JP2016194210A - Entry/exit management system and entry/exit management method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To perform on-line setting of passage right information for a guest under the condition that the upper limit of the passage right information is within a range of passage right information on a shared gate that a user of a condominium etc. is permitted to pass through.SOLUTION: A key distribution server 3 comprises: a key information creation unit for creating key information including ID information for permitting a guest to pass through a shared gate in association with a user, on the basis of passage right information for the guest under the condition that the upper limit of the passage right information is within a range of passage right information on the shared gate that the user is permitted to pass through; and a key information distribution unit for distributing the created key information for the guest to a portable electronic apparatus carried by the guest. An entry/exit management device 1 controls the guest's passage at the shared gate of a building on the basis of the key information that has been stored in the portable electronic apparatus carried by the guest and has been created by the key information creation unit so as to include the ID information for permitting the guest to pass and operate the shared gate.SELECTED DRAWING: Figure 1

Description

  The present invention is, for example, for entering and exiting common entrances (shared entrances, collective entrances, shared spaces in facilities) in apartment houses such as condominiums, access to occupied areas, use of shared facilities, and getting on / off of elevators, delivery boxes, etc. It relates to the entrance and exit management system that manages the operation of facilities and the entrance to and exit from common entrances (entrances, entrances, parking lots, etc.) in various properties such as commercial facilities such as offices, hotels and hospitals, and public facilities. is there.

  As an entrance / exit management system for managing entrance / exit of entrances and exits in various properties such as apartment buildings such as apartment buildings, offices, hotels, hospitals, and other commercial facilities and public facilities, for example, the one disclosed in Patent Document 1 below has been conventionally used. More known.

  The entrance / exit management system 101 described in Patent Document 1 includes a door 102 serving as a common entrance for managing entrance / exit, an electric lock 103 attached to the door 102, and a plurality of personal information identifying a person trying to pass through the door 102. And a plurality of magnetic card readers 104 and 105 that function as personal identification devices, and a card controller 106 that is connected to the plurality of magnetic card readers 104 and 105 and controls the electric lock 103.

JP 2001-241226 A

However, in the entrance / exit management system 101 described in Patent Document 1, in order to change the passage authority information indicating whether or not each gate is allowed to pass for each ID, a change work at the site where the electric lock is disposed is indispensable. Met. Further, in the configuration in which the traffic authority information is held in the memory in the ID key possessed by the user, the ID key itself must be exchanged or the data rewritten when the traffic authority information is changed.
In addition, in the entrance / exit management system 101 described in Patent Document 1, for example, a resident (owner) or an administrator of an apartment house such as a condominium can pass a shared entrance to a guest, for example, to a shared conference room. It is not envisaged to set traffic authority information for permitting use, use authority information for permitting use of shared facilities, and the like.

  The present invention has been made in view of the above problems. For example, a tenant (owner) such as a condominium can share a guest with an upper limit of the pass authority information such as a shared entrance permitted to the guest. It is an object of the present invention to provide an entrance / exit management system capable of setting on-line traffic authority information for permitting passage of an entrance or the like and permitting use of a common facility.

  The present invention relates to an access management apparatus that controls the passage of a shared gate of a building based on key information including ID information that is identification information of the ID key stored in an ID key carried by a user, a key distribution server, The key distribution server specifies the user's designated upper limit to the range of the passage authority information of the wireless communication unit and the shared gate permitted to the user. A key information creation unit that generates key information including ID information for permitting the passage of the guest's shared gate based on the passage authority data for the guest and the user, and generating the key information The wireless communication to the portable electronic device carried by the guest with the ID information for permitting the guest to pass through the shared gate or the key information including the ID information. A key information distribution unit that distributes through the key information distribution unit, wherein the access control device includes key information including ID information for allowing passage and operation of the shared gate of the guest generated by the key information generation unit. The present invention relates to an entrance / exit management system characterized by controlling passage of the guest building at a common gate.

  The access management system further includes a management server that is communicably connected to the access management device and the key distribution server, and the management server enters and exits the range of access authority information of the shared gate permitted to the user. A traffic authority information setting unit that selects traffic authority data for the guest, the upper limit being the range of the traffic authority information, based on the traffic authority information of the shared gate that is acquired from the management device and permitted to the user. The traffic authority information setting unit can notify the key distribution server of traffic authority data for the guest whose upper limit is the range of the traffic authority information of the shared gate permitted to the user.

  The access management system further includes an electronic device capable of communicating with the key distribution server, and the electronic device has an upper limit on a range of authority information of the common gate that is input by the user and permitted by the user. It is preferable that traffic authority data for the guest is uploaded to the key distribution server.

  The access management apparatus is further linked to an ID key database in which key information including ID information that is identification information of the ID key stored in an ID key carried by the user is pre-registered with the user. A setting registration unit configured to set and register key information including ID information for permitting passage of the guest's shared gate in the ID key database.

  The access management device further includes the ID distributed to the portable electronic device carried by the guest based on the fact that the ID information for allowing the guest to use the shared gate is linked to the user. Key information including information can be authenticated as valid.

  The present invention is an access management method for controlling the passage of a shared gate of a building for a guest specified by a user by means of a key distribution server and an access management device including a wireless communication unit, wherein the key distribution server Based on the passage authority data for the guest specified by the user up to the range of the passage authority information of the shared gate permitted for the user, the guest is allowed to pass the shared gate in association with the user. Key information generation step for generating key information including ID information for performing, and key information including ID information or ID information for permitting passage of the guest's shared gate generated in association with the user A key information distribution step of distributing to the portable electronic device carried by the guest via the wireless communication unit; and Controlling the passage of the guest building through the shared gate based on the key information including the ID information for permitting the passage and operation of the shared gate of the guest generated by the information generating step. Regarding the method.

