JP2014214477A - Entering/leaving management system, control method for entering/leaving management system, and computer apparatus for entering/leaving management system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an entering/leaving management system capable of keeping security and improving convenience even when entering/leaving with so-called tailgating is performed.SOLUTION: Readers 10, 11 are provided inside and outside a room 2. A server 200 includes a server control unit 201 which: determines whether to open or close a door on the basis of an entering/leaving direction acquired by an entering/leaving direction acquisition unit 203, an entering/leaving state stored in an entering/leaving state storage unit 204, and a user presence position estimated by a user presence position estimation unit 205; and outputs a control signal according to a determination result to a lock mechanism 5. Even when an entering/leaving direction does not correspond to a managed entering/leaving state because entering/leaving with tailgating is performed, the entering/leaving is permitted on the basis of an estimated entering/leaving state.

Description

  The present invention relates to an entrance / exit management system, a control method for an entrance / exit management system, and a computer device for the entrance / exit management system.

  An entrance / exit management system that compares authentication information received from a mobile terminal with authentication information stored in advance and unlocks the door lock when the two match each other has been conventionally known. Furthermore, in order to improve security, a system including an anti-passback function that stores an entry / exit history of a user and causes an error unless entry and exit are alternately repeated is also disclosed (Patent Document 1). .

JP 2006-161473 A

  In a conventional entrance / exit management system having an anti-passback function, a user cannot exit without entering the room, and cannot enter the room without exiting. However, in order for the anti-passback function to work effectively, each user needs to securely perform personal authentication at the time of entering and leaving the room.

  However, when a phenomenon called so-called sharing occurs, the entry / exit state managed by the entry / exit management system is different from the current state, which causes a problem that errors frequently occur. Co-payment means that when a user A authenticates and unlocks a door, another user B enters or leaves the room together without performing authentication.

  If another user B passes through the door due to sharing, the location information of the user B managed by the entrance / exit management system does not match the actual location information of the user B, resulting in inconsistency. Thereafter, when the user B tries to enter or leave the room, the anti-passback function operates, and an error occurs and the door cannot be opened. In this case, for example, the user B contacts the administrator of the entrance / exit management system and has the door opened by remote operation.

  The present invention has been made in view of the above-mentioned problems, and its purpose is to enable entry / exit management system, entry / exit management system control method, and entrance / exit management that can improve usability even when so-called companion occurs. It is to provide a computer device for a system.

  In order to solve the above problems, an entrance / exit management system according to the present invention is an entrance / exit management system for managing entrance / exit into a room, and has acquired a lock mechanism unit that locks a door that opens and closes the entrance / exit of the room. A user location estimation unit that estimates whether the user is located inside or outside the room based on the user's location information, and an entry / exit direction that indicates whether the user is entering or leaving the room The user authentication based on the authentication information acquired by the authentication information acquisition unit, the authentication information acquisition unit that can acquire the authentication information from the user when entering and leaving the room of the user And an entry / exit state detected based on the entry / exit direction acquired by the entry / exit direction acquisition unit, and whether the user has entered the room or has left the room. The entrance / exit state storage unit that stores the entrance / exit state indicating whether or not the user is registered as the registered entrance / exit state, the result of user authentication by the authentication unit, the entrance / exit direction acquired by the entrance / exit direction acquisition unit, and the entrance / exit state storage A control unit that determines whether the door should be opened or closed based on the entry / exit state stored in the unit and the user location estimated by the user location estimation unit, and outputs a control signal according to the determination result to the lock mechanism unit; .

  When the result of the user authentication by the authentication unit is successful, the control unit matches the user's current entrance / exit state detected based on the entrance / exit direction acquired by the entrance / exit direction acquisition unit and the registered entrance / exit state. If it is determined that the current entry / exit state matches the registered entry / exit state, an unlock signal is output to the lock mechanism, and the current entry / exit state does not match the registered entry / exit state. Is determined, it is determined whether the estimated entrance / exit state detected from the user location estimated by the user location estimation unit matches the registered entrance / exit state, and the estimated entrance / exit state and the registered entrance / exit state are When it is determined that they match, an unlocking signal can be output to the lock mechanism.

It is explanatory drawing which shows the outline | summary of the whole structure of an entrance / exit management system. It is a block diagram which shows the apparatus structure of the room of management object. It is a block diagram which shows the structure of the portable terminal which a user possesses. FIG. 5A shows a table configuration example, FIG. 5A shows a table for managing user entry authority, FIG. 5B shows a table for managing a reader for reading authentication information, and FIG. 5C shows each room. The table which manages the entrance state of is shown. 6A shows a table configuration example, FIG. 6A shows a table for managing access points, FIG. 6B shows a table for managing portable terminals, and FIG. 6C shows a table for estimating a user's location. Show. The table which manages the consistency of an entrance direction and an entrance state is shown. It is a flowchart of an entrance / exit process. It is a data flow figure at the time of entrance / exit processing. The example of a screen at the time of authenticating with a portable terminal is shown. It is a flowchart which shows the process which registers the estimated location of the user in a table. It is a flowchart which shows the process which estimates a user's location. It is a data flow figure in the case of estimating a user's location. It is a flowchart which concerns on 2nd Example and shows an entrance / exit process. It is explanatory drawing which concerns on 3rd Example and shows an entrance / exit log. It is explanatory drawing which shows the example of the screen which concerns on 4th Example and manages entrance / exit. It is a flowchart which concerns on 5th Example and shows entrance / exit processing. It is a flowchart which concerns on 6th Example and shows entrance / exit processing. It is explanatory drawing of the structure which concerns on 7th Example and links entrance / exit management and the picked-up image management in a room.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. The entry / exit management system of this embodiment includes an anti-passback function that manages the user's entry / exit state and permits entry / exit only when the direction of entry / exit is consistent with the entry / exit state. For users who have lost their consistency due to so-called sharing, entry / exit is permitted by making a determination based on the estimated location, thereby improving user convenience.

  The entrance / exit management system of the present embodiment can estimate the user's location regardless of the operation at the time of entering / exiting, and determines whether the entrance / exit direction matches the entrance / exit state based on the estimated location To do. This eliminates the need for the user to contact the administrator or the like to unlock the door lock, improving usability.

  FIG. 1 shows a schematic configuration of a building 1 to which an entrance / exit management system is applied and a configuration of a server 200 that manages entrance / exit of the building 1.

  For example, a building 1 requiring security, such as a research facility or an office building, includes a plurality of rooms 2 (1) to 2 (3) and a passage 3. In FIG. 1, only one floor is shown for convenience of explanation, but a multi-storey building may be used. The building 1 only needs to have one or more rooms that are subject to entrance / exit management, and it is not necessary that all rooms in the building 1 are subject to entrance / exit management. It is not necessary for all rooms subject to entry / exit management to be managed at the same level. The entrance / exit management level of a certain room may be lower than the entrance / exit management level of another room.

