JP2011108162A - Identification system, authentication station server and identification method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an identification system capable of appropriately performing, with respect to various visitors in society in general, identification thereof. <P>SOLUTION: The identification system includes an authentication station server 100 which holds and issues certification information on an employee belonging to a company and a first ID 121 identifying it; a device 240 carried by an employee (visitor 210), the device serving as a certificate with the first ID 121 being recorded thereon; and a medium (sticker 600) installed in a dwelling house 300 of a user (resident 310), on which a second ID 161 is recorded. When the device 240 is presented to the medium in visit, the second ID 161 and first ID 121 read by a reader function 250 are transmitted to the authentication station server 100. The authentication station server 100 transmits certificate information acquired from the first ID 121 to a device (331, 332) of a contact address acquired from the second ID 161 to display it. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a technique for proving the identity of a visitor or the like in a general household, and in particular, an identification system, a certificate authority server, and an identity certification that prove that a visitor or the like is an employee belonging to a specific company or the like. The present invention relates to a technique effective when applied to a method.

  In recent years, crimes that threaten the lives of the general public, such as so-called transfer fraud, malicious door-to-door fraud aimed at the elderly, etc.・ Many cases have occurred.

  These are mainly for the general public because there is a lack of information that can be obtained about callers and visitors at the front door, and it is difficult to immediately determine the identity of the other party only by clothes and speaking methods. Therefore, it is thought that it is because a criminal can easily disguise himself / herself.

  On the other hand, for example, as a measure to enable a resident such as a home to determine whether or not a visitor is a suspicious person, a video camera is installed at the front door, There is known a so-called TV door phone apparatus that transmits an image taken of a visitor to a monitor, television, mobile phone, etc. in the home and confirms the visitor via these terminals.

  Further, for example, in Japanese Patent Laid-Open No. 2006-54591 (Patent Document 1), in a conventional door phone device, who is a visitor of a monitor indoor unit is a visitor unless he / she sees a video of a visitor on a monitor display unit. In order to solve the problem of being unable to recognize a visitor, a visitor is identified by having a slave unit that detects a visitor and a parent unit that includes a speaker that informs the visitor of the visitor when a visitor is detected. For each QR code (quick response code), music information for identifying and reporting the visitor is stored, and when the visitor's mobile phone that records the QR code is detected by the proximity sensor on the slave side, The CCD camera starts imaging the QR code being displayed on the mobile phone, and the system control unit on the base unit reads out music information corresponding to the QR code captured by the CCD camera. It describes a television intercom device for speaker output.

  Further, for example, in Japanese Patent Application Laid-Open No. 2007-241501 (Patent Document 2), while installing an intelligent type TV door phone device in each house, each company or industry group distributes an ID card to a visitor. At the same time, biometric information such as facial images of each person in charge of visit is registered in the management server and linked to the management server of the third-party organization to obtain the ID card information, the registered biometric information, and the biometric information acquired from the TV door phone device. A visitor identification system for identifying a visitor by information is described.

JP 2006-54591 A JP 2007-241501 A

  As described above, in the conventional TV door phone device of the prior art, the resident is a person who is suspicious of the visitor only by the video information of the visitor's face and clothes, etc. displayed on the monitor etc. It may be difficult to correctly grasp the visitor's identity. Therefore, in such a case, for example, the resident requests the visitor to present something that can identify his / her identity such as an employee ID card. However, it is difficult for a resident to identify not only clothes but also employee ID cards that were created by forgery.

  On the other hand, for example, in the television door phone device described in Patent Document 1, it is possible to identify a visitor by information other than video and audio using a QR code. However, in the TV door phone device as described in Patent Document 1, each resident generates a QR code in advance for a family, a friend, or a visitor who is scheduled to re-deliver a courier service at a specified time. It is necessary to manage them in association with the visitors and to send the generated QR codes to the respective visitors. Therefore, the subject that the workload required for a resident's preparation etc. becomes large arises. In addition, both residents and visitors can respond only to the visitors in the closed range that the resident assumes and plans in advance, and cannot handle visitors in an unspecified range. For this reason, the scope of application is narrow and it is difficult to take a flexible response.

  Moreover, in the visitor identification system described in Patent Document 2, an unspecified visitor can be identified by the television door phone device reading information on the ID card and the biological information of the visitor. However, the TV door phone device requires a device for reading biological information with practically sufficient reading accuracy, and biometric information on the management server must be registered in advance in a management server of each company or the like. And biometric information read by the TV door phone device are sent to a third party for verification, and it is assumed that employees may feel resistance, and the scope of application is narrow for both residents and visitors. turn into.

  SUMMARY OF THE INVENTION An object of the present invention is to provide an identification system, a certificate authority server, and an identification method that enable appropriate identification of various visitors in society in general. In particular, it is an object of the present invention to be able to realize this identification function / service with low workload and facility introduction costs for both residents and visitors. The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

  Of the inventions disclosed in this application, the outline of typical ones will be briefly described as follows.

  The identification system according to the representative embodiment of the present invention is based on company information obtained from a company and including information on employees belonging to the company, and the employee belongs to the company. A certificate authority that generates certification information to be certified and first identification information for specifying the certification information, holds the certification information in an identification information database, and issues the first identification information to the company (employee) A server and a recording medium having the first identification information for identifying the certification information corresponding to the employee possessed by the employee (visitor) and connected to the certificate authority server via a network A device having a communication function (device serving as a visitor's certificate, for example, a mobile phone), and a medium in which second identification information is recorded (e.g., at the entrance of a residence of a resident (user)) Stickers etc.) .

  The certificate authority server registers one or more contact information (such as a communication address of the device) related to the resident (visit to the residence) based on an operation from the resident, etc. The information and the second identification information are stored in the contact registration information database in association with each other. The contact device is, for example, a monitor device in the residence, a mobile phone held by the resident, or the like.

  The apparatus serving as the certificate includes a reader function that reads the second identification information in the medium. Upon the visit of the residence by the employee (visitor), the certificate device is presented to the medium. At this time, the device serving as the certificate reads the second identification information in the medium by the reader function, and the device serving as the certificate (such as a reader function or a communication function) reads the second identification information that has been read. Information including both the information and the first identification information recorded in the device is transmitted to the certificate authority server via the network.

