JP2012134710A - Authentication system, authentication device and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To perform connection setting of two terminals physically positioned in distant points in a network to which an unspecified number of pieces of apparatus are connected, by a simple operation and simple structure.SOLUTION: A plurality of terminals 2 and an authentication device 1 are connected via a network. The authentication device 1 acquires first input information generated by operating a terminal 2A and second input information generated by operating a terminal 2B (3), creates a pair based on a result of comparison between the first input information and the second input information (4), and transmits setting information which enables the terminal 2A and the terminal 2B to communicate to the terminal 2A and the terminal 2B (10).

Description

  The present invention relates to an authentication system, an authentication apparatus, and a program for performing authentication when starting communication between terminals.

  Conventionally, when connecting terminals at remote locations via the Internet, it is necessary to input the ID (IP address, etc.) of the terminal of the connection partner, and the operation is complicated. This input operation is particularly difficult when the user has no knowledge about the network, the user is not familiar with the operation of the terminal, or when a device that does not have a rich user interface such as an information appliance is a terminal.

  Conventionally, as a technique for simplifying communication setting input work, those described in Patent Document 1 and Patent Document 2 below are known.

  Patent Document 1 describes that information such as an IP address input to a terminal is converted into a two-dimensional bar code and read by a two-dimensional bar code reader connected to the device, thereby reducing input labor.

  Patent Document 2 describes a mechanism that enables connection of two terminals that can communicate with each other by wireless LAN only by pressing a button.

JP 2006-5397 A Patent 4494121

  However, the technique described in Patent Document 1 requires an additional device such as a two-dimensional barcode reader. In addition, the technique described in Patent Document 2 is premised on use at a short distance that can be connected by a wireless LAN, and when the same mechanism is applied to an environment where a large number of devices can be connected like the Internet, There is a high possibility that incorrect connections will occur frequently.

  Therefore, the present invention has been proposed in view of the above-described circumstances, and can easily perform connection settings of two terminals that are physically remote in a network to which an unspecified number of devices are connected, and An object is to provide an authentication system, an authentication apparatus, and a program that can be performed with a simple configuration.

  In the authentication system according to the first invention for solving the above-described problem, a plurality of terminals and an authentication device are connected via a network, and the authentication device operates a first terminal of the plurality of terminals. The second input information generated by operating the second input information generated by operating the second terminal of the plurality of terminals and the first input information is compared with the second input information A pair is created based on the result, and setting information for enabling communication between the first terminal and the second terminal is transmitted to the first terminal and the second terminal.

  In the authentication system according to the first invention, in the second invention, the first input information and the second input information have timing information, and the authentication device is configured to store the first input information. It is determined whether or not to create a pair based on a result of comparing timing information and timing information of the second input information.

  In the authentication system according to the first aspect, in the third aspect, the first input information and the second input information include information on the number of operations, and the authentication device includes the first input information. It is characterized in that it is determined whether or not to create a pair based on a result of comparing the information on the number of operations of information and the information on the number of operations of the second input information.

  The authentication system according to any one of the first to third inventions, wherein the authentication device transmits confirmation information to the paired first terminal and second terminal, and The first terminal and the second terminal that perform communication display the received confirmation state.

  The authentication system according to any one of the first to fourth inventions, wherein the fifth invention includes a plurality of the authentication devices, and the first terminal and the second terminal that communicate with each other include a plurality of authentications. The first input information and the second input information are transmitted to the same authentication device among the devices.

  The authentication system according to a fifth aspect of the present invention is the authentication system according to the sixth aspect, wherein the first terminal and the second terminal that communicate with each other are configured such that the device type of the first terminal and the device type of the second terminal Based on the combination, an authentication apparatus as a transmission destination of the first input information and the second input information is determined.

  In the authentication system according to the fifth or sixth invention, the seventh invention is based on the first input information and the second input information, the first terminal and the second terminal communicating with each other. Then, an authentication apparatus as a transmission destination of the first input information and the second input information is determined.

  The authentication system according to any one of the first to seventh inventions, wherein the authentication device stores history information of the paired terminals and is stored as the history information. It is characterized in that the terminals are paired with priority.

  In the authentication system according to any one of the first to eighth inventions, the ninth invention is characterized in that the authentication device transmits advice information indicating the content of the input information to the terminal. .

  The authentication system according to any one of the first to ninth inventions, wherein the tenth invention displays an operation timing for generating the input information on a display unit provided in the terminal. And

  An authentication apparatus according to an eleventh aspect of the present invention for solving the above-described problem is connected to a plurality of terminals via a network, and includes first input information generated by operating a first terminal of the plurality of terminals, and A receiving means for acquiring second input information generated by operating a second terminal of the plurality of terminals, and a pair based on a result of comparing the first input information and the second input information. And setting means for creating and sending setting information for enabling communication between the first terminal and the second terminal to the first terminal and the second terminal.