  The configuration of the room 2 will be described. The room 2 (1) includes a door 4 (1) that opens and closes an entrance, a lock mechanism 5 (1) that locks and unlocks the door 4 (1), an internal reader 10 (1), and an external reader 11 (1). And an access point 12 (1) and a controller 13 (1). The other rooms 2 (2) and 2 (3) have the same configuration. For convenience, numerals with parentheses such as (1), (2), (3), and (n) are attached to the reference numerals of the constituent elements, but the numerals with parentheses are omitted when not particularly distinguished.

  The user holds the mobile terminal 100. The mobile terminal 100 is configured as a mobile phone, a mobile information terminal, a wearable personal computer, or the like, for example. Alternatively, one mobile terminal 100 may be configured from a plurality of hardware, such as an IC card and a mobile phone.

  The readers 11 and 10 have a function of acquiring authentication information (for example, a terminal ID) from a user in a contactless manner. For example, when the user brings the mobile terminal 100 close to the readers 11 and 10, the readers 11 and 10 read authentication information stored in the mobile terminal 100 in a non-contact manner and transmit the read information to the controller 13. The controller 13 transmits the authentication information read by the readers 11 and 10 to the server 200. As a result of the authentication process by the authentication unit 202 of the server 200, when the user is an authorized user and the entry / exit direction matches the entry / exit state, an unlock signal is sent to the lock mechanism 5 and the door 4 Opening and closing is allowed.

  In the room 2, an access point 12 such as a wireless LAN (Local Area Network) is installed. The access point 12 is a device for connecting the mobile terminal 100 to the communication network 300, and is provided, for example, one for each room or one or more in a plurality of rooms.

  The controller 13 is a device for communicating with the server 200. The controller 13 transmits information read by the readers 11 and 10 to the server 200, and gives a control signal received from the server 200 to the lock mechanism 5 as a “lock mechanism unit”.

  The configuration of the server 200 will be described. The server 200 is a computer that executes an entrance / exit management process and the like described later, and can communicate with the controller 13 and the mobile terminal 100 via the communication network 300.

  For example, the server 200 includes a server control unit 201, an authentication unit 202, an entrance / exit direction acquisition unit 203, an entrance / exit state storage unit 204, a user location estimation unit 205, a communication unit 206, a storage unit 207, An input unit 208, an output unit 209, and a display unit 210 are provided.

  The server control unit 201 controls the authentication unit 202, the entrance / exit direction acquisition unit 203, the entrance / exit state storage unit 204, the user location estimation unit 205, the communication unit 206, and the like. The server control unit 201 controls the entry / exit management system, manages the user's entry / exit state, and determines whether the door 4 can be opened or closed.

  The authentication unit 202 performs authentication by receiving authentication information from the server control unit 201 and collating it with authentication information stored in the storage unit 207. The authentication information can include a terminal ID, a user ID, and a password. The entrance / exit management system may be configured to always request a password from the user, or may be configured to acquire only the user ID from the user in normal times and acquire the password from the user only when identity verification is required. As the user ID, for example, a terminal ID set in advance in the mobile terminal 100 used by the user can be used. Furthermore, in some cases, biometric information such as a user's voiceprint, vein pattern, fingerprint, or the like may be used as part or all of the authentication information.

  The authentication unit 202 also receives from the server control unit 201 the room number in which the user to be authenticated is about to enter or leave the room. The authentication unit 202 refers to the user entry authority table T1 (described later with reference to FIG. 4A) stored in the storage unit 207, and the user ID acquired from the server control unit 201 enters the room with the room number. Acquires information on whether or not there is authority.

  The entry / exit direction acquisition unit 203 determines whether the user is entering the room 2 (entrance direction) or whether the user is leaving the room 2 (exit direction) in the reader management table T2 (FIG. 4B). Acquired from below. The entrance / exit direction acquisition unit 203 searches the reader management table T2 based on the reader ID received from the server control unit 201, thereby acquiring the entrance / exit direction.

  The entrance / exit state storage unit 204 manages an entrance / exit state table T3 (described later in FIG. 4C) stored in the storage unit 207. The entry / exit state storage unit 204 writes the user's entry / exit state in the entry / exit state table T3 and reads the user's entry / exit state from the entry / exit state table T3. The entry / exit state stored in the entry / exit state table T3 corresponds to the “registered entry / exit state”.

  The user location estimation unit 205 estimates the location of the user. The server control unit 201 acquires an access point ID that identifies the access point 12 to which the mobile terminal 100 is connected, and refers to the access point management table T4 (described later in FIG. 5A) in the storage unit 207. Thereby, the server control unit 201 identifies the number of the room 2 in which the access point 12 corresponding to the acquired access point ID is installed. Furthermore, the server control unit 201 refers to the mobile terminal management table T5 (described later with reference to FIG. 5B), and acquires the user ID that uses the mobile terminal 100 from the mobile terminal ID of the mobile terminal 100.

  The user location estimation unit 205 receives a room number and a user ID from the server control unit 201. The user location estimation unit 205 associates the user ID with the room number and estimates the location of the user. For example, when a mobile terminal 100 possessed by a certain user is connected to the access point 12 installed in the room number “1”, the user who possesses the mobile terminal 100 enters the room 2 of the room number “1”. It can be estimated that the room has been entered.

  As will be described in detail with reference to FIG. 11, the user location estimation unit 205 determines whether the user who owns the mobile terminal 100 has entered the first threshold Th1 and whether the user who owns the mobile terminal 100 has left the room. The second threshold Th2 for determination is held.

  When the connection state between the mobile terminal 100 and the access point 12 continues for the first threshold or more, the user location estimation unit 205 locates the user who owns the mobile terminal 100 in the room where the access point 12 is installed. Estimated.

  When the elapsed time from the disconnection of the connection between the mobile terminal 100 and the access point 12 exceeds the second threshold, the user location estimation unit 205 possesses the mobile terminal 100 from the room where the access point 12 is installed. It is estimated that the user has left the room.

  For example, the first threshold Th1 can be set shorter than the second threshold Th2 (Th1 <Th2). As one example, the first threshold value Th1 may be set to a value that is about half of the second threshold value Th2. Alternatively, the first threshold Th1 and the second threshold Th2 may be set the same.

  The communication unit 206 communicates with an external device such as the controller 13 via the communication network 300. For example, the communication unit 206 receives a user ID, a password, a portable terminal ID, and the like from the controller 13. The communication unit 206 transmits the authentication result acquired from the authentication unit 202 to the controller 13.

  The storage unit 207 includes, for example, a storage device such as a ROM (Read Only Memory), a RAM (Random Access Memory), and an auxiliary storage device, and stores various data and various computer programs. The storage unit 207 also has a work area for use by the server control unit 201. The storage unit 207 may include at least one of a server built-in memory and a removable external memory. At least a part of the storage unit 207 may be configured as a storage area in a storage system provided outside the server 200.

  The input unit 208 is a device for an administrator to input an instruction or the like to the server 200. The input unit 208 can be configured by any one or more of a pointing device such as a touch panel, a keyboard, and a mouse, a voice input device, a line-of-sight detection device, and a motion detection device, for example.

  The output unit 209 is a device for notifying the administrator of information. Examples of the output unit 209 include a speaker that outputs a voice message at the time of warning, an LED (Light Emitting Diode) that notifies information by lighting or blinking, and the like.

