JP2012073963A - Electronic input system and electronic input method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an electronic input system with which only an authenticated person can perform input and an operation for the input, and to provide an electronic input method.SOLUTION: An electronic input system includes: an iris reading unit for reading iris information of a user who is a person to perform input; a display unit with a shielding unit for displaying an information input screen; an information input unit where the user inputs information using the information input screen; an input control unit for transmitting the input information and the read iris information to an electronic input management device; a user information storage unit where the iris information of a predetermined user is registered; an iris authentication unit for using the iris information registered in the user information storage unit and the iris information read by the iris reading unit to perform iris authentication and determining whether an iris authentication result can be accepted or not; and a communication control unit for outputting the input information to an external output unit when the iris authentication result can be accepted. When the iris authentication result can be accepted, the display unit displays an object information input screen.

Description

  Embodiments described herein relate generally to an electronic input system and an electronic input method.

  Conventionally, in an electronic input technology for performing input from a remote location using a communication network, an electronic computer terminal is connected to the communication network, and a user ID and a password are used to log in (connect operation) to a device that manages electronic input. There is a technique for performing electronic input by selecting information displayed on a screen of a computer terminal and executing transmission. However, the technology for performing electronic input from a remote location using such a communication network has the following problems.

  First, when inputting electronically at home, at work, or in public places that are open to the public, it is possible for anyone other than the input person to see the keyboard used for input and the screen that displays the input data. Can also know the input contents. This is a problem when inputting highly confidential information.

  Also, if the user ID and password are known, the input can be made by anyone other than the user. This is a problem because it is possible to perform spoofing.

  On the other hand, falsification and information leakage are prevented by performing data encryption or the like in communication between the computer terminal and the device that manages the electronic input. For example, when an electronic application is performed using a communication network in an electronic application service provided by a national or local government, authentication using a public ID card and an encryption method for attaching an electronic signature to the application content are used.

  Further, there is a technique for authenticating a user by iris authentication and displaying an image only to the authenticated user by using a display unit that displays an image by eyeball projection on a personal authentication device and an iris authentication device. With this technique, it is difficult for a person other than the user to look into the image displayed on the display unit.

JP-A-6-149155

  The problem to be solved by the present invention is to realize an electronic input system and an electronic input method that enable only an authorized person to perform an input operation and input.

  An electronic input system according to an embodiment of the present invention includes an electronic input terminal connected via a communication network and an electronic input management device, and the electronic input terminal includes an iris reading unit that reads iris information of a user who is an input person, A display unit that includes a shielding unit and displays an information input screen; an information input unit through which information is input by the user using the information input screen; and the input information and the read iris information. An input control unit for transmitting to the electronic input management device, the electronic input management device comprising: a user information storage unit in which iris information of a predetermined user is registered; and iris information registered in the user information storage unit; When iris authentication is performed using the iris information read by the iris reading unit, and the iris authentication unit for determining whether the iris authentication result is acceptable or not, and the iris authentication result is acceptable, And a communication control unit for outputting a serial inputted information to the external output unit, the iris authentication result if it is passed, the display unit displays the information input screen object.

1 is a system configuration diagram showing an example of an electronic input system according to a first embodiment. 1 is an external view of an electronic input terminal 2 according to a first embodiment. The figure which shows an example of the user information table which concerns on 1st Embodiment. 1 is a system configuration diagram showing an example of an electronic input system according to a first embodiment. The figure which shows an example of the voter information management table which concerns on 1st Embodiment. The flowchart which shows an example of the voting process of the electronic input system which concerns on 1st Embodiment. The flowchart which shows an example of the voting process of the electronic input system which concerns on 1st Embodiment. 6 is a flowchart illustrating an example of voting processing in the electronic input system according to the first embodiment. The figure which shows an example of the user ID which concerns on 1st Embodiment. The figure which shows an example of the login screen which concerns on 1st Embodiment. The figure which shows an example of the candidate selection screen which concerns on 1st Embodiment. The figure which shows an example of the vote confirmation screen which concerns on 1st Embodiment. The figure which shows an example of the voting completion notification screen which concerns on 1st Embodiment. The system block diagram which shows an example of the electronic input system which concerns on 2nd Embodiment. The flowchart which shows an example of the voting process of the electronic input system in 2nd Embodiment. The flowchart which shows an example of the voting process of the electronic input system in 2nd Embodiment. 9 is a flowchart illustrating a procedure of fixed-cycle interrupt processing in the second embodiment.

(First embodiment)
A first embodiment will be described with reference to FIGS.

  FIG. 1 is a system configuration diagram showing an example of an electronic input system 100 according to the first embodiment of the present invention. The electronic input system 100 is realized by, for example, a computer reading a program recorded on a recording medium such as a magnetic disk.

  As shown in FIG. 1, an electronic input system 100 according to the present embodiment is configured by connecting an electronic input terminal 2, an electronic input control device 3, and an external output device via a communication network 5. That is, the electronic input terminal 2 is connected to the communication network 5 via the network communication path 4, the electronic input control device 3 via the network communication path 6, and the external output device via the network communication path 15.

  The external output device is, for example, an HDD that is a storage device, a liquid crystal display that is a display device, or an input content totaling device. Further, in FIG. 1, for simplicity of explanation, the electronic input terminal 2 and the electronic input control device 3 constituting the electronic input system 100 are each one, but a plurality of electronic input terminals 2 may be configured. Similarly, a plurality of external output devices connected to the electronic input system 100 may be used.

  The electronic input terminal 2 includes an iris reading unit 21, a communication control unit 22 (first communication control unit), an input control unit 23, a display unit 24, and an information input unit 27. The information input unit 27 includes an eye image reading unit 25 and a line-of-sight detection unit 26.