  An authentication device program according to a twelfth aspect of the present invention for solving the above problem is a program for an authentication device connected to a plurality of terminals via a network, and operates a first terminal of the plurality of terminals. Receiving means for acquiring first input information generated by operating the second input information generated by operating a second terminal of the plurality of terminals, the first input information, and the second input information To create a pair based on the result of the comparison between the first terminal and the second terminal, and to function as setting means for transmitting setting information for enabling communication between the first terminal and the second terminal to the first terminal and the second terminal It is characterized by that.

  According to the present invention, the authentication apparatus acquires input information as a result of operation on the terminal, creates a pair based on the result of comparing the two input information, and transmits the setting information to both terminals. In a network to which an unspecified number of devices are connected, connection settings of two terminals that are physically remote can be performed with a simple operation and a simple configuration.

It is a block diagram of the authentication system shown as one Embodiment of this invention. It is a perspective view of the terminal in the authentication system shown as one embodiment of the present invention. It is a block diagram of the terminal in the authentication system shown as one Embodiment of this invention. It is a block diagram of the authentication apparatus in the authentication system shown as one Embodiment of this invention. It is a flowchart which shows the process sequence of the terminal in the authentication system shown as one Embodiment of this invention. In the authentication system shown as one Embodiment of this invention, it is a flowchart which shows a process sequence when an authentication apparatus receives input information. In the authentication system shown as one Embodiment of this invention, it is a flowchart which shows the process sequence when an authentication apparatus detects a pair. In the authentication system shown as one Embodiment of this invention, it is a flowchart which shows the process sequence when an authentication apparatus receives a connection permission message or a connection cancellation message from a terminal. In the authentication system shown as one Embodiment of this invention, it is a figure which shows the connection apparatus information table in a terminal. In the authentication system shown as one Embodiment of this invention, it is a figure which shows the authentication apparatus recommendation press frequency table in a terminal. It is a figure which shows the connection request information table in an authentication apparatus in the authentication system shown as one Embodiment of this invention. It is a figure which shows the recommended pressing frequency table 113 in an authentication apparatus in the authentication system shown as one Embodiment of this invention. It is a figure which shows the connection history table in an authentication apparatus in the authentication system shown as one Embodiment of this invention. It is a figure which shows the connection pair table in an authentication apparatus in the authentication system shown as one Embodiment of this invention.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
The authentication system shown as the first embodiment to which the present invention is applied is configured as shown in FIG. 1, for example. The authentication system includes a plurality of authentication devices 1A and 1B (hereinafter collectively referred to simply as “authentication device 1”) and a plurality of terminals 2A and 2B (hereinafter collectively referred to simply as “terminal 2”). Called).

  In this authentication system, input information for associating terminals 2A and 2B to be connected to each other is operated and input to each of the terminals 2A and 2B, and a communication connection partner is specified using the input information as a clue. As this input information, simple information smaller than the network address is desirable.

  In this authentication system, the network NW connecting the terminals 2A and 2B is a network to which an unspecified number of devices such as the Internet are connected. This authentication system includes authentication devices 1A and 1B for efficiently comparing input information from a state in which two terminals 2A and 2B to be connected for communication do not know each other's network address (setting information).

  Each terminal 2A, 2B that wants to start communication with each other transmits input information to the authentication device 1 that has been determined in advance. Then, the authentication device 1 identifies the pair of terminals 2A and 2B to be connected by comparing each received input information, and transmits the network address of the communication partner to each of the terminals 2A and 2B. Thereby, the authentication system can set the setting information necessary for communication in the terminals 2A and 2B even with a simple operation and configuration.

  When a large number of terminals (for example, thousands) use this authentication system, there is a risk of being connected to another terminal 2 by mistake. On the other hand, this can be prevented by complicating the input information that associates the terminals 2 to be connected. However, it is desirable that the input operation at the terminal 2 be as simple as possible.

  For this purpose, the authentication system includes the timing information and / or the number of operations in the input information. Specifically, a combination of the time when the button on the terminal 2 is started to be pressed, the number of times the button is pressed, and the timing when the button is pressed is created as input information. And the authentication apparatus 1 specifies the terminals 2 with which the input information containing these approximates as a pair.

  Furthermore, in order to further reduce the possibility of being erroneously connected to another terminal 2, when the authentication device 1 identifies a pair, a connection identification value (generated by a random number generator for each terminal 2 for confirmation) ( Confirmation information) is sent. Thereafter, the users of the paired terminals 2 exchange the connection identification values, and the users of both terminals 2 confirm whether the connection identification value of the communication partner matches the own connection identification value. It is desirable.

  Hereinafter, this authentication system will be specifically described.

  This authentication system includes a plurality of terminals 2A and 2B and authentication devices 1A and 1B connected to a network NW to which an unspecified number of devices are connected such as the Internet. In FIG. 1, only two terminals 2A and 2B are shown, but a network configuration in which a large number of terminals (not shown) (for example, thousands of terminals 2) are connected is assumed. Further, only two authentication devices 1, that is, the authentication device 1 </ b> A and the authentication device 1 </ b> B are shown. Yes. Conversely, a plurality of authentication devices 1A and 1B are shown, but a single authentication device may be used.