  According to the present invention, for example, a resident (owner) of a condominium or the like allows a guest to pass through a shared entrance or the like up to the range of passing authority information such as a shared entrance permitted to the guest. Traffic authority information can be set online.

It is a schematic diagram which shows schematic structure of the entrance / exit management system which concerns on 1st Embodiment. It is a functional block diagram of the access control apparatus 1 which concerns on 1st Embodiment. It is a functional block diagram of the management server 3 which concerns on 1st Embodiment. It is a functional block diagram of the key distribution server 4 which concerns on 1st Embodiment. It is a schematic diagram which shows schematic structure of the modification 1 of 1st Embodiment.

Hereinafter, a preferred embodiment of the access management system 100 of the present invention will be described with reference to the drawings.
First, terms used in the following description will be described.
In each embodiment, unless otherwise specified, the entrance / exit management system 100 is used for an entrance / exit of a common part (a common entrance, a collective entrance, a shared space in a facility, a shared parking lot, a shared warehouse, etc.) in an apartment house such as an apartment. Manage the operation of shared facilities such as delivery lockers.

  Common facilities such as entrances and exits of common areas (common entrances, collective entrances, shared spaces in facilities, shared rooms, shared parking lots, shared warehouses, etc.) and elevators, home delivery lockers, etc. are called “shared gates”. Information for identifying each shared gate is referred to as a “shared gate ID”.

A portable remote control key, a non-contact type card key, a portable electronic device, etc., in which key information for electrically unlocking an electric lock attached to the door is stored in an internal storage unit, is collectively referred to as an “ID key”. " The ID key stores identification information (hereinafter referred to as “ID information”) for identifying the ID key.
As an ID key, for example, a non-touch key equipped with an RFID tag (Radio Frequency Identification Tag), near field communication NFC (Near Field Communication) (for example, “ISO 14443 Type A” and “Type B” of international standards) , Bluetooth (Registered Trademark), BLE (Bluetooth Low Energy) (Registered Trademark), etc., and an IC card using a non-contact IC card such as Felica (Registered Trademark) as an ID key There are keys etc.

Residents (owners) and managers of apartment houses such as apartments are called “users”. Information for identifying a user is referred to as a “user ID”.
A person other than the user who is permitted by the user to pass or operate a specific shared gate is called a “guest”.

  Authority information regarding the passage, use, or operation of the shared gate is referred to as “traffic authority information” or “traffic authority data”. “Traffic authority information” or “Traffic authority data” includes, for example, the shared gate ID of the common gate that is permitted to pass, use, or operate, the destination when the shared gate is an elevator, and the case where the shared gate is a delivery locker It can include a locker number, an allowed expiration date, an expiration time, and the like.

Note that the present invention is not limited to the management of passage, use, operation, and the like of a shared gate in an apartment house such as an apartment.
It can also be applied to management of operations such as entering and exiting common entrances (entrances, entrances, parking lots, etc.) in various properties such as commercial facilities such as offices, hotels and hospitals, and large facilities such as public facilities.

[First Embodiment]
Hereinafter, a preferred embodiment of the access control system 100 of the present invention will be described with reference to the drawings.

  The configuration of the access control system 100 will be described with reference to FIG. As shown in FIG. 1, the entry / exit management system 100 includes an entry / exit management device 1, a management server 2, a key distribution server 3, a portable electronic device 4 such as a smartphone carried by a user, and a communication network 5. .

<Access control device 1>
The access control apparatus 1 controls locking / unlocking of the common gate. More specifically, the access control device 1 is installed at each shared gate, for example, an electric lock operation panel, an automatic door controller, a home delivery locker controller, an elevator controller (hereinafter also referred to as “shared gate control device”). ) To control the locking / unlocking of the door (door), the designation of the destination of the elevator, and the opening / closing of the home delivery locker by outputting a drive control signal according to the current state of the shared gate.

  The entrance / exit management device 1 uses in advance an ID key database 111 (to be described later) for use permission information of the shared gate that is permitted for the ID key carried by the user.

As will be described later, ID information registered in the access control device 1 or key information including ID information is stored in a portable electronic device (for example, a smartphone) carried by the user, so that it passes through the shared gate (operation). It can be used as an ID key for
Here, the key information including the ID information refers to traffic authority information (traffic authority data) permitted for the ID information.

  As shown in FIG. 2, the access management apparatus 1 can include a control unit 10, a storage unit 11, a communication unit 12, a reader 13, and a peripheral device interface unit 14. Further, for example, when the staff of the management company collects log information related to the operation of the shared gate control device installed in the shared gate, which is stored in the log file 112 (to be described later) of the storage unit 11 of the access control device 1, the log information Can be obtained from the access control apparatus 1, a USB terminal for connecting a USB memory can be provided. Here, the log information includes operation history information when each shared gate control device of the access control device 1 is operated (for example, operation time (date, time, minute, second, etc.), information related to the operated user (for example, ID Information, user ID, user room number, etc.) and information related to the operated shared gate control device (for example, shared gate ID, operation details, etc.).

  The communication unit 12 can perform transmission / reception of data to / from other access control devices 1, the management server 2, the key distribution server 3, and the like via a network such as a switching hub, a LAN cable, and a wide area communication network.

  The reader 13 is installed in the shared gate, receives ID information stored in the ID key storage unit carried by the user or key information including the ID information, and passes it to the control unit 10.

  The peripheral device interface unit 14 controls an input / output interface with each shared gate control device (for example, an electric lock operation panel, an automatic door controller, a home delivery locker controller, an elevator controller, etc.) of the access control device 1.