  The iris reading unit 21 is connected to the communication control unit 22 and the input control unit 23, and reads the iris information of the user based on the iris information reading request transmitted from the input control unit 23.

  The communication control unit 22 is connected to the network communication path 4, the iris reading unit 21, and the input control unit 23. The communication control unit 22 controls transmission / reception of information with the electronic input control device 3 via the network communication path 4, the communication network 5, and the network communication path 6.

  The input control unit 23 is connected to the iris reading unit 21, the communication control unit 22, and the information input unit 27. The input control unit 23 includes an iris reading unit 21 and a display unit 24 based on information received from the electronic input control device 3 by the communication control unit 22 via the network communication path 6, the communication network 5, and the network communication path 4. And the information input unit 27 are controlled. That is, the input control unit 23 controls the information input unit 27 based on the data transmitted from the communication control unit 22. Further, the input control unit 23 transmits an iris information reading request to the iris reading unit 21 based on the information input from the information input unit 27. Further, the input control unit 23 transmits the iris information transmitted from the iris information reading unit 21 and the information input from the information input unit 27 to the communication control unit 22.

  The display unit 24 displays data and an information input screen based on the control of the input control unit 23.

  The information input unit 27 is connected to the input control unit 23, and the user performs input using the information input screen by the information input unit 27. For example, the information input unit 27 selects and inputs items displayed on the information input screen displayed on the display unit 34.

  The eye image reading unit 25 reads the user's eyes and creates an image corresponding to the user's eyes (hereinafter referred to as an eye image). The line-of-sight detection unit 26 detects line-of-sight information indicating which direction the user's line of sight is facing from the user's eye image created by the eye image reading unit 25. The line-of-sight detection unit 26 transmits the detected line-of-sight information to the input control unit 23.

  FIG. 2 shows an external view of the electronic input terminal 2 of the present embodiment and an example when the user wears the electronic input terminal 2. The electronic input terminal 2 shown in FIG. 2 is a goggle type that is used by wearing on the face, and has a display unit 24 inside. As shown in FIG. 2, the electronic input terminal 2 includes a shielding part 271 (shaded part in FIG. 2) that shields the display part 24 from the outside, and the display part can be seen only by the user during a user operation. It has become. The electronic input terminal 2 can be a helmet type.

  The electronic input terminal 2 has “tamper resistance” such that the operation becomes impossible when a probe for reading a signal is attached, or the program and data are destroyed when trying to read from the outside. May be configured. Thereby, it is possible to further prevent data falsification and data leakage.

  Next, the electronic input control device 3 will be described with reference to FIG. The electronic input control device 3 includes a user information registration unit 31, a user information storage unit 32, a communication control unit 33 (second communication control unit), an iris authentication unit 34, and an information search / editing unit 35. The electronic input control device 3 is connected to the electronic input terminal 2 via the data communication path 6 and the communication network 5, and to an external output device via the data communication path 15 and the communication network 5.

  The user information registration unit 31 is connected to a user information storage unit 32, and iris information of a predetermined user is registered in the user information storage unit 32 together with user information as iris information of a template. The user information is information relating to the user such as a user ID, and is information used for identifying the user.

  The user information storage unit 32 is connected to the user information registration unit 31 and the information search / editing unit 35, and has a user iris information management table 200 that stores the iris information of the template and the user information in association with each other. In addition, the user information storage unit 32 inputs information for displaying a login screen, which is a user interface used for login, on the display unit 24 of the electronic input terminal 32 (hereinafter referred to as login screen information) or information. Screen information such as information (hereinafter referred to as information input screen information) for displaying an information input screen, which is a user interface, is stored.

  FIG. 3 shows an example of the user iris information management table 200 stored in the user information storage unit 32. As shown in FIG. 3, the user iris information management table 200 includes items of “user ID” 201 and “name” 202 as user information and “template iris information” 203 as iris information of the user's template. The Note that the user ID is assigned to improve the efficiency of iris authentication. In addition, the user iris information management table 200 may store information on the user such as an address, a telephone number, sex, age, date of birth, and the like as user information.

  The communication control unit 33 is connected to the iris authentication unit 34, the information search / editing unit 35, and the network communication path 6. The communication control unit 33 has a function of transmitting and receiving data between the electronic input terminal 2 and the electronic input control device 3. That is, the communication control unit 33 receives and transmits information via the communication network 5 and the network communication path 6. Further, the communication control unit 33 controls the iris authentication unit 34 and the information search / editing unit 35 based on the received information.

  The iris authentication unit 34 is connected to the communication control unit 33 and the information search / editing unit 35. The iris authentication unit 34 compares the user information and user iris information transmitted from the electronic input terminal 2 with the user information registered in the user iris information management table 200 of the user information storage unit 32 to perform iris authentication. The authentication result is transmitted from the iris authentication unit 34 to the electronic input terminal 2 via the communication control unit 33.

  The information search / editing unit 35 is connected to the user information storage unit 32, the communication control unit 33, and the iris authentication unit 34. The information search / editing unit 35 searches the user iris information management table 200 stored in the user information storage unit 32 using information received by the communication control unit 33 (for example, a user ID), and extracts iris information. The extracted iris information is transmitted to the iris authentication unit 34.

  The electronic input control device 3 performs iris authentication by comparing the template iris information registered in the user information storage unit 32 with the user iris information transmitted from the electronic input terminal 2, and the authentication result is displayed in the electronic input terminal. 2 to send. Further, the electronic input control device 3 uses the user information registration unit 31 to register or update the user's iris information in the user iris information management table 200.

Here, FIG. 4 shows an electronic input system 100 to which an electronic voting management device 16 is connected as an example of an external output device. That is, FIG. 4 is a system configuration diagram illustrating an example of an electronic voting system that performs electronic voting using the electronic input system 100.
The electronic voting management device 16 connected to the electronic input system 100 via the communication network 5 is a device that stores and outputs the voter's voting content. The electronic voting management device 16 includes a communication control unit 160, a voter information storage unit 161, an information search editing unit 162, an election information storage unit 163, a vote result storage unit 164, a voter information registration unit 165, a vote A result output unit 166.