  Generally, when the user A and the user B want to establish communication connection between the terminals 2A and 2B used by each other via the network NW, the connection setting information of the communication partner is stored in at least one of the terminals 2A and 2B. Need to be. For example, the terminal 2A needs to obtain the network address information of the terminal 2B as the connection setting, or the terminal 2B needs to obtain the network address information of the terminal 2A. The setting information is not limited to the network address, but may be other information.

  The authentication system according to the present embodiment enables the terminals 2A and 2B to acquire each other's network address by the following user operation and automatic processing between the terminal 2 and the authentication device 1.

  As shown in FIG. 2, the terminal 2 includes a display screen 201, a connection partner device designation button 202, a connection request button 203, a cancel button 204, and a timing advice button 205.

  As shown in FIG. 3, the terminal 2 has an input unit 210, a display unit 211, a communication module 212, a connection processing unit 213, a connected device information table 214, a connected device setting unit 215, and a pressing timing, as shown in FIG. An example generation unit 216 and an authentication device recommended number-of-presses table 217 are provided. Each unit of the terminal 2 operates in the procedure described below.

  As shown in FIG. 4, the authentication device 1 includes a communication module 110, a connection request recording unit 111, a connection request information table 112, a recommended number-of-presses table 113, a connection request processing unit 114, a connection history table 115, and a connection permission processing unit 116. , Connection pair table 117. Each unit of the authentication device 1 operates as in the procedure described below.

  Such an authentication system operates as in the procedure described below. It should be noted that the operations of the authentication device 1 and the terminal 2 described below can be realized by storing the operation program in the storage unit of each of the authentication device 1 and the terminal 2 (not shown) and executing them by the CPU. .

  Between the authentication device 1 and the terminal 2 in this authentication system, operations are performed as shown in procedures (1) to (10) shown in FIG. Hereinafter, the operations of the authentication device 1 and the terminal 2 will be described with reference to the procedure of FIG. 1, the flowcharts of FIGS. 5 to 8, and FIGS. 9 to 14 showing the contents of the tables used.

  First, in the procedure (1), while the user A and the user B can talk by means such as a telephone, the number of times of pressing the connection request button 203 of the terminal 2 and the pressing timing are determined. For example, the number of times of pressing is 3 times, and the timing is pressed every 2 seconds.

  In the next procedure (2), the user A presses the connection request button 203 of the terminal 2A according to the number of times of pressing and the pressing timing determined in the procedure (1), and the input unit 210 of the terminal 2A detects it. Similarly, the user B also presses the connection request button 203 of the terminal 2B in accordance with the number of presses and the press timing determined in the procedure (1), and detects it by the input unit 210 of the terminal 2B. At this time, the user A and the user B can use the conversation means of the procedure (1) to breathe together so as to press the connection request button 203 of the terminal 2A and the connection request button 203 of the terminal 2B at the same time. desirable. Thereby, the terminal 2A and the terminal 2B can acquire input information including timing information as approximate as possible with the same number of times of pressing.

  When the connection request button 203 is pressed in this way, the terminal 2 </ b> A causes the input unit 210 to generate pressing information (input information) of the connection request button 203 and transmit the information to the connection processing unit 213. The connection processing unit 213 temporarily records information on the number of times the connection request button 203 is pressed and information on the pressing timing. This pressing timing information is a pressing interval of each connection request button 203. The connection processing unit 213 determines that the input operation has been completed if the connection request button 203 is not pressed for a certain period of time, for example, 10 seconds. The terminal 2B operates in the same manner.

  More specifically, as shown in FIG. 5, the terminal 2 first sets the number of pressings to “0” and sets the pressing timing information to empty in step S101, and the input unit 210 requests the connection in step S102. The pressing of the button 203 is detected.

  When the input unit 210 detects that the connection request button 203 is pressed, the connection processing unit 213 adds 1 to the number-of-presses information in step S103. Further, the connection processing unit 213 holds the current time as the pressed time in step S104.

  Thereafter, the connection processing unit 213 determines whether or not the connection request button 203 has been pressed for a certain period of time, and if pressed, presses the difference between the previous press time and the current time in step S106. It adds to the pressing timing information as an interval, and returns to step S103. As a result, the connection processing unit 213 creates input information including the number of times of pressing and the pressing timing. On the other hand, if the connection request button 203 is not pressed for a certain period of time, the connection processing unit 213 finishes creating and recording the input information, and advances the process to step S107.

  In the next procedure (3), the connection processing unit 213 of the terminal 2A sends the input information including the number of times the connection request button 203 is pressed and the pressing timing to the authentication apparatus 1A and the connection network of the terminal 2A via the communication module 212. Send address. Note that the connection network address of the authentication device 1A is registered in the connection processing unit 213 in advance. The terminal 2B operates in the same manner.

  More specifically, as shown in FIG. 5, when the creation of the input information is completed in step S105, the connection processing unit 213 acquires the connection network address of the authentication device 1 in step S107, and in the next step S108. The input information including the number of times of pressing and the pressing timing and the connection network address of the terminal 2A are transmitted to the authentication device 1.