The control unit 10 includes, for example, a microcomputer having a CPU, a ROM, a RAM, and the like, and controls each component configuring the access control apparatus 1. The CPU executes each program read from the ROM or the storage unit 11 to cause the access management apparatus 1 to function as a predetermined unit to be described later.
Moreover, the control part 10 makes the entrance / exit management apparatus 1 perform a predetermined | prescribed procedure by executing each program.
Details of the control unit 10 will be described later.

<Storage unit 11>
The storage unit 11 is composed of, for example, a magnetic or optical storage medium or a semiconductor memory such as a ROM or a RAM. The storage unit 11 stores various data related to the device information of the shared gate control device controlled by the access control device 1 in the device information area 113. In addition, various data relating to control such as status signals (for example, door opening / closing status signals and electric lock locking / unlocking status signals) of the shared gate control device as monitor information are stored in the device information area 113. Further, the log information described above is stored in the log file 112.
In addition, a program for controlling the access management apparatus 1 and various information such as an ID key database 111 described later are stored.

The ID key database 111 registers and manages ID key ID information and the like in order to determine whether or not to permit the operation of the shared gate control device installed in the shared gate, which is the control target of the access control device 1. .
In the ID key database 111, ID information of an ID key to be controlled by the access management apparatus 1 is registered, and traffic authority information permitted by the ID information is registered in association with the ID key database 111. Based on the ID key database 111, the determination unit 102 to be described later can determine whether a person carrying the ID key is permitted to pass or operate the shared gate.

<Control unit 10>
Next, the function of the control unit 10 will be described from the viewpoint of means (unit) for executing the function. Note that the description of the function from the viewpoint of the procedure (method) can be described by substituting “procedure” for “part”, and thus will be omitted.
The control unit 10 includes a setting registration unit 101, a determination unit 102, an access management control unit 103, and a log creation unit 104.

[Setting Registration Unit 101]
The setting registration unit 101 registers the ID key ID information, the ID information, and the passage authority information in the ID key database 111 in association with each other.
In addition, in the entrance / exit management device 1 for an apartment house, ID information can be managed for each room number of a user who uses the ID key.
Further, the user ID of the user who owns the ID key can be registered in association with the ID information. Further, the electronic mail ID of the user can be registered in association with the ID information.

[Determining unit 102]
The determination unit 102 receives the ID information of the ID key read by the reader 15 installed in the shared gate via the input interface unit 13, and whether or not the received ID information is registered in the ID key database 111. Determine whether. Only when the received ID information is registered and the shared gate ID is registered in the traffic authority information corresponding to the ID information, the ID key is determined to be valid. An error occurs when the received ID information is not registered. Further, when the ID key has an expiration date, an effective time zone, etc., it can be determined as valid only when the current date and time information is within the range of the effective date and the effective time zone.

[In / Out Management Control Unit 103]
When the determination unit 102 determines that the ID information is valid, the access management control unit 103 allows the drive control signal according to the current state of the electric lock or automatic door to be permitted by the ID information. Output to the shared gate control device corresponding to.
For example, the entrance / exit management control unit 103 outputs a signal for permitting the unlocking of the common entrance to the common gate control device (for example, an electric lock operation panel, an automatic door controller, etc.) of the entrance / exit management device 1. .
Similarly, the entry / exit management control unit 103 outputs a signal for permitting the operation of the delivery locker, the elevator, etc., to the delivery locker controller 8, the elevator controller, etc., which are shared gate control devices of the entry / exit management device 1. .
By doing so, the user carrying the ID key can pass through the shared gate by unlocking the electric lock 181 and the automatic door in the shared gate. Similarly, a user carrying an ID key can operate home delivery lockers, elevators, and the like.

[Log Creation Unit 104]
The log creation unit 104 edits and records the log information in the log file 112 of the storage unit 11.

Note that a plurality of access control devices 1 may be provided so that the access control is distributed and processed. In that case, for example, a management PC (not shown) for centrally managing all the access control devices can be provided.
In this case, the setting registration unit 101 included in the control unit 10 of the access management apparatus 1 is managed by the control unit of the management PC, and performs input / output to the ID key database 111 by an instruction from the control unit of the management PC, for example. It can be constituted as follows.

<Management server 2>
The management server 2 is a management portal server that a user can access.
As shown in FIG. 3, the management server 2 can include a control unit 20, a storage unit 21, and a communication unit 22.

The communication unit 22 performs transmission / reception of data to / from the access control device 1, the key distribution server 3, the portable electronic device 4 and the like via a network such as a switching hub, a LAN cable, a wide area communication network, and a wireless communication network. Can do.
The communication unit 22 can include a wireless communication unit 221 (not shown). In particular, the portable electronic device 4 can exchange data via the wireless communication unit 221.

The control unit 20 is configured by, for example, a processor having a CPU, a ROM, a RAM, and the like, and controls each component configuring the management server 2. The CPU causes the management server 2 to function as a predetermined means described later by executing each program read from the ROM or the storage unit 21.
In addition, the control unit 20 causes the management server 2 to execute a predetermined procedure by executing each program.
Details of the control unit 20 will be described later.

  The storage unit 21 includes, for example, a semiconductor memory, a hard disk drive, and the like, and stores various information such as an operating system (OS) and software called applications. A user information area 211 is secured in the storage unit 21.

  In the user information area 211 of the storage unit 21, a user ID is set for each user, and a user information database 2111 for managing residence information, user information (for example, family structure) and the like is stored for each user ID.

