JP2017117119A - Information processing device, information processing system, authentication method and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To efficiently update authentication information.SOLUTION: An information processing device includes a storage part for storing user's authentication information, a detection part for detecting the user's authentication information, a first authentication part for executing first authentication for collating the detected authentication information with the authentication information stored in the storage part, a second authentication part for executing second authentication different from the first authentication, a third authentication part for executing third authentication different from the first authentication and the second authentication in the case that the first authentication does not authenticate the user and that the second authentication authenticates the user, and an update part for updating the authentication information stored in the storage part with the detected authentication information in the case that the third authentication authenticates the user.SELECTED DRAWING: Figure 5

Description

  The present invention relates to an information processing apparatus, an information processing system, an authentication method, and a program.

  Face authentication using a camera is becoming popular as a method for authenticating a user. Since face authentication is less accurate than authentication using short-range wireless (such as IC card authentication), a technique for improving the accuracy of authentication by combining face authentication and authentication using short-range wireless has been proposed. .

  In face authentication, authentication may fail due to the passage of time or changes in the appearance of the user. In Patent Document 1, information generated from a captured face image is compared with a plurality of pre-registered authentication information, and when authentication is successful, authentication information other than the authentication information with the lowest similarity is updated. Thus, a technique for dealing with the aging of the registered authentication information has been proposed.

  However, in the conventional technology, there are cases where the authentication information used for face authentication cannot be updated efficiently. For example, when updating a registered user image, it is necessary to register the face image after the user captures the user's face image with an imaging device. The method of Patent Document 1 has a problem that registration information cannot be updated unless face authentication is successful.

  The present invention has been made in view of the above, and an object thereof is to provide an information processing apparatus, an information processing system, an authentication method, and a program that can update authentication information more efficiently.

  In order to solve the above-described problems and achieve the object, the present invention provides a storage unit for storing user authentication information, a detection unit for detecting user authentication information, detected authentication information, A first authenticating unit that performs first authentication for checking authentication information stored in a storage unit; a second authenticating unit that performs second authentication different from the first authentication; and A third authenticating unit that executes a third authentication different from the first authentication and the second authentication when the user is not authenticated by the second authentication and the user is authenticated by the second authentication; An update unit that updates the authentication information stored in the storage unit with the detected authentication information when the user is authenticated by the third authentication.

  According to the present invention, there is an effect that authentication information can be updated more efficiently.

FIG. 1 is a diagram illustrating an example of a configuration of an information processing system according to the embodiment. FIG. 2 is a diagram illustrating an example of an imaging range of the camera and a detection range of each sensor according to the embodiment. FIG. 3 is a diagram illustrating an example of a hardware configuration of the image forming apparatus according to the embodiment. FIG. 4 is a diagram illustrating an example of a software configuration of the image forming apparatus according to the embodiment. FIG. 5 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the embodiment. FIG. 6 is a diagram illustrating an example of the calculated similarity. FIG. 7 is a diagram illustrating an example of user information according to the embodiment. FIG. 8 is a diagram illustrating another example of user information according to the embodiment. FIG. 9 is a diagram illustrating another example of user information according to the embodiment. FIG. 10 is a flowchart illustrating an example of wireless authentication processing of the image forming apparatus according to the embodiment. FIG. 11 is a flowchart illustrating an example of image authentication processing of the image forming apparatus according to the embodiment. FIG. 12 is a diagram for explaining an example of image authentication according to the embodiment. FIG. 13 is a diagram for describing an example of image authentication according to the embodiment. FIG. 14 is a flowchart illustrating an example of a composite authentication process of the image forming apparatus according to the embodiment. FIG. 15 is a diagram illustrating an example of a password input screen used for password authentication. FIG. 16 is a diagram illustrating an example of updating authentication information. FIG. 17 is a diagram illustrating an example of a selection screen displayed in the modification. FIG. 18 is a diagram illustrating an example of an average calculation method according to a modification.

  Exemplary embodiments of an information processing apparatus, an information processing system, an authentication method, and a program according to the present invention will be described below in detail with reference to the accompanying drawings.