  The display unit 210 notifies the administrator of information by generating and displaying a screen. The display unit 210 includes, for example, a liquid crystal display, an organic EL (ElectroLuminescence) display, and the like, and appropriately creates and displays a predetermined screen. The display unit 210 displays, for example, information on the room 2, the opening / closing state of the lock mechanism 5, the user's entry / exit state, the operating state of the access point 12, the received data such as the connected Internet screen, and the function of the server 200. Display the screens necessary for using.

  With reference to FIG. 2, the apparatus structure of the room 2 is demonstrated. As described in FIG. 1, the lock mechanism 5, the internal reader 10, the external reader 11, the access point 12, and the controller 13 are installed in the room 2. The controller 13 and the access point 12 are connected to the server 200 via the communication network 300. The user's portable terminal 100 is connected to the access point 12.

  The readers 11 and 10 include a proximity wireless communication interface for communicating with the mobile terminal 100, and can perform data communication with the mobile terminal 100 using NFC (Near Field Communication), for example. The readers 11 and 10 transmit and receive, for example, a user ID and password, a portable terminal ID, and the like.

  The readers 11 and 10 also have an interface for communicating with the controller 13. The readers 11 and 10 transmit and receive user IDs, passwords, portable terminal IDs, authentication results, and the like via the communication interface. Furthermore, the readers 11 and 10 also include a notification unit for notifying the user of the authentication result received from the controller 13. The notification unit includes, for example, one or a plurality of LEDs capable of different colors such as a red LED and a blue LED, and notifies the user that the authentication has been successful by lighting in blue, and lights up in red. To notify the user that the authentication has failed.

  The controller 13 includes a communication interface (for example, a LAN interface) for connecting to the communication network 300 in addition to a communication interface with the readers 11 and 10. The controller 13 communicates with the server 200 via the communication network 300 and transmits / receives a user ID, a password, a portable terminal ID, an authentication result, and the like to / from the server 200.

  The controller 13 also has a communication interface with the lock mechanism 5 and outputs a control signal for unlocking and locking the lock mechanism 5 according to the authentication result received from the server 200.

  The lock mechanism 5 includes a communication interface with the controller 13. Depending on the control signal received from the controller 13, it is unlocked or locked.

  The configuration of the mobile terminal 100 will be described with reference to FIG. The mobile terminal 100 includes, for example, a control unit 101, a storage unit 102, a position information acquisition unit 103, a proximity communication unit 104, an input unit 105, an output unit 106, a display unit 107, a communication unit 108, and the like.

  The control unit 101 controls the operation of the mobile terminal 100, and controls the operations of the position information acquisition unit 103, the proximity communication unit 104, the input unit 105, the output unit 106, the display unit 107, and the communication unit 108, Control power consumption.

  The storage unit 102 includes a storage device such as a ROM, a RAM, and an auxiliary storage device, and stores various data and various computer programs. The storage unit 102 also has a work area for use by the control unit 101. The storage unit 102 also stores a mobile terminal ID that is a unique number for identifying the mobile terminal 100. The memory | storage part 102 may be comprised from at least one from the memory incorporated in a portable terminal, or the removable external memory. Further, the mobile terminal 100 may be configured to use a storage area of a storage system provided on the communication network 300 as a part of the storage unit 102.

  The position information acquisition unit 103 acquires the position coordinates of the mobile terminal 100 from the GPS (Global Positioning System) satellite, for example, with latitude and longitude. Instead of this, a configuration in which the position of the mobile terminal 100 is calculated based on the radio wave reception intensity from a plurality of known access points may be used. In this embodiment, the server 200 determines whether the mobile terminal 100 exists inside the room 2 or outside the room 2 based on the connection state between the indoor access point 12 and the mobile terminal 100. To do. If the GPS signal can be stably received in the room 2, it may be estimated whether the mobile terminal 100 exists inside or outside the room 2 using the GPS signal.

  The proximity communication unit 104 transmits / receives information to / from other information devices separated by a distance of several tens of centimeters using, for example, NFC. For example, user ID information stored in the storage unit 102 of the mobile terminal 100, a password input by the user, and the like are transmitted and received.

  The input unit 105 includes, for example, a touch panel, a keyboard, a microphone, and the like, and accepts user input.

  The output unit 106 outputs information notification to the user. For example, it is configured by a speaker that outputs sound when an incoming call is received, and an LED (Light Emitting Diode) that notifies information by blinking / lighting.

The display unit 107 includes, for example, an LCD (Liquid Crystal Display), an organic EL (Electro Luminescence), and the like, and displays images and information. In addition, the display unit 107 displays, for example, a power state,
Signal strength, battery level, server connection status or unread mail status, entered phone number, e-mail address, e-mail transmission document, video and still images, caller's phone number when receiving a call, incoming e-mail document Display of received data such as a connected Internet screen and a screen necessary for using the function of the portable terminal.

  The communication unit 108 exchanges data with other information processing apparatuses. It is also used when exchanging information with the base station, the location server, and the GPS satellite to acquire the position coordinates of the portable terminal 100 in latitude and longitude. In addition, the mobile terminal 100 also performs communication processing for accessing the Internet, other information processing apparatuses, and the like. Further, the communication unit 108 is not limited to the use of only one, and for example, a plurality of communication methods such as CDMA (Code Division Multiple Access), LTE (Long Term Evolution: registered trademark), and wireless LAN can be used. Therefore, a plurality of them may be provided.

  A configuration example of various tables T1 to T7 managed by the server 200 will be described with reference to FIGS. In the following description, each table can include items other than the illustrated items, and one table can be composed of a plurality of tables.

  FIG. 4A shows a table T1 for managing user entry authority. The user entry authority table T1 is configured as a matrix of a user ID C11 for identifying a user and a room number C12 for identifying a room 2. “OK” is set when entry is permitted, and “NG” is set when entry is not permitted. In the example of FIG. 4A, the user “U001” can enter the room with the room numbers “1” to “3”, and the user “U002” cannot enter the room with the room number “1”. Rooms with numbers "2" and "3" can be entered. The user “U003” cannot enter the room with the room numbers “1” and “2”, but can enter the room with the room number “3”. Further, for example, the entry authority may be set by the time zone, such as permitting the room entry for a predetermined time zone.

  FIG. 4B shows a table T2 for managing the readers 11 and 10. The reader management table T2 manages, for example, a reader ID C21 for identifying the readers 11 and 10, a room number, an entrance / exit direction C23, and a security level C24 (abbreviated as “security” in the drawing). By using the reader management table T2, it is possible to immediately know in which room the reader specified by the reader ID is installed. That is, by specifying the reader used by the user by the reader ID, it is possible to acquire which room the user is going to enter or leave.

  The entry / exit direction C23 is information indicating whether the reader specified by the reader ID is used when entering or leaving the room. The reader 11 installed outside the room 2 is used when entering the room, and the reader 10 installed inside the room 2 is used when leaving the room. “1” indicates that the reader is used when entering the room (external reader 11), and “0” indicates that the reader is used when leaving the room (internal reader 10).