  The certificate authority server performs authentication processing by comparing information received from the device serving as the certificate with information stored in the database. The certificate authority server obtains the corresponding (visitor's) certification information identified by the first identification information and the corresponding (resident's identification) identified by the second identification information. ) Obtain the contact information. The certificate authority server transmits information including the acquired certification information (or authentication processing result information) to the contact address.

  The contact device outputs (displays on the screen, etc.) information from the certificate authority server. As a result, the resident (user) is notified (notified) about the visit.

  The representative embodiment of the present invention can also be applied to a certificate authority server and an identification method.

  Among the inventions disclosed in the present application, effects obtained by typical ones will be briefly described as follows.

  According to a typical embodiment of the present invention, a resident (user) obtains information related to a visitor from identification information about an employee of each company managed by a certificate authority. As a result, it is possible to check the company to which the affiliation belongs, and it becomes possible for residents to respond after understanding the characteristics of various visitors in society in general, and security can be greatly improved.

  In addition, it is possible for visitors to prove their identity to residents without disclosing information related to privacy such as their address, and to prove that they are not suspicious persons. Efficiency related to performance can be improved.

  In particular, the functions and services of identification in this system (identification for visitors, confirmation of visitor's identity for residents, etc. and communication of visitor information when absent, etc.) are provided for both residents and visitors. The work load and equipment introduction cost can be reduced.

It is the figure shown about the outline | summary of the structural example of the identification system which is one embodiment of this invention. It is the figure shown about the example (the 1) of the flow of the visitor identification process in one embodiment of this invention. It is the figure shown about the example (the 2) of the flow of the visitor identification process in one embodiment of this invention. It is the figure shown about the example of flows, such as a contact registration process in one embodiment of this invention. (A), (b) is the figure shown about the example of the data structure of the identification information in one embodiment of this invention. It is the figure shown about the example of the data structure of the authentication log in one embodiment of this invention. It is the figure shown about the example of the data structure of the contact registration information in one embodiment of this invention.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted.

<Overview>
The identification system according to one embodiment of the present invention is not limited to a closed range but widely used in general society as an identification information that is widely used in general society for employees visiting businesses such as general households. It has a certificate authority server that holds identification information that proves that an employee belongs to the company or the like correctly.

  An employee (visitor), for example, a device (for example, a certificate) issued by recording identification information (first ID) specifying identification information held by a certificate authority server on an IC chip or the like. Carry a mobile phone) and visit a home. Examples of such visits include collection and delivery by courier, individual delivery of food and daily necessities, delivery of registered mail and parcels, inspection and inspection of electricity, water and gas, fires by fire stations, etc. Inspection and inspection of equipment such as alarms, visits by public organizations such as the police and census officials, collection of newspapers and other products, and door-to-door sales are assumed.

  Here, for example, an employee uses a device (mobile phone) as a certificate including the first ID for a secure sticker (built-in IC chip) that is a medium installed at a front door of a visited residence. Phone). This device (mobile phone) has a reader function for reading identification information (second ID) recorded in the IC chip of the secure sticker. This device (mobile phone) transmits information including the second ID read by the reader function and the first ID of the device to the certificate authority server via the network.

  The certificate authority server performs authentication processing while collating with database information based on information received from the device. The certificate authority server obtains (visitor's) identification information corresponding to the first ID and (resident's) contact information corresponding to the second ID. Based on the result, the certificate authority server transmits the information including the identification information to a device or the like corresponding to the contact address via the network. The received identification information or the like is displayed on the screen corresponding to the contact information such as a monitor in the house. This makes it possible for the resident to grasp the identity of the visitor (identification of whether it is a suspicious person, etc.) before actually opening the front door and responding to the visitor.

  The contact information can be registered and changed by the user (resident) with respect to the certificate authority server. In the certificate authority server, the contact information and the second ID of the sticker are associated and managed in the database.

  Here, in the above example, the processing model consisting of the certificate authority server, the certificate possessed by the employee such as a company, and the identification / acquisition of identification information at the visited residence is widely used in networks such as the Internet now. The server certificate mechanism used is applied to real life in general society.

  That is, in the identification system of the present embodiment, the certificate authority server that performs employee identification corresponds to a so-called root certificate authority in the server certificate mechanism, and holds identification information in the certificate authority server; Issuing an identification certificate (device serving as a certificate) by recording identification information (first ID) identifying identification information on an IC chip or the like is equivalent to issuing a server certificate at a root certificate authority. . In addition, it is a Web browser in the server certificate mechanism that an employee who possesses a certificate device visits a residence such as a general household and presents the certificate device on a secure sticker to perform identification. It corresponds to the acquisition of the server certificate by etc. and the verification by the root certificate.

[System configuration]
FIG. 1 is a diagram showing an outline of a configuration example of an identification system that is an embodiment of the present invention. The identification system includes, for example, a certificate authority server 100, a device (mobile phone) 240 that is a certificate possessed by a visitor 210 to the residence 300, a sticker (secure sticker) 600 installed in the residence 300, It has a monitor 331 installed in the residence 300 and used / viewed by the resident 310, and a device (contact device) such as a mobile phone 332 possessed by the resident 310. The certificate authority server 100 and the apparatus 240 can be connected via a network 400 such as the Internet or a mobile phone network. The certificate authority server 100 and the contact devices (331, 332) are connectable via the network 400.

  A contact device such as the monitor 331 and the mobile phone 332 is a device having a communication function connected to the network 400, an output function such as a screen and a voice, and the like. The monitor 331 may be, for example, a display such as a general TV or PC, an indoor unit of a door phone device, or the like, and is a device connected to the network 400 via another communication device. Also good.

  The sticker 600 is a medium (device) used for confirming the visitor's identity, and is attached to, for example, the entrance of the residence 300. An IC chip 610 is sealed in the sticker 600, and the second ID 161 is recorded in the IC chip 610. The sticker 600 can be mounted by applying a technology such as an RFID IC tag. The sticker 600 is not limited to a sticker (seal), and any means can be applied as long as the sticker 600 can be fixed at a predetermined position such as a front door. The sticker 600 is mounted as a device independent of the monitor 331 in the residence 300 and a device such as an outdoor unit of a door phone device, for example, and is not communicatively connected to them. In addition, a special device (for example, an outdoor unit of a dedicated door phone device) other than this is unnecessary at the entrance where the sticker 600 is installed.