  The communication control unit 160 controls data transmission / reception between the electronic input system 100 and the electronic input management device 3. The voter information storage unit 161 has a voter information management table 210 for storing voter information of a predetermined election, and the voter information registration unit 165 stores voter information in advance.

  The information search / editing unit 162 searches the voter information management table 210 of the voter information storage unit 161 based on the information transmitted from the electronic input system 100, and extracts voter information. The information search / editing unit 162 extracts election information from the election information storage unit 163 based on the voter information. The election information is information necessary for displaying the candidate selection screen on the display unit 24 of the electronic input terminal 2, and includes, for example, the name of the candidate for each election name and the affiliation of the candidate. The candidate selection screen will be described later.

  Further, when receiving the vote information from the communication control unit 160, the information search / editing unit 162 performs editing processing of the target voter information and stores the vote result in the vote result storage unit 164. The voting content registered in the voting result storage unit 164 is separated from the login ID and anonymized. The voting result stored in the voting result storage unit 164 is output by the voting result output unit 166.

  Here, the voter information management table 210 included in the voter information storage unit 161 will be described. An example of the voter information management table 210 is shown in FIG.

  As shown in FIG. 5, the voter information management table 210 includes items of a user ID 211, a name 212, an address 213, a gender 214, an age 215, an election name 216, and a voting implementation 217. The vote execution 217 of the voter information management table 210 stores whether or not the user has voted for each election. In other words, if it is not voted, “not yet” is described in the voting execution 217 of the voter information management table 210, and if it is voted, “completed” is described in the voting execution 217 of the voter information management table 210.

  Specifically, the electronic voting management device 16 receives voting information including a user ID and voting content from the electronic input control device 3. Based on the received user ID, the voter information management table 210 is searched, and if the vote execution field 217 of the voter information with the matching user ID is “not yet”, the update is overwritten with “completed” and the contents of the vote are voted. The result is stored in the result storage unit 164.

  Here, when performing electronic voting in a specific local government using the electronic input system 100 and the electronic voting management device 16 according to the present embodiment, the user iris information management table 200 and the voter information management of the electronic voting management device 16 The creation of the table 210 will be described. In the present embodiment, it is assumed that the electronic input control device 3 and the electronic voting management device 16 are installed in this local government.

  First, before voting, he goes to the counter of the local government (generally a municipality) where the user who is the voter resides. If the user has not registered the template iris information after confirming that the local government staff is the voter himself / herself with an identification card or the like, the user information registration unit 31 of the electronic voting control device 3 will check the user's iris information and the user. User information including the ID is registered in the user iris information management table 200 of the user information storage unit 32. Registration in the user information management table is performed, for example, when registering a resident card when a user moves from another local government to the target local government.

When a user who has registered template iris information in a certain local government moves to another local government, the staff of the local government of the transfer destination belonging to the election management committee generally uses the user information registration unit 31. Then, the address of the iris information of the template of the user iris information management table 200 stored in the user information storage unit 32 of the transfer source is extracted and registered in the user iris information management table 200 of the transfer destination. At present, there is no personal ID unified in the country, so when saving in the user iris information management table 200 of the transfer destination, registration is performed with reference to information that can be identified as the same person when they match. The information that can be identified as the same person when they match is, for example, a transfer source address, a transfer destination address, a name, and a date of birth.
Next, when the user is a voting subject in a specific election, the user information registration unit 31 sends the registered user information to the communication control unit 160 of the electronic voting management device 16 via the communication network 5 by the communication control unit 33. Send. The user information received by the communication control unit 160 is stored in the voter information management table 210 of the voter information storage unit 161 by the voter information registration unit 165. At this time, a specific election name and voting for this election are also stored in the voter information management table 210.

  By the method described above, the user iris information management table 200 and the voter information management table 210 are registered in advance.

  The local government staff creates the voter information management table 210 for the target election from the user iris information management table 200 stored in the user information storage unit 32 before the announcement date (or announcement date) of the election. The polling place admission ticket in which the user ID for login stored in the voter information management table 210 is described is mailed to the user.

The user ID is a system of a code for identifying a local government and a code for identifying an individual within the local government, thereby easily specifying the existing user iris information management table 200 and voter information management table 210. It is possible. FIG. 6 shows an example of a user ID comprising a code for identifying a local government and a code for identifying an individual within the local government.
Hereinafter, in the input management system 100 and the electronic voting management device 16 shown in FIG. 4, the electronic management by the user, that is, the processing of the input voting management device 16 and the user (voter) when the electronic voting is performed. Will be described with reference to FIGS.

  7 to 9 are flowcharts showing operations of the input management system 100 and the electronic voting management device 16 when electronic voting is performed according to the present embodiment.

  The communication control unit 22 of the electronic input terminal 2 refers to the address information held in the communication control unit 22 and the unique ID of the electronic voting terminal 2 to manage electronic voting via the network communication path 4 and the communication network 5. It is connected to the device 3.

  When the user wears the electronic input terminal 2 on the head, the information search / editing unit 35 of the electronic voting management device 3 transmits the login screen information stored in the user information storage unit 32 to the communication control unit 33, and the communication control unit 33. Transmits the received login screen information to the communication control unit 22. Thereby, the process of FIG. 7 is started.

  First, the communication control unit 22 of the electronic input terminal 2 that has received the login screen information from the communication control unit 33 of the electronic input management device 3 transmits the login screen information to the input control unit 23. The input control unit 23 displays the login screen 300 on the display unit 24 of the information input unit 27 based on the received login screen information (step S1).

