification code signal (ID) from the transmitter with a constant intensity. The use restriction canceling unit includes a receiver and a transmitter, and sends a signal for canceling the use restriction based on the identification code signal received by the receiver to the information processing apparatus. Transmit from the transmitter with intensity.

  When the distance between the two units is within a certain range, the use restriction canceling unit can receive a signal from the identification signal transmitting unit that detects that the received identification code signal is its own. When receiving this signal, the use restriction releasing unit transmits a confirmation code signal to the identification signal transmitting unit. In addition, a use restriction release signal is sent to the information processing apparatus. On the other hand, when the distance between the two units becomes equal to or greater than a certain value and the reception level of the code signal from the counterpart unit in each unit falls below a predetermined value, the use restriction release unit stops sending the use restriction release signal.

Therefore, while the distance between the two units is within a certain range, the use restriction of the information processing apparatus is released, but when the distance between the two units is more than a certain distance, the use restriction is activated.
Japanese Patent No. 293276

  However, in a conventional information processing apparatus use restriction system using a wireless ID module, as long as the wireless ID module exists within a predetermined distance from a reader / writer attached to the information processing apparatus, the information The restriction on the use of the processing device is lifted. For this reason, for example, even a person who obtained the wireless ID module illegally can use the apparatus.

  The present invention has been made based on such circumstances, and an object of the present invention is to provide an information processing apparatus capable of eliminating with high probability the use of a person who has illegally obtained a wireless ID module and the information processing apparatus. It is intended to provide a usage restriction system.

  The present invention has an input unit, and in an information processing apparatus that processes information input through the input unit, an input prohibition unit that prohibits input from the input unit, a user-specific ID, and a user thereof A schedule storage means for storing schedule information including a use time zone permitted by the user, a wireless communication means for performing wireless communication with a wireless ID module carried by the user individually and transmitting an ID unique to the user, Timekeeping means for keeping time, user ID obtaining means for obtaining the user ID from the schedule storage means using the time counted by the timekeeping means, and ID from the wireless ID module by wireless communication means Is received, the ID collation means for collating this ID with the ID obtained by the user ID obtaining means, and both IDs collated by the ID collation means match. Is obtained by a use permission means for canceling the input inhibition state on condition and.

  The present invention also provides a use restriction system for an information processing device comprising a plurality of information processing devices and a server formed by connecting each information processing device via a communication line. A schedule database that stores schedule information including IDs and use time zones that are permitted to be used by the user, and a schedule information request from the information processing apparatus. A schedule distribution unit that extracts schedule information from the schedule database and distributes the schedule information to the requesting information processing device, and each information processing device has its own device in addition to the input prohibition unit, the wireless communication unit, and the time measuring unit. Schedule request means for requesting schedule information for the request, and for requests by this schedule request means From the schedule information distributed from the server, when receiving the ID from the wireless ID module by the user ID acquiring means for acquiring the user ID using the time counted by the time measuring means and the wireless communication means, ID collation means for collating this ID with the ID acquired by the user ID acquisition means, and use permission means for canceling the input prohibition state on condition that both IDs collated by the ID collation means match. Is.

  According to the present invention in which such measures are taken, it is possible to provide an information processing apparatus and a use restriction system for this information processing apparatus that can eliminate the use of a person who has illegally obtained a wireless ID module with a high probability.

  The best mode for carrying out the present invention will be described below with reference to the drawings. This embodiment is a case where use of a plurality of information processing apparatuses shared by a plurality of users is restricted.

[First Embodiment]
FIG. 1 shows an overall system diagram of the present embodiment. A plurality of information processing apparatuses 2 (only two of the information processing apparatuses 2A and 2B are shown in the figure) and the schedule management server 3 are connected via a communication line 1 such as a LAN (Local Area Network). Has been. Each information processing apparatus 2 is provided with a wireless reader / writer 5 as wireless communication means for performing wireless communication with the wireless ID module 4.

  The schedule management server 3 manages the user database 6 and the schedule database 7. As shown in FIG. 2, user data including a user ID, a name, and an authority level is registered in the user database 6. A unique user ID is set for each user. In addition, authority levels are assigned based on status, work history, years of experience, and the like. The information processing apparatus 2 can perform information processing related to a plurality of types of business, and a rank is set for each business. The user can execute only information processing related to a task for which a rank equal to or lower than his authority level is set.

  As shown in FIG. 3, schedule data including a start time, an end time, a user ID, a device ID, and an authority level is registered in the schedule database 7. Each information processing device 2 is set with a unique device ID. For a user who is permitted to use the information processing apparatus 2 identified by this apparatus ID, the user ID and authority level, the apparatus ID permitted to be used, and the start time of the use time zone The schedule data is composed of the end time.

  In the present embodiment, only schedule data for the current day is stored in the schedule database 7. When storing schedule data for a plurality of days, date information may be added to the schedule data in FIG.

  Addition, change, and deletion of user data with respect to the user database 6 and addition, change, and deletion of schedule data with respect to the schedule database 7 are appropriately performed through the maintenance personal computer 8.

  The wireless ID module 4 has a shape that the user can always carry as a name tag, for example. One example is shown in the external view of FIG. 4 and the block diagram of FIG. In the case of this example, the wireless ID module 4 is provided with a message display 41 and an LED display 42 on the surface of a card-like main body 40 on which the user's name is recorded. An antenna 43 and an IC chip 44 are mounted on the main body 40. On the IC chip 44, a CPU 441, a nonvolatile memory 442, and a wireless circuit 443 are mounted. The memory 442 includes a user ID area in which an ID unique to the user is stored and a key management area in which an encryption key and a decryption key are stored.

  The wireless circuit 443 includes a power generation unit, a demodulation unit, and a modulation unit. The power generation unit supplies power to each unit of the IC chip 44 by rectifying and stabilizing the radio wave received by the antenna 43. The demodulator demodulates the radio wave received by the antenna 43 and sends it to the CPU 441. The modulation unit modulates the data transmitted from the CPU 441 into a radio wave and radiates it from the antenna 43.