  The security level C24 is used in other embodiments described later. Briefly described here, for example, in a room with a high security level, authentication is required both when entering and leaving the room. In a room with a low security level, authentication is required only when entering the room.

  FIG. 4C shows a table T3 for managing the user entry / exit state. The entry / exit state table T3 is configured, for example, as a matrix of user IDs C31 and room numbers C32. The entrance state is a state where the user has entered the room, and the exit state is a state where the user has exited the room. “1” is set in the entering state, and “0” is set in the leaving state.

  FIG. 5A shows a table T4 for managing the access point 12. The access point management table T4 manages the access point ID C41 for identifying the access point 12 in association with the room number. By using the access point management table T4, the room number can be acquired from the access point ID, and conversely, the access point ID can be acquired from the room number.

  FIG. 5B shows a table T5 for managing the mobile terminal 100. The mobile terminal management table T5 manages, for example, a user ID C51, a terminal ID C52 that identifies the mobile terminal 100, and authentication information C53 (here, a password or the like) in association with each other. For example, a telephone number or the like may be used as the terminal ID. By using the mobile terminal management table T5, the mobile terminal ID can be acquired from the user ID, and conversely, the user ID can be acquired from the mobile terminal ID.

  FIG. 5C shows a table T6 for managing the location of the user. The user location table T6 is configured, for example, as a matrix of user IDs C61 and room numbers C62, and the result of estimating the user's location is registered.

  “1” is set to the room number of the room where the user is located. “0” is set to the room number of the room where the user does not exist. That is, “1” is set for a room estimated to be in the room entry state, and “0” is set for a room estimated to be in the room exit state. By using the user location table T6, it is possible to acquire an estimation result as to whether or not the user is in the room.

  A table T7 for determining consistency will be described with reference to FIG. The consistency determination table T7 manages, for example, a pattern number C71, an entrance / exit direction C72, an entrance / exit state C73, a primary determination C74, an estimated entrance / exit state C75, a secondary determination C76, and a remark C77.

  The pattern number C71 is information for identifying the combination pattern of the entry / exit method and the entry / exit state. The entry / exit direction C72 indicates whether the user is going to enter or leave the room. The entry / exit state C73 indicates whether or not the user exists in the room to be managed.

  The primary determination C74 indicates the result of determining the entry / exit consistency using the entry / exit direction C72 and the entry / exit state C73. The estimated entry / exit state C75 is an entry / exit state obtained from the estimated user location. The secondary determination C76 indicates the result of determining the entry / exit consistency using the entry / exit direction C72 and the estimated entry / exit state C75. In the primary determination C74 and the secondary determination C76, the case where it is determined that there is consistency is indicated by “OK”, and the case where it is determined that there is no consistency is indicated by “NG”.

  FIG. 7 is a flowchart showing processing when the entrance / exit management system performs authentication when the user enters / exits the room. FIG. 8 is a data flow diagram corresponding to the processing of FIG.

  As described above, the entrance / exit management system according to the present embodiment has an anti-passback function in which the user can exit only after entering the room and can enter only after leaving the room. Since the entrance / exit management system of this embodiment is equipped with an anti-passback function, even if a third party without entry authority impersonates an authorized user and enters the room, the user has already entered the room. Then you cannot enter the room. This enhances security.

  However, when the anti-passback function is introduced, usability is reduced at the time of so-called companionship in which the user enters and exits by taking advantage of the authentication of another user without performing formal authentication. On the entrance / exit management system, the entry at the time of companion is not recorded, so that the user who enters the companion cannot leave even if the authentication procedure is performed. In this case, the user confined in the room has the administrator contact the telephone to unlock the lock mechanism 5.

  In this embodiment, in order to satisfy both conflicting demands for improving security and improving usability, consistency determination (primary determination) on the system and consistency determination (secondary determination) obtained from the result of estimating the user position Make a two-step decision.

  First, for example, a case where a user with the portable terminal 100 enters a desired room 2 from the passage 3 will be described. It is assumed that the user has left the room 2 and the user is set to “leave” in the entry / exit state table T3.

  When the user approaches the desired room 2, the user brings the mobile terminal 100 close to the external reader 11 and causes the reader 11 to read the terminal ID stored in the mobile terminal 100. The reader 11 transmits the read terminal ID to the controller 13. The controller 13 transmits the terminal ID received from the reader 11 to the server 200. Thereby, the server control part 201 acquires terminal ID (S101).

  The reader 11 transmits the reader ID set for itself to the controller 13. The controller 13 transmits the reader ID received from the reader 11 to the server 200. Accordingly, the server control unit 201 acquires a reader ID that identifies the reader that has read the terminal ID (S102).

  The authentication unit 202 receives the terminal ID from the server control unit 201 and authenticates the user (S103).

  When the authentication is successful (S103: Yes), the server control unit 201 transmits the reader ID to the entrance / exit direction acquisition unit 203, and acquires the entrance / exit direction for the reader ID from the entrance / exit direction acquisition unit 203 ( S104).

  The server control unit 201 acquires a user ID from the terminal ID using the portable terminal management table T5, and acquires a room number from the reader ID using the reader management table T2. The server control unit 201 transmits the acquired user ID and room number to the entrance / exit state storage unit 204, and acquires the user's entrance / exit state from the entrance / exit state storage unit 204 (S105). Note that the execution order of step S104 and step S105 may be interchanged. In other processes, the order of the steps may be changed as long as the purpose of the process can be substantially achieved.

  The server control unit 201 confirms the consistency of the acquired entry / exit direction and the entry / exit state (S106). The server 200 uses the consistency determination table T7 described with reference to FIG. 6 to determine which pattern is applicable, and confirms the presence or absence of consistency.

  In step S106, the server control unit 201 determines consistency using the primary determination C74. A pattern (pattern # 1, # 2) in which the entry / exit direction C72 is “entrance” and the entry / exit state C73 is “exit”, or the entry / exit direction C72 is “exit” and the entry / exit state C73 is “entrance”. If it is a pattern (pattern # 3, # 4), the server control unit 201 determines that there is consistency.

  If the entry / exit direction C72 is “entrance” and the entry / exit state C73 is also “entrance” (# 5, # 6), or the entry / exit direction C72 is “exit”, and the entry / exit state C73 is also “exit”. If the pattern is the pattern (pattern # 7, # 8), the server control unit 201 determines that there is no consistency.

  When it is determined that there is consistency (S106: Yes), the server control unit 201 transmits an unlock signal to the controller 13, and the controller 13 transmits an unlock signal to the lock mechanism 5 (S107). Thereby, the lock mechanism 5 is unlocked, and the user can open the door 4 and enter the room. The door 4 closes after the user enters the room, and the lock mechanism 5 locks the door 4.

  Thereafter, the server control unit 201 instructs the entry / exit state storage unit 204 to store the entry / exit state. The entry / exit state storage unit 204 stores the latest state in the entry / exit state table T3 (S108).

  When leaving the room, it is processed in the same way as when entering the room. It is the same except that the patterns determined to be consistent in the primary determination C74 are different.