  The information processing apparatus according to the present embodiment performs authentication (combined authentication processing) that combines face authentication (first authentication) and other authentication (second authentication) such as authentication using short-range wireless communication. If the short-range wireless authentication is permitted and the face authentication is not permitted, another authentication (third authentication) is executed. If the authentication is successful, the authentication information already registered is changed to the current face information. The authentication information used for authentication can be replaced. Thereby, authentication information such as registered user images can be updated more efficiently.

  FIG. 1 is a diagram illustrating an example of a configuration of an information processing system according to an embodiment. The configuration of the information processing system 100 according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 1, the information processing system 100 includes an image forming apparatus 101 and an RFID (Radio Frequency Identification) tag 104 possessed by a user 105.

  The image forming apparatus 101 is, for example, an image forming apparatus such as an MFP (Multi Function Peripheral), a copier, a printer, a facsimile apparatus, or a scanner apparatus, and is an example of the information processing apparatus of the present invention. Here, the MFP is a multifunction device having at least two functions among a copy function, a printer function, a scanner function, and a facsimile function. The image forming apparatus 101 includes a camera 102, an RFID tag reader 103, and a moving body sensor 106. The RFID tag reader 103 receives predetermined information such as a wireless tag ID from an RFID tag 104 (an example of a wireless tag) within a predetermined range. The camera 102 captures an image. The moving body sensor 106 detects a moving body (such as a user) within a predetermined range. Here, the RFID is a technique for performing short-range wireless communication using electromagnetic waves or radio waves between the RFID tag 104 storing predetermined information such as a wireless tag ID and the RFID tag reader 103. It is an example of radio | wireless communication.

  For example, when the RFID tag 104 is a passive tag, the RFID tag reader 103 radiates a predetermined radio wave to a detection range of the RFID tag reader 103 described later. When the RFID tag 104 receives a radio wave radiated from the RFID tag reader 103, the RFID tag 104 operates using the received radio wave as power, and transmits predetermined information such as a radio tag ID stored in advance to the RFID tag reader 103.

  A passive tag is an RFID tag that operates using radio waves from an RFID tag reader as an energy source, and does not require a battery. The antenna of the passive tag reflects a part of the radio wave from the RFID tag reader and returns information such as the radio tag ID on the reflected wave. Since the intensity of this reflection is very small, a passive tag has a shorter communication distance than an active tag that transmits radio waves with its own power, but is inexpensive and operates almost permanently.

  Radio wave transmission systems are mainly classified into radio wave induction systems and radio wave systems. The electromagnetic induction method is a method of transmitting energy and signals by magnetically coupling a tag coil and a reader antenna coil. Compared to the radio system, energy can be transmitted more efficiently, so development has progressed further. Felica (registered trademark) is this system. This method is adopted in a band of 130 to 135 kHz and 13.56 MHz. The maximum communicable distance of the radio wave induction method is about 1 m. On the other hand, the radio wave system is a system in which radio waves are exchanged between a tag antenna and a reader antenna to transmit energy and signals. Since radio waves are radiated and transmitted in space, it is possible to communicate with tags farther than electromagnetic induction methods. This method is adopted in the bands of 433 MHz, 900 MHz, and 2.45 GHz. The communicable distance of the radio wave system is 3 to 5 m with a passive tag. The active tag can communicate about several kilometers as long as output power is allowed.

  For example, the camera 102 is an imaging device installed so that a captured image includes a user 105 who uses the image forming apparatus 101.

  FIG. 2 is a diagram illustrating an example of an imaging range of a camera and a detection range of each sensor according to an embodiment. FIG. 2 shows an example of the imaging range 251 of the camera 102, the detection range 252 of the RFID tag reader 103, and the detection range 253 of the mobile sensor 106.