  The CPU 441 writes the data demodulated by the demodulation unit of the wireless circuit 443 into the memory 442. In addition, data is read from the memory 442 and transmitted to the modulation unit of the wireless circuit 443. Further, the display of the message display 41 and the LED display 42 is controlled.

  Each information processing device 2 (2A, 2B,...) Has a basic configuration in common, and the configuration of the main part is shown in the block diagram of FIG. As illustrated, each information processing apparatus 2 includes a main control unit 21, a storage unit 22, a clock unit 23, a communication unit 24, a user recognition processing unit 25, and a device interface 26. Various peripheral devices such as an HDD (Hard Disk Drive) 27, a keyboard 28, and a display 29 are connected to the device interface 26. The reader / writer 5 is connected to the user recognition processing unit 25. The LAN 1 is connected to the communication unit 24, and data communication is performed with the schedule management server 3 connected via the LAN 1. The clock unit 23 measures the current date and time (time measuring means). The storage unit 22 includes a ROM (Read Only Memory) and a RAM (Random Access Memory), and functions as a storage area for programs and various data. The main control unit 21 is mainly composed of a CPU, and controls each unit based on a preset program.

  In the present embodiment, the main control unit 21 controls each unit according to the procedure shown in the flowcharts of FIGS. In relation to this, the user recognition processing unit 25 executes processing of the procedure shown in the flowchart of FIG. Hereinafter, the user restriction function of the information processing apparatus 2 will be described with reference to these flowcharts.

  When the information processing apparatus 2 is activated, the main control unit 21 starts processing according to the procedure shown in the flowchart of FIG. First, as ST (step) 1, a command for requesting schedule data for its own device is transmitted to the schedule management server 3 connected via the LAN 1 via the communication unit 24 (schedule request means).

  The command includes a device ID preset for the own device. The schedule management server 3 searches the schedule database 7 with the device ID in the received command, and extracts all the schedule data including the device ID. Then, the extracted schedule data is distributed to the requesting information processing apparatus 2 via the LAN 1 (schedule distribution means).

  The main control unit 21 of the information processing apparatus 2 that has transmitted the command waits for schedule data to be distributed from the schedule management server 3 as ST2. If the schedule data is taken in via the communication unit 24 (YES in ST2), the main control unit 21 creates a schedule data file in which the schedule data is stored in the order of early start time as ST3. Store (schedule storage means).

  Next, the main control unit 21 sets an operation prohibition flag in ST4. The operation prohibition flag is stored in the storage unit 22, for example. When the operation prohibition flag is set, the main control unit 21 prohibits input from an input unit such as a keyboard 28, a pointing device, a scanner, or a touch panel among the peripheral devices connected to the device interface 26 (input prohibition means). ).

  On the other hand, the user recognition processing unit 25 starts the processing of the procedure shown in the flowchart of FIG. 9 when the information processing apparatus 2 is activated. First, in ST31, it is determined whether or not a new ID is recognized from the IDs of the wireless ID module 4 detected by the reader / writer 5.

  The reader / writer 5 periodically radiates radio waves from the antenna 51. When the wireless ID module 4 exists in the radio wave arrival area, the wireless ID module 4 that has received the radio wave returns a response wave to the reader / writer 5. This response wave includes the user ID stored in the memory 442 of the wireless ID module 4. The reader / writer 5 detects the user ID of the wireless ID module 4 from the response wave received by the antenna 51 and outputs the user ID to the user recognition processing unit 25.

  When recognizing a new user ID from the IDs of the wireless ID module 4 detected by the reader / writer 5 (YES in ST31), the user recognition processing unit 25 performs main control on this new user ID as ST32. Notify unit 21.

  In a state where the operation prohibition flag is set in ST4 and input from the input unit is prohibited, the main control unit 21 waits for notification of a new user ID from the user recognition processing unit 25 in ST5. If the new user ID is notified (YES in ST5), the main control unit 21 searches the schedule data file at the current time counted by the clock unit 23 as ST6, and uses the current time as the usage time zone. The user ID is acquired from the schedule data. In this case, when there are a plurality of schedule data having the current time as the use time zone, a user ID is acquired from each schedule data (user ID acquisition means).

  The main control unit 21 determines whether or not a user ID having the current time as a use time zone has been acquired in ST7. If not acquired (NO in ST7), the main control unit 21 proceeds to ST9 and notifies the user recognition processing unit 25 of an error response. Thereafter, the process returns to ST5 and waits for notification of a new user ID. This event occurs when no schedule data having the current time as the usage time zone of the information processing apparatus is registered in the schedule database 7.

  When even one user ID having the current time as the usage time zone can be acquired (YES in ST7), the main control unit 21 notifies the user ID acquired as ST8 and the user recognition processing unit 25. The registered user ID is collated (ID collating means). As a result, when the one that matches the user ID notified from the user recognition processing unit 25 is not acquired from the schedule data file (NO in ST8), the main control unit 21 proceeds to ST9 and uses it. An error is notified to the person recognition processing unit 25. Thereafter, the process returns to ST5 and waits for notification of a new user ID. This event occurs when a person other than the person corresponding to the schedule data whose current time is the usage time zone of the information processing apparatus approaches the information processing apparatus.

  When an ID that matches the user ID notified from the user recognition processing unit 25 is acquired from the schedule data file (YES in ST8), the main control unit 21 determines the user ID of the schedule data as ST10, The authority level and end time are stored in the storage unit 22. Moreover, a permission response is notified to the user recognition process part 25 as ST11.

  Thereafter, the main control unit 21 waits for a recognition success command from the user recognition processing unit 25 in ST12. If the recognition success command is not received within the preset time (YES in ST12), the main control unit 21 clears the user ID, authority level, and end time stored in the storage unit 22 as ST13. Thereafter, the process returns to ST5 and waits for notification of a new user ID.

