JP2013200629A - Server device and authentication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To perform time authentication of watermark information of an acoustic watermark even when not correcting the time timed by a timing part used for the time authentication.SOLUTION: An access key supply device 10 superimposes time information indicating the sound emission time and an access key on acoustic signals by an acoustic watermark and emits them (S1-S4). A terminal device 20 generates an access request including the access key and the time information indicating the sound emission time extracted from the acquired acoustic signals, and transmits it to a response processing server 30 (S5, S6). When the sound emission time indicated by the time information included in the acquired access request and the time timed by a timing part match in a predetermined time range, the response processing server 30 permits login of the terminal device 20 by the access key of the access request (S7). Also, when the login of the terminal device 20 is permitted, the response processing server 30 sets the time range with the sound emission time indicated by the time information included in the access request used for authentication as a reference.

Description

  The present invention relates to time authentication of watermark information.

  In the digital watermark technique, time information may be embedded in the data in order to prove the reliability of the data, and time authentication may be performed using the embedded time information. In this time authentication, when the time indicated by the time information matches a predetermined condition (for example, data generation time), it is determined that the time authentication is successful. Patent Document 1 receives a time signal with high accuracy from a GPS (Global Positioning System) satellite, a time stamp indicating the current time specified by the time signal, and an electronic signature for verifying the validity of the time stamp. It is disclosed to add to a photographed image by digital watermark.

JP-A-2005-45486

By the way, in general, when performing time authentication, it is necessary to use reliable time information, and therefore, time management with high accuracy is often required. In the invention described in Patent Document 1, the photographing apparatus has a GPS receiver in order to obtain highly accurate time. This imaging device calculates a standard time based on a highly accurate time signal received from a GPS satellite by a GPS receiver, and corrects the internal clock.
On the other hand, an object of the present invention is to enable time authentication of watermark information of an acoustic watermark even when the time measured by a time measuring unit used for time authentication is not corrected.

  In order to solve the above-described problems, the server device of the present invention defines an access key used to log in to the server device, which is a time measuring unit for measuring the current time and an acoustic signal indicating the emitted sound. Access including the access key and time information indicating a time according to the acquisition time of the access key or the access time to the own server device from the terminal device that has acquired the acoustic signal with the information to be superimposed by the acoustic watermark An access request acquisition unit that acquires a request by communication with the terminal device, and the terminal device is successfully authenticated by the access key acquired by the access request acquisition unit, and the access request acquisition unit acquires the request. If the time indicated by the time information matches the current time measured by the timekeeping unit within a preset time range, login of the terminal device is permitted. An authentication unit; and a setting unit configured to set the time range based on a time indicated by the time information acquired from the terminal device when login of the terminal device is permitted by the authentication unit. And

  In the server device of the present invention, a predetermined time later than the current time due to a difference between a time indicated by the time information acquired from the terminal device permitted to log in by the authentication unit and a current time measured by the time measuring unit. A prediction unit that predicts the shift at time may be provided, and the setting unit may set the time range at the predetermined time based on the shift predicted by the prediction unit.

  In the server device of the present invention, the setting unit widens the set time range with time, and when the authentication unit permits login of the terminal device, the setting unit narrows the time range and sets the time range. You may do it.

  In the server device according to the present invention, the setting unit may set the time range based on a plurality of pieces of time information acquired from a plurality of terminal devices permitted to log in.

  An authentication system according to the present invention includes an access key supply device that supplies an access key to a terminal device and the server device having any one of the above configurations, and the access key supply device is used to log in to the server device. A superimposing unit that superimposes information defining an access key on an acoustic signal using an acoustic watermark, and a sound emission control unit that emits a sound indicated by the acoustic signal on which the information defining the access key is superimposed by the superimposing unit. And the access request acquisition unit acquires the access key and the time information from the terminal device that has acquired an acoustic signal indicating a sound emitted by the control of the sound emission control unit. To do.

  According to the present invention, it is possible to perform time authentication of watermark information of an acoustic watermark even when the time measured by the time measuring unit used for time authentication is not corrected.

The figure which shows the whole structure of an authentication system. The block diagram which shows the hardware constitutions of an access key supply apparatus. The block diagram which shows the hardware constitutions of a terminal device. The block diagram which shows the hardware constitutions of a response processing server. The figure which shows the data structure of an authentication table. The figure which shows the data structure of content DB. The functional block diagram which shows the functional structure of an authentication system. The sequence chart which shows the flow of a process in an authentication system. The flowchart which shows the setting procedure of a permission range. The graph which shows the relationship between server time and sound emission time. The graph which shows the relationship between server time and sound emission time. The graph which shows the relationship between server time and sound emission time. The functional block diagram which shows the functional structure of an authentication system. The flowchart which shows the setting procedure of the prediction of time gap and the permission range. The graph which shows the setting procedure of permission range. It is a figure which shows the whole structure of an authentication system. The block diagram which shows the hardware constitutions of a provision server. The figure which shows the data structure of an access key management table. The functional block diagram which shows the functional structure of the control part of a provision server. The sequence chart which shows the flow of a process in an authentication system. The graph which shows the relationship between server time and sound emission time. The graph which shows the relationship between server time and sound emission time. The figure explaining the outline | summary of the authentication system of this modification. The block diagram which shows the hardware constitutions of an acoustic vibrator. The block diagram which shows the hardware constitutions of an access key supply apparatus. The figure explaining the outline | summary of the authentication system of this modification. The block diagram which shows the hardware constitutions of an acoustic vibrator.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
[First Embodiment]
First, a first embodiment of the present invention will be described.
FIG. 1 is a diagram showing the overall configuration of the authentication system 1.
The authentication system 1 is an authentication system that includes an access key supply device 10, a plurality of terminal devices 20, and a response processing server 30. The access key supply device 10 is installed in a store where an unspecified number of persons can enter and exit, such as a cafe, a restaurant, and a store, for example, and the BGM (Background) uses the site of the store where the self access key supply device is installed as a sound emitting area. Music) and the like, and an access key is supplied to the terminal device 20 by the sound watermark technology. The access key of the present embodiment is an access key used for logging in to the response processing server 30. In the present embodiment, the access key supply devices 10A and 10B among the access key supply device 10 will be described. The access key supply device 10 </ b> A is installed in the store A and forms a sound emitting area in the site of the store A. The access key supply device 10B is installed in the store B and forms a sound emission area in the site of the store B.

  The terminal device 20 is a smartphone here and is carried by a user who can be a customer of the store. The response processing server 30 is a server device that provides a service via the terminal device 20 to a user who has entered the sound emission area formed by the access key supply device 10. The response processing server 30 provides content such as coupons and advertisements that can be used by the user for the terminal device 20 that has been successfully authenticated including access key authentication and has permitted login. The terminal device 20 and the response processing server 30 are communicably connected via the network NW. Here, the network NW is a communication network including a mobile communication network, a gateway, and the Internet.

FIG. 2 is a block diagram illustrating a hardware configuration of the access key supply apparatus 10. As shown in FIG. 2, the access key supply device 10 includes a control unit 11, a storage unit 12, and a speaker 13.
The control unit 11 includes a microprocessor having a CPU (Central Processing Unit), a ROM (Read Only Memory), and a RAM (Random Access Memory), and a timer unit 11A that measures the current time. The CPU controls each unit of the access key supply apparatus 10 by reading a program stored in the ROM or the storage unit 12 into the RAM and executing the program. The timekeeping unit 11A is a clock that is built in the access key supply device 10 and measures time in seconds, and is used for time management in the access key supply device 10 (first timekeeping unit).

  The storage unit 12 is a storage device including, for example, an EEPROM (Electronically Erasable and Programmable Read Only Memory). The storage unit 12 stores an access key 121 (for example, an ID or a password) supplied from the terminal device 20 in addition to a program executed by the control unit 11. The storage unit 12 stores different access keys 121 for each access key supply apparatus 10. The storage unit 12 of the access key supply device 10A stores “K1” as the access key 121, and the storage unit 12 of the access key supply device 10B stores “K2” as the access key 121. The method of setting the access key 121 to the access key supply apparatus 10 is not particularly limited. For example, the access key managed by the response processing server 30 is notified to the administrator of the access key supply apparatus 10, and the administrator The access key 121 is manually input to the access key supply apparatus 10 using an operation unit that receives operations including a keyboard and a mouse.

  The speaker 13 is a sound emitting unit that emits the sound indicated by the acoustic signal output by the control unit 11. The sound emitting area is an area where the sound from the speaker 13 reaches. In this embodiment, the terminal device 20 in the sound emitting area can restore the acoustic watermark information embedded in the sound.