  On the surface of the sticker 600, predetermined information (words, images, etc.) regarding the name and contents of the system (service) is described. For example, it is described that “a visitor is confirmed by a mobile phone (certificate) in this house”, “a visitor must present a mobile phone (certificate)”, and the like. The visitor 210 can recognize that the device 240 can be presented (i.e., contact of visit) by looking at the sticker 600. Moreover, since it has a warning function in advance only by sticking this sticker 600 to a front door etc. with respect to a malicious visitor, a malicious motive can be reduced.

  The certificate authority server 100 is configured by a computer system, for example, an authentication unit 110, a certification information generation unit 120, a contact registration unit 150, an authentication log 131, identification information 132, and contact registration information implemented by a software program. 151 databases.

  The certification information generation unit 120 acquires certification information about the employee from the company to which the visitor 210 (employee) belongs, generates certification information about the employee, and creates identification information 132. Has the function of recording. At this time, the first ID 121 for specifying the certification information is generated and issued.

  The certificate device 240 is a means for recording and holding information including the first ID 121 issued by the certification information generation unit 120 of the certificate authority server 100, a communication function for the network 400, and a reader that reads information on the sticker 600. This is a device having a function 250 and the like. In the present embodiment, the device 240 is implemented as a mobile phone including an IC chip (or IC card, memory, etc.) on which the first ID 121 is recorded, and other general input / output means such as a liquid crystal display screen and operation buttons. can do. The device 240 has, for example, a security function and is compatible with FeliCa (registered trademark) IC cards and mobile FeliCa / Osaifu-Keitai (registered trademark), which are widely used in recent years as a technology for contactless IC cards. Can be implemented as a mobile phone. In this case, a card reader having a reader function of the FeliCa chip may be used as the reader function 250. Note that such a configuration may be used when the first ID 121 can be held without the IC chip or the like due to the mounting configuration of the device 240.

  The reader function 250 of the device 240 displays information (second ID 161) recorded in the IC chip 610 in the sticker 600 in accordance with the presentation of the device 240 to the sticker 600 by the visitor 210 (operation such as holding the sticker 600). Can be read. Note that the means for reading the second ID 161 in the sticker 600 by the reader function 250 is not limited to the means using FeliCa described above, and various means can be applied.

  The device 240 (mobile phone) may include an application program dedicated to visitors. Accordingly, a graphical user interface may be provided for the visitor 210 to perform operations related to the services and functions of the system. Even if such a dedicated function is not provided, it is possible to provide a mechanism for automatically contacting the visitor simply by presenting the device 240 on the sticker 600.

  The apparatus 240 uses the communication function to transmit information including both the second ID 161 read from the sticker 600 (IC chip 610) and the first ID 121 recorded in the apparatus 240 via the network 400. Then, it has a function of sending an authentication request to the certificate authority server 100.

  The authentication unit 110 has a function of receiving an authentication request (transmission information) from the device 240 of the visitor 210, performing an authentication process, and transmitting information to a device serving as a contact based on the result. In the authentication process, the authentication unit 110 acquires proof information (of the visitor 210) corresponding to the first ID 121 in the device 240 from the identification information 132, and the second information in the IC chip 610 in the sticker 600. The contact information (of the resident 310) corresponding to the ID 161 is acquired from the contact registration information 151. Based on the authentication processing result (when the authentication result is OK), information including the certification information (or authentication processing result information) is transmitted to the device (331, 332) of the contact (communication address or the like). . Further, the authentication unit 110 records the processing content at this time in the authentication log 131 as history information.

  In the contact device (for example, the monitor 331 and the mobile phone 332), the content of information received from the certificate authority server 100 (including the proof information of the visitor 210) is displayed on the screen. The resident 310 of the residence 300 confirms the display content of the screen (if the resident 310 was in the residence 300 at the time of contact), for example, before opening the door of the entrance and actually responding to the visitor 210. The feature of 210 can be grasped.

  Further, the authentication unit 110 may make a predetermined response to the device 240 that requested authentication. For example, information indicating that the certification information has been communicated to the resident 310 may be transmitted to the device 240 as a response. On the device 240 side, when there is response information from the certificate authority server 100, the information is displayed on the screen, and the visitor 210 confirms the display content, thereby obtaining the proof information of the visitor 210 as the resident 310. Recognize the status of contact.

  When the resident 310 is absent at the time of the contact, the visitor 210 recognizes that the resident 310 is absent. In this case, as will be described later, “absence notification” can be made to the resident 310 from the visitor 210.

  Further, communication from the certificate authority server 100 to the contact destination device is made to one or more communication addresses (for example, an e-mail address, an IP address, etc.) in devices such as the monitor 331 and the mobile phone 332. In particular, it is possible to contact a plurality of addresses. Moreover, the format of the contact information can be e-mail or a web page, for example, according to the contact destination device. For example, in the case of using a web page, the certification information may be acquired by accessing the web page provided by the certificate authority server 100 from a contact device. The address of the contact can be freely registered and changed by the resident 310. An example of contact registration processing will be described later.

  By contacting not only the monitor 331 in the residence 300 but also the mobile phone 332 owned by the resident 310 as a contact address, the resident 310 is away from the residence 300 due to going out when receiving the contact. Even if you are at home or cannot move to the location of the monitor 331, you can use the mobile phone 332 that you have to know what the visitor 210 has visited and the identity of the visitor 210. Can do.

[Process flow]
2 and 3 are diagrams showing an example of the flow of visitor identification processing in the identification system according to the present embodiment. FIG. 2 particularly shows the outline of the entire process and the proof information generation process, and FIG. 3 particularly shows the authentication process in the certificate authority server 100.

  (1) First, the certificate using company 200, which is the company to which the employee (visitor 210) who visits the residence 300 with the certificate 240 belongs, works with the certificate authority (the certificate authority server 100). Request to generate certification information about the employee. At this time, the certificate using company 200 sends information about the company and information about one or more employees for which certification information is generated as company information 220 to the certificate authority (the certificate authority server 100). Note that the certificate using company 200 may include not only general companies but also public institutions and organizations such as police and local public organizations. The company information 220 may be sent electronically via the network 400 or the like, or may be sent by paper or recording medium.