  When receiving a recognition success command from the user recognition processing unit 25 (YES in ST12), the main control unit 21 resets the operation prohibition flag as ST14. Thereby, the input prohibition state from the input unit such as the keyboard 28, the pointing device, the scanner, and the touch panel is released (use permission unit).

  After notifying the new user ID to the main control unit 21 in ST32, the user recognition processing unit 25 waits for a response from the main control unit 21 as ST33 and ST34. When an error response notification is received from the main control unit 21 (YES in ST34), the user recognition processing unit 25 returns to ST31 and waits for recognition of a new ID.

  On the other hand, when the notification of the permission response is received from the main control unit 21 (YES in ST33), the user recognition processing unit 25 wirelessly transmits a response command of the ID recognized as the new user ID in ST35. Let The ID response command is radiated as a radio wave from the reader / writer 5. At this time, if the wireless ID module 4 in which the ID is set as the user ID exists in the radio wave arrival area, the ID response command is received by the wireless ID module 4. The wireless ID module 4 that has received the ID response command wirelessly transmits an authentication request command.

  The user recognition processing unit 25 determines whether or not an authentication request command has been received from the wireless ID module 4 of the ID response command transmission destination in ST36. If the authentication request command is received via the reader / writer 5 (YES in ST36), the user recognition processing unit 25 sends an authentication response command to the wireless ID module 4 that is the transmission source of the authentication request command in ST37. Is transmitted wirelessly. In ST38, the main control unit 21 is notified of an authentication success command.

  The authentication response command is radiated as a radio wave from the reader / writer 5. At this time, if the wireless ID module 4 that is the transmission source of the authentication request command exists in the radio wave arrival area, the authentication response command is received by the wireless ID module 4. The wireless ID module 4 that has received the authentication response command wirelessly transmits the authentication request command again.

  The user recognition processing unit 25 determines whether or not an authentication request command has been received from the wireless ID module 4 as the authentication response command transmission destination in ST39. If the authentication request command is received via the reader / writer 5 (YES in ST39), the user recognition processing unit 25 sends an authentication response command to the wireless ID module 4 that is the transmission source of the authentication request command in ST40. Is transmitted wirelessly. In ST41, the main control unit 21 is notified of an authentication continuation command.

  The authentication response command is radiated as a radio wave from the reader / writer 5. At this time, if the wireless ID module 4 that is the transmission source of the authentication request command exists in the radio wave arrival area, the authentication response command is received by the wireless ID module 4. The wireless ID module 4 that has received the authentication response command wirelessly transmits the authentication request command again.

  Thereafter, the user recognition processing unit 25 performs a process of transmitting an authentication response command wirelessly to the wireless ID module 4 that is the transmission source of the authentication request command each time an authentication request command is received (YES in ST39), and main control. The process of notifying the unit 21 of the authentication continuation command is repeated.

  When the authentication request command for the ID response command cannot be received (NO in ST36), or when the authentication request command for the authentication response command cannot be received (NO in ST39), the user recognition processing unit 25 performs ST31. Return to. Then, it waits to recognize a new ID.

  The main control unit 21 that resets the operation prohibition flag in ST14 executes level-specific job processing as ST15. The procedure of the level-specific business process is specifically shown in FIG. That is, the main control unit 21 selects a task for which a rank equal to or lower than the authority level stored in the storage unit 22 as ST21 is set. Then, as ST22, a menu screen for the selected task is created and displayed on the display 29.

  In this state, the main control unit 21 waits for any work menu to be selected as ST23. During this standby, the main control unit 21 determines whether or not the current time has passed the end time stored in the storage unit 22 as ST24 (end time determination means).

  If any work menu is selected before the end time has elapsed (YES in ST23), the main control unit 21 executes information processing related to the work as ST25.

  The main control unit 21 waits for the end of one job selected as ST26. During this standby, the main control unit 21 determines whether or not an authentication continuation command is periodically received from the user recognition processing unit 25 in ST27. While the authentication continuation command is received (YES in ST27), one selected job is executed. When the authentication continuation command is interrupted (NO in ST27), the main control unit 21 forcibly terminates the job being executed as ST28. Then, this level-specific business process is terminated. When the level-specific job processing ends, the main control unit 21 returns to ST4. That is, an operation prohibition flag is set to prohibit input from the input unit (usage restricting means).

  When the information processing related to the selected one job is completed (YES in ST26), the main control unit 21 returns to ST22 and displays the job menu again. Thereafter, when any of the business menus is selected, the main control unit 21 executes information processing related to the business. Further, when the end time has elapsed, the main control unit 21 ends the level-specific job processing. When the level-specific job processing ends, the main control unit 21 returns to ST4. That is, an operation prohibition flag is set to prohibit input from the input unit (usage restricting means).

  As described above, each information processing apparatus 2 stores schedule data including a user ID of a user who is permitted to use the information processing apparatus 2, a use time zone (disclosure time to an end time), and an authority level. The A user carrying the wireless ID module 4 approaches the information processing device 2 in a state where the operation prohibition flag is set, that is, an input from the input unit is prohibited, and is stored in the wireless ID module 4 When the ID is read by the reader / writer 5 in a non-contact manner, the user ID of the schedule data having the use time zone as that time is compared with the user ID read from the wireless ID module 4 by the reader / writer 5. . If both user IDs match, the operation prohibition flag is reset. That is, the input prohibited state is released. Thus, a person who approaches the information processing apparatus 2 can use the apparatus 2 to execute information processing related to a business for which a rank equal to or lower than his authority level is set.

  If the two user IDs do not match, the operation prohibition flag is not reset. Accordingly, a person who has a user ID other than the user ID of the schedule data having the current time as the usage time zone cannot use the information processing apparatus 2.

  After the input prohibited state is released, it is continuously checked whether the wireless ID module 4 storing the user ID is recognized by the reader / writer 5. Further, every time information processing related to one business is completed, it is determined whether or not the usage time period of the schedule data for the user ID has elapsed. When the wireless ID module 4 storing the user ID cannot be recognized by the reader / writer 5, or when the usage time period has elapsed, the operation prohibition flag is set. That is, input from the input unit is prohibited. Therefore, after the user leaves the information processing apparatus 2 or the usage time period has elapsed, the apparatus 2 cannot be used.