  In FIG. 2, a detection range 252 of the RFID tag reader 103 when viewed from the upper surface of the image forming apparatus 101 is shown. In the example of FIG. 2, the image forming apparatus 101 includes, for example, a patch antenna and the like, and is fan-shaped (for example, an angle of 150 °) on the front surface (downward direction in FIG. 2) of the image forming apparatus 101. A detection range 252 is formed. The RFID tag reader 103 radiates a predetermined radio wave to the detection range 252 when the user 105 is detected by the moving body sensor 106. Thus, for example, when the user 105 having the RFID tag 104 approaches a predetermined distance (for example, within 3 m) from the front surface of the image forming apparatus 101, predetermined information stored in the RFID tag 104 (for example, wireless) Tag ID) is automatically transmitted to the image forming apparatus 101. The camera 102 is activated (operated) when the user 105 is detected by the moving body sensor 106.

  In the present embodiment, the image forming apparatus 101 stores information indicating a user registered in advance, a wireless tag ID (an example of authentication information) received from the RFID tag 104, and an image forming apparatus 101 described later. Based on the information indicating the user registered in advance in the storage unit, the RFID tag 104 is authenticated (hereinafter also referred to as “wireless authentication”) (second authentication). The image forming apparatus 101 also includes, for example, the facial image of the user 105 included in the image captured by the camera 102 and the facial feature information (authentication) of the user registered in advance in the storage unit of the image forming apparatus 101 described later. Based on (an example of information), authentication of the user 105 captured in the image (hereinafter also referred to as “image authentication”) (first authentication) is performed. Further, when wireless authentication and image authentication are permitted, the image forming apparatus 101 includes information indicating a user corresponding to the RFID tag 104 permitted for wireless authentication, and information indicating a user permitted for image authentication. Based on the above, login authentication for the user 105 to use the image forming apparatus 101 (hereinafter also referred to as “apparatus authentication”) is performed. For example, when the user of the RFID tag 104 permitted for wireless authentication and the user permitted for image authentication are the same user, the image forming apparatus 101 logs in the user to the image forming apparatus 101. To give permission.

  As described above, the image forming apparatus 101 is permitted to perform both the wireless authentication using the RFID tag 104 and the image authentication using the image captured by the camera 102, and the RFID tag 104 that is permitted to perform the wireless authentication. If the user and the user authorized for image authentication are the same user, login of the user is permitted. As a result, according to the image forming apparatus 101 according to the present embodiment, the user 105 of the image forming apparatus 101 only has the RFID tag 104 and can authenticate an authentication method using a captured image such as image authentication. It becomes possible to improve the accuracy.

  Further, in the present embodiment, when wireless authentication is permitted but image authentication is not permitted, authentication by still another authentication method is executed. When the authentication is successful, a selection screen for selecting whether or not to update authentication information (such as facial feature information) used for image authentication is displayed. FIG. 1 shows an example of the selection screen 300. The selection screen 300 includes an OK button 301 and a Cancel button 302. When the OK button 301 is pressed, the registered authentication information used for image authentication is replaced with the authentication information used for the current image authentication. When the Cancel button 302 is pressed, authentication information replacement is not executed.

  The moving body sensor 106 is used to return the image forming apparatus 101 from the power saving state to the normal state when, for example, the user 105 enters the detection range 253. The normal state is an example of a state in which information processing is executed according to an operation performed by the user. When the image forming apparatus 101 operates in a normal state, power required for executing information processing is supplied to each unit of the image forming apparatus 101. The power saving state is an example of a state in which at least part of the operation of the image forming apparatus 101 is temporarily stopped. When the image forming apparatus 101 operates in the power saving state, power supply to at least a part of the image forming apparatus 101 is stopped, and the power consumption of the image forming apparatus 101 is less than that in the normal state. However, even when the image forming apparatus 101 operates in the power saving state, power is supplied to the moving body sensor 106 so that these units can operate in the power saving state.

  The sizes of the imaging range 251, the detection range 252, and the detection range 253 are arbitrary, but may be 0.6 m, 1 m, and 2 m, for example. Thus, if the detection range 253 is made larger than the other ranges, for example, the user 105 can supply power to the RFID tag reader 103 and the camera 102 and operate them until the user 105 enters the imaging range 251 or the detection range 252. .