FIG. 3 is a block diagram illustrating a hardware configuration of the terminal device 20. As illustrated in FIG. 3, the terminal device 20 includes a control unit 21, a UI (User Interface) unit 22, a wireless communication unit 23, a microphone 24, a speaker 25, and a storage unit 26.
The control unit 21 is a microprocessor including a microprocessor having a CPU, a ROM, and a RAM. The CPU controls each unit of the terminal device 20 by reading the program stored in the ROM or the storage unit 26 into the RAM and executing it. The UI unit 22 includes, for example, a touch panel, accepts an operation from the user, and notifies information by an image. The wireless communication unit 23 includes a wireless communication circuit and an antenna, and is an interface for connecting to the network NW. The microphone 24 is a detection unit that is electrically connected to the control unit 21 and detects sound, and outputs an acoustic signal indicating the detected sound to the control unit 21. The microphone 24 outputs an acoustic signal indicating a received voice or a sound around the terminal device 20 to the control unit 21. The acoustic signal output from the microphone 24 is, for example, an analog waveform signal representing a sound waveform. The analog audio signal is sampled by the control unit 21 and converted into a digital audio signal. The speaker 25 emits a transmitted voice. The storage unit 26 includes, for example, an EEPROM, and stores a terminal ID 261 in addition to a program executed by the control unit 21. The terminal ID 261 is identification information for identifying the terminal device 20, and is, for example, a solid identification number or a telephone number assigned to the terminal device 20.

FIG. 4 is a block diagram illustrating a hardware configuration of the response processing server 30. As illustrated in FIG. 4, the response processing server 30 includes a control unit 31, a communication unit 32, and a storage unit 33.
The control unit 31 includes a microprocessor having a CPU, a ROM, and a RAM, and a timer unit 31A that measures the current time. The CPU controls each unit of the response processing server 30 by reading the program stored in the ROM or the storage unit 33 into the RAM and executing it. The timer unit 31A is a clock that is built in the response processing server 30 and measures the time in seconds, and is used for time management in the response processing server 30 (second timer unit). Hereinafter, the current time measured by the time measuring unit 31 </ b> A is referred to as “server time” in the sense that it is used for time management in the response processing server 30. In the present embodiment, the control unit 31 has the same number of time measuring units 31 </ b> A as the access key supply device 10 included in the authentication system 1. When the control unit 31 authenticates the terminal device 20 with the access key 121, time authentication is performed using one timing unit 31 </ b> A associated in advance with the access key supply device 10 that is the supply source of the access key 121. Details of the time authentication procedure of this embodiment will be described later.

  The communication unit 32 is an interface for connecting to the network NW. The storage unit 33 includes, for example, a hard disk device, and stores an authentication table 331 and a content DB (Data Base) 332 in addition to a program executed by the control unit 31.

FIG. 5 is a diagram illustrating the data structure of the authentication table 331.
As shown in FIG. 5, the authentication table 331 is a database in which each information of “access key” and “terminal ID” is associated. When the response processing server 30 receives an access request from the terminal device 20, the access key of the authentication table 331 is used to collate with the access key 121 included in the access request. That is, the access key of the authentication table 331 is the same as the access key 121 stored in any of the access key supply apparatuses 10. The terminal ID of the authentication table 331 is written in the authentication table 331 in association with each access key. The terminal ID of the authentication table 331 is a terminal ID indicating the terminal device 20 that has been successfully authenticated by the access key 121 (hereinafter referred to as “key authentication”) and time authentication in the response processing server 30 and is permitted to log in.

FIG. 6 is a diagram illustrating a data structure of the content DB 332.
As shown in FIG. 6, the content DB 332 has a data structure in which each information of “access key” and “content data” is associated. The access key of the content DB 332 is common to the access key (that is, the access key 121) of the authentication table 331. Here, the content data is a storage address such as a URL (Uniform Resource Locator) in which the content to be provided to the terminal device 20 is stored. The content stored at this storage address is, for example, an advertisement or a coupon, but any content may be stored. For example, the content A associated with “K1” as an access key indicates content related to the store A (for example, a coupon that can be used at the store A), and the content B associated with “K2” as the access key Content related to B (for example, a bargain sale advertisement performed at store B) is shown.
In the response processing server 30, the content itself may be stored in the content DB 332.
Next, a functional configuration of the authentication system 1 will be described.

FIG. 7 is a functional block diagram showing a functional configuration of the authentication system 1. The control unit 11 of the access key supply apparatus 10 realizes functions corresponding to the superimposing unit 111 and the sound emission control unit 112 by executing a program.
The superimposing unit 111 superimposes the time information indicating the current time measured by the time measuring unit 11 </ b> A and the access key 121 acquired from the storage unit 12 on the acoustic signal using the acoustic watermark. The superimposing unit 111 uses, for example, a spreading code such as an M sequence or a Gold sequence, or uses OFDM (Orthogonal Frequency-Division Multiplexing) modulation, and is higher than the frequency component of the acoustic signal before superimposing the acoustic watermark information. In the frequency band (for example, 18 kHz or more), the time information and the access key 121 are superimposed on the acoustic signal.

The sound emission control unit 112 causes the speaker 13 to emit the sound indicated by the acoustic signal in which the time information and the access key 121 are superimposed by the superimposing unit 111.
Here, the time indicated by the time information superimposed on the acoustic signal can be regarded as substantially the same as the time when the sound indicated by the acoustic signal is emitted. Therefore, in the following description, the time indicated by the time information superimposed on the acoustic signal is referred to as “sound emission time”.

The control unit 21 of the terminal device 20 implements functions corresponding to the acoustic signal acquisition unit 211, the extraction unit 212, and the access control unit 213 by executing a program.
The acoustic signal acquisition unit 211 acquires an acoustic signal indicating the sound emitted by the speaker 13 under the control of the sound emission control unit 112. Here, the acoustic signal acquisition unit 211 acquires an acoustic signal indicating the sound detected by the microphone 24.

  The extraction unit 212 extracts time information and the access key 121 from the acoustic signal acquired by the acoustic signal acquisition unit 211. The extraction unit 212 includes, for example, an HPF (High Pass Filter), performs a filtering process using the HPF, extracts a frequency component signal corresponding to the acoustic watermark information from the acoustic signal, and extracts time information and the access key 121. To extract. The extraction unit 212 may extract the time information and the access key 121 by a method corresponding to the method for superimposing the acoustic watermark in the superimposing unit 111.

  The access control unit 213 generates an access request including the access key 121 and time information extracted by the extraction unit 212 and the terminal ID 261 acquired from the storage unit 26. The access control unit 213 requests the response processing server 30 to log in by transmitting the generated access request to the response processing server 30 by the wireless communication unit 23. The sound emission time indicated by the time information included in the access request is a time corresponding to the acquisition time of the access key 121 in the terminal device 20.

The control unit 31 of the response processing server 30 implements functions corresponding to the access request acquisition unit 311, the authentication unit 312, the response processing unit 313, and the setting unit 314 by executing a program.
The access request acquisition unit 311 acquires an access request through communication with the terminal device 20. Specifically, the access request acquisition unit 311 acquires an access request from the communication unit 32 when the access request transmitted by the terminal device 20 is received by the communication unit 32.

The authentication unit 312 authenticates the terminal device 20 based on the access request acquired by the access request acquisition unit 311. The authentication unit 312 performs key authentication for determining whether or not the access key 121 included in the access request matches the access key written in the authentication table 331, and the sound emission time indicated by the time information included in the access request. The terminal device 20 is authenticated by time authentication for determining whether or not the server time and the server time match within a preset time range. In the time authentication, the authentication unit 312 determines whether or not the sound emission time indicated by the time information included in the access request is included in a preset time range (hereinafter referred to as “permitted range”).
If the authentication unit 312 succeeds in both key authentication and time authentication, the authentication unit 312 permits the terminal device 20 to log in. The authentication unit 312 writes the terminal ID of the terminal device 20 that has been successfully authenticated in the authentication table 331 in association with the access key used for the authentication. On the other hand, if one of the key authentication and the time authentication fails, the authentication unit 312 does not permit the terminal device 20 to log in.

  The response processing unit 313 executes response processing according to the authentication result by the authentication unit 312 for the terminal device 20 that is the source of the access request. Here, when the authentication of the terminal device 20 is successful and login is permitted, the response processing unit 313 acquires content data determined by the access key 121 from the content DB 332, and sends the acquired content data to the terminal device 20. The communication unit 32 is controlled to transmit. On the other hand, the response processing unit 313 does not transmit content data to the terminal device 20 when the authentication of the terminal device 20 fails and login is not permitted. Here, the response processing unit 313 may control the communication unit 32 so as to notify the terminal device 20 that login is not permitted.

When the authentication unit 312 succeeds in the authentication of the terminal device 20 and the login is permitted, the setting unit 314 sets the permission range based on the sound emission time indicated by the time information used for the authentication. In addition, the setting unit 314 expands the set permission range with time, and when the authentication unit 312 is permitted to log in the terminal device 20, the setting unit 314 sets a new permission range so as to narrow the permission range.
Note that the authentication unit 312 performs time authentication using the permission range set by the setting unit 314.
Next, the operation of the authentication system 1 will be described.