  Next, as an application example of the use restriction system in the present embodiment, a case where it is applied to a POS (Point Of Sales) system constructed in a supermarket or the like will be described. The POS system is generally composed of a plurality of POS terminals and a store controller. Each POS terminal is necessary for executing registration operations for registering sales data of products purchased by customers, settlement operations for collecting sales by collecting the registered product sales data, and operations such as registration and settlement. An information processing apparatus having an information processing function related to various tasks such as a setting task for setting data. Each POS terminal is operated by a store clerk called a cashier or the like. A detailed work schedule is determined in advance for each store clerk, and each store clerk enters a checkout counter of the store according to the work schedule and operates a POS terminal of the counter to ask a shopper.

Now, it is assumed that schedule data D1 to D7 having the contents shown in FIG.
The schedule data D1 indicates that the cashier specified by the user ID [100002] whose authority level is L1 uses the POS terminal in which the device ID [2003] is set from 10:00 to 12:00. ing.
The schedule data D2 indicates that the cashier specified by the user ID [100004] whose authority level is L2 uses the POS terminal in which the device ID [2001] is set from 10:00 to 11:30. ing.
The schedule data D3 indicates that the cashier specified by the user ID [100005] whose authority level is L1 uses the POS terminal in which the device ID [2002] is set from 10:00 to 12:00. ing.
The schedule data D4 indicates that the cashier specified by the user ID [100003] whose authority level is L3 uses the POS terminal set with the device ID [2001] from 11:30 to 13:30. ing.
The schedule data D5 indicates that the cashier specified by the user ID [100004] whose authority level is L2 uses the POS terminal in which the device ID [2002] is set from 12:00 to 13:30. ing.
The schedule data D6 indicates that the cashier specified by the user ID [100001] whose authority level is L1 uses the POS terminal in which the device ID [2003] is set from 12:00 to 14:00. ing.
The schedule data D7 indicates that the cashier specified by the user ID [100002] whose authority level is L1 uses the POS terminal in which the device ID [2002] is set from 13:00 to 14:30. ing.

  Such work schedules of the schedule data D1 to D7 are summarized for each POS terminal as shown in FIG. That is, the POS terminal set with the device ID [2001] is allowed to use the cashier specified by the user ID [100004] from 10:00 to 11:30, and from 11:30 to 13:30. Until then, the use of the cashier specified by the user ID [100003] is allowed. The POS terminal set with the device ID [2002] is allowed to use the cashier specified by the user ID [100005] from 10:00 to 12:00, and from 12:30 to 13:30. Use of the cashier specified by the user ID [100004] is allowed, and use of the cashier specified by the user ID [100002] is allowed from 13:00 to 14:30. Incidentally, from 13:00 to 13:30, the use of the two cashiers specified by the user ID [100004] or the cashier specified by the user ID [100002] is allowed. The POS terminal set with the device ID [2003] is allowed to use the cashier specified by the user ID [100002] from 10:00 to 12:00, and from 12:00 to 14:00. Use of the cashier specified by the user ID [100001] is allowed.

  Schedule data D2 and D4 are distributed from the schedule management server 3 to the POS terminal to which the device ID [2001] is set. Schedule data D3, D5, and D7 are distributed to the POS terminal in which the device ID [2002] is set. Schedule data D1 and D6 are distributed to the POS terminal in which the device ID [2003] is set.

  Now, it is assumed that the behavior of the cashier specified by the user ID [100004] is arrows A to E in FIG. An arrow A indicates that the cashier has entered the wireless communication area of the reader / writer 5 attached to the POS terminal in which the device ID [2001] is set after 10:00. In this case, the POS terminal recognizes the user ID [100004] of the wireless ID module 4 carried by the cashier. In the POS terminal, the schedule data D2 in which the use time zone from 10:00 to 11:30 is set is effective. Since the user ID of the schedule data D2 is [100004], both IDs match. Therefore, the use prohibition flag is reset in the POS terminal. That is, input from the input unit is possible. A business menu is also displayed.

  Now, it is assumed that the rank of the registered work is “1”, the rank of the settlement work is “2”, and the rank of the set work is “3”. As a result, since the authority level of the cashier is “2”, a registration menu and a checkout service menu are displayed at the POS terminal with the device ID [2001]. That is, the cashier can execute information processing related to a business menu of either registration business or checkout business.

  An arrow B indicates that the cashier has left the wireless communication area of the reader / writer 5 attached to the POS terminal with the device ID [2001] before 11:30. In this case, since the authentication continuation command with the user ID [100004] stops in the POS terminal, the use prohibition flag is set. That is, input from the input unit is prohibited.

  The arrow C indicates that the cashier has reentered the wireless communication area of the reader / writer 5 attached to the POS terminal with the device ID [2001] after 11:30. In this case, the POS terminal recognizes the user ID [100004] of the wireless ID module 4 carried by the cashier. In the POS terminal, the schedule data D4 in which the use time zone from 11:30 to 13:30 is set is effective. Since the user ID of the schedule data D4 is [100003], the two IDs do not match. Therefore, in the POS terminal, the use prohibition flag remains reset. That is, the input prohibited state is continued.

  The arrow D indicates that the cashier has entered the wireless communication area of the reader / writer 5 attached to the POS terminal in which the device ID [2002] is set at 12:00. In this case, the POS terminal recognizes the user ID [100004] of the wireless ID module 4 carried by the cashier. In the POS terminal, the schedule data D5 in which the use time zone from 12:00 to 13:30 is set is effective. Since the user ID of the schedule data D5 is [100004], both IDs match. Therefore, the use prohibition flag is reset in the POS terminal. That is, input from the input unit is possible. A business menu is also displayed. Also in this case, since the business menu of the registration business and the settlement business is displayed, the cashier executes information processing regarding any business.