<Control unit 20>
Next, the function of the control unit 20 will be described from the viewpoint of means (unit) for executing the function. Note that the description of the function from the viewpoint of the procedure (method) can be described by substituting “procedure” for “part”, and thus will be omitted.
The control unit 20 includes a connection processing unit 201, a traffic authority information setting unit 202, an access control device interface unit 203, and a key distribution server interface unit 204.

[Connection Processing Unit 201]
The connection processing unit 201 executes login processing from a portable electronic device carried by the user and refers to the user information database 2111 or the like based on the user ID, password or the like input by the user, so that the user can Authenticate that you are a legitimate person.
The login process is not limited to a login request from a portable electronic device carried by the user. For example, it may be an electronic device used by the user, such as a mobile phone, a tablet terminal, a PDA, a notebook computer, or a personal computer.
When the connection processing unit 201 authenticates that the user is a valid person, the connection processing unit 201 can be configured to provide the user with a service that can be used by the user, for example, through a menu.

Here, as a service that can be used by the user, the user can request the management server to issue traffic authority data for allowing his / her own guest to pass through and operate the shared gate. Includes services.
More specifically, the user can request the management server to issue traffic authority data to the guest specified by the user, up to the maximum number of times that the user is allowed to pass and operate the shared gate. Yes (hereinafter also referred to as “traffic authority issuance request”).

[Traffic authority information setting unit 202]
Also in the processing of the passage authority information setting unit 202 described below, the electronic device used by the user is not limited to the “portable electronic device 4”. Similarly to the user login process, for example, an electronic device used by the user, such as a mobile phone, a tablet terminal, a PDA, a notebook computer, or a personal computer, may be used.

[Select traffic authority data]
The passage authority information setting unit 202 receives an input of a passage authority issuance request from a user to a guest designated by the user, and passes or operates a shared gate permitted by the user with respect to the guest designated by the user. Select the traffic authority data up to the upper limit.
More specifically, the traffic authority information setting unit 202 is configured to perform the following processing, for example.
When the passage authority information setting unit 202 receives an input of a passage authority issuance request from a user to a guest designated by the user, the passage authority information permitted by the user is passed through an access control device interface unit 203 described later. Then, an acquisition request is made to the access control apparatus 1.
By doing so, the entrance / exit management device 1 extracts the passage authority information of the shared gate permitted to the user registered in the ID key database 111.

  The passage authority information setting unit 202 receives the passage authority information permitted for the user extracted from the ID key database by the entry / exit management device 1 based on the user ID and the like via the entry / exit management device interface unit 203. Can do.

The passage authority information setting unit 202 notifies the passage authority information permitted to the user received through the access control device interface unit 203 to, for example, the portable electronic device of the user.
By doing so, the user can select the traffic authority data with the upper limit of the traffic authority information permitted by the user for the guest, using the portable electronic device or the like.

  The traffic authority information setting unit 202 includes a guest ID (for example, guest email ID) specified by the user and a traffic authority permitted by the user selected by the user from a portable electronic device carried by the user. Receiving traffic authority data for the guest with information as the upper limit.

[Request for key information generation]
The passage authority information setting unit 202 sends, to the key distribution server 3 via the key distribution server interface unit 204, identification information (for example, user ID, e-mail address, etc.) of the user who is the distribution requester, Based on the specified guest identification information (for example, guest user ID, e-mail address, etc.), traffic authority data selected by the user, etc., the user is permitted to be associated with the user who is the distribution requester. A request is made to generate key information including ID information for permitting the passage and operation of the shared gate of the guest, with the upper limit being the passage and operation of the shared gate.
By doing so, the key information creation unit 302 of the key distribution server 3 to be described later is associated with the user who is the distribution requester, and the upper limit is the passage and operation of the shared gate permitted to the user. Key information including ID information for permitting the passage and operation of the guest's shared gate is generated.

The passage authority information setting unit 202 is configured to allow passage and operation of the shared gate of the guest up to the passage and operation of the shared gate permitted by the user generated by the key distribution server 3. Key information including ID information is received via the key distribution server interface unit 204.
As the guest ID information, for example, a branch number may be given to the ID information of the ID key carried by the user who is the distribution requester. By doing so, the ID information of the guest can be associated with the ID information owned by the user who is the distribution requester.
Moreover, you may link with the user who is a delivery requester by comprising so that the said key information may contain the identification information of the user who is a delivery requester.

[Setting registration request to ID key database 111]
The passage authority information setting unit 202 allows the guest access / reception management device 1 to pass through and operate the shared gate received via the key distribution server interface unit 204 via the key management server interface unit 203 via the access control device interface unit 203. Based on the key information including the ID information for that purpose, a setting registration to the ID key database 111 is requested.
By doing so, the entrance / exit management device 1 sets and registers in the ID key database 111 key information including ID information generated by the key distribution server 3 for permitting the passage and operation of the guest's shared gate. Can do.

[Request for distribution to key distribution server]
Thereafter, the passage authority information setting unit 202, via the key distribution server interface unit 204, gives the key distribution server 3 a key including ID information or ID information for allowing the guest to pass and operate the shared gate. Request distribution of information to portable electronic devices carried by the guest.
By doing so, the guest to whom the key information including the ID information or the ID information is distributed in advance is the guest whose upper limit is the passage authority information of the user who is the distribution requester of the portable electronic device 4 carried by the guest. Can be used as an ID key including ID information for permitting passage and operation of the shared gate.

[Access control device interface unit 203]
The entry / exit management device interface unit 203 controls an interface when processing requests and notifications are transmitted from the management server 2 to the entry / exit management device 1 or when processing requests and notifications are received from the entry / exit management device 1.

[Key distribution server interface unit 204]
The key distribution server interface unit 204 controls an interface when a processing request, notification, or the like is transmitted from the management server 2 to the key distribution server 3, or when a processing request, notification, or the like is received from the key distribution server 3.