  (2) The certificate authority (the certificate authority server 100) that has received the company information 220 confirms the legitimacy of the company information 220 and imports it into the certificate authority server 100. Further, based on the company information 220, the proof information generation unit 120 generates proof information for proof that the employee is a person belonging to the certificate using company 200 for each employee. 132.

  At this time, a first ID 121 that is identification information for specifying the target certification information is generated, recorded in the identification information 132 in association with the target certification information, and issued to the certificate using company 200. As described above, the certificate using company 200 records the certificate and the certificate by recording the first ID 121 sent from the certificate authority server 100 in an IC chip such as a mobile phone compatible with FeliCa or mobile FeliCa. The device 240 is as follows.

  In the above example, the certificate authority server 100 issues the first ID 121, and the certificate using company 200 records this in the IC chip of the mobile phone as the device 240. The procedure for issuing is not limited to this. For example, a state in which the first ID 121 is recorded in an IC chip such as an employee card (card) or a mobile phone that is newly procured on the certificate authority side or delivered from the certificate using company 200 and is used as the device 240 Thus, it may be issued (sent, etc.) to the certificate using company 200.

  At this time, the process of generating certification information or the like in the certification information generation unit 120 or the process of recording the first ID 121 in a mobile phone or the like and issuing it as a device 240 as a certificate is not a certificate authority. Other companies or organizations may perform on behalf. In this case, the function of the certification information generation unit 120 in the certificate authority server 100 is not owned by the certificate authority server 100 but is owned by these companies or organizations, and the certificate authority server 100 uses the certification information generated by these companies or organizations. May be obtained and held as identification information 132.

  Also, the certificate utilizing company 200 can update the attribute information (for example, information such as the employee's name) related to the issued certification information. For example, the attribute information can be updated by accessing a Web site or the like by the certificate authority server 100 via a network 400 from a company PC or the like.

  (3) When the employee of the certificate using company 200 visits the residence 300 for business, he / she visits with the device 240 as a certificate in which the first ID 121 for identifying his / her certification information is recorded. To do. A sticker 600 is installed at the entrance of the residence 300 of a resident 310 who is a general user who uses this system (service) as a visited site. The employee (visitor 210) presents his / her device 240 to the sticker 600 (operation such as holding it), and is recorded in the IC chip 610 in the sticker 600 by the reader function 250 of the device 240. The second ID 161 is read.

  The device 240 that has read the second ID 161 on the sticker 600 side sends information including both the second ID 161 and the first ID 121 recorded on the device 240 side via the network 400 to the certificate authority server. An authentication request is made by transmitting to 100 authentication units 110. Note that secure communication is performed between the device 240 and the certificate authority server 100 on the network 400.

  (4) Upon receiving the authentication request, the authentication unit 110 of the certificate authority server 100 collates the received information (FIG. 3, received information 801 (801 ′)) with the database information (132, 151), and performs authentication processing. Do. That is, the authentication unit 110 acquires proof information corresponding to the first ID 121 (FIG. 3, identification information (X) 701 of the visitor 210) from the proof information 132, and also corresponds to the second ID 161. Contact information (FIG. 3, contact information (Y) 702 of the resident 310) is acquired from the contact registration information 151. In this authentication process, when it is confirmed that each information can be normally acquired and that it is not unauthorized access, the authentication result is OK. In this case, the authentication unit 110 receives the acquired contact (Y). Information (FIG. 3, transmission information 802 (802 ′)) including the acquired certification information is transmitted to the address (device).

  In this example, as shown in FIGS. 2 and 3, the first contact (Y1) is registered (set) as the monitor 331 (its address) and the second contact (Y2) is registered as the mobile phone 332 (its address). )is doing. The information (802 ') is transmitted from the certificate authority server 100 to the monitor 331 that is the first contact and the mobile phone 332 that is the second contact. At this time, the authentication unit 110 records a series of processing contents in the authentication log 131.

  Note that the content of the transmission information (802 ′) from the certificate authority server 100 to the contact device may be the identification information of the visitor 210 itself, or the authentication processing result (for example, identification information of the visitor 210 in the identification information 132). Information indicating that the information has been correctly registered and the identity has been confirmed) may be used.

  (5) The device (331, 332) of the resident 310 that has received the information (802 ') from the authentication unit 110 of the certificate authority server 100 displays the content of the acquired information on a screen, for example. For example, the monitor 331 may automatically display the information, and may notify the resident 310 (310A) by various means such as sound output or lighting (5-1). Further, for example, the mobile phone 332 may receive the information in the form of e-mail or the like, and display the content on the screen by a browsing operation by the resident 310 (310B) (5-2).

  The display content is, for example, “visit contact: XX delivery XX (detailed content> URL)” (other date information, etc.). That is, it is notified that the visitor 210 is currently visiting. Further, for example, the user (resident 310) can display and confirm information such as the contents of more detailed identification information by selecting and operating a URL (link) in the displayed contents. . This detailed information is not limited to the details of the identification information, but may be, for example, information on the business of the visitor 210, for example, information such as the contents of a delivery product in the case of a courier. However, in this case, cooperation between the system of the certificate authority server 100 and the business system of the certificate using company 200 is necessary.

  Thereby, the resident 310 can grasp the feature of the visitor 210 by looking at the display content of the screen of the device (331, 332). For example, it can be seen that the visitor 310 is an employee of a delivery company or an employee whose identity has been confirmed by a certificate authority.

  As described above, the first ID 121 recorded in the device 240 identifies certification information whose reliability is guaranteed by a highly public third party called a certificate authority (the certificate authority server 100). Therefore, by using this information to prove the identity of the visitor 210, the resident 310 can complete the work such as prior registration at a minimum while the proof information is included in the identification information 132 of the certification authority server 100. The identity of an unspecified visitor 210 can be ascertained (within the range of recorded employees, etc.).

  It supplements about the said process example using FIG. Information including the first ID 121 and the second ID 161, which is transmission information from the device 240 to the certificate authority server 100, that is, reception information 801 (801 ′) for the certificate authority server 100, is a predetermined encryption process or the like. Security is ensured by exchanging information that has undergone the above calculation. The same applies to information including identification information (Y) 701 of the visitor 210, which is transmission information 802 (802 ') from the certificate authority server 100 to the contact devices (331, 332).

