JP2014194714A - Portable key medium, computer, and security system including the medium and the computer - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a portable key medium having excellent handleability while retaining high security strength, and a computer, and a security system including the portable key medium and the computer.SOLUTION: A portable key medium 12 for releasing a function lock restricting a part or all of functions of a computer 20 includes function lock release radio signal processing means 14 that wirelessly transmits to the computer 20 a function lock release signal for releasing the function lock. The portable key medium 12 releases the function lock on the basis of reception of the function lock release signal 14 in the computer 20. Consequently, the portable key medium 12 having excellent handleability while retaining the high security strength is provided.

Description

  The present invention relates to a portable key medium, a computer, and a security system including the portable key medium and the computer.

  Conventionally, in a computer such as a personal computer, in order to prohibit the use by a person other than a predetermined computer operator, a part of or all of the functions of the computer is locked and a specific key program or There are known security systems that release the password only when it is used. Such a security system is a particularly important technology in companies that handle various types of secret information such as customer personal information and technical information.

  As an example of a computer using such a security system, Patent Document 1 discloses an MBR (master boot recorder), user data, and a personal computer in a user area of an internal HDD (hard disk) encrypted in the computer. The OS is stored, and user data is encrypted and stored in the user area of the external HDD. In the system area of the external HDD, a pre-startup authentication application (hereinafter referred to as PBA) is stored as a security application. When authentication by this PBA application is successful, reading of the encrypted data of the built-in HDD is performed. / It is described that writing is possible (in particular, see paragraphs 0029 and 0030 of Patent Document 1).

  That is, in the computer of Patent Document 1, data including the OS in the HDD can be decrypted and used with the authentication by the PBA application in the system area of the external HDD as a key.

  In recent years, a key program is stored in an external storage medium such as a specific SD card or a USB (Universal Serial Bus) memory in order to release the lock by various lock methods such as encryption of the HDD, A method of attaching an external storage medium to a computer, authenticating with a program inside the computer, and releasing the lock when successful is becoming widespread. If such a portable external storage medium is used as a key for releasing the function lock of the computer, the person who can use the computer can use the external storage medium with less labor than when a password is used for unlocking the lock. It will be limited to a specific person. Therefore, especially when you need to lock the function of the computer, such as when you leave your desk for a short time during work, you can save time and effort to enter the password to unlock the function. This also prevents a decrease in business efficiency.

JP 2009-18310 A

  However, as described above, the external storage medium used as the key for unlocking the function of the computer is, for example, a small medium such as a USB memory or an SD memory card, and after the computer operator leaves the seat, When returning to the seat, it is necessary to insert and remove the medium from the computer one by one from the viewpoint of ensuring security. Therefore, the computer operator is required to perform troublesome work of inserting and removing a troublesome medium every time he leaves the computer even for a short time. Therefore, it can be considered that it is possible to neglect the operation of inserting / removing the medium if there is a short time, and this may be a security defect. Also, even if you need to remove the media from your computer, such as when you leave your seat or after the end of work, as described above, you may forget this, which would be a fatal security flaw. It might be. Furthermore, it is conceivable that the USB memory and the SD card are frequently attached to and detached from the computer, thereby damaging the physical interface of the computer and shortening its life.

  In particular, in mobile terminals such as so-called netbooks and smartphones that are rapidly spreading as a kind of computer in recent years, because the terminal itself is designed to be small, there are cases where the USB interface itself is not provided. Many SD cards cannot be installed. Even if an SD card (or a micro SD card) can be mounted, this is basically not intended for frequent insertion / removal from the terminal, and therefore frequent insertion / removal of the recording medium is not possible. If it does, the problem of the damage of the said physical interface will become more obvious.

  The present invention has been made in view of such circumstances, and an object of the present invention is to provide a portable key medium and a computer excellent in handling while maintaining high security strength, and the portable medium and the computer. Is to provide a secure security system.

  A portable key medium according to claim 1 for solving the above-mentioned problem is a portable key medium for releasing a function lock that restricts part or all of the functions of a computer, and releases the function lock. A function unlocking wireless signal processing means for transmitting a signal to the computer wirelessly is provided, and the function locking is released based on reception of the function unlocking signal in the computer.