  Next, a description will be given of a so-called entry determination process when a user who has the mobile terminal 100 skips the authentication procedure and takes a piggyback on another person's entry / exit room.

  Here, since the target user has left the room due to the previous companion, the entry / exit state table T3 that should be rewritten is not rewritten, and the target user remains “in room”. However, since the user location position table T6 estimates whether or not the user is in the room and stores the entry / exit state by the user location estimation process described later, the entry / exit state of the target user is “exit”. It has become.

  A case where the user enters the room under the above conditions will be described. In this case, the process proceeds from step S101 to S106. In step S106, it is determined that the entry / exit direction C72 and the entry / exit state C73 are not consistent (S106: No). While the entry / exit state C73 registered in the system is “exit”, the target user is entering the room (C72), which corresponds to either pattern # 7 or # 8. It is determined that there is no consistency.

  The server control unit 201 acquires the estimated entrance / exit state of the user from the user location estimation unit 205 (S110). The server control unit 201 confirms the consistency between the acquired estimated entrance / exit state C75 and the entrance / exit direction C72 acquired in step S104 by the consistency determination table T7T7 (S111).

  Here, the server control unit 201 confirms consistency by referring to the secondary determination C76 of the consistency determination table T7. In this case, the entry / exit direction C72 is “entrance”, the entry / exit state C73 is “entrance”, and the estimated entry / exit state C75 is “exit”. This combination corresponds to the case where the pattern number C71 is “6” in the consistency determination table T7 of FIG. Since the secondary determination C76 of the pattern # 6 is “OK”, the server control unit 201 determines that there is consistency (S111: Yes).

  Accordingly, the process proceeds to steps S107 and S108, and as described above, the lock mechanism 5 is unlocked, the user enters the room 2, and the entry / exit state is stored in the entry / exit state table T3.

  In this way, in this embodiment, even a user who has left the room with a companion can enter the room smoothly without extra time such as contacting the administrator. Therefore, the entrance / exit management system of the present embodiment can achieve both security and user convenience.

  In FIG. 7, the primary determination C74 is first referred to (S106), and then the secondary determination C76 is referred to (S111). However, the order may be reversed. That is, the estimated entry / exit state is acquired based on the user location table T6, the secondary determination C76 is referred to, and then the entry / exit state (registered entry / exit state) is obtained from the entry / exit state table T3 to obtain the primary. A configuration in which the determination C74 is referred to may be used. Moreover, the structure which performs only a secondary determination (S111), without performing a primary determination may be sufficient. In this case, after step S105, the estimated entrance / exit state is acquired based on the user location table T6, and in step S106, consistency is determined with reference to pattern numbers # 5 to # 8 of the consistency determination table T7. do it.

  Note that if either the authentication unit 202 fails authentication (S103: No) or the server control unit 201 determines that there is no consistency in the secondary determination (S111: No), error processing is performed. Thus, an error occurrence is notified to the administrator (S109). For example, the server control unit 201 notifies the administrator of the occurrence of an error via one or both of the display unit 210 and the output unit 209. Further, for example, the server control unit 201 may transmit an e-mail notifying the occurrence of an error toward the portable terminal owned by the administrator.

  In order to further enhance security, when it is determined that there is consistency in the secondary determination (S111), the user using the mobile terminal 100 is the user who is registered in advance in the entrance / exit management system. It is good also as a structure which permits entrance / exit after confirming.

  For this purpose, the server control unit 201 transmits information prompting the user to confirm the identity of the mobile terminal 100. The mobile terminal 100 that has received the information displays a personal authentication screen as shown in FIG. As shown in FIG. 9B, the user inputs authentication information (for example, a password in this case) on the screen and presses a transmission button. As shown in FIG. 9C, a screen indicating that authentication information is being transmitted to the server 200 is displayed on the mobile terminal 100.

  The server control unit 201 passes the authentication information (password) received from the mobile terminal 100 to the authentication unit 202. The authentication unit 202 refers to the authentication information C53 described in the mobile terminal management table T5 stored in the storage unit 207, and confirms whether or not it matches the authentication information input by the user. When the match is confirmed, the server control unit 201 performs the processing from step S107 onward to unlock the lock mechanism 5. At that time, as shown in FIG. 9D, a screen (FIG. 9D) for notifying the user that the authentication is successful is displayed on the mobile terminal 100.

  As described above, when it is determined that there is consistency as a result of the secondary determination, security is further improved by confirming that the user himself / herself is using the mobile terminal 100. The authentication information for identity verification is not limited to a password. For example, software and hardware for realizing fingerprint recognition, face recognition, iris recognition, voice recognition, and the like may be installed in the mobile terminal 100 and these authentication methods may be used. Thereby, the accuracy of user identification is further improved, and security is further improved.

  FIG. 10 is a flowchart showing a process in which the entrance / exit management system estimates a user's location and registers it in the user location table T6.

  First, the access point 12 monitors the connection state of the mobile terminal 100 and detects whether or not the connection state has changed. The access point 12 detects whether the connected one is disconnected or a new connection is started (S201).

  When the connection state to the access point 12 has changed (S201: Yes), the access point 12 acquires the terminal ID from the mobile terminal 100. The access point 12 transmits the terminal ID, access point ID, and connection status to the server 200 via the controller 13. Thereby, the server control part 201 acquires terminal ID, access point ID, and a connection state (S202).

  The server control unit 201 refers to the mobile terminal management table T5 stored in the storage unit 207, and acquires a user ID corresponding to the terminal ID acquired from the access point 12 (S203). Further, the server control unit 201 refers to the access point management table T4 stored in the storage unit 207, and acquires a room ID corresponding to the access point ID acquired in step S202 (S203). The server control unit 201 transmits the acquired user ID and room number to the user location estimation unit 205.

  The user location estimation unit 205 estimates the user's location (whether or not the subject is in the target room) (S205). Details of the estimation process will be described later with reference to FIG. When it is estimated that the user has entered the room (S205: “entrance”), the user location position estimation unit 205 describes the entry state in the user location position table T6 (S206).

  On the other hand, when it is estimated that the user has left the room (S205: “Leave”), the user location position estimation unit 205 describes the room exit state in the user location position table T6 (S207).

  In this way, the location of the user can be estimated based on the connection state received from the access point 12. Thereby, even if it is a case where a user enters / exits by sharing, it can acquire by estimating a user's actual entrance / exit state. Therefore, the anti-passback function can be normally operated according to the actual position of the user.

  Details of the process in which the user location estimation unit 205 estimates the location of the user will be described using the flowchart shown in FIG. 11 and the data flow diagram shown in FIG. Hereinafter, the user location estimation unit 205 may be abbreviated as the estimation unit 205 in some cases.

  It is monitored whether there is a change in the connection state of the access point 12 (S301). When there is a change in the connection state (S301: Yes), it is detected whether it is connected or disconnected (S302).

  When the mobile terminal 100 is connected to the access point 12 (S302: “connection”), the estimation unit 205 sets a predetermined first threshold Th1 in the timer (S305). In addition, the estimation unit 205 sets a value representing “room entry”, for example, “1” in the state flag (S306).