  An example of the login screen 300 is shown in FIG. As shown in FIG. 10, the login screen 300 includes input characters 301 of 0 to 9 and A to Z, a login ID input window 302, a send button 303, a delete button 304, and an all delete button 305.

  The input character 301, the send button 303, the delete button 304, and the all delete button 305 are selected by the input control unit 23 and the information input unit 27 based on the user's line of sight. When the input character 301 is selected, the selected input character 301 is displayed on the login ID input window 302. When the transmission button 303 is selected, the character string displayed in the login ID input window 302 is transmitted to the input control unit. When the delete button 304 is selected, one input character displayed in the login ID input window 302 is deleted. When the delete all button 305 is selected, all input characters displayed in the login ID input window 302 are deleted.

  A user ID is input via the login screen 300 (step S2).

  In the present embodiment, the input is performed when the user selects the input character 301 to be input from the input characters 301 displayed on the login screen 300 with the line of sight (hereinafter referred to as line of sight selection). Here, the line-of-sight selection will be described.

  First, the eye image reading unit 25 of the information input unit 27 reads the user's eye image at a fixed period of 0.1 seconds, for example, and transmits it to the line-of-sight detection unit 26. The line-of-sight detection unit 26 detects the line of sight from the received eye image of the user. The eye image reading unit 25 includes a reading light source unit, and when reading a user image, it is possible to read a clear image by causing the reading light source unit to emit light.

  The line-of-sight information detected by the line-of-sight detection unit 26 is transmitted to the input control unit 23, and the input control unit 23 recognizes the input character 301 to be input based on the line-of-sight information and the screen displayed on the display unit 24. 24 login ID input windows 302 are displayed. As a recognition method, for example, when the target user ID is “ABC1234567” and the first character “A” is input, the line-of-sight information detected by the line-of-sight detection unit 26 is “A” of the input characters 301. For example, when it is recognized that the camera is continuously turned for 5 seconds (first fixed time) or more, “A” blinks. If it is recognized that the blinking “A” continues to have a line of sight, for example, for 2 seconds (second fixed time) or longer, the character “A” is displayed in the login ID input window 302. In the login screen 300 shown in FIG. 10, in order to input the character “2”, “2” of the input characters 301 of 0 to 9 and A to Z has a line of sight continuously for a first predetermined time or more. It is recognized that “2” of the input characters 301 of 0 to 9 and A to Z is blinking.

When all the characters of the voter's user ID are selected and the transmission button 303 is selected, the character string displayed in the user ID input window 102 is transmitted to the input control unit 23 as a login ID (step S3). .
Based on the user ID transmitted in step S3, the input control unit 23 transmits an iris information reading request for reading iris information to the iris reading unit 21 (step S4). Upon receiving the iris information reading request, the iris reading unit 21 reads the user's iris information and transmits it to the input control unit 23 (step S5).

  Subsequently, the input control unit 23 transmits the user ID received in step S3 and the iris information received in step S5 to the communication control unit 22 (step S6). The communication control unit 22 transmits these user IDs and iris information to the communication control unit 33 of the electronic input management unit 3 via the network communication path 4, the communication network 5, and the network communication path 6 (step S7). The user ID and iris information are transmitted by encrypted communication.

  The iris authentication unit 34 performs iris authentication using the iris information received by the communication control unit 33 and the iris information of the template stored in the user information storage unit 32 (step S8). Specifically, when the user ID and iris information received by the communication control unit 33 are transmitted to the information search / editing unit 35, the user iris information in the user information storage unit 32 based on the user ID received by the information search / editing unit 35. The management table 200 is searched. As a result of the search, the iris information of the template with the matching user ID is extracted, and the iris information of the extracted template, the user ID, and the iris information read in step S5 are transmitted to the iris authenticating unit 34. The iris authentication unit 34 performs iris authentication by comparing the received iris information of the template with the iris information read in step S5. As a result of the collation, when the iris information matches, “pass”, and when the iris information does not match, “fail”. The iris authentication unit 34 determines that the authentication is unsuccessful when an image of a fiberscope or the like is reflected in the received iris information.

  When the iris authentication result is unacceptable (No in step S9), the iris authentication unit 34 transmits the user ID and the iris authentication result “fail” to the communication control unit 33 (step S91). Then, the communication control unit 33 transmits the received user ID and the iris authentication failure result “fail” to the communication control unit 22 via the communication network 5 (step S92). Based on the user ID received by the communication control unit 22 and the iris authentication result “fail”, the input control unit 23 ends the login screen displayed on the display unit 24 (step S93), and ends the input process. .

  If the iris authentication result is acceptable (step S9 is Yes), the iris authentication unit 34 transmits the user ID and the iris authentication result “pass” to the communication control unit 33 (step S10). The communication control unit 33 transmits the user ID and the iris authentication result “pass” to the communication control unit 163 by encrypted communication (step S11).

  The communication control unit 163 transmits the received user ID and the iris authentication result “pass” to the information search / editing unit 162. The information search / editing unit 162 searches the voter information management table 210 for the election of the target of the local government stored in the voter information storage unit 161 by using the code for identifying the local government in the received user ID (step) S12).

  As a result of searching the voter information management table 210 for the local government election by the information search / editing unit 162, if the user ID does not exist (No in step S13), the information search / editing unit 162 starts from the election information storage unit 163. Voting end screen information is extracted, and the communication control unit 160 transmits the information to the electronic input terminal 2 (step S131). The electronic input terminal 2 displays a voting end screen based on the received voting end screen information (step S132), and ends the input process.

  If the user ID exists (Yes in step S13), the information search editing unit 162 determines whether or not the voter information of this user ID includes an election that has not yet been voted (an election in which voting will be performed from now on). Step S14).