  In the portable key medium according to the present invention, the function lock release signal is wirelessly transmitted to the computer by the function lock release radio signal processing means, and the function lock is released based on the reception of the function lock release signal in the computer. That is, since the release of the function lock of the computer is performed by wireless communication between the computer and the portable key medium, an external device such as a USB memory or an SD card, which has been conventionally performed for the release of the function lock, is performed. Work such as insertion and removal of the key medium can be omitted. Accordingly, there is no problem such as a decrease in security strength due to forgetting to insert / remove the above-mentioned external medium or damage to the physical interface. Therefore, a portable key medium that maintains the security strength and is excellent in handleability is provided. The Rukoto.

  In particular, since the release of the function lock is triggered by wireless signal transmission, the computer operator simply has a portable key medium having the function lock release radio signal processing means. Since it is possible to perform the unlocking without being aware of special operations for unlocking during use, it is not necessary to insert and remove the key medium every time the user leaves the seat. This can prevent harmful effects.

  Moreover, in this invention, it has a mounting tool with which it wears to the body or clothes of those who operate the said computer, and it is preferable that the said function lock release radio | wireless signal processing means is integrated in the said mounting tool. As a result, unlike a conventional lock release using a USB memory or an SD card as a key medium, a key that can be used to unlock the function of the computer is integrated with the computer operator wearing this wearing tool. Therefore, it is possible to reliably prevent the key medium from being lost. As a result, it is possible to prevent a situation in which the key medium is lost and the computer is used by a third party, which contributes to the realization of high security.

  In addition, it is preferable that the said mounting tool is comprised as an accessory worn on an operator's body. As a result, the operator always has the function unlocking wireless signal processing means for unlocking the function lock of the computer as if wearing accessories such as accessories. It always has a key for unlocking the function lock of the computer with a sense that is not different, which can reduce the burden on the operator related to the management of the key and more reliably prevent its loss. In particular, by adopting highly decorative accessories as accessories, it is possible to give the operator an incentive to wear it, and the spread of the portable key medium according to the present invention is promoted.

  In the present invention, the signal related to the release of the function unlock radio signal processing means includes identification information for identifying one or more specific computers, and the release of the function lock is specified by the identification information. It is preferable to carry out for a computer to be executed. Thereby, it is possible to reliably associate the function unlock radio signal processing means with one or a plurality of computers capable of function unlock. That is, for example, in the business, only the computer defined for each business worker can be used reliably, which contributes to the construction of a strictly managed security system.

  Further, in the present invention, it is preferable that a radio for near field communication is used as the radio for transmitting the signal. Here, the radio for short-range communication means a radio that enables communication at a distance of several mm to several m. For example, Bluetooth (IEEE802.15.1, registered trademark), UWB ( IEEE 802.15.13a) and ZigBee (IEEE 802.15.4) and the like.

  As a result, transmission / reception of the wireless signal for releasing the function lock of the computer can be substantially performed between the operator of the computer and the computer. The possibility of eavesdropping can be reduced, and the security strength can be further increased.

  In particular, the short-range radio may have a signal reachable range in which a person who operates the computer can transmit and / or receive the signal only with the computer when operating the computer. preferable. Thereby, it can restrict | limit so that the said communication can be performed only between an operator and a computer more reliably.

  On the other hand, in the short-range radio, in the short-range radio, the person who operates the computer moves the function unlocking radio signal processing means closer to the signal transmission / reception unit provided in the computer, thereby transmitting the signal. You may make it have the signal reachable distance which becomes possible. In this case, the operator can release the function lock without requiring a complicated operation only by bringing the function lock release wireless signal processing means closer to the communication means of the computer. As such a short-range radio, for example, those defined by standards such as Felica (registered trademark), MIFARE (ISO / LEC 14443), and ISO / IEC 18092 are used.

  Furthermore, as a computer that transmits and receives signals to and from the portable key medium according to the present invention, for example, a desktop personal computer generally assumed to be used in a stationary state, a portable personal computer such as a tablet PC or PDA, or Mobile terminals such as mobile phones and smartphones.

  In this specification and the like, “smart phone” means a multifunctional mobile phone, a PHS (Personal Handy-phone System), or the like.