<Key distribution server 3>
As shown in FIG. 4, the key distribution server 3 can include a control unit 30, a storage unit 31, and a communication unit 32.

The communication unit 32 can perform data transmission / reception with the management server 2 and the portable electronic device 4 via a network such as a switching hub, a LAN cable, a wide area communication network, and a wireless communication network.
The communication unit 32 can include a wireless communication unit 321 (not shown). In particular, data exchange can be performed with the portable electronic device 4 via the wireless communication unit 321.

The control unit 30 is configured by a processor having a CPU, a ROM, a RAM, and the like, for example, and controls each component configuring the management server 2. The CPU causes the key distribution server 3 to function as a predetermined unit to be described later by executing each program read from the ROM or the storage unit 11.
Further, the control unit 30 causes the key distribution server 3 to execute a predetermined procedure by executing each program.
Details of the control unit 30 will be described later.

  The storage unit 31 includes, for example, a semiconductor memory, a hard disk drive, and the like, and stores various information such as an operating system (OS) and software called an application being saved. The storage unit 21 includes a key information management area 311 and a device information management area 312.

The key information management area 311 of the storage unit 31 includes a key information database 2111 for managing key information including ID information of an ID key carried by the user for each user ID.
Similarly, in the key information database 2111, the key distribution server 3 generates the upper limit on the passage and operation of the shared gate permitted to the user, which is generated in association with the user who is the distribution requester. Key information including ID information for permitting access and operation of the guest's shared gate is stored.

  The device information management area 312 of the storage unit 31 stores device information used to transmit key information to the portable electronic device carried by the user and the portable electronic device carried by the guest by the push method.

<Control unit 30>
Next, functions of the control unit 30 will be described from the viewpoint of means (units) for executing the functions. Note that the description of the function from the viewpoint of the procedure (method) can be described by substituting “procedure” for “part”, and thus will be omitted.
The control unit 30 includes a connection processing unit 301, a key information creation unit 302, a key information distribution unit 303, a management server interface unit 304, and a charging processing unit 305.

[Connection Processing Unit 301]
The connection processing unit 201 receives a request from the user or the guest, and installs an ID key application described later in the portable electronic device 4 of the user or the guest.
The guest operates the ID key application to store ID information or key information including ID information in the storage unit of the portable electronic device 4 carried by the guest, as will be described later, and the portable electronic device 4 Can be used as an ID key.

[Key information creation unit 302]
As described above, the key distribution server 3 receives the identification information of the user who is the distribution requester received from the management server 2 via the management server interface unit 304, the identification information of the guest specified by the user, and the selection by the user. Based on the access authority data, etc., the guest is permitted to pass through and operate the shared gate of the guest, up to the maximum number of access and operation of the shared gate permitted to the user, linked to the user who is the distribution requester. Key information including ID information for permission is generated.
The key information creation unit 302 stores key information including ID information for permitting passage and operation of the guest's shared gate in the key information management area 311 of the storage unit 31.

[Key information distribution unit 303]
The key information distribution unit 303 is a key including ID information or ID information, which is generated by the key information generation unit 302 in association with the user who is the distribution requester, and allows the passage and operation of the shared gate of the guest. Distribute information to portable electronic devices carried by the guest.
This distribution can be performed by a push method for the ID key application.
More specifically, the key information distribution unit 303 designates the portable electronic device and the ID key application carried by the guest, and distributes the key information by a push method, whereby the ID key application of the portable electronic device is transmitted. Is activated, ID information or key information including the ID information is stored in the storage unit of the portable electronic device 4, and the portable electronic device 4 can be used as an ID key.

[Key information update, etc.]
The key information distribution unit 303 distributes the key information including ID information or ID information for permitting the passage and operation of the guest's shared gate to the portable electronic device carried by the guest, and then the key information. It is possible to notify the distribution data related to the update in the push method.
More specifically, the key information distribution unit 303 designates the portable electronic device and the ID key application carried by the guest, and distributes the distribution data related to the key information update by the push method, whereby the portable electronic device The ID key application of the device is activated, and the ID information stored in the storage unit of the portable electronic device 4 or the key information including the ID information is updated.

For example, even if the key information is before the expiration date, for example, the key information distribution unit 303 notifies the portable electronic device carried by the guest of distribution data for invalidating the key information by a push method. The key information can be invalidated.
Conversely, the key information distribution unit 303 notifies the portable electronic device carried by the guest of the distribution data for extending the expiration date of the key information before the expiration date of the key information passes. Thus, the expiration date of the key information can be updated.

[Management Server Interface 304]
The management server interface unit 304 controls an interface when a processing request, notification, or the like is transmitted from the key distribution server 3 to the management server 2 or when a processing request, notification, or the like is received from the management server 2.

[Billing processing unit 305]
When the key information distribution unit 303 distributes the ID information for permitting the passage and operation of the guest's shared gate or key information including the ID information to the portable electronic device carried by the guest. Based on the identification information of the user who is the distribution requester, the identification information of the guest who is the distribution destination, the information on the key information distribution date and the like, a charging file (tentative name) can be created for the charging process. .
By doing so, the billing processing unit 305 can perform billing processing (for example, billing, electronic payment such as credit) for the user or guest based on the billing file (tentative name). .
The billing processing unit 305 may be configured to create a billing file (tentative name) when the key information creating unit 302 creates the key information.

[Portable electronic equipment 4]
The mobile electronic device 4 carried by the user or guest is configured to receive distribution data related to registration of key information or update of key information based on a push notification from the key distribution server 3 to, for example, an ID key application.