  In the certificate authority server 100, in the database, in the identification information 132, the identification information (X) of the visitor 210 and the first ID 121 are associated and managed, and in the contact registration information 151, the residence information is stored. The contact information (Y) of the person 310 and the second ID 161 are associated and managed. Therefore, in the authentication process by the authentication unit 110, by referring to the identification information 132 from the first ID 121 based on the reception information 801 from the device 240 (for example, information obtained by calculating the reception information 801 ′), The identification information (X) 701 of the corresponding visitor 210 can be acquired, and the contact information of the corresponding resident 310 (by referring to the contact registration information 151 from the second ID 161) Y) 702 can be acquired. Then, the authentication unit 110 can configure and transmit transmission information 802 ′ including identification information (X) 701 to the address of the acquired contact information (Y) 702.

  The database (132, 151) of the identification information (X) and contact information (Y) is securely managed by the certificate authority server 100. If both the first ID 121 and the second ID 161 are not prepared, the authentication result is not OK and the service cannot be used. Further, since the first ID 121 and the second ID 161 have no meaning in their own numerical values, there is no problem even if they are stolen by a malicious person. For example, even if the sticker 600 pasted at the front door is stolen by a malicious person and the information recorded therein is read, the personal information of the user is not included in the sticker 600. So no problem. In that case, if necessary, the resident 310 or the like can contact and request the certificate authority server 100 to stop the use of the corresponding information, etc., so that the sticker 600 (second ID 161) can be abused. It can also be completely prevented. The sticker 600 can be reissued easily.

[Contact Registration]
FIG. 4 is a diagram showing an example of processing related to the work (contact address registration etc.) for use / introduction of this service by the user (resident 310). As a work, the resident 310 basically acquires the sticker 600 and pastes it on the front door, etc., and sends one or more contact information (for example, an e-mail address) to the certificate authority server 100. The system (service) can be used only by registering.

  (1) The user acquires the sticker 600 at a store or the like. This is due to distribution or purchase, for example. For example, a license 620 (an instruction manual or the like) is attached to the sticker 600. A unique second ID 161 is recorded in the IC chip 610 of the sticker 600.

  (2) Further, for example, a QR code or the like is attached to the license 620, and the user accesses the contact registration unit 150 of the certificate authority server 100 by reading the QR code or the like with his / her mobile phone 332 or the like. Can do. The contact registration unit 150 of the certificate authority server 100 provides a user with a function of registering contact information (Y) in the form of a Web site, for example. This server (site) may be a server different from the certificate authority server 100.

  (3) When accessing the server (site), the user can register, change, delete, etc. information such as one or more e-mail addresses corresponding to the contact information (Y). For example, the address is entered in a form of a predetermined Web page. The contact registration unit 150 stores the contact information (Y) registered thereby and the second ID 161 for each sticker 600 in the contact registration information 151 of the database in association with each other. It should be noted that the second ID 161 for each corresponding sticker 600 can be found by accessing the license 620 from the QR code or the like. The second ID 161 for each sticker 600 is known (that is, the second ID 161 can be associated with the contact (Y)) is limited to the contact registration unit 150 (the certificate authority server 100). At the time of this registration, registration of information such as address and name by the user is not necessary (the information may be registered for use of other services as an option). Basically, the registration procedure can be performed only by a communication function, a Web browser function, or the like provided in advance in a device such as the mobile phone 332.

  (4) Further, optionally, after the contact information is registered, the user may download and register (install or set the use of the application program) for the resident only to the mobile phone 332. In this case, the dedicated application is used to provide a graphical user interface related to the basic functions and services of this system (contacting the visitor's identification information, registering contact information, etc.). Further, other predetermined services may be optionally available using the dedicated application.

  (5) The user pastes the acquired sticker 600 on the entrance of the residence 300 or the like. As a result, the system (service) can be used.

  The purchase of the sticker 600 and the registration of the information can be performed not only from the mobile phone 332 and the PC but also from a store installation terminal or the like via a network. In addition, for example, when purchasing through online mail order, by registering the above information at the timing of purchase, the user can immediately use the service by pasting the postal sticker 600 on the entrance. Become.

[Notice when out of office]
The following is a case where a visitor 210 contacts and contacts when the resident (user) 310 is absent from the residence 300 or the like.

  First, the transmission of information from the certificate authority server 100 to the contact device (331, 332) of the resident 310 is an immediate information notification triggered by the visitor 210's visit operation (presentation of the device 240) ( "Visit contact") is the basic. For example, when the above-mentioned two contacts (the monitor 331 and the mobile phone 332) are registered, the information (visit contact) is transmitted to the two contacts immediately and simultaneously with the occurrence of the visit. At that time, when the resident 310 is in the residence 300 (310A), it can be seen that the user is visiting by looking at the monitor 331 or the like. Also, if you are out of the office (310B), if you look at your mobile phone 332, you can see that you are visiting, or if time has passed, you have visited in the past. .

  In addition, for example, not only the communication for each visit but also the history information (authentication log 131) regarding a plurality of visits on the time axis may be used to notify the information. Information may be viewable. The resident 310, for example, sees the history information on the monitor 331 or the mobile phone 332, so that the visitor 210 visited at a certain date and time (past), and detailed information including identification information at that time, etc. Can be confirmed. The history information does not necessarily have to be held in the certificate authority server 100 as the authentication log 131, and may be configured to be held in the device (331, 332) or the like on the residence 300 side. Further, in this case, the resident 310 can select whether the history information is held in the certificate authority server 100 or the residence 300, or whether or not the history information reference function (service) is used. You may do it.

  In addition, it is possible to notify information at a later time rather than immediately when a visit occurs. For example, the timing of information transmission to a plurality of contacts may be different. For example, the first contact (monitor 331) may be an immediate contact at the time of a visit, and the second contact (cell phone 332) may be a contact later in time (ie, in the settings). Have a contact type). Moreover, you may change the content of each contact information according to them.