  On the other hand, one type of function lock according to the present invention is an input operation lock that restricts an input operation of a computer. The input operation lock is, for example, a software configuration in which a control device inside the computer ignores or completely blocks a signal related to input by an input means such as a keyboard, a mouse, a keypad, and / or a touch panel. Refers to the hardware configuration.

  Thus, by adopting a computer function lock that restricts input operations, unauthorized use of a computer by a third party other than the operator can be effectively prevented.

  Further, as a function lock mode of the computer according to the present invention, an operation system activation lock for restricting activation of the operation system installed in the computer may be used. Here, the operation system activation lock is, for example, encrypting an area where the operation system is installed in the computer. The function lock may be a storage device access lock that restricts access to a storage device that stores system data in the computer.

  Furthermore, the present invention provides a signal transmission / reception unit that receives a wireless signal for releasing the function lock from the portable medium according to the present invention, a function lock unit that performs the function lock, and a signal transmission / reception unit. There is provided a computer comprising function lock releasing means for releasing the function lock based on the transmission of the signal.

  In particular, the function lock means preferably performs the function lock again when reception of the signal in the signal receiving unit is interrupted in a state where the function lock is released. Thus, for example, even when a computer operator having a function unlocking wireless signal processing means needs to lock the function again such as temporarily or for a long time, the operator is particularly conscious. Without leaving the computer, the signal reception at the signal receiving unit is blocked, and the computer is automatically locked without any special operation. Therefore, forgetting to lock the computer is surely prevented, and the security strength is further increased.

  Moreover, this invention provides the security system provided with the portable medium and computer which concern on this invention mentioned above.

  According to the present invention, the function lock release signal is wirelessly transmitted to the computer by the function lock release radio signal processing means, and the function lock is released based on the reception of the function lock release signal in the computer. That is, since the release of the function lock of the computer is performed by wireless communication between the computer and the portable key medium, an external device such as a USB memory or an SD card, which has been conventionally performed for the release of the function lock, is performed. Work such as insertion and removal of the key medium can be omitted. Accordingly, there is no problem such as a decrease in security strength due to forgetting to insert / remove the above-mentioned external medium or damage to the physical interface. Therefore, a portable key medium that maintains the security strength and is excellent in handleability is provided. The Rukoto.

  In particular, since the release of the function lock is triggered by wireless signal transmission, the computer operator simply has a portable key medium having the function lock release radio signal processing means. Since it is possible to perform the unlocking without being aware of special operations for unlocking during use, it is not necessary to insert and remove the key medium every time the user leaves the seat. This can prevent harmful effects.

  That is, it is easy for a computer operator to handle, and high security is maintained, so that it is expected to be widely spread and contributes to the construction of a strong security system in companies and the like.

It is a figure explaining the structure of the security system concerning this Embodiment. It is a figure which shows roughly the structure of a Bluetooth transmitter / receiver. It is a block diagram showing typically the composition of a Bluetooth transceiver. It is a block diagram showing typically the composition of a smart phone. It is a flowchart explaining the process of the security system which concerns on this Embodiment.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. FIG. 1 is a diagram for explaining the configuration of a security system 1 according to an embodiment of the present invention. As shown in the figure, the security system 1 has a smartphone 20 as a computer, and an unlocking necklace 10 as a portable key medium that releases a function lock that restricts some or all of the functions of the smartphone 20. Yes.

  The unlocking necklace 10 has an annular string portion 10a that can be opened and closed at the portion of the fastener 12 as a wearing tool, so that a person operating the smartphone 20 can hang from the neck. It has been done.

  And in this Embodiment, Bluetooth transmission / reception which can make the smart phone 20 transmit the function lock cancellation | release signal which concerns on the cancellation | release of the function lock to a part of cyclic | annular string part 10a of this necklace 10 for lock release. A machine (function unlocking radio signal processing means) 14 is provided.

  That is, in the present embodiment, if a person who owns / operates the smartphone 20 wears the lock release necklace 10 and carries the smartphone 20, the smartphone 20 and the Bluetooth transceiver 14 are almost automatically connected. Processing for unlocking the function will be performed based on the communication between them, and the operator himself / herself can activate the smartphone 20 without specially mounting an external medium or performing complicated operations. .