  When the voter information of this user ID includes an election that has not been voted (Yes in step S14), the information search / editing unit 162 extracts the voting screen information from the election information storage unit 163, and the communication control unit 163 displays the voting screen. Information is transmitted to the communication control part 22 via the communication network 5 (step S15).

  The communication control unit 22 transmits the received voting screen information to the input control unit 23, and the input control unit 23 displays a voting screen candidate selection screen on the display unit 24 based on the voting screen information (step S16). In addition, when a plurality of elections are held at the same time, a candidate selection screen for elections that have not been voted is displayed in accordance with the election order searched by the information search editing unit 162.

  FIG. 11 shows an example of a candidate selection screen. As shown in FIG. 11, the candidate selection screen 401 for the target election, a “Previous” button 402, and a “Next” button 403 are displayed on the candidate selection screen. By selecting the “Previous” button 402 / “Next” button 403, it is possible to sequentially display the names of candidates. The selected candidate name includes “white vote”.

  The voter selects a candidate's name to vote from the candidate name selection column 401 (step S17). In this embodiment, it is assumed that “XX Party candidate Taro Toshiba” shown by dots in FIG. 11 is selected.

  When a candidate name is selected (step S17 is Yes), the input control unit 23 displays a vote confirmation screen on the display unit 24 (step S18). If the line-of-sight name is not selected (No in step S17), the process returns to step S12 to search the voter information management table 210 for an unvoted election.

  FIG. 12 shows an example of the voting confirmation screen displayed in step S18. As shown in FIG. 12, the name of the candidate selected in step S17 and the “vote” / “do not vote” buttons are displayed on the vote confirmation screen. The vote is confirmed by the user using this vote confirmation screen (step S19).

  That is, when there is a difference in the display content of the vote confirmation screen displayed on the display unit 24, the “no voting” button on the vote confirmation screen is selected by the voter, and there is no difference in the display content of the vote confirmation screen The “vote” button is selected by the voter on the vote confirmation screen, and is sent to the input control unit 23.

  If the “no voting” button is selected and the voting is not confirmed (No in step S19), the process returns to step S16 to select (candidate) a candidate again.

  If the “vote” button is selected as a line of sight and voting is confirmed (Yes in step S19), the input control unit 23 makes an iris information reading request to the iris reading unit 21 (step S20).

  The iris reading unit 21 that has received the iris information reading request reads the user's iris information and transmits the read iris information to the input control unit 23 (step S21). The input control unit 23 transmits the voting result information including the selected candidate name and the user ID and the iris information to the communication control unit 22 (step S22). The communication control unit 22 transmits the received voting result information and iris information to the communication control unit 33 of the electronic input management device 3 by encrypted communication (step S23). The communication control unit 33 transmits the received voting result information and iris information to the information search / editing unit 35 (step S24). The information search / editing unit 35 searches the user iris information management table 200 of the user information storage unit 32 based on the user ID of the received voting result information. As a result of the search, the iris information of the template with the matching user ID is extracted, and the iris information of the template of the extraction result and the received voting result information and iris information are transmitted to the iris authenticating unit 34 (step S25).

  The iris authentication unit 34 performs iris authentication by comparing the iris information of the extraction result template received from the information search / editing unit 35 with the iris information read in step S21, and obtains the iris authentication result and the voting result information. The information is sent to the information search / editing unit 35 (step S26).

  As a result of collating the iris information of the extraction result template received from the information search / editing unit 35 by the iris authentication unit 34 and the iris information read in step S21, the template of the extraction result received from the information search / editing unit 35 If the iris information does not match the iris information read in step S21, the iris authentication result is “failed”. Further, it is assumed that the iris authentication result is “pass” when the iris information of the extraction result template received from the information search / editing unit 35 matches the iris information read in step S21. If the iris authentication result received by the information search / editing unit 35 is “fail” (No in step S27), the information search / editing unit 35 separates the user ID from the encrypted voting result information, and the candidate name of the voting result Is deleted (step S271). The information search editing unit 35 transmits the user ID and the iris authentication result “fail” to the communication control unit 33 (step S272). The communication control unit 33 transmits the received user ID and information of the iris authentication result “fail” to the communication control unit 22 (step S92 in FIG. 6). The communication control unit 22 transmits the user ID and information of the iris authentication result “fail” from the input control unit 23, and the input control unit 23 ends the screen displayed on the display unit 24 (FIG. 6). Step S93), voting is completed. That is, when the iris authentication result received by the information search / editing unit 35 is “fail”, the voting operation is forcibly terminated.

  When the iris authentication result is “pass” (step S27 is Yes), the information search / editing unit 35 transmits the vote result information and the iris authentication result “pass” information to the communication control unit 33 (step S28). The communication control unit 33 transmits the received voting result information and the iris authentication result “pass” to the communication control unit 160 by encrypted communication (step S29). The communication control unit 160 transmits the received voting result information and the iris authentication result “pass” information to the information search / editing unit 162, and the information search / editing unit 162 uses the candidate name and the user ID of the encrypted voting result information. And only the names of the candidates are stored in the vote result storage unit 164 (step S30). At this time, the information search / editing unit 162 prevents the correspondence between the transmitted voting result and the voting content output to the voting information storage unit 37.

  The information search / editing unit 162 registers that the vote has been voted for this election in the vote execution column of the target user in the voter information management table 210 of the target election (step S31). When the information search / editing unit 162 registers that the voter information management table for voting has already been voted, it confirms again that the user's target election in this voter information management table has not been voted, and then It is also possible to confirm that there is no double voting by registering.

  Subsequently, the information search / editing unit 162 returns to step S12 in FIG. 8 and searches the voter information management table 210 for an election for which the target user has not been voted. Steps S12 to S31 in FIG. 8 are repeated until all elections have been voted.