[Push notification function]
In order to use the portable electronic device carried by the user or guest as the ID key, the ID key application is downloaded and installed from the key distribution server 3 in advance, and the user or guest can use the ID key to enable push notification. A push function is set for the application, and device information is registered in the key distribution server 3.
By doing so, the portable electronic device 4 carried by the guest receives ID information or key distribution data such as key information including ID information from the key distribution server 3 by push notification, and the portable electronic device is connected to the guest electronic device. Can be used as an ID key including ID information for permitting passage and operation of the shared gate.

Next, the operation of the access management system 1 configured as described above will be briefly described with reference to FIG.
(1) First, the user uses a shared gate of a guest whose upper limit is the passage and operation of the shared gate permitted to the management server 2 via, for example, a portable electronic device carried by the user. Request to issue the guest's passage authority to allow the passage and operation of the guest.
In response to this, the management server 2 (traffic authority information setting unit 202) requests the access management apparatus 1 to extract the traffic authority information of the shared gate permitted to the user.
By doing so, the entrance / exit management device 1 extracts the passage authority information of the shared gate permitted to the user registered in the ID key database 111, and responds to the management server 2 (traffic authority information setting unit 202). To do.
The management server 2 (traffic authority information setting unit 202) notifies traffic authority information permitted to the user to, for example, the user's portable electronic device.
By doing so, the user selects the traffic authority data with the upper limit of the traffic authority information permitted by the user for the guest by a portable electronic device or the like, and the management server 2 (traffic authority information setting unit) 202).

(2) In response to this, the management server sets the access authority data for the shared gate of the guest, with the upper limit being the passage and operation of the shared gate permitted by the user.

(3) Next, the management server 2 requests the key distribution server 3 to generate key information including the guest ID information based on the passing authority data of the shared gate of the guest.
In response to this, the key distribution server 3 (key information creation unit 302) associates the user who is the distribution requester with key information including ID information for permitting passage and operation of the guest's shared gate. Generate and respond to the management server 2 (traffic authority information setting unit 202).

  (4) By doing so, the management server 2 acquires key information including the guest ID information from the key distribution server 3.

  (5) Next, the management server 2 requests the entry / exit management device 1 to set and register key information including the guest ID information. By doing so, key information including ID information of the guest is registered in the access control apparatus 1.

  (6) Next, the management server 2 requests the key distribution server 3 to push the guest's ID information or key information including the ID information to the portable electronic device 4 of the guest.

  (7) By doing so, the key distribution server 3 performs push distribution of distribution data related to registration of key information including the guest ID information or ID information to the guest portable electronic device 4. By doing so, the portable electronic device 4 carried by the guest serves as an ID key including ID information for permitting the guest to pass and operate the shared gate by the push notification of the distribution data related to the registration of the key information. Be available.

Thereafter, the guest operates the portable electronic device 4 within the communicable area of the reader 13 arranged at the shared gate to be passed, and starts the ID key application, so that the guest is based on the key information including the guest ID information. Thus, it is possible to pass or operate the common gate which is within the pass authority range.
Note that when an activation command is transmitted from the access control device 1 to the portable electronic device 4 in the communicable area, the application of the portable electronic device 4 may be automatically activated by this activation command. . In this case, the operation of the portable electronic device 4 becomes unnecessary.

As described above, the access control system 100 associates with the user the ID information for permitting the passage of the guest's shared gate up to the range of the shared gate's passage authority information permitted to the user. Key information generating unit 302 that generates key information including the key information and a key information distributing unit that push distributes the guest ID information or key information including the ID information to the portable electronic device 4 carried by the guest via the wireless communication unit 303.
By doing so, the user can set the traffic authority information for allowing the guest to pass through the shared gate online, up to the range of the traffic authority information of the shared gate permitted to him / her. .

The entrance / exit management system 100 further obtains the range of the passage authority information of the shared gate permitted by the user from the entry / exit management device 1, and selects the passage authority data for the guest based on the acquired passage authority information of the user. A traffic authority information setting unit 202 is provided.
By doing so, the user can easily select the traffic authority data for permitting the guest to pass through the shared gate, up to the range of the traffic authority information of the shared gate permitted to the user. .

The entrance / exit management device 1 is associated with an ID key database 111 in which key information including ID information stored in an ID key carried by the user is registered in advance and allows the user to pass through the shared gate. A setting registration unit 101 for setting and registering key information including the ID information in the ID key database 111.
By doing so, the key information including the guest ID information set by the user can be registered in the ID key database 111 of the access control apparatus 1.

<Regarding Modification of First Embodiment>
The entrance / exit management system 100 according to the first embodiment has been described above. However, the present invention is not limited to the first embodiment.

[First Modification]
In the first embodiment, as the user agent, the management server 2 selects guest passage authority data, requests the key distribution server 3 to generate key information including the guest ID information, and the guest to the access management device 1. A request for setting registration of key information including the ID information and a request for push distribution of the guest ID information to the key electronic distribution server 3 to the portable electronic device 4 of the guest has been executed. Instead of going through the server 4, it is possible to make a processing request directly from the user's portable electronic device 4 to the key distribution server 3 and the access management apparatus 1.
In this case, the connection processing unit 301 of the key distribution server 3 is configured to connect to the user's portable electronic device 4 and receive a processing request from the user.
In addition, the key distribution server 3 requests the setting registration unit 101 of the access management device 1 to make a key information setting registration request including key information including ID information for allowing the guest to access and operate the shared gate. A request unit (tentative name) and an access control device interface unit are provided (not shown).

This will be described with reference to FIG.
As shown in (1), the user's portable electronic device 4 preliminarily sets guest traffic authority data with the upper limit on the traffic and operation of the shared gate permitted by the user by the user's input. Can be configured.