FIG. 8 is a sequence chart showing an overall processing flow in the authentication system 1. It is assumed that the control unit 11 of the access key supply apparatus 10A measures time in advance by the time measuring unit 11A and emits sound such as BGM by reproducing an acoustic signal.
First, the control unit 11 acquires time information indicating the current time from the time measuring unit 11A (step S1). Next, the control unit 11 acquires “K1”, which is the access key 121 assigned to the access key supply apparatus 10A, from the storage unit 12 (step S2). And the control part 11 superimposes the time information acquired by the process of step S1, and the access key 121 acquired by the process of step S2 on an acoustic signal by an acoustic watermark (step S3). Here, the control unit 11 superimposes time information in the format of “○ hour Δminute ×× second” on the acoustic signal so that the sound emission time can be identified in units of seconds. Further, the control unit 11 superimposes the time information and the access key 121 at different timings using an acoustic signal having a relatively high frequency band (for example, 18 kHz or more) in the audible range.
Then, the control unit 11 causes the speaker 13 to emit a sound indicated by the acoustic signal in which the access key 121 and the time information are superimposed (step S4).

  The control unit 21 of the terminal device 20 has previously executed an application program for receiving provision of content data from the response processing server 30, and during this execution period, an acoustic signal indicating sound detected by the microphone 24 is output. Get repeatedly. As a sound detected by the microphone 24, a sound emitted by any one of the access key supply devices 10 in the process of step S4 is assumed.

  The control unit 21 extracts the time information and the access key 121 superimposed by the acoustic watermark from the acoustic signal acquired from the microphone 24 (step S5). Here, it is assumed that the control unit 21 has extracted time information indicating “T0” as the sound emission time and “K1” as the access key 121. Assuming that the time required from the sound emission time to the extraction of the audio watermark information in the terminal device 20 is zero, the terminal device 20 extracts time information whose sound emission time is “T0” when the server time is “T0”. Will be.

  Next, the control unit 21 generates an access request including the time information extracted from the acoustic signal and the access key 121 and the terminal ID 261 stored in the storage unit 26, and the generated access request is transmitted by the wireless communication unit 23. It transmits to the response processing server 30 (step S6). Here, the control unit 21 transmits an access request including time information indicating “T0” as the sound emission time, “K1” as the access key 121, and “UID001” as the terminal ID.

When acquiring the access request received by the communication unit 32, the control unit 31 of the response processing server 30 authenticates the terminal device 20 with the acquired access request (step S7). When it is determined that the authentication of the terminal device 20 is successful, the control unit 31 writes the terminal ID included in the access request in the authentication table 331 in association with the access key used for authentication. In the process of step S7, the control unit 31 determines that the authentication of the terminal device 20 is successful and the login is permitted only when all the following conditions (I) to (III) are satisfied.
(I) The sound emission time indicated by the time information included in the access request is included in the permitted range of the current server time.
(II) The access key 121 included in the access request matches the access key of the authentication table 331.
(III) The terminal ID included in the access request is not written in association with the access key (II) in the authentication table 331.

  (I) is a condition for time authentication. In the technique of embedding watermark information (so-called acoustic watermark information) in sound, since the acoustic watermark information is also part of the acoustic signal, there is a risk of being duplicated by recording. For example, if sound recording data in which acoustic watermark information is embedded is uploaded to the network, any user terminal device can acquire the acoustic watermark information, which may cause unauthorized use of the acoustic watermark information. In order to avoid this unauthorized use, the response processing server 30 performs time authentication.

(II) is a key authentication condition. (III) is a condition provided for the response processing server 30 to provide a service to each terminal device 20 only once, and is a condition for preventing multiple services from being provided to one user. When the response processing server 30 may provide a service to a single user a plurality of times or when the number of times is not limited, the condition (III) may be changed to a condition corresponding to each case. For example, when allowing one user to provide a service a plurality of times, the response processing server 30 may manage the number of times the service has been provided or the remaining number of times of providing the service in association with the terminal ID. When the service provision count is not limited, the response processing server 30 may not perform authentication based on the condition (III). In this case, the terminal device 20 can prevent the terminal ID from being included in the access request, and can prevent the response processing server 30 from authenticating with the terminal ID.
As described above, the response processing server 30 performs authentication for confirming that the user of the terminal device 20 was in a predetermined place at a predetermined time by at least time authentication and key authentication.

  The control unit 31 of the response processing server 30 acquires the content data associated with the access key 121 from the content DB 332 when the authentication of the terminal device 20 is successful and the login is permitted in the process of step S7, and the acquired content data Is transmitted to the terminal device 20 by the communication unit 32 (step S8). Here, since the control unit 31 has acquired an access request including “K1” as the access key 121, the control unit 31 provides the terminal device 20 with content data indicating the content A acquired from the content DB 332.

When receiving the content data transmitted from the response processing server 30 by the wireless communication unit 23, the control unit 21 of the terminal device 20 stores the content data in the storage unit 26, or stores the content indicated by the content data in the UI unit 22. It is displayed (step S9). There is no particular limitation on how the content data received by the terminal device 20 is used in the present embodiment.
Next, regarding the condition (I), a method for setting a permission range used for time authentication will be described in detail.

FIG. 9 is a flowchart illustrating a procedure for setting a permission range in the response processing server 30. FIG. 10 is a graph showing the relationship between the server time (horizontal axis) measured by the timer 31A and the sound emission time (vertical axis) indicated by the time information included in the access request. In FIG. 10, a hatched area indicates a permitted range at each server time, and a broken line indicates a set of points where the sound emission time and the server time match. Also, the white circle plot shown in FIG. 10 shows the relationship between the sound emission time and the server time included in the access request that is determined to be successful, and the black circle plot is the access that is determined to have failed the authentication. The relationship between the sound emission time included in the request and the server time is shown.
Hereinafter, in the server time “T0”, the response processing server 30 is based on the assumption that the server time measured by the time measuring unit 31A and the time measured by the time measuring unit 11A match (that is, synchronize). The procedure for setting the permitted range for the operation will be described.

First, the control unit 31 of the response processing server 30 sets a permission range when the server time is “T0” (step S101). Here, the control unit 31 uses “T0” that is the sound emission time that coincides with the server time as a reference, and from the sound emission time (that is, T0−α) that is α (seconds) prior to “T0”, “ A permission range TR1 including a sound emission time (that is, T0 + β) after β (seconds) after “T0” is set (α, β ≧ 0).
Next, the control unit 31 determines whether or not the authentication of the terminal device 20 has succeeded (step S102). Here, the control unit 31 determines whether or not the terminal device 20 has been successfully authenticated in the process of step S7. When the control unit 31 determines that the terminal device 20 has not been authenticated or has been authenticated but has failed in the authentication (step S102; NO), the control unit 31 proceeds to the process of step S104. And the control part 31 sets permission range TR1 as a range which expanded time before and behind with respect to sound emission time (step S104). Here, although the control part 31 has expanded the direction before the sound emission time largely after the sound emission time, it is larger after the sound emission time before the sound emission time. You can spread it out, or you can spread it back and forth for the same amount of time.

  Next, the control unit 31 determines whether or not to end the setting of the permission range (step S105). Here, the control unit 31 determines that the setting of the permission range is not completed until the response processing server 30 is turned off (step S105; NO), and returns to the process of step S102. And the control part 31 repeatedly performs the process step of step S102; NO-> S104-> S105; NO-> S102; NO ... until it succeeds in the authentication of the terminal device 20. By repeatedly executing this processing step, the control unit 31 extends the permitted range TR1 as time elapses from when the server time is “T0”. The reason why the control unit 31 widens the permission range will be described later.

If the control unit 31 determines that the authentication of the terminal device 20 is successful when the server time becomes “T1” (step S102; YES), the process proceeds to step S103. The access request used for this authentication is represented on the graph of FIG. 10 by plot P1, and the sound emission time is “T1”.
In addition, when the control part 31 succeeds in the authentication of the several terminal device 20 simultaneously, the access request with the earliest sound emission time is used.

Next, the control unit 31 sets a permission range based on the sound emission time indicated by the time information included in the access request used for authentication of the terminal device 20 (step S103). In the process of step S103, the control unit 31 sets a permission range TR2 having the same time range as the process of step S101 with reference to “T1” that is the sound emission time indicated by the time information included in the access request. That is, when the server time is “T1”, the control unit 31 performs β (seconds) before “T1” from the sound emission time (that is, T1-α) that is α (seconds) before “T1”. A permission range TR1 including a sound release time (that is, T1 + β) that is later than that is set.
By the process of step S103, the control unit 31 expands the permission range set in the process of step S101 with the passage of time, and when authentication of the terminal device 20 is newly succeeded, the control unit 31 newly reduces the expanded permission range. A valid permission range will be set. The reason for setting this new permission range will also be described later.

  When the new permission range TR2 is set in the process of step S103, the control unit 31 determines whether or not to end the setting of the permission range (step S105). When determining “NO” in the process of step S105, the control unit 31 repeatedly executes the process steps of step S102; NO → S104 → S105; NO → S102; NO. As time elapses, the permitted range TR2 is expanded.

If the control unit 31 determines that the authentication of the terminal device 20 is successful when the server time becomes “T2” (step S102; YES), the process proceeds to step S103 again. The access request used for this authentication is represented on the graph of FIG. 10 by plot P2, and the sound emission time is “T2 + Δt2” (Δt2> 0). And the control part 31 sets permission range TR3 which has the same time range as the process of step S101 on the basis of "T2 + (DELTA) t2" which is sound emission time (step S103). That is, when the server time is “T2”, the control unit 31 is β (seconds) later than “T2 + Δt2” from “T2 + Δt2−α” that is α (seconds) earlier than “T2 + Δt2”. The permission range TR3 including the time until (that is, T2 + Δt2 + β) is set.
By the process of step S103, the control unit 31 expands the permission range TR2 with the passage of time, and when the authentication of the terminal device 20 is newly succeeded, the new permission range so as to narrow the expanded permission range TR2. TR3 is set.