  When the information search / editing unit 162 detects that the target user of the voter information management table has no election that has not been voted (No in step S14), communication is performed to notify the user that all the votes of the day have been completed. The control unit 163 transmits screen information for notifying completion of voting to the communication control unit 22 (step S141). The input control unit 23 receives screen information for notifying completion of voting from the communication control unit 22, displays a voting completion notification screen on the information display / selection input unit 23 (step S142), and ends all input processes. An example of the vote completion notification screen is shown in FIG.

  After the voting time ends, the voting result output unit 166 outputs the voting result stored in the voting result storage unit 165. The output of the voting result may be performed at a preset timing, or may be performed by an operation of an election manager.

  As described above, since the electronic input system 100 using the communication network according to the present embodiment does not display a screen for input other than the authenticated user on the display unit, the screen for input cannot be viewed except by the user. . In addition, since the contents entered by other than the authenticated user are deleted, it is impossible for anyone other than the user to input. Therefore, it is possible to provide an electronic input system that cannot be input by anyone other than the user and that cannot be operated for input.

  In other words, even when inputting from a place where there is no supervisor, such as at home or at work, it is possible for a person other than the person to steal the screen to be entered and prevent the person other than the person from knowing the contents. is there.

(Second Embodiment)
A second embodiment of the present invention will be described with reference to FIGS. In addition, the same code | symbol is provided about the structure similar to 1st Embodiment, and the same procedure, and description is abbreviate | omitted.

  FIG. 14 is a system configuration diagram illustrating an example of an electronic input system according to the second embodiment.

  The electronic input terminal 2 of the electronic input system according to the second embodiment includes an iris authentication management data storage unit 291, an iris authentication management table 292 stored in the iris authentication management data storage unit 291, and an iris authentication unit 341. Prepare. The iris authentication management table 292 is connected to the communication control unit 22 and stores iris authentication period information indicating the period in which the iris authentication process is performed in the fixed period interrupt process described later.

  The iris authentication unit 341 is the same as the iris authentication unit 34 and is provided in the electronic input terminal 2 in this embodiment.

  Hereinafter, in the input management system 100 and the electronic voting management device 16 shown in FIG. 14, the input management system 100, the electronic voting management device 16, and the processing of the user (voter) when the user performs electronic input, that is, electronic voting is performed. Will be described with reference to FIGS.

  15 to 16 are flowcharts showing operations of the input management system 100 and the electronic voting management device 16 when electronic voting is performed according to the present embodiment. Step S203 in FIG. 15 starts following the login ID input in step S2 in FIG.

  First, the input control unit 23 of the electronic input terminal 2 receives the login ID (step S203). The input control unit 23 transmits the received user ID to the communication control unit 22 (step S204). The communication control unit 22 transmits the received user ID to the communication control unit 33 of the electronic input management device 3 by encrypted communication (step S205).

  When the user ID received by the communication control unit 33 is transmitted to the information search / editing unit 35, the information search / editing unit 35 searches the user information storage unit 32 using the user ID received by the communication control unit 33, and corresponds to this user ID. The iris information of the template to be extracted is extracted (step S206).

  The communication control unit 33 transmits the iris information of the template extracted by the information search / editing unit 3 to the communication control unit 22 by encrypted communication (step S207).

  When receiving the iris information of the template, the communication control unit 22 transmits an iris information reading request to the iris reading unit 211 (step S208). The iris reading unit 211 reads the iris information of the user who is a voter based on the iris information reading request (step S209).

  The read iris information is collated with the iris information of the received template transmitted / received to / from the iris authentication unit 341 and the iris information of the voter 7 received from the iris reading unit 21, performs iris authentication, and enters the input control unit 23. An authentication result is transmitted (step S210). The iris authentication unit 341 determines that the image is rejected when an image such as a fiberscope is reflected in the iris information received from the iris reading unit 211.

  When the iris authentication result of the user by the iris authentication unit 341 is “fail” (No in step S211), the same processing as in steps S91 to S93 in FIG. 7 is performed, and the input processing is ended.

  When the iris authentication result of the user by the iris authentication unit 341 is “pass” (Yes in step S211), the input control unit 23 passes the user ID and information of the “authentication” iris communication to the communication control unit 22, and performs communication control. The unit 22 transmits the user ID and information of the iris authentication “pass” to the communication control unit 33 by encrypted communication (step S212). When the communication control unit 33 receives the user ID and the iris authentication “pass”, the communication control unit 33 transmits the user ID and the iris authentication “pass” to the communication control unit 160 of the electronic voting management device 16 (step S213).

  When the communication control unit 160 receives the user ID and the information of “pass” iris authentication, the communication control unit 160 performs the processing from step S12 to step S19 in FIG.

  When step S19 is Yes, that is, when voting is confirmed, the input control unit 23 transmits the user ID to the communication control unit 33 (step S221 in FIG. 16). When the user ID received by the communication control unit 33 is transmitted to the information search / editing unit 35, the information search / editing unit 35 searches the user information storage unit 32 using the user ID received by the communication control unit 33, and corresponds to this user ID. The iris information of the template to be extracted is extracted (step S222).

  The communication control unit 33 transmits the iris information of the template extracted by the information search / editing unit 3 to the communication control unit 22 by encrypted communication (step S223).

  When receiving the iris information of the template, the communication control unit 22 transmits an iris information reading request to the iris reading unit 211 (step S224). The iris reading unit 211 reads the iris information of the user who is a voter based on the iris information reading request (step S225).

  The read iris information is collated with the iris information of the received template transmitted / received to / from the iris authentication unit 341 and the iris information of the voter 7 received from the iris reading unit 21, performs iris authentication, and enters the input control unit 23. An authentication result is transmitted (step S226).