  The configuration of the Bluetooth transceiver 14 and the details of the function lock mechanism for the smartphone 20 will be described below.

  FIG. 2 is a diagram for explaining the schematic configuration of the external appearance of the Bluetooth transceiver 14, and FIG. 3 is a block diagram for explaining the internal configuration thereof. Here, “Bluetooth” is one of the standards for short-range wireless communication of digital devices, and can communicate at a distance of several meters to several tens of meters using 2.4 GHz radio waves. It is. In particular, in this embodiment, communication is possible only at a distance of 10 m or less, preferably 3 m or less, more preferably 2 m or less or 1 m or less. As shown in the figure, the Bluetooth transceiver 14 transmits a radio signal to the smartphone 20 and receives a radio signal from the smartphone 20; a battery 32 that supplies power for communication; It has a setting switch 34 for switching the transmission / reception state and the disconnection state, and a reception state notification lamp 36 that is turned on / off according to the signal transmission / reception state, and further, the signal from the smartphone 20 received by the signal transmission / reception unit 30 Based on the (first signal), the authentication unit 37 for authenticating the smartphone 20 is provided. This first signal includes information for identifying the individual smartphone 20. As this identification information, for example, the MAC address of the smartphone 20, unique ID information attached to a so-called SIM (Subscriber Identity Module) card attached to the smartphone 20, or the global IP address of the smartphone 20 can be used.

  The signal transmission / reception unit 30 has a function of a so-called receiver and transmitter, and can transmit and receive a signal having a frequency of 2.4 GHz band used in the above-described Bluetooth. Things can be used. In the present embodiment, the signal transmission / reception unit 30 transmits / receives a signal such as the first signal to / from the smartphone 20. As the battery 32, any known primary battery or secondary battery can be used, but a lithium battery or a lithium ion battery particularly suitable for downsizing is preferable.

  Further, by using a secondary battery such as a lithium ion secondary battery, charging becomes possible, and convenience is further improved. Furthermore, the sealing property can be enhanced with a rubber packing or the like from the viewpoint of improving the waterproof property or the like in the portion for storing the battery.

  The setting switch 34 is provided so that the power can be turned off for the purpose of, for example, preventing the battery from being consumed when the Bluetooth transceiver 14 is not used. By turning on / off the switch with a switch, at least the conduction state to the signal transmitting / receiving unit 30 can be switched on / off.

  The reception status notification lamp 36 is provided so that a user of the Bluetooth transceiver 14 can grasp the signal transmission / reception state in the signal transmission / reception unit 30 at a glance. On, flashing, color change, or extinguishing is performed based on a detection result of a detection unit (not shown) that detects the above. For example, when the signal transmission / reception in the signal transmitting / receiving unit 30 is detected by the detecting means (that is, when normal communication is performed), the signal is lit in green, and when the communication state is unstable, the signal is green. Blinking in red, when the communication state is poor, blinking in red, and when communication is completely interrupted, it can be illuminated in red. Note that various notification means such as a speaker for notification may be configured instead of the reception state notification lamp 36 as long as the communication state can be notified.

  The authentication means 37 authenticates whether the identification information is valid based on the identification information included in the first signal transmitted from the corresponding smartphone, that is, the smartphone 20 that is the target for releasing the function lock. Is. The authentication unit 37 includes an identification information storage unit 37a that stores in advance identification information of a smartphone that is a target for releasing the function lock, and an authentication success signal (second signal) or an authentication failure signal (based on the suitability of the authentication result). Authentication signal generating means 37b for generating a third signal). In the present embodiment, if the identification information included in the first signal received from the smartphone 20 matches the identification information of the smartphone stored in the identification information storage unit 37a, it is determined that the authentication has succeeded. Authentication is determined to have failed.

  FIG. 4 is a block diagram illustrating the internal configuration of the smartphone 20 used in the present embodiment. The smartphone 20 has various hardware and software for realizing a connection function to a network, a call function as a mobile phone, and the like in the same manner as a generally known smartphone. In the embodiment, only the structure of the important part in the present invention will be described.