  If the control unit 31 determines that the terminal device 20 has been successfully authenticated when the server time becomes “T3” (step S102; YES), the process of step S103 is executed. The access request used for this authentication is represented on the graph of FIG. 10 by plot P3, and the sound emission time is “T3 + Δt3” (Δt3> 0). In this case, when the server time is “T3”, the control unit 31 determines that the sound emission time (that is, T3 + Δt3-α) before “T3 + Δt3” is β ( A new permission range TR4 including a sound emission time (that is, T3 + Δt3 + β) that is later by (second) is set.

Thereafter, the control unit 31 sets the permission range by repeatedly executing the processing steps S102 to S105, expands the permission range with time, and newly authenticates the terminal device 20. Then, a new permission range is set to narrow the expanded permission range.
The reason why the response processing server 30 sets the permission range in the above procedure will be described with reference to FIGS. The graph shown in FIG. 11 shows the relationship between the server time (horizontal axis) measured by the time measuring unit 31A and the sound emission time (vertical axis) indicated by the time information included in the access request. The hatched area, broken line, white circle, and black circle plots shown in the graph of FIG. 11 have the same meaning as in FIG.

  As shown in FIG. 10, the permission range is set so as to include at least the time up to α (seconds) before the sound emission time that matches the server time. One of the reasons for this setting is the processing time (for example, jitter) required for internal processing in the access key supply device 10, terminal device 20 and response processing server 30, communication delay of communication via the network NW, etc. "Delay and communication delay"). The processing delay, the communication delay, and the like are assumed to be synchronized between the timer unit 11A and the timer unit 31A, and the terminal device 20 may access the access key 121 and time information (hereinafter, collectively referred to as “acoustic watermark information”). Even if the access request is transmitted immediately after acquiring the server, it is an element that causes the server time to be later than the sound emission time indicated by the time information included in the access request. In an environment where the processing delay, the communication delay, and the like are zero, the relationship between the sound emission time and the server time shown in FIG. Specifically, when the server time is “T1”, the sound emission time indicated by the time information included in the access request is “T1”, and when the server time is “T2”, the time information included in the access request. The sound emission time indicated by is “T2”, and when the server time is “T3”, the sound emission time indicated by the time information included in the access request is “T3”. That is, even if the permission range is not set by a time range having a certain width, there is no problem in time authentication. However, in practice, since it is difficult to realize an environment in which processing delay, communication delay, and the like are zero, the control unit 31 sets the permitted range in a time range having a certain width.

If the processing delay and the communication delay are about 1 second, for example, α (second) may be at least about 10 seconds (a time larger by one digit than the processing delay and the communication delay). Since it is only necessary to achieve the purpose of preventing unauthorized use due to duplication of acoustic watermark information, even if the permitted range is set by a time range having a certain width, the time authentication of this embodiment The accuracy is not greatly impaired.
As described above, the response processing server 30 authenticates the terminal device 20 in response to the access request from the terminal device 20 that has received the acoustic signal indicating the sound emitted from the access key supply device 10 in real time. The terminal device 20 is authenticated using the permission range set based on the time required.

  In addition, as another reason for setting the permitted range as in the present embodiment, a relative deviation between the time measured by the timer unit 11A and the server time measured by the timer unit 31A (hereinafter simply referred to as “time deviation”). Occurs. Possible causes of the time lag include hardware errors between the timekeeping unit 11A and the timekeeping unit 31A, and various conditions such as a load increase in the access key supply device 10 and the response processing server 30, temperature, humidity, and voltage. This time lag is accumulated with the passage of time and is considered to increase with the passage of time.

  As shown in FIG. 11B, even when the server time is “T1” and no time lag occurs and the sound emission time is “T1” (here, processing delay, communication delay, etc.) The influence is ignored.) When the server time is “T2,” a time lag occurs, and the sound emission time becomes a value (T2 + Δt2) obtained by adding the time lag Δt2 (> 0) to T2. . When the server time is “T3”, it is assumed that the time lag further expands and the sound emission time becomes a value (T3 + Δt3) obtained by adding the time lag Δt3 (> Δt2) to T3. In this case, even when the permitted range is set by a time range having a certain width, even when the time difference becomes large, even the terminal device 20 of the legitimate user fails in time authentication. In the example of FIG. 11B, even if the response processing server 30 acquires an access request including the time information of the sound emission time “T2 + Δt2” or “T3 + Δt3”, the login of the terminal device 20 is not permitted.

Therefore, the response processing server 30 anticipates the occurrence of a time lag and expands the once set permission range with time. The example of FIG. 10 shows a case where a time lag occurs in which the server time is delayed with respect to the sound emission time. Absent. Therefore, the permission range is set by a time range having a width with respect to the front and rear with reference to the sound emission time. Further, since the permission range is set by a time range having a certain width, even if the sound emission time that is the reference of the permission range set by the response processing server 30 does not completely match the server time, the response processing server The time authentication at 30 is not hindered.
If the server time is delayed from the sound emission time, the permission ranges TR1 to TR4 are set according to the procedure shown in FIG. 12 instead of the procedure shown in FIG. Even in this case, the control unit 31 expands the set permission range TR over time, and corrects the server time and narrows the expanded permission range when the terminal device 20 is newly successfully authenticated. In this way, a new permission range may be set again.

  With the procedure described above, the response processing server 30 resets the permission range based on the sound emission time indicated by the time information included in the access request that has been successfully authenticated, and widens the permission range as time elapses. As a result, if the response processing server 30 sets a permission range based on the sound emission time that coincides with the sound emission time when authentication is successful, a processing delay, a communication delay, or a time shift occurs. However, time authentication can always be performed while ensuring the required accuracy.

In addition, when the response processing server 30 succeeds in newly authenticating the terminal device 20, the permission range is reset so as to narrow the permission range. This is because the permission range is set based on the actual time lag. The reason is that it has been redone. In short, the response processing server 30 can roughly grasp the time difference between the time measured by the time measuring unit 11A and the server time measured by the time measuring unit 31 from the sound emission time indicated by the time information included in the access request. Therefore, the response processing server 30 sets a permission range based on the sound emission time obtained by adding this time lag to the server time, thereby suppressing a decrease in time authentication accuracy due to the occurrence of the time lag. be able to.
Note that the control unit 31 uses the access request with the earliest sound emission time when receiving a plurality of access requests all at once. Thereby, the control unit 31 corrects the server time based on the sound emission time closest to the time measured by the time measuring unit 11A in response to the access request having the least influence of the processing delay and the communication delay, and sets the permitted range. Can do.

  According to the authentication system 1 of the first embodiment described above, the time measured by the timer unit 11A of the access key supply device 10 and the server time measured by the timer unit 31A of the response processing server 30 are highly accurate. Even if the time management is not performed, the validity of the acoustic watermark information (here, the access key) can be authenticated by the time. Therefore, according to the authentication system 1, the time is adjusted by communication between the access key supply device 10 and the response processing server 30, or the time is adjusted by communication with an external server such as an NTP (Network Time Protocol) server. Even without this, it is possible to suppress a decrease in the accuracy of time authentication due to a time lag.

  If the response processing server 30 assumes the occurrence of a time lag and expands the permitted range with time, the time lag at the server time T3 becomes (T3 + Δt3a) as shown in FIG. 10, or as shown in FIG. In addition, the time lag at the server time T3 becomes (T3-Δt3a). In this case, even the terminal device 20 of the legitimate user is determined by the response processing server 30 to have failed time authentication. If the permission range is set widely over time without resetting a new permission range, as indicated by the alternate long and short dash line in FIGS. 10 and 12, the terminal device 20 of the legitimate user is authenticated due to the occurrence of a time lag. The possibility of failure is suppressed. However, in this case, as the time elapses, the permitted range becomes wider, so that the accuracy of time authentication decreases. On the other hand, in the authentication system 1, since the permission range is reset by the access request that has been successfully authenticated, the accuracy of time authentication is not significantly impaired even if the permission range is not excessively widened.

  Furthermore, in the authentication system 1, since the access key is supplied by the access key supply device 10 only to the sound emitting area where the sound according to the acoustic signal reaches, the area restriction is a means by which a human can visually confirm the sound emitting area. By using means (that is, a member having an effect of sound insulation such as a wall or a partition), it is possible to limit the sound emission area to which the access key is supplied relatively easily.

[Second Embodiment]
Next, a second embodiment of the present invention will be described.
In the first embodiment described above, the response processing server 30 sets the permitted range when the authentication of the terminal device 20 is successful, but the way of expanding the permitted range as time passes is constant. On the other hand, the response processing server 30 of the present embodiment predicts the occurrence of a time lag in the future and sets a permission range according to the prediction result.
In the present embodiment, the components and processing steps that are denoted by the same reference numerals as those in the first embodiment described above function in the same manner as in the first embodiment described above, and therefore, differences will be mainly described below.