  An arrow E indicates that the cashier has left the wireless communication area of the reader / writer 5 attached to the POS terminal with the device ID [2002] before 13:30. In this case, since the authentication continuation command with the user ID [100004] stops in the POS terminal, the use prohibition flag is set. That is, input from the input unit is prohibited.

  Further, it is assumed that the behavior of the cashier specified by the user ID [100002] is arrows F to J in FIG. An arrow F indicates that the cashier has entered the wireless communication area of the reader / writer 5 attached to the POS terminal in which the device ID [2003] is set after 10:00. In this case, the POS terminal recognizes the user ID [100002] of the wireless ID module 4 carried by the cashier. In the POS terminal, the schedule data D1 in which the use time zone from 10:00 to 12:00 is set is valid. Since the user ID of the schedule data D1 is [100002], both IDs match. Therefore, the use prohibition flag is reset in the POS terminal. That is, input from the input unit is possible. A business menu is also displayed. Since the authority level of the cashier is “1”, a business menu for registered business is displayed. That is, the cashier can execute information processing related to the registration work.

  The arrow G indicates that the cashier has finished the work being executed at the POS terminal with the device ID [2003] after 12:00. In this case, the use prohibition flag is set in the POS terminal because the end time of the schedule data D1 has elapsed. That is, input from the input unit is prohibited.

  An arrow H indicates that the cashier has entered the wireless communication area of the reader / writer 5 attached to the POS terminal in which the device ID [2002] is set before 13:00. In this case, the POS terminal recognizes the user ID [100002] of the wireless ID module 4 carried by the cashier. In the POS terminal, the schedule data D5 in which the use time zone from 12:00 to 13:30 is set is effective. Since the user ID of this schedule data D5 is [100004], the two IDs do not match. Therefore, in the POS terminal, the use prohibition flag remains reset. That is, the input prohibited state is continued.

  The arrow I indicates that the cashier has entered the wireless communication area of the reader / writer 5 attached to the POS terminal set with the device ID [2002] after 13:00. In this case, the POS terminal recognizes the user ID [100002] of the wireless ID module 4 carried by the cashier. Further, in the POS terminal, schedule data D5 in which a usage time zone from 12:00 to 13:30 is set, and schedule data D7 in which a usage time zone from 13:00 to 14:30 is set. Is effective. Since the user ID of the schedule data D7 is [100002], both IDs match. Therefore, the use prohibition flag is reset in the POS terminal. That is, input from the input unit is possible. A business menu is also displayed. In this case as well, since the business menu of the registration work is displayed, the cashier executes information processing related to the registration work.

  The arrow J indicates that the cashier has left the wireless communication area of the reader / writer 5 attached to the POS terminal with the device ID [2002] before 14:30. In this case, since the authentication continuation command for the user ID [100002] is interrupted in the POS terminal, the use prohibition flag is set. That is, input from the input unit is prohibited.

  As described above, according to the present embodiment, the person carrying the wireless ID module 4 in which the user ID is set only enters the wireless communication area of the reader / writer 5 attached to the information processing apparatus 2. Then, the input prohibition state of the information processing apparatus 2 is not released. The person who carries the wireless ID module 4 in which the “user ID valid in the use time zone including the current time” stored as schedule data in the information processing apparatus 2 is released is released from the input prohibition state. Is only in the wireless communication area of the reader / writer 5. That is, only the user corresponding to the schedule data registered in advance can use the information processing apparatus 2. Therefore, for example, the use of a person who illegally obtained the wireless ID module 4 can be excluded with high reliability. In addition, even when a person who has a wireless ID module legitimately uses the device, this unauthorized use can be prevented.

[Second Embodiment]
This embodiment is an example based on another aspect of the present invention.
FIG. 11 shows an overall system diagram of the present embodiment. In addition, the same code | symbol is attached | subjected to the part which is common in 1st Embodiment, and detailed description is abbreviate | omitted. An information processing device 2A, a schedule management server 3, and an entrance management device 90 of the entrance management system 9 are connected via the communication line 1. The information processing apparatus 2B is a stand-alone type that is not connected to the communication line 1.

  The schedule management server 3 manages the user database 6 and the schedule database 7. The schedule database 7 is the same as that in the first embodiment. As shown in FIG. 12, user data including user ID, name, authority level, and biometric information is registered in the user database 6. The biometric information is, for example, a fingerprint. Here, the user database 6 functions as a biological information database. The biological information is not limited to fingerprints, and may be physical characteristics such as palm prints, handprints, veins on the back of hands, irises, faces, and voices, and physical characteristics such as handwriting and keystrokes.

  The admission management system 9 manages the admission to the facility where each information processing device 2 is placed. The admission management device 90, the biological information reading device 91, the wireless reader / writer 92, and the ticket issuing device 93 are used. It is composed of The biometric information reading device 91, the reader / writer 92, and the ticket issuing device 93 are each connected to the entrance management device 90.

  The biometric information reader 91 reads a visitor's biometric information, for example, a fingerprint. The reader / writer 92 functions as a wireless communication unit that performs wireless communication with the wireless ID module 4. The reader / writer 92 is provided at the entrance of the facility. The ticket issuing device 93 will be described later.

  Also in the present embodiment, the wireless ID module 4 has a shape that the user can always carry as a name tag, for example, and the appearance is the same as that of the first embodiment shown in FIG. As shown in FIG. 13, the hardware configuration includes an antenna 43 and an IC chip 44 mounted on a main body 40, and a CPU 441, a nonvolatile memory 442, and a wireless circuit 443 are mounted on the IC chip 44. Has been. In the memory 442, a storage area for electronic ticket information is formed in addition to a user ID area for storing an ID unique to the user and a key management area for storing an encryption key and a decryption key.

  Each information processing apparatus 2 (2A, 2B,...) Has a common basic configuration, and the common part is shown in the block diagram of FIG. As apparent from comparison with the first embodiment shown in FIG. 6, the information processing apparatus 2 of the second embodiment includes a ticket inspection unit 250 instead of the user recognition processing unit 25. Yes.