  The authentication device 1A transmits the information transmitted by the terminal 2A to the connection request recording unit 111 via the communication module 110. The connection request recording unit 111 records the received information (input information of the number of times the connection request button 203 is pressed and the pressing timing and the network address of the terminal 2A) in the connection request information table 112 (step S201 in FIG. 6). At this time, the connection request recording unit 111 records the time when the input information is recorded as the registration time (steps S202 and S203 in FIG. 6). Further, the authentication device 1A similarly processes the input information transmitted by the terminal 2B.

  As a result, the network address, the number of times of pressing, the pressing timing, and the registration time of the terminal 2 that transmitted the input information can be registered in the connection request information table 112 of the authentication device 1 as shown in FIG. The request source device type and the connection destination device type in the connection request information table 112 are not necessary in the first embodiment, and will be described in other embodiments described later.

  In the next procedure (4), the connection request processing unit 114 of the authentication device 1A refers to the connection request information table 112 periodically (for example, every 5 seconds). The connection request processing unit 114 detects a pair of input information (connection request) in which the number of times of pressing is the same and the difference in registration time is equal to or less than a certain value (for example, within 5 seconds) and the pressing timing is approximate. As a result of this processing, if there is no terminal 2 that has transmitted the input information of the number of times of pressing and the reception time and pressing timing in addition to the terminals 2A and 2B, the connection request processing unit 114 determines whether the single terminal 2A or 2B Combinations can be extracted.

  More specifically, as shown in FIG. 7, the connection request processing unit 114 first sets an index (Index) = 0 in the connection request information table 112 after waiting for a predetermined time (step S301) (step S302). Then, the index-th item is extracted from the connection request information table 112 as terminal information (1) (step S303).

  Next, in step S304, the connection request processing unit 114 searches the connection request information table 112 for an item having the same number of times of pressing as the terminal information (1) extracted in step S303 and having a registration time difference equal to or less than a predetermined value. . As a result of the search, the connection request processing unit 114 proceeds to step S308 if an item is detected from the connection request information table 112, and proceeds to step S306 if it is not detected.

  In step S308, the connection request processing unit 114 extracts, as terminal information (2), an item with the closest pressing timing information among the items detected in step S305. On the other hand, in step S306, the connection request processing unit 114 increments the index. In step S307, the connection request processing unit 114 determines whether the index exceeds the number of items in the connection request information table 112. If the index does not exceed the number of items, the processing of steps S303 to S305 is repeated with this index, and terminal information (2) is searched for all terminal information (1). On the other hand, if the index exceeds the number of items, the process returns to step S301, and the search for terminal information (2) is terminated.

  In this procedure (4), an arbitrary method may be used to detect an approximation of the pressing timing information. For example, the pressing intervals included in the pressing timing information sent from the two terminals 2 may be determined to take the difference in order from the first, and the one with the smallest total value may be determined to be the closest. Of course, other methods may be used as long as there is a method for determining the degree of approximation.

  In the next procedure (5), the connection request processing unit 114 of the authentication device 1A generates a connection identification value as confirmation information to be transmitted to the extracted pair of terminals 2A and 2B (step S309 in FIG. 7). The connection identification value is generated based on, for example, a random number. The connection request processing unit 114 extracts the device network addresses of the terminals 2A and 2B extracted from the connection request information table 112, and transmits the generated connection identification value to the terminals 2A and 2B via the communication module 110 based on the extracted device network addresses. (Steps S310 and S311).

  In addition, the connection request processing unit 114 records the extracted device network addresses of the terminals 2A and 2B in the connection pair table 117. As shown in FIG. 14, the connection pair table 117 includes the device network address (1) and confirmation status (1) of one terminal 2 of the pair, and the device network address (2) and confirmation status of the other terminal 2 of the pair. (2) are associated with each other. When recording the device network address, the connection request processing unit 114 sets the confirmation state (1) and confirmation state (2) of the connection pair table 117 to “inquiry” (step S312). Thereafter, the connection request processing unit 114 deletes the items of terminal information (1) and terminal information (2) in the connection request information table 112 (step S313).

  In the next procedure (6), the terminal 2A transmits the connection identification value received from the authentication device 1A to the connection processing unit 213 via the communication module 212 (step S109 in FIG. 5). The connection processing unit 213 transmits the connection identification value to the display unit 211. The display unit 211 displays the connection identification value on the display screen 201 (step S110). The terminal 2B operates in the same manner.

  In the next procedure (7), user A and user B confirm that the connection identification values displayed on the terminals 2A and 2B are the same value. The confirmation method is performed through a conversation means such as a telephone. When the user A and the user B can confirm that the connection identification values displayed on the terminals 2A and 2B are the same, the user A presses the connection request button 203 of the terminal 2A only once. . Similarly, the user B presses the connection request button 203 of the terminal 2B only once.

  When the connection request button 203 is pressed in the terminals 2A and 2B in the procedure (8), in the procedure (9), the terminal 2A sends information about pressing of the connection request button 203 via the input unit 210 to the connection processing unit 213. To communicate. The connection processing unit 213 transmits a connection permission message to the authentication device 1A via the communication module 212. The terminal 2B operates in the same manner.