  When the connection between the access point 12 and the mobile terminal 100 is disconnected (S302: “disconnect”), the estimation unit 205 sets a predetermined second threshold Th2 in the timer (S303). The estimation unit 205 sets a value indicating “exit”, for example, “0” in the state flag (S304). The estimation unit 205 starts a timer (S307).

  The first threshold value Th1, the second threshold value Th2, and the state flag are program variables stored in the storage unit 207. The first threshold Th1 is a value indicating a time interval such as 60 seconds, for example. The second threshold is a value indicating a time interval such as 120 seconds. The first threshold Th1 and the second threshold Th2 may be the same value. The state flag is a flag indicating an entry / exit state, for example, “1” indicates an entry state and “0” indicates an exit state.

  The estimation unit 205 confirms whether the timer has expired (S308). If the timer has not expired (S308: No), the process returns to step S301 to monitor the state change.

  When the timer expires (S308: Yes), the estimation unit 205 sets the value of the state flag to the user's estimated entry / exit state (S309). The subsequent processing is executed from processing for confirming the estimation result in S204 of FIG.

  Thus, in the present embodiment, the user's location can be estimated from the connection state between the mobile terminal 100 and the access point 12, and the room entry / exit state can be estimated. Thereby, in a present Example, since an actual location position of a user can be estimated and grasped | ascertained, the security improvement by an antipass back function and a user's convenience improvement can be made compatible.

  A second embodiment will be described with reference to FIG. Each of the following embodiments including the present embodiment corresponds to a modification of the first embodiment, and therefore, description will be made focusing on differences from the first embodiment. In this embodiment, entry / exit is permitted according to the security level set for each room.

  In the first embodiment, when it is determined that there is no consistency in the primary determination and it is determined that there is consistency in the secondary determination, a screen for confirming the identity is displayed on the user's mobile terminal 100 to request personal authentication. (FIG. 9). However, if the entry / exit state and the entry / exit direction do not match, it is troublesome for the user to perform personal authentication (identity confirmation) every time and the usability is poor. Therefore, in this embodiment, for example, according to the security level, personal authentication is performed only when entering the room, and no request is made when leaving the room.

  In this embodiment, a security level is set in advance for each room 2. That is, as shown in FIG. 4B, a security level C24 is set in advance for each reader ID C21. Here, a case where a numerical value “1” or “2” is set as the security level will be described as an example. The greater the security level number, the harder the security.

  Referring to the first line of the reader management table T2, the security level “2” is set for the reader 11 (RD11) installed outside the room (RM1). In this case, the authentication information is read by the external reader 11, that is, the user enters the room 2. Here, since the security level is “2”, a user whose primary determination result is inconsistent may enter the room if the personal authentication is not successful even if the secondary determination result is “consistent”. Can not.

  On the other hand, referring to the second row of the reader management table T2, the security level “1” is set for the reader (RD10) installed in the room (RM1). In this case, the authentication information is read by the internal reader 10, that is, the user leaves the room 2. Here, since the security level is “1”, a user whose primary determination result is inconsistent can leave the room without performing personal authentication if the secondary determination result is “consistent”. That is, at the highest security level, even if it is determined that there is consistency in the secondary determination, personal authentication is performed. This enhances security. On the other hand, at the lowest security level, if it is determined that there is consistency in the secondary determination, personal authentication is unnecessary. This enhances user convenience.

  FIG. 13 is a flowchart showing processing when the entrance / exit management system performs authentication when the user enters / exits the room.

  From step S101 to step S106, the same processing as in FIG. 7 is performed to check whether the user's entry / exit direction and the entry / exit state registered in the entry / exit state table T3 are consistent.

  When it is determined that there is inconsistency (S106: No), the server control unit 201 performs steps S110 and S111 to check the consistency between the entry / exit direction and the entry / exit state estimated from the user location table T6. Check.

  When the entry / exit direction matches the estimated entry / exit state (S111: Yes), the server control unit 201 refers to the security level C24 of the reader management table T2 to determine whether personal authentication (personal authentication) is required. Is determined (S120).

  If the security level is set to “1” and the server control unit 201 determines that authentication is not required (S120: No), the server control unit 201 proceeds to step S107 to unlock the lock mechanism 5.

  On the other hand, if the security level is set to “2” and the server control unit 201 determines that authentication is necessary (S120: Yes), the server control unit 201 performs the personal authentication by the authentication unit 202 (S121). If the authentication unit 202 can confirm the identity (S122: Yes), the server control unit 201 proceeds to step S107 and unlocks the lock mechanism 5. If the result of the personal authentication is NG (S122: No), the server control unit 201 notifies the administrator of an error (S109).

  Configuring this embodiment like this also achieves the same effects as the first embodiment. Furthermore, in this embodiment, a security level can be set for each reader installed inside and outside the room 2, and whether or not to perform identity verification according to the security level when it is determined that there is consistency in the secondary determination. So that it can be controlled. Therefore, for example, by setting the security level according to the purpose and importance of the room 2, it is possible to improve user convenience while maintaining high security.

  A third embodiment will be described with reference to FIG. In this embodiment, the log for entering and leaving the room is managed. Acquire and manage a log of the user entering and leaving the room 2. The entrance / exit management system of the present embodiment is linked with other systems such as a surveillance camera system, an attendance / exit management system, and a user behavior management system, so that convenience for the user and the administrator is improved.

  For example, when a moving image of a surveillance camera installed in a building is reproduced, the time acquired from the log is designated and reproduced. Thereby, it is also possible to reproduce the moving image of the monitoring camera from the time when a certain user enters or leaves the room due to sharing.

  The user behavior management system can also analyze the user behavior history using the entrance / exit log.

  FIG. 14 shows an example of the entrance / exit log T8. In the log T8, for example, time C81, room number C82, entry / exit state C83, access point ID C84, estimated entry / exit state C86, and the like are described.

  Time C81 is a time at which a predetermined event occurs in advance. In order to acquire the time, the server 200 includes a time acquisition unit (not shown). For example, the time acquisition unit can be configured from time-dedicated hardware such as RTC (Real Time Clock).

  For example, when a predetermined event such as entry / exit or a change in the connection state of the access point occurs, the server control unit 201 acquires the time from the time acquisition unit, and the time and the content of the predetermined event (entrance, exit, Connection, disconnection, etc.) are recorded in the log T8.

  Configuring this embodiment like this also achieves the same effects as the first embodiment. Furthermore, in this embodiment, since the entrance / exit log T8 is created and managed, it is possible to cooperate with other systems, and the convenience of the user and the administrator can be improved.

  A fourth embodiment will be described with reference to FIG. In the present embodiment, entry / exit manager software for use by an administrator of the entry / exit management system is provided. The entry / exit manager software may be executed on the server 200 or may be executed on another server connected to the server 200 via the communication network 300. The entrance / exit manager software can acquire the entrance / exit log T8 and display which room the user has entered.

  FIG. 15 shows a screen example of the entry / exit manager software. On the screen G10 (1), user IDs of users who are entering the rooms 2 are displayed in a list format.