  Although not shown, one information processing apparatus 2A has a LAN 1 connected to the communication unit 24, and performs data communication with the schedule management server 3 connected via the LAN 1. In the other information processing apparatus 2 </ b> B, a LAN is not connected to the communication unit 24. The information processing apparatus 2B may not include the communication unit 24.

  The main operation procedure of the entrance management device 90 is shown in the flowchart of FIG. As shown in the figure, the admission management device 90 waits for reception of the user ID stored in the wireless ID module 4 as ST51. When a prospective person carrying the wireless ID module 4 approaches the entrance, the user ID stored in the memory 442 of the wireless ID module 4 is read by the reader / writer 92 in a non-contact manner. The user ID read by the reader / writer 92 is sent to the entrance management device 90.

  When the admission management device 90 receives the user ID read by the reader / writer 92 (YES in ST51), the admission management device 90 uses the user ID identified by the user ID to the schedule management server 3 connected via the LAN 1 as ST52. The biometric information of the person is requested (biological information acquisition means). Upon receiving this request, the schedule management server 3 searches the user database 6 and reads the name, authority level, and biometric information of the user data stored corresponding to the user ID. Then, the read name, authority level, and biometric information are transmitted to the entrance management device 90 via the LAN 1.

  The admission management device that has requested the biometric information waits for reception of biometric information as ST53 and ST54. If the biometric information cannot be received after a certain period of time has elapsed (YES in ST54), the entrance management device 90 returns to ST51 and waits for reception of the next user ID.

  When the name, authority level, and biometric information are received from the schedule management server 3 (YES in ST53), the admission management device 90 executes biometric authentication processing as ST55. That is, it is determined whether the biometric information read by the biometric information reading device 91 matches the biometric information received from the schedule management server 3 (biometric information collating unit). As a result, when it is determined that they do not match (NO in ST56), the entrance management device 90 returns to ST51 and waits for reception of the next user ID. This event may occur when the wireless ID module 4 is carried by someone other than the person.

  When the person carries the wireless ID module 4, the biometric information matches. If they match (YES in ST56), admission management device 90 requests schedule data including the user ID from schedule management server 3 in ST57 (schedule requesting means). The schedule management server 3 searches the schedule database 7 with the requested user ID and extracts all the schedule data including the user ID. Then, the extracted schedule data is distributed to the entrance management device 90 via the LAN 1 (schedule distribution means).

  The admission management device 90 that requested the schedule data waits for the schedule data to be distributed as ST58 and ST59. If the schedule data is not distributed even after a predetermined time has elapsed (YES in ST59), the entrance management device 90 returns to ST51 and waits for reception of the next user ID. For example, this may occur when the schedule data including the user ID of the prospective admission person is not registered in the schedule database 7. That is, a prospective person whose schedule data is not registered in the schedule database 7 cannot enter the facility even if he / she carries the regular wireless ID module 4.

  When the schedule data is distributed (YES in ST58), the admission management device 90 transmits the schedule data to the ticket issuing device 93 as ST60, and issues an instruction to issue an electronic ticket.

  Upon receiving this instruction, the ticket issuing device 93 electronically describes the start time, end time, device ID and authority level electronically for each schedule data received from the ticket issuing device 93, as shown in FIG. Information T1, T2,... Is created. The created electronic ticket information T1, T2,... Is sent to the entrance management device 90 (ticket issuing means).

  In ST61, the admission management device 90 performs wireless communication with the wireless ID module 4 in which the user ID is recorded via the reader / writer 92, and the electronic ticket information T1, T2,. Write (ticket information writing means).

  A reception response signal is transmitted from the wireless ID module 4 in which the electronic ticket information T1, T2,. When the admission management device 90 receives the receipt response signal, the admission management device 90 executes admission management processing. In the entrance management process, for example, the entrance is unlocked. In addition, the name and the entry time of the user specified by the user ID are recorded. When the entrance management process is completed, the entrance management device 90 returns to ST51 and waits for reception of the next user ID.

  Therefore, when a prospective person whose schedule data is registered in the schedule database 7 performs biometric authentication at the entrance and is approved, the wireless ID module 4 carried by the prospective person is Electronic ticket information T1, T2,... According to its own schedule data is written. When the writing of the electronic ticket information T1, T2,... Is completed, entry into the facility becomes possible.

  A user who enters the facility approaches the information processing apparatus 2A or 2B that he / she intends to use. A reader / writer 5 is attached to the information processing apparatus 2A or 2B, and when entering the wireless communication area, a response wave including the user ID is transmitted from the wireless ID module 4 carried by the user. Is done. This response wave is received by the antenna 51 of the reader / writer 5. The reader / writer 5 reads the user ID from the response wave and transmits it to the ticket checking unit 250.

  As shown in FIG. 17, the ticket inspection unit 250 waits for a user ID to be received as ST71. When the user ID is received via the reader / writer 5 (YES in ST71), the ticket inspection unit 250 transmits an electronic ticket request command including the user ID. This command is wirelessly transmitted from the antenna 51 of the reader / writer 5.

  The electronic ticket request command is received by the wireless ID module 4 that stores the user ID included in the command. The wireless ID module 4 that has received the command transmits a response wave including the electronic ticket information T1, T2,... Written in the memory 442. This response wave is received by the antenna 51 of the reader / writer 5. The reader / writer 5 reads the electronic ticket information T1, T2,... From the response wave, and transmits the electronic ticket information T1, T2,.

  The ticket inspection unit 250 waits for reception of electronic ticket information T1, T2,... ST73 and 74 (ticket acquisition means). If the electronic ticket information T1, T2,... Cannot be received within a predetermined time (YES in ST74), the process returns to ST71 and waits for the next user ID. This event can occur, for example, when the user leaves the wireless communication area.