  In the present embodiment, the smartphone 20 performs a predetermined process on the system area 40, which is an area in which various programs such as an OS for causing the function of the smartphone 20 to be stored, and the smartphone 20 is subjected to predetermined processing. A function lock unit 41 that restricts the function of the smartphone, a function lock release unit 42 that releases the function restriction of the smartphone 20, and a signal transmission / reception unit that transmits and receives signals such as the first signal to and from the Bluetooth transceiver 14 43 and error notification means 44. In the present embodiment, in a state where communication related to unlocking is not performed with the Bluetooth transceiver 14, the function lock unit 41 always locks the function of the smartphone 20. When the signal transmission / reception unit 43 receives the authentication success signal, the function lock releasing means 42 releases the function lock based on the signal.

  Various methods can be considered for the mode of function lock by the function lock means 41. For example, a so-called dial lock that does not accept an input operation to the input means to the smartphone 20 of the operator may be used, or the system area 40 (area where the OS is stored) of the smartphone 20 is encrypted and the function lock is performed. When the function lock is released by the release means 42, the area can be decrypted.

  Similarly to the signal transmitter / receiver 30, the signal transmitter / receiver 43 has functions of a receiver and a transmitter, and is capable of transmitting and receiving a 2.4 GHz band frequency signal used in the above-described Bluetooth. The first signal, the authentication success signal (second signal), or the authentication failure signal (third signal) are transmitted and received.

  Further, the error notification means 44 notifies the operator of an error based on the reception of the authentication failure signal by the signal transmission / reception unit 43. For example, various error notification modes such as an error message display on the display of the smartphone 20 and an error notification sound output by a sound output means such as a speaker can be applied.

  Hereinafter, processing related to unlocking using the Bluetooth transceiver 14 and the smartphone 20 in the security system 1 having the above-described configurations will be described.

  FIG. 5 is a flowchart for explaining the communication between the Bluetooth transceiver 14 and the smartphone 20 when the function lock of the smartphone 20 is released and the lock is performed again.

  In step S101, in this embodiment, an operator wearing the unlocking necklace 10 to which the signal transmitting / receiving unit 30 of the Bluetooth transmitter / receiver 14 is attached can transmit / receive a signal to / from the smartphone 20 (this embodiment In the form, the transmission / reception of the signal is performed between the signal transmitting / receiving unit 30 of the Bluetooth transmitter / receiver 14 and the signal transmitting / receiving unit 43 of the smartphone 20. Specifically, first, the signal transmitter / receiver 30 of the Bluetooth transmitter / receiver 14 receives the first signal transmitted from the signal transmitter / receiver 43 of the smartphone 20. When the first signal cannot be received or when the reception state is weak, processing is performed in which the reception state notification lamp 36 is lit red or blinks as described above. Further, when the first signal is normally received, a process for lighting the reception state notification lamp 36 in green is performed.

  In step S <b> 102, the Bluetooth transceiver 14 performs authentication by the authentication unit 37 based on the received first signal. Specifically, the identification information included in the first signal is analyzed, and compared with the identification information stored in the storage unit 37a to confirm the match / mismatch. As a result of the comparison of the identification information, if they match, authentication succeeds, and if they do not match, authentication fails.

  Hereinafter, when the authentication is successful, the processes of steps S103 to S106 are performed, and when the authentication is unsuccessful, the processes of steps S′103 to S′104 are performed. These will be described.

  If the authentication is successful, an authentication success signal (hereinafter referred to as a second signal) is generated by the authentication means 37 in step S103, and the second signal is transmitted to the smartphone 20 by the signal transmission / reception unit 30. .

  In step S <b> 104, the second signal is received by the function lock unit 41 via the signal transmission / reception unit 43 of the smartphone 20.

  Furthermore, in step S <b> 105, the function lock unit 41 that has received the second signal releases the lock performed on the smartphone system area 43. That is, the smartphone system area 43 is decrypted. Therefore, since the smartphone system area 43 can be used, a program for exhibiting various functions including the activation sequence program of the smartphone 20 can be used. That is, the smartphone 20 is unlocked.

  As is clear from the description of steps S101 to S105, the operator of the smartphone 20 does not perform any particular operation in the process of releasing the function lock of the smartphone 20. In particular, in these processes, the distance between the Bluetooth transceiver 14 incorporated in the unlocking necklace 10 worn by the operator and the smartphone 20 is within a certain range (about 1 m in this embodiment). Since it is performed automatically, the operator does not consciously perform the operation for unlocking, but rather at first glance clearly recognizes whether the security lock itself was applied. A simple unlocking process is realized to the extent that it cannot be obtained.