  At this time, after displaying the connection identification value on the display screen 201 in step S110, the terminal 2 determines whether or not the connection request button 203 is pressed before the cancel button 204 is pressed. When the connection request button 203 is pressed as described above, a connection permission message is transmitted from the communication module 212 to the authentication device 1 under the control of the connection processing unit 213 in step S112. On the other hand, when the cancel button 204 is pressed, a connection cancel message is transmitted from the communication module 212 to the authentication device 1 under the control of the connection processing unit 213 in step S114. In step (8), when the two connection identification values are different from each other, the user A presses the cancel button 204 of the terminal 2A once. In this case, the terminal 2A transmits a connection cancel message to the authentication device 1A. The authentication apparatus 1A that has received the connection cancellation message deletes the corresponding item from the connection pair table 117, as will be described later.

  In the next procedure (10), the authentication device 1A transmits the connection permission message transmitted from the terminal 2A to the connection permission processing unit 116 via the communication module 110. The connection permission processing unit 116 detects a device network address that matches the connection network address of the transmission source of the connection permission message from the connection pair table 117. Then, the connection permission processing unit 116 changes the confirmation state in the connection pair table 117 from “inquiry” to “connection permission”. Also, the authentication device 1A performs the same process on the connection permission message transmitted from the terminal 2B.

  When both the confirmation state (1) and confirmation state (2) of the target connection pair are “connection permitted”, the connection permission processing unit 116 sends the communication partner to each of the terminals 2A and 2B that are permitted to connect. Send the connection network address of. At this time, the connection permission processing unit 116 transmits the connection network address of the terminal 2B to the terminal 2A based on the connection network address (1) and the connection network address (2) of the connection pair table 117, and transmits the terminal 2A to the terminal 2B. Send the connection network address of.

  As shown in FIG. 8, the connection permission processing unit 116 of the authentication device 1 is in a waiting state for a connection permission message or a connection cancellation message from the terminal 2 that has transmitted the connection network address (see FIG. 8). Step S401). The connection permission processing unit 116 proceeds to step S405 when a connection permission message is received, and proceeds to step S403 when a connection cancellation message is received (step S402).

  In step S405, the connection permission processing unit 116 searches the connection network addresses (1) and (2) in the connection pair table 117 for items that match the transmission source network address of the received connection permission message.

  In the next step S406, the connection permission processing unit 116 changes the confirmation state (1) to “connection permission” when the item that matches the transmission source network address is the connection network address (1) as a result of the search. To do. As a result of the search, if the item that matches the transmission source network address is the connection network address (2), the connection permission processing unit 116 changes the confirmation state (2) to “connection permission”.

  In the next step S407, the connection permission processing unit 116 determines whether or not both of the confirmation states (1) and (2) are permitted to be connected as a result of performing steps S405 and S406. If both are permitted to connect, the process proceeds to step S408, and if not, the process returns to step S401.

  Next, the connection permission processing unit 116 transmits the connection network address (2) to the connection network address (1) in step S408 in response to the connection permission. Similarly, the connection permission processing unit 116 transmits the connection network address (1) to the connection network address (2) in step S409.

  Next, the connection permission process part 116 deletes the applicable item about the terminal 2 made into the pair in the connection pair table 117 in step S409.

  On the other hand, in step S403 when the connection cancel message is received instead of the connection permission message in step S402, the connection permission processing unit 116 sets an item that matches the transmission source network address of the received connection cancel message to the connection pair table. A search is performed for the connection network addresses (1) and (2) in 117. Then, the connection permission processing unit 116 deletes the searched item from the connection pair table 117.

  In the authentication system according to the present embodiment, the communication protocol used when the terminals 2 are connected to each other is not particularly limited, and can be applied to various protocols. In the above processing, the terminals 2A and 2B have a connection network address, but what information the connection network address includes depends on the communication protocol used when the terminals 2A and 2B make a connection. To do. For example, if the terminals 2A and 2B connect using TCP over IPv4, the network address includes an IPv4 address and a TCP port number. For example, if the terminals 2A and 2B communicate with each other via http, the network address includes a URL.

  As described above, according to the authentication system according to the present embodiment, the authentication apparatus 1 acquires input information as a result of being operated on the two terminals 2, and based on the result of comparing the two input information. A pair is created and setting information is transmitted to both terminals 2. Thereby, according to this authentication system, even if it is connected via the network NW and is physically separated, communication settings between the terminals 2 can be established without the user's network knowledge.

  For example, communication settings can be made with a simple operation and a simple configuration even between remote users via a large-scale network such as the Internet. Specifically, for users who do not have knowledge about the network, communication settings can be realized more easily than the operation of inputting the ID on the network using a PC or a mobile phone, and a two-dimensional barcode reader or the like. The communication setting can be realized without adding a device that costs a lot of money.

  Further, according to this authentication system, the push timing information is included in the input information, and the push timing information is compared by the authentication device 1 to create a pair, thereby preventing communication with the wrong terminal 2 from being established. Can do.

  Furthermore, according to this authentication system, since the number of times of pressing is included in the input information and the number of times of pressing is compared by the authentication device 1 to create a pair, it is possible to prevent communication with the wrong terminal 2 from being established. it can.