  When the iris authentication result of the user by the iris authentication unit 341 is “fail” (No in step S227), the input control unit 23 deletes the input voting information (step S229) and displays the screen displayed on the display unit 24. The process ends (step S230), and the input process ends. That is, the voting operation is forcibly terminated.

  When the iris authentication result of the user by the iris authentication unit 341 is “pass” (step S227 is Yes), the input control unit 23 transmits the user ID and the contents of the vote to the communication control unit 33 (step S228). Then, the process from step S29 of FIG. 11 is performed.

  Here, the periodic interrupt processing will be described. A process performed when a specific period based on the iris authentication period information stored in the chroma authentication management table 292 arrives is referred to as a fixed period interrupt process.

  The iris reading unit 211 of the electronic input terminal 2 according to the present embodiment receives a specific information (timing) based on the information received by the information input unit 27 and the iris authentication cycle information stored in the iris authentication management table 292. Has arrived, the user's iris information is read and transmitted to the communication control unit 22.

  Note that this periodic interrupt processing is started after the login processing is performed. Further, the iris authentication period information is set in advance by the user or the system administrator as, for example, “a constant period of one second”. It is also possible to set so that iris authentication is performed only when a specific time has passed without setting a fixed period. Note that if the iris authentication period is set to a period equal to or less than the time required for line-of-sight selection, it is possible to prevent an input by a user other than the target user.

  FIG. 17 is a flowchart showing the procedure of fixed-cycle interrupt processing in the second embodiment. When the iris authentication period stored in the iris authentication management table 292 arrives during the input process, the periodic interrupt process is performed by interrupting the input process (interrupting the input process).

  When a specific period based on the iris authentication period information arrives, the periodic interrupt process is started, and the iris reading unit 211 reads the user's iris information. At the same time, the user ID input from the communication control unit 22 is transmitted to the electronic input management device 3 (step S291).

  Based on the received user ID, the information search / editing unit 35 extracts the iris information of the template with the matching user ID from the user information storage unit 32 (step S292). The communication control unit 33 transmits the extracted iris information of the template to the electronic input terminal 2.

  The iris authentication unit 341 performs iris authentication using the received iris information of the template and the read iris information of the user.

  When the iris authentication result is “fail” (step S293: No), the input control unit 23 ends the voting screen displayed on the display unit, and ends the input process. That is, the voting operation is forcibly terminated.

  If the iris authentication is “pass” (step S293: Yes), the periodic interrupt process is terminated and the interrupted input process is continued.

  As described above, the electronic input system of this embodiment does not need to transmit the user's iris information read by the iris reading unit 211 of the electronic input terminal 2 on the network. That is, it is possible to reduce the risk that the read iris information of the user leaks via the communication network.

  In addition, since the iris authentication process is periodically performed by the periodic interrupt process, it is possible to prevent a user other than the authenticated user from performing an input after login, and thus it is possible to improve confidentiality.

The iris authentication management data storage unit 291 stores the user iris information of the template extracted based on the user ID at the time of the first iris authentication, and stores the iris authentication after the first time in the iris authentication management data storage unit 291. The iris authentication may be performed using the user's iris information. As a result, even when the periodic interrupt processing is performed, the number of times that the iris information of the template flows through the communication network in one input processing can be made once. That is, it is possible to reduce the risk of the iris information of the template leaking via the communication network. It is also possible to reduce the load on the communication network.
That is, the electronic input system according to the present embodiment is a highly confidential electronic input system in which an input screen cannot be seen, an input operation cannot be performed, and an input cannot be performed by a user other than the input user. It is possible to provide.

  In addition, although several embodiment of this invention was described, these embodiment is shown as an example and is not intending limiting the range of invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof. For example, an eyeball projection type image display device may be used as the display unit 24. In this case, since it is possible to see the screen and image displayed on the display unit 24 only to the user without the shielding unit 271, confidentiality can be improved.

  Further, when the electronic input terminal 2 includes the iris authentication unit, the iris information read by the iris reading unit 211 at the first time (login) is stored in the iris authentication storage unit 291 as a substitute for the template, and subsequent iris authentication is performed for iris authentication. The template iris information stored in the storage unit 291 may be used. Accordingly, it is possible to cause the user iris information to flow through the communication network only once in one input process without flowing the iris information of the template to the communication network. Therefore, the iris information of the template can be prevented from leaking via the communication network, and the load on the communication network can be reduced.

  The iris authentication unit 34 may use a standard called ACBio (Authentication Context for Biometrics). ACBio is an authentication context for biometric authentication, and is a data structure standard for indicating processing contents of biometric authentication. This ACBio does not send raw iris information over the network, but only sends the details of iris authentication processing. Accordingly, since the iris information itself does not flow through the communication network, the iris information can be prevented from leaking via the communication network. Also, by transmitting only the biometric authentication processing content, it is possible to support various biometric authentication methods and biometric authentication devices without depending on a specific biometric authentication method or biometric authentication device.

  In the present embodiment, the information input unit is composed of an eyeball projection display device, a line-of-sight detection unit, and an eye image reading device. However, a mouse, a barcode scanner, a joystick, or the like is used as the information input unit for display. Input may be performed via an information input screen displayed on the screen.

  As a result, it is possible to reduce the burden on the user when there are many input items without knowing the input contents by a third party other than the input target user. In this case, a shielding unit for hiding the information input unit from the outside may be provided.

  Further, the configuration of the electronic input control device 3 may be a single configuration using a highly reliable and high performance computer, or a configuration in which a plurality of computers are connected via a communication network.

  In addition, when searching the user information storage unit, the search may be performed based on the read iris information and collated, not based on the user ID. For example, the iris authentication unit is installed in the electronic input management device in the same manner as in the first embodiment, and the voting result information including the name of the candidate selected from the electronic input terminal and the user ID and the iris information are the electronic input management device. The iris authentication may be performed. The iris authentication unit is installed in the electronic input terminal, stores the iris information read at the first time (login) as a substitute for the template, and uses the template iris information stored in the electronic input terminal to perform a fixed period. Iris authentication may be performed by interrupt processing.