  When the electronic ticket information T1, T2,... Is received (YES in ST73), the ticket inspection unit 250 analyzes the electronic ticket information T1, T2,. Then, whether there is electronic ticket information in which the device ID set for itself as ST76 is recorded, and if it exists (YES in ST76), the start time of the electronic ticket information as ST77 It is determined whether or not the current time is included in the use time zone from the end time to the end time. The device ID is stored in the storage unit 22. The current time is measured by the clock unit 23. The ticket inspection unit 250 acquires the device ID and current time information via the main control unit 21, and uses them for analysis of the electronic ticket information T1, T2,. Note that the storage unit 22 and the clock unit 23 may be directly connected to the ticket inspection unit 250 so as to acquire information on the device ID and the current time without going through the main control unit 21.

  When there is no electronic ticket information recording the device ID set for itself (NO in ST76), or when the current time is not included in the use time zone from the start time to the end time (ST77) NO), the ticket inspection unit 250 returns to ST71 and waits for the next user ID. This phenomenon may occur when the user approaches an information processing apparatus 2 other than the information processing apparatus 2 that has scheduled work, or approaches the information processing apparatus 2 at a time other than the scheduled use time zone.

  If there is electronic ticket information in which the device ID set for itself is recorded (YES in ST76), and the current time is included in the use time zone from the start time to the end time (in ST77) YES), the ticket inspection unit 250 notifies the main control unit 21 of an authentication success command in ST78. The authentication success command includes the end time and authority level of the corresponding electronic ticket information.

  On the other hand, the wireless ID module 4 that transmitted the electronic ticket information T1, T2,... Transmits an authentication request command. The ticket checking unit 250 determines whether an authentication request command has been received from the wireless ID module 4 in ST79. If the authentication request command is received via the reader / writer 5 (YES in ST79), the ticket inspection unit 250 wirelessly sends an authentication response command to the wireless ID module 4 that is the authentication request command transmission source in ST80. Send it. In ST81, the main control unit 21 is notified of an authentication continuation command.

  The authentication response command is radiated as a radio wave from the reader / writer 5. At this time, if the wireless ID module 4 that is the transmission source of the authentication request command exists in the radio wave arrival area, the authentication response command is received by the wireless ID module 4. The wireless ID module 4 that has received the authentication response command wirelessly transmits the authentication request command again.

  Thereafter, each time the ticket inspection unit 250 receives the authentication request command (YES in ST79), the main control unit 21 performs processing for wirelessly transmitting an authentication response command to the wireless ID module 4 that is the authentication request command transmission source. The process of notifying the authentication continuation command is repeated.

  By the way, when the information processing apparatus 2 is activated, the main control unit 21 starts processing of the procedure shown in the flowchart of FIG. First, an operation prohibition flag is set in ST91. Also in the present embodiment, when the operation prohibition flag is set, the main control unit 21 inputs from the input unit such as the keyboard 28, the pointing device, the scanner, and the touch panel among the peripheral devices connected to the device interface 26. Is prohibited (input prohibition means).

  In this state, the main control unit 21 waits for an authentication success command to be notified from the ticket checking unit 250 in ST92. When the authentication success command is notified from the ticket inspection unit 250, the main control unit 21 resets the operation prohibition flag in ST93. Thereby, the input prohibition state from the input unit such as the keyboard 28, the pointing device, the scanner, and the touch panel is released (use permission unit).

  After resetting the operation prohibition flag, the main control unit 21 selects a task for which a rank equal to or lower than the authority level included in the authentication success command is set in ST94. Then, in ST95, a menu screen for the selected job is created and displayed on the display 29.

  In this state, the main control unit 21 waits for any work menu to be selected in ST96. During this standby, the main control unit 21 determines whether or not the current time has passed the end time included in the authentication success command as ST97 (end time determination means).

  If any work menu is selected before the end time elapses (YES in ST96), the main control unit 21 executes the work process as ST98. That is, the information input via the input unit is processed.

  The main control unit 21 waits for one job selected as ST99 to end. During this standby, the main control unit 21 determines whether or not an authentication continuation command is periodically received from the ticket checking unit 250 as ST100. While the authentication continuation command is received (YES in ST100), one selected job is executed. When the authentication continuation command is interrupted (NO in ST100), the main control unit 21 forcibly terminates the job being executed as ST101. Then, returning to ST91, the operation prohibition flag is set, and input from the input unit is prohibited (usage restricting means).

  When one selected job is completed (YES in ST99), the main control unit 21 returns to ST95 and displays the job menu again. Thereafter, when any one of the business menus is selected, the main control unit 21 executes the business process. If the end time has elapsed, the main control unit 21 returns to ST91. That is, an operation prohibition flag is set to prohibit input from the input unit (usage restricting means).

  As described above, in the second embodiment, even a person carrying the wireless ID module 4 with the user ID set can always enter the facility where the information processing apparatus 2 is installed. is not. Only users who are registered with schedule data scheduled to use any of the information processing devices 2 are permitted to enter.

  Also, just because you enter the facility does not mean that you can use all the information processing devices in the facility. Use is permitted only for the device with the device ID registered in the schedule data. In addition, the usable time zone is limited to the usage time zone registered in the schedule data. Therefore, as in the first embodiment, the use of a person who obtained the wireless ID module 4 illegally can be eliminated with a high probability. In addition, even when a person who has a wireless ID module legitimately uses the device, this unauthorized use can be prevented.

  Incidentally, in the second embodiment, the information processing apparatus 2 only needs to confirm the electronic ticket information T1, T2,... Stored in the wireless ID module 4. Therefore, the load required for the authentication process can be reduced as compared with the first embodiment. As a result, the information processing apparatus may be a device with low processing capability. In addition, since it is not always necessary to connect to the server, the use of a single information processing apparatus such as a stand-alone type can be surely restricted.

The present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage.
For example, in each of the embodiments, as the usage declaration unit, the ID received from the wireless ID module is recognized by the wireless communication unit while the input prohibition state is canceled by the usage permission unit, and the user ID When the ID acquired by the acquiring unit cannot be recognized, the input prohibiting state by the input prohibiting unit is validated, and when the end time determining unit determines that the use time period has elapsed, the input prohibiting state by the input prohibiting unit However, the usage declaration means is not limited to these. Moreover, the information processing apparatus provided only with any one means may be sufficient.