FIG. 13 is a functional block diagram illustrating a functional configuration of the control unit 31 of the response processing server 30. As illustrated in FIG. 13, the control unit 31 performs functions corresponding to an access request acquisition unit 311, an authentication unit 312, a response processing unit 313, a setting unit 314, and a prediction unit 315 by executing a program. Is realized.
The prediction unit 315 determines the server time based on the difference between the sound emission time indicated by the time information included in the access request acquired from the terminal device 20 permitted by the authentication unit 312 and the server time measured by the time measuring unit 31A. A time lag at a later predetermined time (hereinafter referred to as “predicted time”) is predicted. The setting unit 314 sets a permission range at the predicted time based on the time lag predicted by the prediction unit 315.

FIG. 14 is a flowchart showing a procedure for setting a permission range in the response processing server 30. In FIG. 14, it is assumed that the processing described in the first embodiment is executed in the response processing server 30 in the processing steps denoted by the same reference numerals as those in FIG. 9. FIG. 15 is a graph showing the setting procedure of the permission range in the present embodiment. Each information in the graph shown in FIG. 15 is the same as that in FIGS.
When the control unit 31 sets the permitted range in the process of step S101 and determines that the authentication of the terminal device 20 is successful in the process of step S102 (step S102; YES), the control unit 31 determines that the current server time measured by the time measuring unit 31A is exceeded. A time lag at a later predicted time is predicted (step S107). Here, the control unit 31 sets a time after a predetermined time from the current server time as the predicted time. This predetermined time is, for example, a design stage of the response processing server 30 in view of the degree of occurrence of a relative time shift in the time measuring unit 11A and the time measuring unit 31A, the prediction accuracy of the time shift in the response processing server 30, and the like. It only has to be decided by such as.

  Here, the control unit 31 analyzes a plurality of sound emission times (that is, a plurality of access requests) used for authentication of the terminal device 20 permitted to log in, and predicts a time lag. Therefore, the control unit 31 succeeds in authentication for the number of terminal devices 20 equal to or greater than the threshold, and the time from the server time at which the access request is first acquired until the server time at which the access request is last acquired exceeds the threshold. Passes the process of step S107 without predicting a time lag. Hereinafter, the process of step S103 will be described in detail.

  Here, as shown in FIG. 15A, it is assumed that the time difference when the server time is “T0” is zero, and that there are three access requests when the server time is T1, T2, and T3. Further, the time shift when the server time is “T1” is “+ Δt1”, the time shift when the server time is “T2” is “+ Δt2”, and the server time is “T3”. It is assumed that the time difference is “+ Δt3” (where Δt1> 0, Δt2> 0, Δt3> 0). These three access requests correspond to the plots P1, P2, and P3 shown in the graph of FIG. Then, the control unit 31 predicts a time lag based on a plurality of (three here) access requests that have already been acquired. Here, when the server time is “T3”, the control unit 31 predicts a time lag that occurs when the predicted time, which is a later time, is “T4”.

  First, the controller 31 plots P1, P2... Plotted on the graph based on the access request. The three points (a plurality of points) of P3 are calculated by a known regression analysis (for example, the least square method). Here, the control part 31 calculates the regression line L shown to Fig.15 (a). The regression line L represents the relationship between the server time in the past and the sound emission time indicated by the time information of the access request, while the server time and sound emission time in the future when the time lag increases in the same tendency in the future. The relationship is shown. Therefore, the control part 31 can obtain | require the point on the regression line L in the server time after the present server time as a prediction result of the time shift in the server time. According to the graph shown in FIG. 15A, the control unit 31 predicts the time lag when the server time is “T4” as “+ Δt4”, which is the point P4 on the regression line L (however, Δt4 > 0).

Next, when the permission range is set by the same method as in the first embodiment described above in the process of step S103, the control unit 31 determines “NO” in the process of step S105, and returns to the process of step S102. When the control unit 31 determines “NO” in the process of step S102 after the prediction of the time lag, the control unit 31 expands the permitted range TR with respect to the preceding and following times according to the time lag prediction result (step S104a). . It differs from the process of S104 of 1st Embodiment mentioned above by the point which expands a permission range by the method according to the prediction result of the time gap by the process of step S104a. In the process of step S104a, the control unit 31 sets the allowable range TR4 based on the predicted time lag so that the time authentication is successful even if a time lag of “+ Δt4” occurs at time T4. Specifically, when the server time is “T4”, which is the predicted time, the control unit 31 is γ (> 0) (seconds) ahead of “T4 + Δt4” obtained by adding the predicted time lag to the predicted time. The server time is set to “T3 so that a permission range including a time (that is, T4 + Δt4 + δ) after δ (> 0) (seconds) from“ T4 + Δt4−γ ”to a time (that is, T4 + Δt4 + δ) after“ T4 + Δt4 ”. ”Until the server time is“ T4 ”.
Note that the values of γ and β may be determined in advance.

  By the process of step S104a, the control unit 31 can set the allowable range TR so as to include the sound emission time with reference to the sound emission time including the time lag that is predicted to occur at a future predicted time. Therefore, when the server time is “T4”, the control unit 31 does not hinder the time authentication even if the permitted range is not greatly expanded until the server time T3. The fact that it is not necessary to greatly widen the permission range in this way also suppresses a decrease in the accuracy of time authentication.

  As another example, as shown in FIG. 15B, the time lag at the server time T1 is “−Δt1”, the time lag at the server time T2 is “−Δt2”, and the time lag at the server time T3 is It is assumed that “−Δt3” (where Δt1> 0, Δt2> 0, Δt3> 0). As described above, even when the server time is delayed from the sound emission time, the control unit 31 sets “T4” that is the predicted time in the process of step S107 based on the time lag generated in the past by the above procedure. The time lag in can be predicted. In this case, the control unit 31 predicts the time lag when the server time is “T4” as “−Δt4”, which is the point P4 on the regression line L (where Δt4> 0). In the process of step S104, when the server time is the predicted time “T4”, the control unit 31 sets the permission range TR4 so that the time authentication is successful even if the predicted time lag occurs. In this case, when the server time is “T4”, which is the predicted time, the control unit 31 is γ (> 0) (seconds) ahead of “T4-Δt4” obtained by subtracting the prediction result of the time lag from the predicted time. The permitted range including the time (that is, T4-Δt4-γ) to the time (that is, T4-Δt4 + δ) after δ (> 0) (seconds) after “T4-Δt4” is set. Then, how to extend the permitted range TR4 in the period from the server time “T3” to the server time “T4” is determined.

As described above, the control unit 31 obtains the sound emission time indicated by the time information included in the access request acquired at the first server time and the access acquired at the second server time after the first server time. A time lag occurring per unit time is predicted based on the sound emission time indicated by the time information included in the request, and a permission range is set so that time authentication is successful even if the predicted time lag occurs. The time lag occurring per unit time is a time lag newly generated (that is, increased) every time the server time elapses.
The control unit 31 may set a permitted range by predicting a time lag at a future predicted time from a time lag at a plurality of past server times even at subsequent server times. Here, the control unit 31 may predict a time lag from all past time lags, or may predict a future time lag from the latest predetermined number of time lags. Further, the control unit 31 may predict the time lag with any future time as the predicted time.
In addition, although the case where the time lag increases linearly has been described here, the control unit 31 performs statistical analysis processing such as regression analysis on a plurality of past time lag data even when the time lag changes irregularly. Thus, if a time lag in the future is predicted, an allowable range based on the prediction result can be set.

  According to the second embodiment described above, the response processing server 30 analyzes the time lag that has actually occurred, predicts a time lag in the future, and sets a permission range according to the prediction result. Therefore, the response processing server 30 can continuously set a permission range that does not impair the accuracy of time authentication without making the permission range excessive.

[Third Embodiment]
Next, a third embodiment of the present invention will be described.
In the first embodiment described above, the access key supply apparatus 10 superimposes the access key itself on the acoustic signal by the acoustic watermark as information defining the access key. Instead of this, the access key supply apparatus 10 may superimpose the substitute information as a substitute for the access key on the acoustic signal. In the present embodiment, the terminal device 20 makes an inquiry to an external server device (providing server 40, which will be described later) using the alternative information extracted from the acoustic signal, and acquires an access key corresponding to the alternative information from the providing server 40. .
In the present embodiment, the components and processing steps that are denoted by the same reference numerals as those in the first embodiment described above function in the same manner as in the first embodiment described above, and therefore, differences will be mainly described below. Moreover, what added "a" to the end of the code | symbol of the component and process step demonstrated in 1st Embodiment mentioned above respond | corresponds to the component and process step demonstrated in 1st Embodiment mentioned above.

FIG. 16 is a diagram showing the overall configuration of the authentication system 1a of the present embodiment.
The authentication system 1a includes access key supply devices 10A and 10B (collectively referred to as “access key supply device 10” when there is no need to distinguish between them), a terminal device 20, a response processing server 30, and a providing server. 40. The hardware configuration of the access key supply device 10, the terminal device 20, and the response processing server 30 is basically the same as that of the first embodiment described above, and has the same connection relationship as that of the first embodiment described above. is there. The providing server 40 is a server device connected to the terminal device 20 via the network NW. The providing server 40 provides an access key to the terminal device 20 in response to a request from the terminal device 20.