  Next, the case where it is necessary to lock the function of the smartphone 20 again, such as when the operator of the smartphone 20 leaves the smartphone 20, will be described.

  First, in step S106, when the operator leaves the smartphone 20 until it is outside the reachable range of the signal by Bluetooth, and the signal transmitting / receiving unit 43 of the smartphone 20 does not detect the signal, the signal transmitting / receiving unit 43 receives the signal. The signal disconnection information indicating the disconnection is transmitted to the function lock means 41.

  In step S <b> 107, the function lock unit 41 performs a process of encrypting the smartphone system area 43 when receiving the signal disconnection information. Thereby, almost all the functions of the smartphone 20 are restricted.

  According to the processing in step S <b> 105 and step S <b> 106, even when the operator needs to lock the function of the smartphone 20 by leaving the smartphone 20, the operator just leaves the smartphone 20 without being particularly conscious. As a result, the signal transmission / reception unit 43 detects a signal interruption, and the smartphone 20 is automatically function-locked. Accordingly, since the situation of forgetting to lock the function on the smartphone 20 as in the past cannot occur, the security strength is further increased.

  In particular, in the case of a portable terminal such as the smartphone 20, even if the smartphone 20 is accidentally dropped or lost, the unlocking necklace worn by the operator Since the function lock cannot be released without the Bluetooth transmitter / receiver 14 incorporated in the mobile phone 10, an unauthorized operation by a third party who has found the smartphone 20 can be reliably prevented.

  On the other hand, when the authentication by the authentication means 37 in step S102 fails, an authentication failure signal (hereinafter referred to as a third signal) is generated by the authentication means 37 in step S103 ′, and the third signal is The signal is transmitted to the smartphone 20 by the signal transmission / reception unit 30.

  In step S104 ′, when the signal transmission / reception unit 43 of the smartphone 20 receives the third signal, the signal is transmitted to the error notification unit 44, and the error notification unit 44 performs error notification. In addition, as a specific mode of error notification, for example, on the display of the smartphone 20, it may be possible to display that the authentication has failed and the use of the smartphone 20 cannot be permitted. Instead of or together with this, a predetermined sound such as a warning sound may be emitted via a speaker (not shown) of the smartphone 20. Any method known to those skilled in the art can be used for the processing related to error notification.

  Referring to each of the above steps, since the function lock of the smartphone 20 is not released unless the authentication by the authentication means 37 is successful, the Bluetooth transmitter / receiver 14 and the smartphone 20 capable of releasing the function lock are provided. It is understood that the association is performed reliably. Therefore, for example, when each employee (business worker) uses the smartphone 20 in business, it becomes possible to ensure that only the smartphone 20 defined for each employee can be used. It will contribute to the construction of a security system managed by

  As described above, according to the present embodiment, the operator of the smartphone 20 can use the unlocked necklace 10 to perform a special operation or insertion / removal of a storage medium such as a USB memory or an SD card as in the past. The operation lock of the smartphone 20 can be released without performing it. In particular, in this embodiment, the operator who wears the unlocking necklace 10 to which the Bluetooth transmitter / receiver 14 is attached is not particularly aware of the smartphone 20 and simply operates the smartphone 20 by holding it. 20 locks are released. Therefore, while maintaining the strength of security for the smartphone 20, it is possible to obtain an extremely good security configuration excellent in handling that does not require a complicated operation for unlocking the operation lock for the operator.

  In addition, the unlocking necklace 10 incorporating the Bluetooth transmitter / receiver 14 which is a substantial key for unlocking the function of the smartphone 20 is used when, for example, it is necessary to use the smartphone 20 during work. By making the operator always wear it, the situation can be almost certainly prevented so that the operator accidentally loses the Bluetooth transceiver 14. In particular, by increasing the decorativeness of the necklace 10 as an accessory, an incentive to wear the smartphone 20 is given to the operator of the smartphone 20 and the spread of the necklace 10 is promoted.