  In the second embodiment, the main field authentication of the person carrying the wireless ID module is performed using the biometric information. However, the personal authentication method is not limited to this. For example, the user may be authenticated by inputting a password. Also, personal authentication is not necessarily required.

  In addition, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, the constituent elements over different embodiments may be combined.

The system block diagram in the 1st Embodiment of this invention. The schematic diagram which shows the data structure of the user database in the said 1st Embodiment. The schematic diagram which shows the data structure of the schedule database in the said 1st Embodiment. FIG. 3 is an external view of the wireless ID module according to the first embodiment. The block diagram which shows the principal part structure of the radio | wireless ID module in the said 1st Embodiment. The block diagram which shows the principal part structure of the information processing apparatus in the 1st Embodiment. The flowchart which shows the procedure of the process in connection with the user restriction | limiting function which the main control part of information processing apparatus performs in the 1st Embodiment. The flowchart which shows the procedure of the business processing classified by level in FIG. The flowchart which shows the procedure of the process in connection with the user restriction | limiting function which the user recognition process part of information processing apparatus performs in the said 1st Embodiment. The timing diagram used for description of one application example in the embodiment. The system block diagram in the 2nd Embodiment of this invention. The schematic diagram which shows the data structure of the user database in the said 2nd Embodiment. The block diagram which shows the principal part structure of the radio | wireless ID module in the said 2nd Embodiment. The block diagram which shows the principal part structure of the information processing apparatus in the 2nd Embodiment. The flowchart which shows the procedure of the process in connection with the user restriction | limiting function which an admission management apparatus performs in the said 2nd Embodiment. The figure which shows the example of a position of the electronic ticket information issued from a ticket issuing apparatus in the said 2nd Embodiment. The flowchart which shows the procedure of the process in connection with the user restriction | limiting function which the ticket inspection part of information processing apparatus performs in the said 2nd Embodiment. The flowchart which shows the procedure of the process in connection with the user restriction | limiting function which the main control part of information processing apparatus performs in the said 2nd Embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... Communication line, 2 (2A, 2B, ...) ... Information processing apparatus, 3 ... Schedule management server, 4 ... Wireless ID module, 5 ... Reader / writer, 6 ... User database, 7 ... Schedule database, 8 ... Maintenance PC ... 21 ... Main control unit 22 ... Storage unit 23 ... Clock unit 24 ... Communication unit 25 ... User recognition processing unit 26 ... Device interface 9 ... Admission management system 90 ... Admission management device 91 ... Biometric information reading device, 92 ... Reader / writer, 93 ... Ticket issuing device, 250 ... Ticket inspection unit.

Claims (6)

In an information processing apparatus that has an input unit and processes information input through the input unit,
Input prohibiting means for prohibiting input from the input unit;
Schedule storage means for storing schedule information including a user-specific ID and a usage time period permitted by the user;
Wireless communication means for wirelessly communicating with a wireless ID module carried by the user individually and transmitting a user-specific ID;
A time measuring means for measuring time;
A user ID acquisition means for acquiring the user's ID from the schedule storage means with the time being measured by the time measurement means as a use time zone;
When receiving an ID from the wireless ID module by the wireless communication means, an ID collating means for collating this ID with the ID obtained by the user ID obtaining means;
Use permission means for canceling the input prohibited state on condition that both IDs matched by the ID matching means match;
An information processing apparatus comprising: While the input prohibition state is canceled by the use permission unit, the wireless communication unit recognizes the ID received from the wireless ID module and the ID acquired by the user ID acquisition unit cannot be recognized. , Use restriction means for validating the input prohibited state by the input prohibition means,
The information processing apparatus according to claim 1, further comprising: Whether the usage time zone allowed by the user of the ID acquired by the user ID acquisition means has passed each time information processing of one job is completed while the input prohibition state is released by the use permission means End time determining means for determining whether or not,
When it is determined by the end time determining means that the use time period has elapsed, the use restricting means for validating the input prohibited state by the input prohibiting means;
The information processing apparatus according to claim 1, further comprising: A plurality of information processing devices each having an input unit and processing information input via the input unit; and a server formed by connecting the information processing devices via a communication line.
The server includes a schedule database that stores schedule information including an ID unique to a user, an ID unique to the information processing apparatus that is allowed to be used by the user, and a usage time zone;
When receiving a request for schedule information from the information processing device, the schedule information including an ID unique to the information processing device is extracted from the schedule database and distributed to the requesting information processing device,
Each of the information processing devices
Input prohibiting means for prohibiting input from the input unit;
Wireless communication means for wirelessly communicating with a wireless ID module carried by the user individually and transmitting a user-specific ID;
A time measuring means for measuring time;
Schedule request means for requesting schedule information for the device to the server;
A user ID acquisition means for acquiring a user ID having a time zone that is a time measured by the time measuring means from schedule information distributed from the server in response to the request by the schedule request means;
When receiving an ID from the wireless ID module by the wireless communication means, an ID collating means for collating this ID with the ID obtained by the user ID obtaining means;
A use restriction system for an information processing apparatus, comprising: a use permission unit that cancels the input prohibited state on condition that both IDs collated by the ID collation unit match. The information processing apparatus includes:
While the input prohibition state is canceled by the use permission unit, the wireless communication unit recognizes the ID received from the wireless ID module and the ID acquired by the user ID acquisition unit cannot be recognized. , Use restriction means for validating the input prohibited state by the input prohibition means,
The information processing apparatus use restriction system according to claim 4, further comprising: The information processing apparatus includes:
Whether the usage time zone allowed by the user of the ID acquired by the user ID acquisition means has passed each time information processing of one job is completed while the input prohibition state is released by the use permission means End time determining means for determining whether or not,
When it is determined by the end time determination means that the use time zone allowed for the user of the ID acquired by the user ID acquisition means has passed, the use restriction means for validating the input prohibited state by the input prohibition means When,
The information processing apparatus use restriction system according to claim 4 or 5, further comprising:

Images