FIG. 17 is a block diagram illustrating a hardware configuration of the providing server 40. As shown in FIG. 17, the providing server 40 includes a control unit 41, a communication unit 42, and a storage unit 43.
The control unit 41 includes a microprocessor having a CPU, a ROM, and a RAM. The CPU controls each unit of the providing server 40 by reading the program stored in the ROM or the storage unit 43 into the RAM and executing it. The communication unit 42 is an interface for connecting to the network NW. The storage unit 43 includes a hard disk device, for example, and stores an access key management table 431 that manages programs for operating the control unit 41 and access keys that can be provided to the terminal device 20.

FIG. 18 shows the data structure of the access key management table 431.
As shown in FIG. 18, the access key management table 431 has a data structure in which pieces of information “alternative information” and “access key” are associated with each other. The substitute information is information assigned to distinguish each access key managed by the providing server 40, and one substitute information is assigned to one access key. The substitute information written in the access key management table 431 matches the substitute information superimposed on the acoustic signal by the access key supply apparatus 10. The access key is the same information as in each of the embodiments described above.

The access key supply apparatus 10 superimposes access key alternative information corresponding to the own apparatus on the acoustic signal and emits the sound. When there is an access key transmission request from the terminal device 20, the providing server 40 identifies the access key associated with the substitute information included in the transmission request from the access key management table 431 and provides the access key to the terminal device 20. To do.
In the present embodiment, it is assumed that the information amount of the substitute information is smaller than the information amount of the access key.

FIG. 19 is a functional block diagram illustrating a functional configuration of the control unit 41 of the providing server 40. As illustrated in FIG. 19, the control unit 41 realizes functions corresponding to the request acquisition unit 411, the key specification unit 412, and the provision unit 413 by executing a program.
The request acquisition unit 411 acquires a key transmission request including alternative information received by the communication unit 42 from the terminal device 20 and extracted in the terminal device 20. The substitute information included in the key transmission request corresponds to the substitute information extracted from the acoustic signal by the extraction unit 212 of the terminal device 20.
The key specifying unit 412 specifies an access key corresponding to the key transmission request acquired by the request acquisition unit 411. Specifically, the key specifying unit 412 specifies the access key stored in the access key management table 431 in association with the substitute information included in the key transmission request.
The providing unit 413 transmits the access key specified by the key specifying unit 412 by the communication unit 42 and provides the access key to the terminal device 20.

FIG. 20 is a sequence chart showing the flow of processing in the authentication system 1a.
The control unit 11 of the access key supply apparatus 10A acquires time information from the time measuring unit 11A (step S1). Next, the control part 11 acquires alternative information from the memory | storage part 12 (step S2a). The control unit 11 superimposes the time information acquired in the process of step S1 and the alternative information acquired in the process of step S2a on the acoustic signal using an acoustic watermark (step S3a). Next, the control unit 11 causes the speaker 13 to emit a sound indicated by the acoustic signal in which the time information and the alternative information are superimposed (step S4a).

  Next, the control part 21 of the terminal device 20 extracts time information and alternative information from the acoustic signal acquired from the microphone 24 (step S5a). Here, it is assumed that the control unit 21 has extracted “s001” as alternative information. And the control part 11 transmits the key transmission request | requirement of the substitute information extracted by the process of step S5a to the provision server 40 by the wireless communication part 23 (step S11).

  When the control unit 41 of the providing server 40 receives the key transmission request by the communication unit 42 and acquires it, the control unit 41 stores the access key associated with the alternative information specified in the key transmission request in the access key management of the storage unit 43. It specifies with reference to the table 431 (step S12). When the control unit 41 obtains a key transmission request including “s001” as alternative information, “K1” is specified as the access key. The control unit 41 transmits the identified access key to the terminal device 20 via the communication unit 42 (step S13).

  When the control unit 21 of the terminal device 20 receives the access key by the wireless communication unit 23 and acquires it, the control unit 21 transmits an access request to the response processing server 30 in the same manner as in the first embodiment described above (step S6). ). Thereafter, in the authentication system 1, the processing steps of Steps S7 to S9 are executed as in the first embodiment described above.

  Also in this embodiment, the response processing server 30 sets the permission range by the procedure described in FIG. 9 or FIG. In the case of the present embodiment, due to the communication between the terminal device 20 and the providing server 40, the processing delay, the communication delay, and the like become larger or more likely to fluctuate than in the first and second embodiments described above. Conceivable. However, as described in the first embodiment, if the response processing server 30 sets the permission range according to the time range having a width corresponding to the processing delay, the communication delay, and the like, it is possible to suppress a decrease in time authentication accuracy.

The above-described authentication system 1a also has the same operational effects as those of the first embodiment described above, and the access key is managed by the providing server 40. Therefore, management including updating of the access key can be performed relatively easily.
Furthermore, in the present embodiment, the information amount of the substitute information can be made smaller than the information amount of the access key. Therefore, the access key supply apparatus 10 can superimpose necessary information on the acoustic signal in a narrower frequency band than the configurations of the first and second embodiments described above. In other words, even when the transmission rate of information using an acoustic signal is low, the access key supply device 10 provides the terminal device 20 with alternative information necessary for the terminal device 20 to acquire an access key. be able to. Furthermore, since the access key itself does not propagate through the spatial region in which the sound wave according to the acoustic signal propagates, even if alternative information is illegally extracted from the acoustic signal by a third party, the access key itself is immediately It is never acquired.

[Modification]
The present invention can be implemented in a form different from the above-described embodiment. Further, the following modifications may be combined as appropriate.
(Modification 1)
The setting method of the permission range in the response processing server 30 is not limited to the method of each embodiment described above.
21 and 22 are graphs showing an example of the correspondence between the server time (horizontal axis) and the sound emission time (vertical axis). For example, as shown in FIG. 21, the response processing server 30 may expand the permission ranges TR1 to TR4 with the passage of time and increase the extent of the expansion with the passage of time. Also, as shown in FIG. 22, if the response processing server 30 gradually expands the permitted ranges TR1 to TR4 over time and the sound emission time does not become earlier than the server time, the server time T2 or later As described above, the permitted range may be set so as not to include the time when the sound emission time is earlier than the server time. As described above, the processing delay, the communication delay, and the like act so that the sound emission time is later than the server time. Therefore, the time measured by the time measuring unit 11A may be relatively earlier than the time measured by the time measuring unit 31A. If it is not, such a permitted range is acceptable.
In addition, when the response processing server 30 obtains an access request with a certain degree of frequency, or when the permission range is set within a certain time range from when the permission range is set, there is a problem in time authentication. It is also possible to make the permission range constant without expanding over time (permission range as shown in FIG. 11B).
In each embodiment described above, the response processing server 30 resets the permission range every time an access request is acquired. For example, the response processing server 30 resets the permission range only once in a predetermined period. In other cases, even if an access request is acquired, it is not necessary to reset the permission range.

(Modification 2)
In each of the above-described embodiments, the response processing server 30 sets the permission range based on an access request from one terminal device 20. Instead, the response processing server 30 distributes the sound emission times indicated by the time information included in the access requests from the plurality of terminal devices 20 that are permitted to log in (in other words, the numerical dispersion indicated by the plurality of time information The permitted range may be set based on the frequency distribution). The value indicating the distribution of the sound emission times is, for example, the average value of the sound emission times indicated by the time information included in the access requests from the plurality of terminal devices 20, but the sound emission times such as the median value and the mode value. As long as it represents the distribution of. The distribution of sound emission times may be a calculated value of a time (realized value) indicated by a plurality of time information, or an estimated value of a population distribution. In short, the sound emission time distribution may be a value obtained by statistical analysis processing from a plurality of time information distributions.
Here, the reason why the control unit 31 sets the permission range using the access requests from the plurality of terminal devices 20 is to increase the accuracy of setting the permission range according to the time lag. According to the configuration of this modified example, even if the response processing server 30 receives an access request including time information indicating a significantly delayed sound emission time for some reason, it may hinder future time authentication. The setting of the allowable range that comes is avoided.

  In this modified example, the response processing server 30 does not use the sound emission time distribution in which the sound emission times indicated by the time information from the plurality of terminal devices 20 are treated equivalently, but the time information from each terminal device 20 is received. A distribution of sound emission times that is weighted according to the reliability (in other words, accuracy) with respect to the sound emission times shown may be used. In this case, the response processing server 30 may calculate the weighted average by increasing the weight of the sound emission time closer to the server time, for example, to obtain a value indicating the sound emission time distribution.