  As a result, for example, a security system in which a conventional SD card or the like has a lock release function, the terminal is lost while being inserted in the terminal, and the terminal is illegally operated by a third party. Can be eliminated.

  Furthermore, even if the smartphone 20 itself is lost, the smartphone 20 is locked in function, and the unlocking necklace 10 worn by the operator is necessary to release it. Since the third party who has found this cannot activate the smartphone 20, extremely high security is realized. Here, in particular, the function lock mode is a key by using a highly secure encryption method such as a common key encryption such as AES or a public key encryption such as RSA as a method related to the encryption of the system area 40. Since it becomes difficult to release the function lock without using the necklace 10, the security strength is further improved.

  Further, as described above, if the unlocking necklace 10 according to the present embodiment is used, an operation for inserting / removing the smartphone 20 as in the case of an authentication medium such as a conventional SD card is not required, and therefore the microSD card of the smartphone 20 is not required. Damage to the physical interface such as the insertion slot is also prevented.

  In addition, this invention is not limited to the said embodiment, A various change is possible within the range of the summary of invention. For example, in the above embodiment, the smartphone 20 is used as the computer according to the present invention. However, the present invention is not limited to this. For example, a tablet PC, a feature phone (also called a Galapagos mobile phone), a laptop computer, or the like May be a mobile terminal.

  In the above-described embodiment, the case where Bluetooth is used as a wireless communication standard has been described, but the wireless communication standard is not limited to this. For example, other wireless standards as defined by IEEE (The Institute of Electrical and Electronics Engineers) 802.11 or the like can be used. However, the wireless standard to be adopted is a frequency far from the frequency often used in wireless communication such as wifi (Wireless Fidelity) and 3G (3rd generation mobile communication system) in order to avoid signal interference. It is preferable that

  In addition, the communicable distance for wireless communication is preferably within a certain range. In particular, the lockable state may be released by making the communicable distance a considerable short distance, for example, 1 cm or less, and bringing the wireless transmitter 14 into direct contact with the signal transmission / reception unit 43 of the terminal.

  Furthermore, in the said embodiment, the Bluetooth transmitter / receiver 14 receives the 1st signal emitted from the smart phone 20 grade | etc., And the smart phone 20 grade | etc., Receives the 2nd signal emitted from the Bluetooth transceiver 14 after that. For example, a signal for authentication may be transmitted / received. For example, a signal may first be transmitted from the Bluetooth transceiver 14 side to the smartphone 20 or the like, and the smartphone 20 may perform the above authentication based on this signal. .

  The operation lock method is not limited to the method of encrypting the area in which the OS is stored. For example, a method of not accepting an operation to the input means of the terminal such as a so-called dial lock may be used. good. Furthermore, it is not limited to the lock that disables all the functions of the terminal. For example, a lock may be applied so that only a specific application or data is disabled.

  Further, in each of the above embodiments, the case where a necklace is used as an attachment device has been described. However, the present invention is not limited to this, and for example, an attachment attached directly to another body such as a bracelet, a ring, a pierced earring, or a wristwatch. Operators such as equipment, or wearables that are worn indirectly on the body through clothes such as name tags, armbands, etc. You may make it incorporate the function of the said receiver 14 into the thing which is assumed to always have when engaging in operation of the computer 20. FIG. On the other hand, the material and size of the mounting tool such as the unlocking necklace 10 can be suitably determined as long as the mounting of the receiver 14 and the communication with the computer 20 thereby are not hindered. Further, the wearing device such as the unlocking necklace 10 may be provided with a jewelry such as a jewelry or a precious metal other than the receiver 14, and the annular string portion 12a is made of a soft magnetic material to eliminate stiff shoulders. You may make it give the effect | action of these. As a result, the incentive to wear the wearing tool is improved, and the spread of the portable medium according to the present invention is further promoted.

  Further, an external storage medium such as an SD card or a USB memory in which another function lock means for restricting a part or all of the functions of the computer 20 may be used in the security system according to the above embodiment. As a result, the Bluetooth transceiver 14 can be put in a state where a double function lock is applied to the computer 20 using the computer 20 and the external storage medium. In this case, for example, when the operator temporarily leaves the computer 20 during work in which the computer 20 is intermittently used, the external storage medium is attached to the computer 20 (that is, the external storage is stored in the computer 20). Even when the function lock by the medium is released), the function lock (the above step S105 and step S106) due to the disconnection of communication between the receiver 14 and the computer 20 is performed, so that security is maintained. It is.