  In addition, as described above, it is also possible to notify the visitor 210 that he / she is consciously absent (that he / she visits but is not present, so he / she returns without answering) (“absence notification”). In this case, a specific contact (for example, the mobile phone 332) may be used as the contact for this absence contact. The following are examples of absence reports. For example, when the resident (user) 310 goes out, a visit to the residence 300 by the visitor 210 (presentation of the device 240) occurs, and according to this, first, the current visit is made via the certificate authority server 100. Visiting communication (transmission information) that conveys the fact is immediately transmitted to a device (for example, the monitor 331 (and also the mobile phone 332)) of a predetermined contact address. At this time, if the visitor 210 is not answered due to the absence of the resident 310, the visitor 210 can make an absence notification in order to notify the absence state. This can be realized as follows, for example. A visitor 310 inputs “absence notification” by selecting an item on the screen of the device 240 (mobile phone) or the like (using the above-described application program dedicated to the visitor). As a result, the information is transmitted to the certificate authority server 100 via the network 400 (the process may be performed simultaneously with the information transmission process based on the presentation of the device 240 to the sticker 600, or may be performed before or after the process). Then, from the certificate authority server 100 that has received the information, the absence notification information is transmitted to a predetermined contact (for example, the mobile phone 332). Thereby, the user can recognize that he / she did not respond to the visit of the visitor 201.

  Note that when the device 240 is a simple device that does not have a screen, an application program, or the like, a function (such as absence notification) by the selection operation by the visitor 210 cannot be realized, but in this case, the device 240 is presented to the sticker 600. Will uniquely communicate “visit contact” and the like.

[Data structure]
FIG. 5 is a diagram showing an example of the data configuration of the identification information 132 in the identification system according to the present embodiment. FIG. 5A shows an example of the data configuration of a company table for holding information about the certificate using company 200 in the identification information 132. FIG. 5B shows an example of the data structure of an employee table for holding certification information for each employee of the certificate using company 200 in the identification information 132. Values of these tables are set by the certification information generation unit 120 based on the contents of the company information 220 sent in the request for generation of certification information from the certificate using company 200 in FIG.

  In the company table of FIG. 5A, a record is recorded for each certificate-using company 200. For example, the company ID, company name, key information, telephone number, e-mail address, homepage URL (Uniform Resource Locator), etc. Have items. The items of the company ID and the company name are information for specifying the certificate using company 200, and each ID uniquely identifying the certificate using company 200 allocated by the certification information generation unit 120, and the certificate using company 200. Holds the name information.

  The key information item holds key information for confirming / certifying that the device 240 serving as the target certificate is a genuine certificate issued by the certificate authority (the certificate authority server 100). This key information is, for example, data of a predetermined length generated by the proof information generation unit 120 from data unique to the certificate using company 200 in the company table by a predetermined method. In this embodiment, the data is stored in the company table as data unique to the certificate using company 200. However, even if the data is stored in the employee table in FIG. Good.

  This key information is stored in the company table and is also recorded in the device 240 issued to employees of the target certificate using company 200. For example, in the processing flow shown in FIG. 2, the reader function 250 or the security function of the device 240 also uses this key information in addition to the second ID 161 read from the sticker 600 and the first ID 121 read from its own IC chip. Used for reading and authentication requests. For example, an operation result obtained by adding a predetermined operation that cannot be recognized from the outside to the read key information, together with each identification information (first ID 121 and second ID 161), the certificate authority server To 100.

  On the other hand, in the certificate authority server 100, the authentication unit 110 acquires the corresponding key information from the company table in FIG. 5A, and adds the same predetermined calculation as the calculation performed by the device 240 to the acquired key information. The calculation result is compared with the calculation result information transmitted from the device 240. Only when this comparison matches, the device 240 that is the certificate used is authentic (having the same key information as the certificate authority), and verification of the identification information (121, 161), Other data of the identification information 132 can be acquired.

  As a result, it is possible to reject identification by a person other than the person who has the device 240 as a regular certificate, and a value corresponding to the first ID 121 (for example, an employee number is not particularly confidential information). It is possible to prevent the data held in the identification information 132 from being referred to from unnecessary access or impersonation by a third party who knows only. In addition, as a technique for identifying the device 240 used as a certificate using the key information and protecting the data held in the identification information 132, the technique as described above is used. The method is not limited to this, and other methods may be used.

  The telephone number, e-mail address, and homepage URL items in the company table each hold information on the access destination from the outside for the certificate-using company 200. Even if the certificate authority (certificate authority server 100) proves that the visitor 210 possessing the device 240 is an employee of the target certificate using company 200, the resident 310 is the target certificate using company. There may be cases where nothing is known about the 200 itself. Therefore, the resident 310 retains such information so that the information regarding the target certificate using company 200 can be accessed, and obtains this information upon identification (contact) to the resident 310. May be presented.

  In addition to the information on the access destinations, as items indicating the outline of the certificate utilizing company 200 itself, for example, general disclosure items such as location, industry, business content, number of employees, capital, etc. Such information may be acquired and presented to the resident 310 at the time of certification (contact).

  In the employee table of FIG. 5B, a record holding certification information is recorded for each employee of the certificate using company 200. For example, the first ID (121), the company ID, the department name, It has items such as employee number, name, telephone number, e-mail address, and image. The item of the first ID (121) is information for identifying the target employee (and its certification information), and in this embodiment, the employee assigned by the certification information generation unit 120 of the certificate authority server 100. ID information for uniquely identifying the ID is stored.

  The “affiliation company ID” item holds information on the company ID of the certificate using company 200 to which the target employee belongs. This item is associated with the information of the certificate using company 200 recorded in the company table of FIG. The items of department name and employee number respectively hold the name of the department to which the subject employee belongs and the information of the employee number. The name item holds information on the name of the target employee.

  The telephone number and e-mail address items each hold information on the access destination from the outside for the target employee. The image item holds information on an image such as a face photograph of the target employee. For example, by acquiring image information about the visitor 210 from the employee table and presenting it to the resident 310 during identification (contact), the resident 310 is authenticated by the visitor 210 at the front door. It can be determined from the appearance whether or not the employee has been authenticated by the station (the certificate authority server 100).

  Here, as the first ID 121 for identifying the employee certification information recorded on the IC chip or the like in the device 240 as the certificate, for example, the affiliation among the items in the employee table of FIG. Items unique to the target employee, such as company ID + employee number, can be used as the first ID 121 as they are, and the proof information generation unit 120 assigns the first ID 121 based on these items. It can also be used. Further, as described above, the information recorded in the identification information 132 made up of each table shown in FIG. 5 is business information for proving that the visitor 210 is an employee of the certificate using company 200. It does not include information relating to the privacy of the visitor 210 (employee). Therefore, for example, even if an employee loses or is stolen the device 240, information related to the employee's privacy does not leak and the employee can use it without any sense of resistance. Can do. In such a case, a countermeasure such as disabling the record of the employee in the employee table of FIG. 5B may be performed.