  Furthermore, according to the authentication system, the authentication device 1 transmits a connection identification value as confirmation information to each of both terminals 2 recognized as a pair and displays them on the terminal 2, so that the confirmation information is displayed on the telephone or the like. Communication can be established while confirming with other means, and it is possible to reliably prevent communication with the wrong terminal 2 from being established.

[Second Embodiment]
Next, an authentication system according to the second embodiment in the above-described authentication system will be described. In addition, about the part similar to the above-mentioned 1st Embodiment, the detailed description is abbreviate | omitted by attaching | subjecting the same code | symbol.

  As shown in FIG. 1, the authentication system includes a plurality of authentication devices 1. As described above, if there are two terminals 2, even one authentication device 1 can perform processing. However, if only one authentication device 1 is used, the number of terminals 2 that use this authentication system increases. There is a possibility that the processing load of the authentication device 1 cannot be endured. In addition, when a large number of terminals 2 are connected to a single authentication device 1, a large number of input information is supplied to the authentication device 1, and the input information is duplicated or approximated. Increases nature.

  In view of this, it is conceivable that the authentication system reduces the possibility of distribution of processing load of the authentication device 1 and erroneous connection by installing a plurality of authentication devices 1. However, when there are a plurality of authentication devices 1, if two terminals 2 to be connected use different authentication devices 1, there is a disadvantage that each authentication device 1 cannot detect a pair of terminals 2. .

  For this reason, in the authentication system according to the second embodiment, even when there are a plurality of authentication devices 1, it is necessary that two terminals 2 to be connected use the same authentication device 1.

  In the first embodiment, the authentication device 1 is determined. However, in order for the two terminals 2 to be connected to select the same authentication device 1 from the plurality of authentication devices 1, two devices are used. The authentication device 1 to be used may be properly used according to the device type of the terminal 2. For example, when two terminals 2 are both televisions, the first authentication device 1 is used. When the two terminals 2 are televisions and an HDD recorder, the second authentication device 1 is used. When the two terminals 2 are a television and a digital camera, the third authentication device 1 is used.

  Further, in this authentication system, the authentication device 1 may be selected based on the input information of the terminal 2. For example, when there are five authentication devices 1, the remainder obtained by dividing the number of times of pressing the connection request button 203 determined in advance by two terminals 2 by 5 is obtained, and the authentication device 1 corresponding to the value is used.

  Moreover, you may combine selecting the authentication apparatus 1 based on apparatus classification, and selecting the authentication apparatus 1 based on input information. In this case, for example, the authentication system holds 2 as an authentication apparatus number based on the fact that the two terminals 2 are a television and an HDD recorder, and the connection request button 203 determined in advance by the two terminals 2 is stored in the two. The remainder obtained by dividing the value obtained by adding the number of times of pressing by 5 of the number of authentication devices 1 is obtained, and the authentication device 1 corresponding to the value is used.

  As described above, in the authentication system that selects the authentication device 1, the user A and the user B confirm the device type information of the terminals 2 at the time of the procedure (1).

  Thereafter, the user A presses the connection partner device designation button 202 of the terminal 2A. Then, the connected device setting unit 215 of the terminal 2A refers to the connected device information table 214 shown in FIG. 9, extracts an item whose “current setting” is 1, and sets the “current setting” of the item. Change to 0. Then, the connected device setting unit 215 sets “current setting” of the next item to 1. Furthermore, the connected device setting unit 215 causes the display screen 201 to display the connected device type (1) and the connected device type (2) of the item for which “current setting” is set to 1 via the display unit 211.

  Thereafter, each time the user A presses the connection partner device designation button 202, the connected device setting unit 215 changes the item in which “current setting” is 1. Then, the connected device setting unit 215 responds to the fact that the connection partner device designation button 202 is pressed until the combination corresponding to the device type of the terminals 2A and 2B is displayed to the user A, and the connected device type (1 ) And connected device type (2) are switched and displayed. The same information is registered in advance in each terminal 2 as information in the connected device information table 214.

  Then, when transmitting input information from the terminal 2 in the procedure (3), the connection processing unit 213 refers to the connected device information table 214. The connection processing unit 213 searches the connected device information table 214 for items for which “current setting” is 1. The connection processing unit 213 holds the value of the connection destination authentication device designation information corresponding to the item obtained as a result of the search as the connection destination authentication device number. Thereafter, the connection processing unit 213 adds the number of times the connection request button 203 is pressed to the connection destination authentication device number, and holds the remainder obtained by dividing this by the number of authentication devices 1.

  The connection processing unit 213 determines the connection network address of the authentication device 1 to be used based on the held connection destination authentication device number. Then, the connection processing unit 213 transmits information about the number of times the connection request button 203 is pressed and the pressing timing, and its own connection network address, with the connection network address as a destination. Note that the connection processing unit 213 holds the number of authentication devices 1 and the connection network address of each authentication device 1 in advance.