  Further, when it is not necessary to use the computer 20 for a long time such as when the operator finishes the work, the external storage medium is removed from the computer 20 (that is, the computer 20 has a function of the external storage medium). On the other hand, when the setting switch 34 of the receiver 14 is turned off, the function lock by the external storage medium and the function lock by the disconnection of the communication are doubled. The property is greatly improved.

  Furthermore, in the present embodiment, one smartphone 20 is associated as a computer that can be unlocked by using the necklace 10 as a portable key medium. However, the present invention is not limited to this, and, for example, one portable type A function lock may be released for a plurality of computers using a key medium. Thus, for example, the function lock of the terminal in the same LAN can be released by using one portable key medium, and this can be used. By sharing, it is possible to increase the utilization efficiency of data and the like in each terminal while ensuring minimum security.

  Moreover, in this Embodiment, if the distance between the necklace 10 as a portable key medium and the smart phone 20 is in a certain range within which communication is possible, the function lock of the smart phone 20 is almost automatically released. However, the present invention is not limited to this, and in order to release the function lock, for example, a predetermined operation such as pressing a button after the distance between the necklace 10 and the smartphone 20 is within a certain range is required. You may do it. This prevents an operator of the smartphone 20 from wearing the necklace 10 and unintentionally entering the communicable distance between the smartphone 20 and the necklace 10 and releasing the function lock. Can do. In particular, an operation unit such as a button for releasing the function lock may be provided on either or both of the portable medium and the computer.

1 Security System 10 Necklace (Portable Key Medium)
10a Annular string part (wearing equipment, jewelry)
12 Fasteners (wearing equipment, jewelry)
14 Bluetooth transceiver 14 (function lock release radio signal processing means)
20 Smartphone (computer)
30 Signal transmitter / receiver (signal transmitter)
37 Authentication means 40 System area 41 Function lock means 42 Function lock release means 43 Signal transmission / reception unit (signal reception unit)

Claims (14)

A portable key medium that releases a function lock that restricts some or all of the functions of a computer,
A function unlocking wireless signal processing means for wirelessly transmitting a function unlocking signal for releasing the function lock to the computer;
A portable key medium, wherein the function lock is released based on reception of the function lock release signal in the computer. A wearer to be worn on the body or clothes of a person who operates the computer;
The portable key medium according to claim 1, wherein the function unlocking wireless signal processing means is incorporated in the wearing tool.   The portable key medium according to claim 1, wherein the wearing tool is configured as an accessory to be worn on an operator's body. The signal related to the release of the function unlocking wireless signal processing means includes identification information for identifying one or more specific computers,
The portable key medium according to any one of claims 1 to 3, wherein the release of the function lock is performed on a computer specified by the identification information.   The portable key medium according to any one of claims 1 to 4, wherein a radio for short-range communication is used as the radio for transmitting the signal.   The portable key medium according to claim 1, wherein the computer is a desktop personal computer.   The portable key medium according to claim 1, wherein the computer is a portable personal computer or a mobile terminal.   The portable key medium according to claim 7, wherein the computer is a smartphone.   The portable key medium according to any one of claims 1 to 8, wherein the function lock is an input operation lock that restricts an input operation of the computer.   The portable key medium according to claim 1, wherein the function lock is an operation system activation lock that restricts activation of an operation system installed in the computer.   The portable key medium according to any one of claims 1 to 10, wherein the function lock is a storage device access lock that blocks access to a storage device storing system data in the computer. A signal receiving unit that receives a wireless signal for releasing the function lock from the portable medium according to any one of claims 1 to 11,
A function lock means for performing the function lock;
A function unlocking means for releasing the function lock based on the transmission of the signal in the signal transmitting and receiving unit;
A computer comprising:   13. The computer according to claim 12, wherein the function lock unit performs the function lock again when reception of the signal in the signal receiving unit is interrupted while the function lock is released.   A security system comprising the portable key medium according to any one of claims 1 to 13 and the computer according to claim 12 or 13.

Images