(Modification 3)
In each of the above-described embodiments, the response processing server 30 sets the permission range based on the sound emission time based on the access request acquired from the terminal device 20 that has permitted login. Instead of this, the response processing server 30 may set the permission range on the basis of the time before the sound emission time by the time corresponding to the processing delay, the communication delay, and the like. This is because even if the timing unit 11A and the timing unit 31A are synchronized, the sound emission time indicated by the time information included in the access request acquired by the response processing server 30 is only the time corresponding to the processing delay, the communication delay, and the like. This is unavoidably delayed from the server time. Therefore, the response processing server 30 sets a permission range based on the time measured by the time measuring unit 11A, and permits the time based on the time before the sound emission time by a time corresponding to the processing delay, communication delay, and the like. The range may be set. The response processing server 30 sets a permission range including α (seconds) before the time that is the reference of the permission range, and this α (second) is a time corresponding to at least a processing delay, a communication delay, and the like (for example, 10 After about a second, it is necessary to be at least an order of magnitude larger than the total time such as processing delay and communication delay.
As described above, the time when the response processing server 30 sets the permission range is not limited to the sound emission time.

(Modification 4)
In each embodiment described above, the access key supply apparatus 10 superimposes the access key 121 and the time information on the acoustic signal by the acoustic watermark. However, the access key 121 superimposes the access key 121 on the acoustic signal. You may make it not superimpose on.
For example, the control unit 21 of the terminal device 20 has a time measuring unit that measures the current time, and includes time information indicating the time measured by the time measuring unit in the access request. For example, the control unit 21 includes time information indicating the time when the sound emitted from the access key supply device 10 is detected by the microphone 24 or the time when the acoustic signal indicating the detected sound is acquired in the access request. Further, the control unit 21 may include time information indicating the time when the access key 121 is extracted from the acoustic signal indicating the sound emitted by the access key supply device 10 in the access request. In this way, the control unit 21 does not acquire time information indicating the sound emission time by the acoustic watermark, but acquires time information indicating the time according to the acquisition time of the access key 121 from, for example, the time measuring unit of the own device. You may do it.

  The control unit 21 may include time information indicating the time at which the terminal device 20 transmits the access request including the access key 121 to the response processing server 30 in the access request. In this case, the time information indicating the transmission time measured by the time measuring unit included in the control unit 21 may be included, or the server that transfers the access request from the terminal device 20 to the response processing server 30 may include the time information in the access request. . As described above, the control unit 21 may transmit an access request including time information indicating the time according to the access time to the response processing server 30 to the response processing server 30.

In summary, the response processing server 30 identifies the terminal device 20 to access its own server, such as time information indicating the time when the access key 121 is acquired in the terminal device 20 or the time of access to its own server. By acquiring time information indicating the time when the above processing is performed, it is possible to perform processing such as time authentication of the watermark information of the acoustic watermark and setting of a new permitted range.
However, the time information included in the access request indicates the time measured by the time measuring unit other than the time measuring unit 31A used by the response processing server 30 for time authentication.

(Modification 5)
In each of the above-described embodiments, the timer unit 11A and the timer unit 31A are not limited to those that measure the current time, but relative to a predetermined reference time such as the time when the service processing in the response processing server 30 is started. It is possible to measure a specific time.
Further, the time information that the access key supply device 10 superimposes on the acoustic signal by the acoustic watermark may not be the time information that can specify the sound emission time in seconds as in each of the embodiments described above. For example, the time information may be time information that can specify the sound emission time in minutes. In this case, the time information is discrete data that is incremented every minute.

(Modification 6)
When there are a plurality of access key supply apparatuses 10, the response processing server 30 may have only one time measuring unit 31 </ b> A. For example, the access key supply devices 10 communicate with an NTP server, or the timekeeping unit 11A is synchronized by communication between the access key supply devices 10 or the like. Then, the timekeeping units 11A between the access key supply devices 10 are synchronized. In this case, even if the response processing server 30 acquires an access request including an access key from any of the access key supply devices 10, the response processing server 30 performs time authentication based on the server time measured by the common timer unit 31A. Can do.

(Modification 7)
In the above-described third embodiment, a configuration may be provided in which the providing server 40 and the response processing server 30 are communicatively connected to update the access key. As long as the access key stored in the providing server 40 matches the access key stored in the response processing server 30 as an access key corresponding to certain alternative information, the access key may be updated in any way.
In the first and second embodiments described above, the access key supply apparatus 10 has a communication interface (communication unit) that connects to the network NW, acquires the access key 121 through communication with the response processing server 30, You may memorize | store in the memory | storage part 12. FIG.

(Modification 8)
In the third embodiment described above, the substitute information is information for specifying the access key provided by the providing server 40 to the terminal device 20, but may be other information. For example, when the access key is expressed by a pseudo-random number generated according to a predetermined pseudo-random number generation algorithm, the alternative information is a seed value used for generating the pseudo-random number (that is, an initial value for generating the pseudo-random number). It may be. In this case, the control unit 21 of the terminal device 20 generates an access key by performing a predetermined process on the alternative information extracted from the acoustic signal. For example, when the seed value used for generating the pseudo random number is alternative information, the control unit 21 uses this seed value to generate an access key represented by the pseudo random number according to a predetermined pseudo random number generation algorithm. When the replacement information is information obtained by converting (for example, encrypting) the access key according to a predetermined rule, the control unit 21 performs conversion processing (for example, decryption processing) according to the rule on the replacement information. Then, an access key may be generated.
In order to enable the terminal device 20 to generate an access key based on the substitute information, the authentication system 1 predetermines a correspondence relationship between the substitute information and the access key, and the agreement is used for the operation of the terminal device 20. This is reflected in the algorithm. In the case of the configuration of this modification, the providing server 40 is not necessary in the authentication system 1.
As described above, the replacement information may be any information as long as the access key can be derived by the terminal device 20. However, it is preferable here that the information amount (that is, the number of bits) of the substitute information is smaller than the information amount of the access key.

(Modification 9)
In each of the above-described embodiments, the access key supply apparatus 10 distributes the audio watermark information in the form of sound emission from the speaker 13, but the present invention may be modified as follows.
FIG. 23 is a diagram for explaining the outline of the authentication system of this modification.
As shown in FIG. 23, a case where the communicable area is configured in a restaurant such as a fast food restaurant will be described here. In the restaurant, a plurality of sets of tables 100 and chairs 200 as shown in FIG. 23 are arranged. A user of the terminal device 20 who is a restaurant customer may sit on the chair 200, place an order on the table 100, and use the terminal device 20. In this restaurant, one acoustic shaker 50 is distributed to each customer per table 100 when ordering goods. The user attaches the distributed acoustic exciter 50 to the table 100 used by the user. As shown in FIG. 23, for example, the user wears the acoustic vibrator 50 at a position relatively close to the back surface of the table 100. The acoustic vibrator 50 vibrates a member to which the acoustic vibrator 50 is mounted under vibration under the control of the access key supply device 10, and an acoustic signal including information defining an access key is indicated by the member. Sounds are emitted. Here, this member is the table 100 on which the acoustic vibrator 50 is mounted, and the member (table 100) and the acoustic vibrator 50 come into contact with each other and vibrate together. Therefore, in this modification, the table 100 and the acoustic exciter 50 constitute a sound emitting unit.

FIG. 24 is a block diagram illustrating a hardware configuration of the acoustic vibrator 50.
As shown in FIG. 24, the acoustic exciter 50 includes a control unit 51, a wireless communication unit 52, and an excitation unit 53. The control unit 51 is a control device including an arithmetic device including a CPU and a memory. The arithmetic device controls the acoustic exciter 50 by executing a program stored in the memory. The wireless communication unit 52 is an interface that includes a wireless communication circuit and an antenna and performs wireless communication with an access key supply device 10a described later. The vibration unit 53 generates a vibration corresponding to the control signal of the control unit 51, and causes the generated vibration to act outside.

  FIG. 25 is a block diagram showing a hardware configuration of the access key supply apparatus 10a of the present modification. As shown in FIG. 25, the access key supply apparatus 10 a includes a control unit 11, a storage unit 12, and a wireless communication unit 14. The control unit 11 and the storage unit 12 basically have the same configuration as that of each of the above-described embodiments, but the control unit 11 performs control for distributing acoustic watermark information by acoustic excitation. The wireless communication unit 14 is an interface for performing wireless communication. Here, the wireless communication unit 14 transmits information necessary for acoustic excitation to an area corresponding to a sound emitting area.

The access key supply device 10a of this modification controls the acoustic exciter 50 so as to vibrate the table 100 according to the acoustic signal. Specifically, the control unit 11 modulates an acoustic signal on which information defining an access key is superimposed with a carrier wave, and transmits the transmission signal by the wireless communication unit 14. When the wireless communication unit 52 receives this transmission signal, the control unit 51 of the acoustic exciter 50 demodulates the acoustic signal on which information defining the access key is superimposed. Then, the control unit 51 causes the vibration unit 53 to vibrate so that the sound represented by the demodulated acoustic signal is emitted from the table 100. Since the user who sits down on the chair 200 holds his terminal device 20 in the vicinity of the table 100 or places it on the table 100, the control unit 21 detects the sound emitted from the table 100 and detected by the microphone 24. An acoustic signal representing the generated sound is acquired.
In this modification, the access key supply device 10 controls the acoustic exciter 50 by transmitting information defining the access key to the acoustic exciter 50 by the wireless communication unit 14. You don't have to.