  Then, for example, when the user with the user ID “U001” leaves the room 2 due to sharing, the screen changes as shown on the screen G10 (2). For example, a mark M is displayed in the vicinity of the user ID of the user who has left the room together. As a result, the manager is notified of the occurrence of sharing. Instead of the mark M, a display effect (such as blinking of the user ID, changing the color of the user ID) for specifying the user who has entered and exited the room may be employed.

  The entrance / exit manager software analyzes the entrance / exit log T8 to search for a location where the entrance / exit state does not match the estimated entrance / exit state, and if found, attaches a mark M to the screen G10 and displays the display unit 210. To display.

  Configuring this embodiment like this also achieves the same effects as the first embodiment. Furthermore, in this embodiment, since it can be displayed on the screen G10 so that it can be seen at a glance in which room the companion has occurred, the convenience of the manager is improved.

  A fifth embodiment will be described with reference to FIG. In this embodiment, the security level is changed when an emergency occurs.

  FIG. 16 is a flowchart showing processing of the entrance / exit management system according to the present embodiment. In this embodiment, the emergency table T9 is stored in the storage unit 207 of the server 200. The emergency situation table T9 manages, for example, an emergency level and a security level change value in association with each other.

  The emergency level is a value obtained by classifying emergency situations according to the strength of influence, and the greater the numerical value, the higher the emergency. Examples of emergencies include fires, earthquakes, suspicious person detection, and crimes in the neighborhood.

  In this embodiment, for example, when the emergency level is “1”, all the security levels of the readers are changed to 2. When the emergency level is “2”, the security level of each reader is changed to “1”. When the emergency level is “3”, the security level of each reader is invalidated and all doors are opened.

  In other words, when the emergency level is the lowest, the security level is increased by one level, when the emergency level is medium, the security level is decreased by one level, and when the emergency level is the highest, all entry / exit authentications are unnecessary and locked. The mechanism 5 is unlocked.

  The process of FIG. 16 is substantially the same as the process of FIG. 13, but differs in that newly added steps S130 and S131 are executed after executing steps S101 to S105.

  In step S130, it is determined whether an emergency has occurred. For example, when the server 200 receives an emergency alert or the like transmitted by a local government, police, fire department or the like, it can be determined whether an emergency has occurred. Furthermore, the administrator can manually input the occurrence of an emergency to the server 200.

  When an emergency occurs (S130: Yes), the server control unit 201 changes the security level of each reader 11 and 10 according to the emergency level (S131). If it is not an emergency (S130: No), the server control unit 201 skips step S131 and proceeds to step S106.

  When the server control unit 201 determines that the emergency level is the maximum value “3”, the process may proceed from step S130 to step S107 to immediately unlock the lock mechanism 5 of each door 4.

  Configuring this embodiment like this also achieves the same effects as the first embodiment. Furthermore, in this embodiment, in the event of an emergency such as a fire or earthquake, the security level is controlled according to the emergency level, so evacuation and rescue operations can be performed quickly and smoothly, ensuring user safety and convenience. Can be improved. Note that the emergency level need not be divided into three stages, and may be divided into two stages or four or more stages.

  A sixth embodiment will be described with reference to FIG. In this embodiment, a warning is issued to a user who frequently enters and leaves the room.

  FIG. 17 is a flowchart showing the entrance / exit management processing of the entrance / exit management system according to the present embodiment. The portable terminal management table T5A of this embodiment manages the number of times C54 is shared in addition to the user ID C51, the terminal ID C52, and the authentication information C53. The number of times of accompanying C54 indicates the number of times that the user specified by the user ID has entered and exited together (total number of times).

  When the server control unit 201 determines that there is “consistency” as a result of the secondary determination (S111: Yes), the server control unit 201 increments the variable N indicating the number of times of co-occurrence by one, and sets the number of co-occurrence C54 in the table T5A. The value is increased by 1 (S140).

  Subsequently, the server control unit 201 determines whether or not the number N of accompanying persons is smaller than a preset threshold value TnN (S141). The threshold value ThN is the number of times that the entrance / exit management system allows the occurrence of accompanying persons. The threshold value ThN may be a value common to all users, or may be a value different for each user. Alternatively, the configuration may be such that the user's threshold ThN related to error notification is increased or decreased each time an error notification described later is issued. The threshold ThN is stored in the storage unit 207 of the server 200.

  If the server control unit 201 determines that the number N of accompanying users is greater than or equal to the threshold ThN (S141: No), the server control unit 201 notifies the user of an error (S109). After the error notification, the server control unit 201 ends this process. Therefore, since the lock mechanism 5 of the door 4 is not unlocked, the user contacts the administrator to unlock the door 4.

  Configuring this embodiment like this also achieves the same effects as the first embodiment. Furthermore, in this embodiment, users who are often accompanied are not allowed to enter and exit based on the secondary determination result, but are notified of an error, so that the user's attention can be drawn.

  A seventh embodiment will be described with reference to FIG. The entrance / exit management system of the present embodiment includes a monitoring camera 14 and is linked to the entrance / exit log T8.

  In this embodiment, the surveillance camera 14 (3) is installed in the room 2 (3). The surveillance cameras 14 may also be installed in the other rooms 2 (1) and 2 (2). The server 200 is provided with an image management unit 211 for storing, managing, and controlling reproduction of image data captured by the monitoring camera 14.

  The image management unit 211 is, for example, MPEG4 / H. A decoding unit for decoding a moving image file such as H.264 is provided, and the decoded image data can be transferred to the display unit 210 of the server 200 and displayed.

  The image management unit 211 can acquire time information embedded in the moving image file. Then, the image management unit 211 receives the specified time from the server control unit 201, selects a frame in which the specified time matches the time information in the moving image file, and reproduces the moving image from the selected frame. it can.

  Configuring this embodiment like this also achieves the same effects as the first embodiment. Furthermore, in this embodiment, the image management unit 211 can reproduce an image captured by the monitoring camera 14 from the time designated using the entrance / exit log T8 or the like, and the convenience for the administrator is improved.

  In addition, this invention is not limited to the Example mentioned above. A person skilled in the art can make various additions and changes within the scope of the present invention. For example, the above-described embodiments can be used in appropriate combination.