  As described above, according to the authentication system shown as the second embodiment, the terminals 2A and 2B that include a plurality of authentication devices 1 and communicate with each other input information to the same authentication device 1 among the plurality of authentication devices 1. Send. Thereby, even if the authentication system is a network NW to which many terminals 2 are connected, the processing load of the authentication device 1 can be distributed. Moreover, according to this authentication system, the possibility of erroneous connection occurring can be reduced.

[Third Embodiment]
Next, an authentication system according to the third embodiment in the above-described authentication system will be described. Note that parts similar to those in the above-described embodiment are denoted by the same reference numerals, and detailed description thereof is omitted.

  The authentication system shown as the third embodiment stores the history information of the paired terminals 2, and the authentication device 1 preferentially pairs the terminals 2 stored as the history information. Thereby, the erroneous connection in the case of repeatedly connecting with the combination of the same terminal 2 is reduced.

  In the authentication system, in the above-described procedure (10), the connection permission processing unit 116 of the authentication device 1 has both the confirmation state (1) and the confirmation state (2) in the connection pair table 117 become “connection permission”. Make sure. Thereafter, the connection permission processing unit 116 stores a set of the connection network address (1) and the connection network address (2) as the connection history and the current time (latest connection time) in the connection history table 115 shown in FIG. Register in association.

  Thereafter, in the above-described procedure (4), the connection request processing unit 114 of the authentication device 1 periodically refers to the connection request information table 112, the number of times of pressing is the same, and the difference in registration time is equal to or smaller than a certain value. Furthermore, a pair of connection requests whose pressing timing is approximate is detected. Furthermore, in addition to the number of times of pressing, the difference in registration time, and the conditions of pressing timing, the connection request processing unit 114 selects only a pair in which a connection history within a certain period stored in the connection history table 115 is registered. To detect.

  If a pair of the above conditions is not detected, the authentication apparatus 1 again detects a connection request pair in which the number of times of pressing is the same, the difference in registration times is equal to or less than a predetermined value, and the pressing timing is approximate. To do. As a result, the authentication device 1 first detects a pair in which a connection history within a certain period is preferentially detected, so that when the terminals 2 that are repeatedly connected try to connect to each other, an error occurs. It is possible to prevent communication with the terminal 2 from being established.

[Fourth Embodiment]
Next, an authentication system according to the fourth embodiment in the above-described authentication system will be described. Note that parts similar to those in the above-described embodiment are denoted by the same reference numerals, and detailed description thereof is omitted.

  In the authentication system according to the fourth embodiment, the authentication device 1 transmits the content of input information to the terminal 2 as advice information. This informs the user how to prevent communication with the wrong terminal 2 from being established. For example, this authentication system displays an operation timing for generating input information on the display screen 201 provided in the terminal 2.

  In this authentication system, if the number of times the connection request button 203 of the terminal 2 is pressed is small, it may be approximated with other input information, and erroneous connections frequently occur. In such a case, erroneous connection can be reduced by increasing the number of times the connection request button 203 is pressed. However, some users may not be aware of increasing the number of presses.

  For this reason, the authentication device 1 transmits advice information for notifying the terminal 2 of the number of presses that are unlikely to cause erroneous connection from the authentication device 1, and displays the advice information on the terminal 2.

  In addition, depending on the user, there may be a case where the pressing timing of the connection request button 203 becomes monotonous, and in this case also, erroneous connection is likely to occur. In that case, the authentication device 1 transmits advice information on pressing timing to the terminal 2.

  In such an authentication system, in step (10), after the process of step S403 in FIG. 8, the connection permission processing unit 116 deletes the corresponding item of the transmission source network address that transmitted the connection cancellation message from the connection pair table 117. Before, the following processing is added.

  The connection permission processing unit 116 refers to the connection request information table 112 in FIG. 11 and obtains the number of connection requests per unit time (for example, 10 seconds). Thereafter, the connection permission processing unit 116 refers to the recommended number-of-presses table 113 in FIG. 12 and obtains the recommended number of times of pressing corresponding to the number of connection requests per unit time.

  The connection permission processing unit 116 transmits the obtained recommended number of presses as advice information to the connection network address (1) and the connection network address (2) of the corresponding item in the connection pair table 117.

  When the terminal 2 receives the advice information including the recommended number of times of pressing, the connection processing unit 213 records the recommended number of times of pressing in the authentication device recommended pressing number table 217 shown in FIG. At this time, the terminal 2 records the current time as the notification time together with the recommended number of times of pressing. Further, the connection processing unit 213 displays the recommended number of presses on the display screen 201 via the display unit 211. Thereby, after the cancel button 204 is pressed, the terminal 2 can show the user the recommended number of times of pressing for the next input information and give advice.

  Thereafter, in the procedure (1) in which the terminal 2 starts communication, when the user A presses the timing advice button 205 of the terminal 2A, the operation is transmitted to the pressing timing example generation unit 216 of the terminal 2A.