  Specifically, for example, the device 240 is disabled (temporarily) by deleting a record in the employee table specified by the first ID 121 recorded in the lost device 240. Alternatively, an item for holding the status of the device 240 is added to the employee table so that statuses such as “lost” and “theft” can be held. In this case, the certificate authority server 100 responds to the authentication request from the device 240 when the presented device 240 is in a “lost” or “stolen” state and cannot be used. Alternatively, the information may be displayed on the contact device (331, 332) to notify the resident 310.

  In addition, as a measure for measures such as when the device 240 is lost or stolen, for example, the device 240 sets information (for example, a personal identification number) that only the person (visitor 210) holding the device 240 knows. It is also possible to provide a function (lock function) that makes it possible to use the device 240 (function such as identification) only after inputting information. Thereby, the use by others can be prevented.

  FIG. 6 is a diagram showing an example of the data configuration of the authentication log 131 in the identification system according to the present embodiment. In the authentication log 131, the processing content is recorded as a history (log) for each authentication processing by the authentication unit 110, and includes items such as SeqID, date / time, identification information, access source, and processing result. The SeqID item holds information on a sequence number uniquely assigned by the authentication unit 110 for each log record.

  The date / time item holds information on the date / time when the target log was recorded. The identification information item holds the information of the first ID 121 and the second ID 161 received by the authentication unit 110 when performing the authentication process related to the target log. The access source item holds information related to the device 240 that has performed the authentication process related to the target log. This item can hold, for example, the IP address of the device 240 that is the transmission source of the authentication request. The processing result item holds information on the success or failure of the authentication processing related to the target log.

  As described above, by referring to the history information recorded in the authentication log 131 with, for example, the contact device (331, 332), the user can grasp the history of the visitor 210 who has visited in the past. it can. Further, for example, the certificate authority server 100 is accessed by a Web browser or the like of a contact device (such as a mobile phone 332), and the database of the authentication log 131 can be accessed via the above-mentioned application program dedicated to residents, The history information may be sent to the device by e-mail. Further, for the certificate utilizing company 200, for example, it can be used as a visit log or a delivery record (including a function as a substitute for a receipt confirmation) of an employee (visitor 210). It can also be used to manage delivery routes.

  As described above, the history information of the visitor 210 does not necessarily need to be stored as the authentication log 131 in the certificate authority server 100, and is configured to be stored in the device (331, 332) on the residence 300 side. Is also possible. In this case, access source information is not required.

  FIG. 7 is a diagram showing an example of the data structure of the contact registration information 151 in the identification system according to the present embodiment. As a table of the contact registration information 151, the second ID 161, one or more contact addresses, for example, the first contact address (the communication address of the monitor 331) and the second contact address (the mobile phone 332). Communication address) and other service information. The second ID 161 is a unique ID for each sticker 600 or the like. The contact address is the IP address of the device. The other service information is an option, for example, association information (for example, URL information of the service) when using an optional service other than the basic service of the system.

[Effects]
As described above, according to the identification system that is an embodiment of the present invention, the visitor 210 (employee) specifies the certification information held in the identification information 132 of the certificate authority server 100. The device 240 that is the certificate recording the first ID 121 is presented on the sticker 600 of the visited residence 300. The reader function 250 of the device 240 transmits information including the second ID 161 read from the sticker 600 and the first ID 121 of the device 240 to the certificate authority server 100. Then, the certificate authority server 100 acquires the corresponding certification information based on the received information (121, 161), and transmits and displays it on the contact devices (331, 332). As a result, the resident 310 minimizes prior registration and the like, and before actually dealing with an unspecified visitor 210, the company (certificate) to which the visitor 210 belongs. It is possible to grasp the identity by referring to the authenticated information about the user company 200), and the security can be greatly improved.

  The visitor 210 can prove his / her identity to the resident 310 without disclosing information related to his / her privacy, and can prove that he / she is not a suspicious person. The efficiency concerning can be improved.

  In particular, identification system functions and services in this system (identification for visitors, confirmation of visitor's identity for residents, and communication of visitor information when absent, etc.) The work load and equipment introduction cost in both sides can be reduced.

  In particular, the resident 310 can use services such as checking the identity of a visitor and contacting visitor information when he / she is absent, simply by sticking a sticker 600 at the entrance and registering contact information such as an e-mail address. . Further, the sticker 600 is independent of other devices such as a door phone device, and the resident 310 does not need to newly install a dedicated TV door phone device or the like in the residence 300 when it is desired to reduce the equipment introduction cost. In addition, the resident 310 and the visitor 210 can easily use this service by using an existing device such as a mobile phone. In addition, the resident 310 may install the dedicated TV door phone device or the like when convenience is given priority over the facility introduction cost. In that case, the door phone device and the sticker 600 cooperate to display an outdoor image (image taken by the camera of the outdoor unit) on the monitor display unit (screen) of the indoor unit of the door phone device and the monitor 331 described above. It is good also as a structure which displays the identification information etc. of the visitor 210 etc. which were received similarly to the function of these. For example, on the screen of the indoor unit of the door phone device, an outdoor image is displayed at the top, and the visitor's identification information is displayed at the bottom.

  Further, even if the sticker 600 (information in the sticker 600) is stolen, there is no problem because it does not lead to the privacy of the resident 310 or the like. In addition, the registration information of the certificate authority server 100 is considered so as not to lead to the privacy of the resident 310 and the like, and security is ensured. Accordingly, the resident 310 and the like can easily introduce this service.

  As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the present invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Needless to say.

  For example, using the fact that the identification information recorded in the device 240 as a certificate identifies certification information that has been authenticated by a highly public third party such as a certificate authority (certificate authority server 100). The device 240 can be used not only as an identification means for ordinary households but also as an authentication means in an in-house system or a system that cooperates between companies.

  Further, since the identification information 132 held in the certificate authority server 100 holds information equivalent to a business card used for business by the employee, the information of the identification information 132 is used as an electronic business card. It can also be used.

  Further, for example, the reception management system can be realized by being applied not only to the residence 300 of the resident 310 such as a general user but also to the reception of a company (building, floor, etc.). By installing the sticker 600 at the reception, it is possible to reduce the time and effort for the visitor to hand-write the identification information every time the visit is made.