More specifically, the portable electronic device 4 stores the passage authority information of the portable electronic device 4 based on the passage authority information (key information) related to the common gate permitted by the user stored in the storage unit. It can be displayed as a selection list on the display unit.
By doing so, the user can use the portable electronic device 4 to select the travel authority data with the upper limit of the travel authority information permitted by the user for the guest.
Next, as shown in (2), the portable electronic device 4 of the user uploads the traffic authority data at the shared gate of the guest directly to the key distribution server 3 in accordance with an instruction from the user. At that time, the portable electronic device 4 associates the key distribution server 3 (connection processing unit 301) with the user who is the distribution requester based on the passing authority data of the guest, and passes the shared gate of the guest. And generation of key information including ID information for permitting the operation can be requested.

  Thereafter, as shown in (3), the key distribution server 3 (key information creation unit 302) passes the shared gate of the guest based on the user identification information, the guest identification information, the guest passage authority data, and the like. And key information including ID information for permitting the operation.

And as shown in (4), the key distribution server 3 (key information setting registration request part (tentative name)) is an ID for permitting the access management device 1 to pass and operate the guest's shared gate. Request setting registration of key information including information.
The setting registration unit 101 of the access control apparatus 1 associates the ID information of the ID key with the user who is the distribution requester, and registers the ID information and the passage authority information in the ID key database 111 in association with each other.

  Further, as shown in (5), the key distribution server 3 (key information distribution unit 303) permits passage and operation of the shared gate of the guest generated in association with the user who is the distribution requester. ID information or key information including the ID information is distributed to the portable electronic device carried by the guest.

[Effect of the first modification]
As described above, in the first modification of the access control system 100, the portable electronic device 4 carried by the user limits the range of the access authority information of the shared gate permitted to the user in advance without using the management server 2. The traffic authority data for the guest can be selected and uploaded to the key distribution server 3.
By doing so, the user can easily set in advance offline authority data for allowing the guest to pass through the shared gate, up to the range of the access authority information of the shared gate permitted to him / her. be able to.
In the first modified example, key information including ID information for permitting access and operation of the guest's shared gate directly to the access control device 1 from the key distribution server 3 (key information distribution unit 303). However, the processing request (including setting registration processing) to the entry / exit management apparatus 1 may be configured to pass through the management server 2.

[Second Modification]
In the first embodiment and the first modified example, the access control apparatus 1 uses the ID key database 111 to generate key information including ID information generated by the key distribution server 3 for permitting the passage and operation of the shared gate of the guest. As a modification of the first embodiment and the first modification, the key information including the ID information for permitting the passage and operation of the shared gate of the guest is set in the ID key database 111. It can be configured such that registration can be omitted.
More specifically, it can be configured as follows.

First, the portable electronic device 4 carried by the guest stores the key information including the guest ID information associated with the user distributed from the key distribution server 3 in the memory of the portable electronic device 4.
By doing so, when the guest passes through the shared gate, the access control apparatus 1 receives the key information including ID information from the portable electronic device 4 carried by the guest via the reader 13 installed in the shared gate. (Traffic authority information) can be received.

The entrance / exit management device 1 (determination unit 102) determines that the key information including the received guest ID information is associated with a predetermined user and that the key information including the ID information includes the authority to pass through the shared gate. Whether or not is included.
More specifically, when the access management apparatus 1 (determination unit 102) receives key information including ID information of the portable electronic device 4 carried by the guest by the reader, the ID information is the distribution requester. It is configured to determine that it is associated with a certain user and that the key information including the ID information includes the passage authority of the shared gate corresponding to the reader.

[Effect of the second modification]
The entrance / exit management device 1 can authenticate the ID information as valid based on the fact that the ID information for allowing the guest to pass through the shared gate is linked to the user.
By doing so, registration of the key information including the guest ID information set by the user in the ID key database 111 of the access control apparatus 1 can be omitted.

[Third Modification]
In the first embodiment, the first modified example, and the second modified example, the traffic authority data for the guest whose upper limit is the range of the traffic authority information based on the traffic authority information of the shared gate permitted by the user However, as another embodiment, the administrator can set in advance a shared gate that is not permitted to the guest of the user for each user.

  For example, in any one of the access control device 1, the management server 2, or the key distribution server 3, the administrator, for each user, selects a shared gate that cannot be permitted by the guest among the passage authority of the shared gate permitted by the user. Set in the non-permitted shared gate table (tentative name). The user refers to the table when setting the shared gate that can be permitted to the guest, and if the corresponding shared gate exists in the table, the upper limit is the passage and operation of the shared gate permitted for the user. The shared gate can be deleted from the traffic authority data of the guest. As such a shared gate, for example, there is an emergency food storage for storing food, drinking water and the like prepared for an emergency disaster.

  By doing so, the user can be prevented from mistakenly permitting the shared gate, for example, administratively inappropriate for the guest.

[Fourth Modification]
In 1st Embodiment and the 1st modification-the 3rd modification, although it was set as the structure which connects the some server which consists of the management server 2 and the key distribution server 3 by communication, it is not limited to this.
For example, you may comprise so that each function part with which the management server 2 is provided, and each function part with which the key distribution server 3 is provided are implement | achieved by one server.
Moreover, it is good also as a distributed processing system which distributes each function with which each server is provided to several servers suitably. In addition, each function included in each server may be realized using a virtual server function or the like on the cloud. The server may be a server system including a plurality of servers such as a Web server, an application server, and a database server.
In other words, embodiments of each functional unit included in each server are deployed so that they can be distributed and executed by a single computer or a large number of computers that are located in one place or distributed in several places and are interconnected by a communication network. it can.