  The pressing timing example generation unit 216 detects an item having the latest notification time from the authentication device recommended pressing frequency table 217, and acquires the recommended pressing frequency. The pressing timing example generation unit 216 generates the value of the pressing interval that is the number of pressings of the acquired recommended pressing number and is generated using a random number. Then, the pressing timing example generation unit 216 displays the pressing timing example on the display screen 201 via the display unit 211 in accordance with the generated pressing interval value. The pressing timing example generation unit 216 indicates the pressing timing of the connection request button 203 by, for example, blinking the display screen 201. As a result, the user A determines the pressing timing with the user B with reference to the pressing timing example displayed on the display screen 201.

  As described above, according to this authentication system, the advice information of the contents of the input information is transmitted from the authentication device 1 to the terminal 2, so that an erroneous connection is caused by an increase in the number of terminals 2 connected to the authentication device 1. Even if there is a possibility of occurrence, it is possible to create input information that is less likely to be erroneously connected. In particular, according to this authentication system, as the number of connections per unit time of the authentication apparatus 1 increases, the recommended number of pressings can be increased, and input information that does not cause an incorrect connection can be generated. For the user, the authentication system can be used with peace of mind by providing advice on the number of times of pressing that does not cause an erroneous connection, and the reliability can be improved.

  In addition, according to this authentication system, the operation timing for generating input information is displayed on the display screen 201 of the terminal 2, so the number of connections per unit time of the authentication device 1 is large, so the recommended number of presses is set. At most, it is possible to support an operation of creating input information that does not cause an erroneous connection to the user. As a result, users can use the authentication system with peace of mind by giving advice on the number of presses that do not cause incorrect connections, improve reliability, and create input information that does not cause incorrect connections even with simple operations. be able to.

  The above-described embodiment is an example of the present invention. For this reason, the present invention is not limited to the above-described embodiment, and various modifications can be made depending on the design and the like as long as the technical idea according to the present invention is not deviated from this embodiment. Of course, it is possible to change.

1A, 1B Authentication device 2A, 2B Terminal 110 Communication module 111 Connection request recording unit 112 Connection request information table 113 Recommended number-of-presses table 114 Connection request processing unit 115 Connection history table 116 Connection permission processing unit 117 Connection pair table 201 Display screen 202 Connection Partner device designation button 203 Connection request button 204 Cancel button 205 Timing advice button 210 Input unit 211 Display unit 212 Communication module 213 Connection processing unit 214 Connected device information table 215 Connected device setting unit 216 Press timing example generation unit 217 Authentication device recommended press count table

Claims (12)

Multiple terminals and authentication devices are connected via a network,
The authentication device
Obtaining first input information generated by operating a first terminal of the plurality of terminals and second input information generated by operating a second terminal of the plurality of terminals;
A pair is created based on a result of comparing the first input information and the second input information, and setting information for enabling communication between the first terminal and the second terminal is set to the first terminal and the second terminal information. An authentication system characterized by being sent to the second terminal. The first input information and the second input information have timing information,
The authentication apparatus determines whether or not to create a pair based on a result of comparing timing information of the first input information and timing information of the second input information. The described authentication system. The first input information and the second input information have information on the number of operations,
The authentication apparatus determines whether or not to create a pair based on a result of comparing the operation count information of the first input information and the operation count information of the second input information. The authentication system according to claim 1. The authentication device transmits confirmation information to the paired first terminal and second terminal,
The authentication system according to any one of claims 1 to 3, wherein the first terminal and the second terminal that communicate with each other display the received confirmation state. A plurality of the authentication devices;
The first terminal and the second terminal that communicate with each other transmit the first input information and the second input information to the same authentication device among a plurality of authentication devices. The authentication system according to claim 4.   The first terminal and the second terminal that communicate with each other transmit the first input information and the second input information based on a combination of the device type of the first terminal and the device type of the second terminal. 6. The authentication system according to claim 5, wherein a previous authentication device is determined.   The first terminal and the second terminal that communicate with each other determine an authentication apparatus as a transmission destination of the first input information and the second input information based on the first input information and the second input information. The authentication system according to claim 5 or 6, wherein:   8. The authentication device according to claim 1, wherein the authentication device stores history information of the paired terminals, and the terminals stored as the history information are preferentially paired. The authentication system according to one item.   The authentication system according to claim 1, wherein the authentication device transmits advice information indicating the content of the input information to the terminal.   The authentication system according to any one of claims 1 to 9, wherein an operation timing for generating the input information is displayed on a display unit provided in the terminal. Connected to multiple devices via a network,
Receiving means for acquiring first input information generated by operating a first terminal of the plurality of terminals and second input information generated by operating a second terminal of the plurality of terminals. When,
A pair is created based on a result of comparing the first input information and the second input information, and setting information for enabling communication between the first terminal and the second terminal is set to the first terminal and the second terminal information. An authentication apparatus comprising: setting means for sending to the second terminal. An authentication device program connected to a plurality of terminals via a network,
Receiving means for acquiring first input information generated by operating a first terminal of the plurality of terminals and second input information generated by operating a second terminal of the plurality of terminals. When,
A pair is created based on a result of comparing the first input information and the second input information, and setting information for enabling communication between the first terminal and the second terminal is set to the first terminal and the second terminal information. A program for an authentication apparatus, characterized in that it functions as a setting means for sending to a second terminal.

Images