  1: building, 2: room, 3: passage, 4: door, 5: lock mechanism, 10: internal reader, 11: external reader, 12: access point, 13: controller, 100: portable terminal, 200: server, 201 : Server control unit, 202: authentication unit, 203: entrance / exit direction acquisition unit, 204: entrance / exit state storage unit, 205: user location estimation unit, 206: communication unit, 207: storage unit, 208: input unit, 209 : Output unit, 210, display unit, 211: image management unit

Claims (15)

An entry / exit management system for managing entry / exit into a room,
A lock mechanism that locks the door that opens and closes the entrance of the room;
A user location estimation unit that estimates whether the user is located inside or outside the room based on the acquired location information of the user;
An entrance / exit direction acquisition unit for acquiring an entrance / exit direction indicating whether the user is entering the room or leaving the room;
An authentication information acquisition unit capable of acquiring authentication information from the user upon entering and leaving the room;
An authentication unit that performs user authentication based on the authentication information acquired by the authentication information acquisition unit;
The entrance / exit state detected based on the entrance / exit direction acquired by the entrance / exit direction acquisition unit has been registered as an entry / exit state indicating whether the user has entered or exited the room. An entrance / exit state storage unit for storing an entrance / exit state;
As a result of user authentication by the authentication unit, the entrance / exit direction acquired by the entrance / exit direction acquisition unit, the entrance / exit state stored in the entrance / exit state storage unit, and the estimation of the user location estimation unit A control unit that determines whether the door should be opened or closed based on a user location position, and outputs a control signal according to the determination result to the lock mechanism unit;
Entrance / exit management system with The controller is
If the result of user authentication by the authentication unit is successful,
Determining whether the user's current entry / exit state detected based on the entry / exit direction acquired by the entry / exit direction acquisition unit matches the registered entry / exit state;
When it is determined that the current entry / exit state matches the registered entry / exit state, an unlock signal is output to the lock mechanism unit,
When it is determined that the current entry / exit state and the registered entry / exit state do not match, the estimated entry / exit state detected from the user location estimated by the user location estimation unit and the registered entry / exit state And match,
When it is determined that the estimated entrance / exit state matches the registered entrance / exit state, an unlock signal is output to the lock mechanism unit,
The entrance / exit management system according to claim 1. When the controller determines that the estimated entrance / exit state matches the registered entrance / exit state, the security level set for the room is equal to or lower than a predetermined value, and the user is about to leave the room. If so, regardless of the success or failure of the user authentication by the authentication unit, to output the unlocking signal to the lock mechanism unit,
The entrance / exit management system according to claim 2. When the controller detects an emergency, the control unit changes the security level according to the level of the emergency.
The entrance / exit management system according to claim 3. When the level of the emergency situation is a predetermined emergency level, the control unit may unlock the lock mechanism unit even if the current entry / exit state and the registered entry / exit state do not match. To permit both the user's entry and exit regardless of the success or failure of user authentication by the authentication unit,
The entrance / exit management system according to claim 4. The control unit stores the number of times the current entry / exit state is determined to be inconsistent with the registered entry / exit state, and outputs a warning regarding a user whose number exceeds a preset reference value. ,
The entrance / exit management system according to claim 2. The control unit is a case where the current entry / exit state and the registered entry / exit state do not match for the user whose number of times is equal to or greater than the reference value, and the estimated entry / exit state and the Even when the registered entrance / exit state matches, the output of the unlocking signal to the lock mechanism unit is stopped,
The entrance / exit management system according to claim 6. The control unit manages history information of the registered entrance / exit state and the estimated entrance / exit state, and can output the history information as necessary.
The entrance / exit management system according to claim 1. The room is equipped with a camera for taking images,
The control unit can collate an image captured by the camera and the history information with reference to time.
The entrance / exit management system according to claim 8. When the control unit determines that the current entry / exit state and the registered entry / exit state do not match, the control unit outputs information on the user,
The entrance / exit management system according to claim 8. The authentication information acquisition unit includes an external authentication information acquisition unit provided outside the room, and an internal authentication information acquisition unit provided in the room,
When the external authentication information acquisition unit acquires authentication information from the user, the entry / exit direction acquisition unit acquires that the user is about to enter the room, and the internal authentication information acquisition unit acquires authentication information from the user. The user gets that he is about to leave the room,
The entrance / exit management system according to claim 1. A control method of an entrance / exit management system for managing entrance / exit into a room,
The entrance / exit management system includes:
A lock mechanism that locks the door that opens and closes the entrance of the room;
A user location estimation unit that estimates whether the user is located inside or outside the room based on the acquired location information of the user;
An entrance / exit direction acquisition unit for acquiring an entrance / exit direction indicating whether the user is entering the room or leaving the room;
An authentication information acquisition unit capable of acquiring authentication information from the user upon entering and leaving the room;
An authentication unit that performs user authentication based on the authentication information acquired by the authentication information acquisition unit;
The entrance / exit state detected based on the entrance / exit direction acquired by the entrance / exit direction acquisition unit has been registered as an entry / exit state indicating whether the user has entered or exited the room. An entrance / exit state storage unit for storing an entrance / exit state;
A control unit that outputs a control signal to the lock mechanism unit,
As a result of user authentication by the authentication unit, the entrance / exit direction acquired by the entrance / exit direction acquisition unit, the entrance / exit state stored in the entrance / exit state storage unit, and the estimation of the user location estimation unit To determine whether to open and close the door based on the user location, and to output a control signal according to the determination result to the lock mechanism unit,
Control method of entrance / exit management system. If the result of user authentication by the authentication unit is successful,
Determining whether the current entry / exit state of the user detected based on the entry / exit direction acquired by the entry / exit direction acquisition unit matches the registered entry / exit state;
When it is determined that the current entry / exit state matches the registered entry / exit state, an unlock signal is output to the lock mechanism unit,
When it is determined that the current entry / exit state and the registered entry / exit state do not match, the estimated entry / exit state detected from the user location estimated by the user location estimation unit and the registered entry / exit state And match,
When it is determined that the estimated entrance / exit state matches the registered entrance / exit state, an unlock signal is output to the lock mechanism unit,
The control method of the entrance / exit management system of Claim 12. A computer device for an entrance / exit management system,
A user location estimation unit that estimates whether the user is located inside or outside the room based on the acquired location information of the user;
An entrance / exit direction acquisition unit for acquiring an entrance / exit direction indicating whether the user is entering the room or leaving the room;
An authentication unit that performs user authentication based on authentication information acquired by the authentication information acquisition unit from the user when the user enters and leaves the room;
The entrance / exit state detected based on the entrance / exit direction acquired by the entrance / exit direction acquisition unit has been registered as an entry / exit state indicating whether the user has entered or exited the room. An entrance / exit state storage unit for storing an entrance / exit state;
As a result of user authentication by the authentication unit, the entrance / exit direction acquired by the entrance / exit direction acquisition unit, the entrance / exit state stored in the entrance / exit state storage unit, and the estimation of the user location estimation unit A control unit that determines whether or not to open and close the door based on a user location position, and outputs a control signal according to the determination result to a lock mechanism unit for locking the door that opens and closes the entrance of the room;
A computer device for an entrance / exit management system comprising: The controller is
If the result of user authentication by the authentication unit is successful,
Determining whether the user's current entry / exit state detected based on the entry / exit direction acquired by the entry / exit direction acquisition unit matches the registered entry / exit state;
When it is determined that the current entry / exit state matches the registered entry / exit state, an unlock signal is output to the lock mechanism unit,
When it is determined that the current entry / exit state and the registered entry / exit state do not match, the estimated entry / exit state detected from the user location estimated by the user location estimation unit and the registered entry / exit state And match,
When it is determined that the estimated entrance / exit state matches the registered entrance / exit state, an unlock signal is output to the lock mechanism unit,
The computer apparatus for the entrance / exit management system of Claim 14.

Images