[Fifth Modification]
In the first embodiment and the first to fourth modifications, the property is an apartment house such as a condominium. However, the present invention is not limited to an apartment house such as an apartment. For example, in various properties such as commercial facilities such as offices and hospitals, and large facilities such as public facilities, the contractor, administrator, etc. are permitted to use the permitted common gates and operations, etc. , It is possible to request the issuance of traffic authority data to a guest designated by an administrator or the like.

The access control system of the present invention can be executed by hardware or can be executed by software.
In other words, the functional configurations of FIGS. 2 to 4 are merely examples, and are not particularly limited. That is, it is sufficient if the access management system is provided with a function capable of executing a series of processes relating to the access control function of the present invention as a whole, and what functional blocks are used to realize this function are particularly shown in FIGS. It is not limited to the example of FIG.
In addition, one functional block may be constituted by hardware alone, software alone, or a combination thereof.

When a series of processing is executed by software, a program constituting the software is installed on a computer or the like from a network or a recording medium.
The computer may be a computer incorporated in dedicated hardware. The computer may be a computer capable of executing various functions by installing various programs.

  A recording medium including such a program is provided not only to the removable medium 31 distributed separately from the apparatus main body in order to provide the program to the user, but also to the user in a state of being incorporated in the apparatus main body in advance. Recording medium. The removable medium 31 is composed of, for example, a magnetic disk (including a floppy disk), a Blu-ray disk, an optical disk, a magneto-optical disk, or the like. The optical disk is composed of, for example, a CD-ROM (Compact Disk-Read Only Memory), a DVD (Digital Versatile Disk), or the like. The magneto-optical disk is configured by an MD (Mini-Disk) or the like. Further, the recording medium provided to the user in a state of being pre-installed in the apparatus main body is included in, for example, the storage unit 11 in FIG. 2, the storage unit 21 in FIG. 3, and the storage unit 31 in FIG. Hard disk etc.

DESCRIPTION OF SYMBOLS 100 In / out management system 1 In / out management apparatus 10 Control part 101 Setting registration part 102 Judgment part 103 In / out management control part 104 Log production part 11 Storage part 111 ID key database 112 Log file 113 Equipment information area 12 Communication part 13 Reader 2 Management server 20 Control unit 201 Connection processing unit 202 Traffic authority information setting unit 203 Access control device interface unit 204 Key distribution server interface unit 21 Storage unit 211 User information area 3 Key distribution server 30 Control unit 301 Connection processing unit 302 Key information creation unit 303 Key information Distribution unit 304 Management server interface unit 305 Accounting processing unit 31 Storage unit 311 Key information management area 312 Device information management area 4 Portable electronic device 5 Communication network

Claims (6)

An access management device that controls the passage of the shared gate of the building based on key information including ID information that is identification information of the ID key stored in the ID key carried by the user, a key distribution server, a communication network, An access control system including
The key distribution server
A wireless communication unit;
Based on the passage authority data for the guest specified by the user up to the range of the passage authority information of the shared gate permitted for the user, the guest is allowed to pass the shared gate in association with the user. A key information creating unit for generating key information including ID information for
Distribute the ID information or the key information including the ID information generated to be associated with the user to allow the guest to pass through the shared gate to the portable electronic device carried by the guest via the wireless communication unit. A key information distribution unit for
The access control device
Based on the key information including the ID information for permitting the passage and operation of the guest's shared gate generated by the key information creation unit, the passage in the shared gate of the guest building is controlled.
An access control system characterized by that.
The access management system further includes a management server communicably connected to the access management device and the key distribution server,
The management server
The range of the pass authority information of the shared gate permitted to the user is acquired from the access control device, and the range of the pass authority information is determined based on the acquired pass authority information of the shared gate permitted to the user. A traffic authority information setting unit for selecting traffic authority data for the guest as an upper limit,
The passage authority information setting unit notifies the key distribution server of the passage authority data for the guest, with the upper limit being the range of the passage authority information of the shared gate permitted to the user.
The entrance / exit management system according to claim 1.
The access management system further includes an electronic device capable of communicating with the key distribution server,
The electronic device is
Uploading the access authority data for the guest to the key distribution server up to the range of the access authority information of the shared gate permitted by the user, which is input by the user,
The entrance / exit management system according to claim 1.
The access control device further includes:
An ID key database in which key information including ID information that is identification information of the ID key stored in an ID key carried by the user is registered;
A setting registration unit that sets and registers key information including ID information for permitting passage of the guest's shared gate in the ID key database in association with the user;
The access control system according to any one of claims 1 to 3, further comprising:
The access management device further includes the ID distributed to the portable electronic device carried by the guest based on the fact that ID information for allowing the guest to pass through the shared gate is linked to the user. The access control system according to any one of claims 1 to 3, wherein key information including information is authenticated as valid.
An entry / exit management method for controlling the passage of a shared gate of a building for a guest designated by a user by a key distribution server and an entry / exit management device including a wireless communication unit,
By the key distribution server,
Based on the passage authority data for the guest specified by the user up to the range of the passage authority information of the shared gate permitted for the user, the guest is allowed to pass the shared gate in association with the user. A key information creation step for generating key information including ID information for
Distribute the ID information or the key information including the ID information generated to be associated with the user to allow the guest to pass through the shared gate to the portable electronic device carried by the guest via the wireless communication unit. Key information distribution step to perform,
With the access control device,
Controlling the passage of the guest building through the shared gate based on the key information including the ID information for permitting the passage and operation of the shared gate of the guest generated by the key information creating step;
The access control method characterized by including.

Images