  According to the configuration of this modification, the communicable area to which the information defining the access key is supplied is limited to the vicinity of the table 100, for example. That is, only users near the table 100 can use the audio watermark information, and the wireless communication service can be provided only for those who use the table 100, that is, those who ordered the product. As a result, it is possible not to provide acoustic watermark information to users who are not in the vicinity of the table 100 and have just entered the store, so that it is possible to further limit the range of the communicable area, and to It can be said that this service is also suitable when providing this service as part of the store's sales activities such as

(Modification 10)
The configuration of the modified example 9 described above may be configured such that the acoustic exciter starts to excite at the timing when the user sits on the chair 200 while the acoustic exciter is mounted on the table 100.
FIG. 26 is a diagram for explaining the outline of the authentication system of this modification. In this modification, it is assumed that a product ordered and received by the user is placed on the tray 300 and carried to his / her seat to eat and drink. Here, as shown in FIG. 26, the tray 300 is provided with an RFID (Radio Frequency IDentification) element 310. In the RFID element 310, information for identifying that the RFID element 310 is provided on the tray 300 is written in advance.

FIG. 27 is a block diagram showing a hardware configuration of the acoustic vibrator 50a.
As shown in FIG. 27, the acoustic exciter 50 a includes a control unit 51, a wireless communication unit 52, an excitation unit 53, and a reading unit 54. Among these components, the configurations of the control unit 51, the wireless communication unit 52, and the excitation unit 53 are the same as in the eighth modification. The reading unit 54 is a so-called RFID reader, and reads information written in the RFID element 310.

In the acoustic exciter 50a, when the tray 300 is not in the vicinity, such as when no one is sitting on the chair 200, the reading unit 54 tries to read information from the RFID element 310 while the wireless communication unit 52 is stopped. . Eventually, when the user places the tray 300 on the table 100 and the reading unit 54 reads the information of the RFID element 310 of the tray 300, a reading signal indicating that the information has been read is output to the control unit 51. The control unit 51 starts using the table 100 when the read signal is received, and the acoustic exciter 50a attached to the table 100 can be excited. The wireless communication unit 52 notifies the access key supply apparatus 10a that the vibration by 50a is started. When the notification is received by the wireless communication unit 14, the control unit 11 of the access key supply apparatus 10a is activated so as to vibrate the table 100 according to the acoustic signal on which the information defining the access key is superimposed. The vibrator 50a is controlled. This control may be the same as in the ninth modification.
Eventually, when the user leaves the tray 300, the control unit 51 does not read the RFID element 310 by the reading unit 54 and is not supplied with a read signal. Therefore, if the user does not sit on the chair 200, to decide. Then, the control unit 51 controls the wireless communication unit 52 to stop wireless communication so that the reading unit 54 does not perform reading.

With the above configuration, the access key supply device 10a can supply information that defines an access key only when necessary without the user turning on and off the acoustic vibrator 50a. As a result, when it is not necessary to supply information that defines the access key, such as when the tray 300 on which the ordered product is placed is not placed on the table 100, although the user is seated on the table 100, the acoustic exciter 50a is set to the table 100. Therefore, low power consumption of the acoustic vibrator 50a can be expected. Further, the possibility of using this service by a person who does not use the tray 300, that is, a person who does not order goods and is not a target of service provision can be further reduced, and the range of the communicable area can be further limited. Is possible.
In this modification, the acoustic excitation of the acoustic exciter 50a is switched on and off using the RFID element 310 and the reading unit 54. For example, an infrared communication method, a contact type or a non-contact type IC chip is used. You may implement | achieve by the communication system using this, a near field communication system, etc. Moreover, the structure which switches a user on and off the acoustic excitation of the acoustic vibrator 50a manually may be sufficient. Also in this modified example, the acoustic vibration exciter 50a may be distributed to the person who ordered the product. In this modification, the RFID element 310 is provided on the tray 300, but it may be provided on another portable member.

(Modification 11)
In each of the above-described embodiments, the detection unit that detects sound is a microphone, and the sound emitting unit that emits the sound indicated by the acoustic signal on which the acoustic watermark information is superimposed is a speaker. In this case, the microphone detects sound that is vibration of gas (more specifically, air), and the speaker emits sound that is vibration of gas (more specifically, air). is there. On the other hand, the detection unit / sound emitting unit may detect / sound a solid or liquid vibration. At this time, the sound emitting unit is realized by a vibrator that applies vibration to the outside and a medium that is vibrated by the vibrator. That is, the vibrator emits sound by propagating an elastic wave to the member. On the other hand, the detection unit is, for example, a vibration pickup (vibration detector) and detects sound that is an elastic wave propagating through the member.
Even in such a configuration of the detection unit / sound emitting unit, if the acoustic signal includes the frequency component of the acoustic watermark information, the terminal device 20 extracts the acoustic watermark information from the acoustic signal, and the acoustic watermark information is Various processes can be executed by using.

(Modification 12)
The terminal device of the present invention may be a terminal other than a smartphone. For example, the present invention is applied to various terminal devices such as a mobile phone, a tablet terminal, a PDA (Personal Digital Assistant), a mobile computer, a game machine, and a digital signage. Can also be applied.
Further, the response processing server 30 is not limited to executing response processing for transmitting content data, but may be any server that executes some response processing on the terminal device 20 in accordance with the access key authentication result.
Further, the place where the access key supply device 10 forms the sound emission area may be anywhere as long as the service of the response processing server 30 is provided to the terminal device 20. For example, the access key supply apparatus 10 may be installed at a place where an unspecified number of persons enter and exit, such as a station premises, a hotel lobby, or an office lobby. In addition, an access key supply device 10 may be installed in order to provide individual services to each specific person at a place where a specific person such as a company, a factory, or a house enters and exits.

  The programs executed by the control unit 11 of the access key supply device 10, the control unit 21 of the terminal device 20, and the control unit 31 of the response processing server 30 in each embodiment described above are magnetic recording media (magnetic tape, magnetic disk ( HDD, FD, etc.), optical recording media (optical discs (CD, DVD), etc.), magneto-optical recording media, and computer-readable recording media such as semiconductor memories. It is also possible to download via a network such as the Internet.

DESCRIPTION OF SYMBOLS 1, 1a ... Authentication system 10, 10a, 10A, 10B ... Access key supply apparatus, 100 ... Table, 11 ... Control part, 111 ... Superimposition part, 112 ... Sound emission control part, 11A ... Time measuring part, 12 ... Memory | storage part , 121 ... access key, 13 ... speaker, 14 ... wireless communication unit, 20 ... terminal device, 200 ... chair, 21 ... control unit, 211 ... acoustic signal acquisition unit, 212 ... extraction unit, 213 ... access control unit, 22 ... UI unit, 23 ... wireless communication unit, 24 ... microphone, 25 ... speaker, 26 ... storage unit, 261 ... terminal ID, 30 ... response processing server, 300 ... tray, 31 ... control unit, 311 ... access request acquisition unit, 312 ... Authentication unit, 313 ... Response processing unit, 314 ... Setting unit, 314 ... Prediction unit, 31A ... Timer unit, 32 ... Communication unit, 33 ... Storage unit, 331 ... Authentication table, 332 ... Container DB, 40 ... providing server, 41 ... control unit, 411 ... request obtaining unit, 412 ... key specifying unit, 413 ... providing unit, 42 ... communication unit, 43 ... storage unit, 431 ... access key management table, 50, 50a ... acoustic exciter 51 ... control unit 52 ... wireless communication unit 53 ... excitation unit 54 ... reading unit

Claims (5)

A timekeeping section that measures the current time,
From the terminal device that has acquired the acoustic signal indicating the emitted sound, the acoustic signal on which the information defining the access key used for logging in to the server device is superimposed by the acoustic watermark, the access key and An access request acquisition unit that acquires an access request including time information indicating a time according to an acquisition time of the access key or an access time to the own server device by communication with the terminal device;
A time indicated by the time information acquired by the access request acquisition unit and a current time measured by the time measurement unit are set in advance, and the terminal device is successfully authenticated by the access key acquired by the access request acquisition unit. Authentication unit that allows login of the terminal device,
A setting unit configured to set the time range based on a time indicated by the time information acquired from the terminal device when login of the terminal device is permitted by the authentication unit. . The deviation at a predetermined time after the current time is predicted based on the deviation between the time indicated by the time information acquired from the terminal device permitted to log in by the authentication unit and the current time measured by the timer unit. With a predictor,
The setting unit
The server device according to claim 1, wherein the time range at the predetermined time is set based on the deviation predicted by the prediction unit. The setting unit
3. The time range is set by narrowing the time range when the set time range is expanded with the passage of time and the terminal unit is permitted to log in by the authentication unit. Server device. The setting unit
The server device according to any one of claims 1 to 3, wherein the time range is set based on a plurality of the time information acquired from the plurality of terminal devices permitted to log in. An access key supply device for supplying an access key to the terminal device;
A server device according to any one of claims 1 to 4, and
The access key supply device includes:
A superimposing unit that superimposes information defining an access key used to log in to the server device on an acoustic signal using an acoustic watermark;
A sound emission control unit that emits a sound indicated by an acoustic signal on which information defining the access key is superimposed by the superimposing unit;
The access request acquisition unit acquires the access key and the time information from the terminal device that has acquired an acoustic signal indicating a sound emitted by the control of the sound emission control unit. .