  Further, for example, the certificate utilization company 200 that manages the visitor can manage the flow of the visitor by using the information in the authentication log 131 of the certificate authority (for example, in the case of a delivery company) You can manage the flow of the deliverer to make your work more efficient).

  INDUSTRIAL APPLICABILITY The present invention can be used for an identification system that verifies the identity of a visitor or the like at a front door of a general household, a certificate authority server that issues a certificate, and an identification method.

DESCRIPTION OF SYMBOLS 100 ... Certification authority server, 110 ... Authentication part, 120 ... Proof information production | generation part, 121 ... 1st ID (identification information), 131 ... Authentication log, 132 ... Identification information,
150 ... contact registration part, 151 ... contact registration information,
161 ... second ID (identification information),
200 ... Certificate using company, 210 ... Visitor, 220 ... Company information, 240 ... Certificate device (mobile phone), 250 ... Reader function,
300 ... Residence, 310, 310A, 310B ... Resident, 331 ... Monitor, 332 ... Mobile phone,
400 ... Network,
600 ... sticker, 610 ... IC chip, 620 ... license,
701 ... identification information (X), 702 ... contact information (Y),
801, 801 '... reception information, 802, 802' ... transmission information.

Claims (14)

Based on company information obtained from a company and including information on employees belonging to the company, certification information for certifying that the employee belongs to the company, and first information for identifying the certification information A certificate authority server that generates identification information and holds the identification information in an identification information database, and issues the first identification information to the company;
The employee has a recording medium in which the first identification information specifying the certification information corresponding to the employee is recorded and connected to the certificate authority server via a network A device that serves as the certificate of the employee,
A medium installed in the user's residence and on which the second identification information is recorded,
The certificate authority server registers contact information about the user, stores the contact information and the second identification information in association with each other in a contact registration information database,
The device serving as the certificate includes a reader function for reading the second identification information of the medium,
When the device that serves as the certificate is presented to the medium when the employee visits the user's residence as a visitor, the device that serves as the certificate is configured such that the reader function allows the device to serve as the certificate. The first identification information including the read second identification information and the first identification information recorded in the device is transmitted to the certificate authority server;
The certificate authority server acquires the certification information specified by the first identification information based on the first information, and obtains the contact information specified by the second identification information. Obtaining and sending second information including the obtained certification information to the contact;
The identification system, wherein the device as the contact address outputs information including the proof information based on the second information. In the identification system according to claim 1,
An identification system characterized in that the device serving as the certificate is a mobile phone. In the identification system according to claim 1,
The identification system according to claim 1, wherein the medium is a sticker having an IC chip in which the second identification information is recorded. In the identification system according to claim 1,
The identification device according to claim 1, wherein the contact device is a monitor device installed in the residence, and the contact information is a communication address of the monitor device. In the identification system according to claim 1,
The identification system according to claim 1, wherein the contact device is a mobile phone possessed by the user, and the contact information is a communication address of the mobile phone. In the identification system according to claim 1,
The identification information system according to claim 2, wherein the second information is information for displaying the proof information about the visitor on a screen of a device as the contact address. In the identification system according to claim 6,
The identification information system characterized in that the second information includes business information by the visitor or a link to the business information. In the identification system according to claim 1,
The certificate authority server records processing contents when transmitting the second information to the contact address based on the first information from the device as history information in an authentication log database. Identification system. In the identification system according to claim 8,
The said certification | authentication authority server transmits the historical information regarding one or more visits to the said contact information as said 2nd information using the said historical information, The identification system characterized by the above-mentioned. In the identification system according to claim 1,
The certificate authority server registers a plurality of the contact information based on the operation by the user,
When the certificate information server receives the first information from the device, the certificate authority server transmits the second information to the plurality of contacts immediately and simultaneously. In the identification system according to claim 1,
The device serving as the certificate is a mobile phone, and includes a screen and a visitor-dedicated application program. When the employee visits the user's residence as a visitor, the device is attached to the medium. Provides a graphical user interface for presentation,
The device serving as the certificate has a function of transmitting out-of-office information regarding the first information to the certificate authority server according to an operation by the visitor,
The certificate authority server is configured to transmit absence contact information related to the second information to the contact based on the absence contact information related to the first information. In the identification system according to claim 1,
An identification system characterized in that the device serving as the certificate includes a lock function that enables the device to be used by inputting setting information by an employee holding the device. Based on company information obtained from a company and including information on employees belonging to the company, certification information for certifying that the employee belongs to the company, and first information for identifying the certification information A certificate authority server having a certification information generation unit that generates identification information and holds it in an identification information database, and issues the first identification information to the company,
The certificate authority server has a contact registration unit that registers contact information about the user and stores the contact information and the second identification information in a contact registration information database in association with each other. ,
The certificate authority server is
An apparatus that is a certificate possessed by the employee and having a recording medium on which the first identification information for specifying the certification information corresponding to the employee is recorded and connected to the certificate authority server via a network However, the first information including the second identification information read by the reader function from the medium installed in the user's residence and recorded with the second identification information, and the first identification information, Processing received via the network;
The certification information specified by the first identification information is acquired based on the first information, and the contact information specified by the second identification information is acquired, and the acquired certification is acquired. Processing to send second information including information to the contact;
A certificate authority server comprising: an authentication unit that performs a process of recording the processing content as history information in an authentication log database. An identification method for verifying the identity of an employee of a company that is a visitor at a destination,
The certificate authority server obtains certification information for proving that the employee belongs to the company based on company information obtained from the company and including information on the employee belonging to the company, and the certification information. Generating first identification information to be identified and holding it in the identification information database, issuing the first identification information to the company,
When the employee visits the user's residence as a visitor, the employee has a recording medium on which the first identification information that is possessed by the employee and identifies the certification information corresponding to the employee is recorded. The second identification information that is read by a reader function from a medium that is installed in the user's residence and on which the second identification information is recorded, which is a certificate connected to the certificate authority server via a network And transmitting the first information including the first identification information to the certification authority server via the network,
The certificate authority server acquires the certification information specified by the first identification information based on the first information, and obtains the contact information specified by the second identification information. Obtaining and sending second information including the obtained certification information to the contact;
The identification device, wherein the contact device outputs information including the proof information based on the second information.