  A personal computer (PC) may be used as the communication control unit. By using the communication control unit as a PC, the function of the communication control unit can be mounted on the PC being used, and the functions to be mounted on the electronic input terminal can be reduced. As a result, the range of use of the electronic input system can be expanded according to the level of security required.

  In addition, an electronic certificate storage unit is provided for attaching an electronic signature using a public personal authentication infrastructure or the like when transmitting encrypted voting content from an electronic input terminal to an electronic input management device via a communication network. It is good also as a structure. By using the public personal authentication infrastructure, it is possible to use an authentication function using an electronic signature that is currently popular, or a function of an authentication system that is currently operating.

  In addition, the electronic input system of this embodiment can be used not only for electronic voting but also for electronic input that requires authentication of the person.

  2 ... Electronic input terminal, 3 ... Electronic input management device, 4, 6, 15 ... Network communication path, 5 ... Communication network, 21, 29 ... Iris reading unit, 22, 33 ... Communication control unit, 23 ... Input control unit, 24 ... display unit, 25 ... eye image reading unit, 26 ... gaze detection unit, 27 ... information input unit, 31 ... user information registration unit, 32 ... user information storage unit, 34 ... iris authentication unit, 35 ... information search / editing unit 291 ... Iris authentication management data storage unit

Claims (9)

An electronic input system comprising an electronic input terminal connected via a communication network and an electronic input management device,
The electronic input terminal is
An iris reading unit that reads the iris information of the user who is the input person;
A display unit including a shielding unit and displaying an information input screen;
An information input unit for inputting information by the user using the information input screen;
An input control unit that transmits the input information and the read iris information to the electronic input management device;
With
The electronic input management device is:
A user information storage unit in which iris information of a predetermined user is registered;
An iris authentication unit that performs iris authentication using the iris information registered in the user information storage unit and the iris information read by the iris reading unit, and determines whether the iris authentication result is acceptable or not,
When the iris authentication result is acceptable, a communication control unit that outputs the input information to an external output unit;
With
The said display part is an electronic input system which displays an information input screen, when the said iris authentication result is a pass. An electronic input system comprising an electronic input terminal connected via a communication network and an electronic input management device,
The electronic input terminal is
An iris reading unit that reads the iris information of the user who is the input person;
A display unit including a shielding unit and displaying an information input screen;
An information input unit for inputting information by the user using the information input screen;
An iris authentication unit for performing iris authentication of the user;
An input control unit that transmits the input information, the read iris information, and the result of the iris authentication to the electronic input management device;
With
The electronic input management device is:
A user information storage unit in which iris information of a predetermined user is registered;
A communication control unit that communicates with an external output unit based on the result of the iris authentication;
With
The iris authentication unit performs iris authentication using the iris information registered in the user information storage unit and the iris information read by the iris reading unit, and determines whether the iris authentication result is pass or fail,
The said display part is an electronic input system which displays an information input screen, when the said iris authentication result is a pass.   The said information input part has an eye image reading part which reads the said user's eye image for every specific period, and a gaze detection part which detects the said user's gaze from the read said eye image. The electronic input system of any one of Claims.   The electronic input system according to any one of claims 1 to 3, wherein the iris reading unit reads the iris information of the user when information is input by the user.   The electronic input system according to any one of claims 1 to 4, wherein the iris reading unit reads the iris information of the user when a specific period arrives. The electronic input terminal includes an iris authentication management data storage unit that stores the iris information of the read user or the iris information of the user extracted from the user information storage unit based on the read iris information of the user. Prepared,
The electronic input system according to claim 2, wherein the iris authentication unit performs iris authentication using user information stored in the iris authentication management data storage unit and the read iris information of the user. An electronic input system comprising an electronic input terminal connected via a communication network and an electronic input management device having a user information storage unit, wherein the electronic input terminal reads iris information of a user who is an input person A display unit that includes a shielding unit and displays an information input screen; an information input unit that inputs information by the user using the information input screen; the input information and the iris information that is read; An input control unit that transmits the information to the electronic input management device, and the electronic input management device includes a user information storage unit in which iris information of a predetermined user is registered, and an iris registered in the user information storage unit. The iris authentication unit that performs iris authentication using the information and the iris information read by the iris reading unit, and determines whether the iris authentication result is acceptable or not, and the iris authentication result is acceptable In some cases, an electronic input method using an electronic input system and a communication control unit for outputting the inputted information to the external output unit,
The iris reading unit reading the user's iris information;
The iris authentication unit performs iris authentication using the iris information registered in the user information storage unit and the iris information read by the iris reading unit, and determines whether the iris authentication result is pass or fail; ,
The display unit displaying an information input screen when the iris authentication result by the iris authentication is acceptable;
The information input unit is configured to input information by the user;
The iris reading unit reading the user's iris information;
The iris authentication unit performs iris authentication using the iris information registered in the user information storage unit and the iris information read by the iris reading unit, and determines whether the iris authentication result is pass or fail; ,
The communication control unit outputting the input information to an external output unit when the result of the iris authentication by the iris authentication is acceptable;
An electronic input method comprising: The electronic input terminal includes an iris authentication management data storage unit that stores the iris information of the read user or the iris information of the user extracted from the user information storage unit based on the read iris information of the user. Prepared,
The electronic input system according to claim 7, wherein the iris authentication unit includes a step of performing iris authentication using user information stored in the iris authentication management data storage unit and the read iris information of the user. Electronic input method.   The electronic input method using the electronic input system according to any one of claims 7 to 8, wherein the iris reading unit includes a step of reading user iris information when a specific period arrives.

Images