  In the case of a configuration without a power saving state, or a configuration in which power is supplied to the RFID tag reader 103 and the camera 102 even in the power saving state, the mobile body sensor 106 may not be provided.

  Note that the system configuration in FIG. 1 is merely an example. For example, FIG. 1 shows the image forming apparatus 101 as an example of the information processing apparatus, but the present invention is not limited to this. The information processing apparatus may be a PC (Personal Computer), a tablet terminal, a smartphone, a game machine, a video conference apparatus, or the like having an authentication function for a user similar to the image forming apparatus 101.

  In addition, the camera 102 or the RFID tag reader 103 may be externally attached.

  The RFID tag 104 may be an RFID active tag or a semi-active tag. The RFID tag 104 is an example of a wireless tag. The wireless tag may be a wireless terminal that performs communication using a short-range wireless method (for example, Bluetooth (registered trademark) Low Energy (hereinafter referred to as “BLE”) or NFC (Near Field Communication)) different from RFID. Good. Further, instead of the wireless tag, a mobile terminal equipped with a wireless tag or the like may be used. As described above, the authentication (wireless authentication) using the RFID tag 104 is an example, and may be replaced with another authentication method using an object storing authentication information associated with the user.

  An authentication method combined with wireless authentication is not limited to an authentication method using an image obtained by capturing a user. For example, various authentication methods for authenticating a user using feature information indicating the characteristics of the user's biological body may be used. Such authentication methods include, for example, authentication based on the user's walking pattern, authentication based on the speed and timing of the user's key input, voice authentication, fingerprint authentication, iris authentication, and vein authentication.

(Hardware configuration)
FIG. 3 is a diagram illustrating an example of a hardware configuration of the image forming apparatus according to the present embodiment. A hardware configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

  As illustrated in FIG. 3, the image forming apparatus 101 includes a main body 310 that realizes various image forming functions such as a copy function, a scanner function, a fax function, and a printer function, and an operation unit 330 that receives a user operation. . Here, accepting the user's operation is a concept including accepting information (including a signal indicating a coordinate value of the screen) input according to the user's operation.

  The main body 310 and the operation unit 330 are connected to each other via a dedicated communication path 350 so that they can communicate with each other. The communication path 350 may be, for example, a USB (Universal Serial Bus) standard, but is not limited thereto, and may be of any standard regardless of wired or wireless. The main body 310 performs an operation according to the operation received by the operation unit 330. The main body 310 can also communicate with an external device such as a client PC, and can also perform an operation according to an instruction received from the external device.

<Hardware configuration of main unit>
As shown in FIG. 3, the main body 310 includes a CPU (Central Processing Unit) 311, a ROM (Read Only Memory) 312, a RAM (Random Access Memory) 313, a storage 314, and a communication I / F (Interface) 315. A connection I / F 316, an engine 317, a moving body sensor 318, and a system bus 319.

  The CPU 311 comprehensively controls the operation of the main body 310. The CPU 311 controls the overall operation of the main body 310 by executing a program stored in the ROM 312 or the storage 314 using the RAM 313 as a work area (working area). For example, the CPU 311 realizes various functions such as the copy function, the scanner function, the fax function, and the printer function described above.

  The ROM 312 is a non-volatile memory that stores, for example, a basic input / output system (BIOS) executed when the main body 310 is activated, and various settings. The RAM 313 is a volatile memory used as a work area for the CPU 311. The storage 314 is, for example, a non-volatile storage device that stores an OS (Operating System), application programs, various data, and the like. The storage 314 includes, for example, an HDD (Hard Disk Drive) or an SSD (Solid State Drive).

  The communication I / F 315 is a network interface for connecting the main body 310 to the network 360 and communicating with an external device connected to the network 360. The connection I / F 316 is an interface for communicating with the operation unit 330 via the communication path 350.

  The engine 317 is hardware that performs processing other than general-purpose information processing and communication for realizing functions such as a copy function, a scanner function, a fax function, and a printer function. The engine 317 includes, for example, a scanner that scans and reads an image of a document, a plotter that performs printing on a sheet material such as paper, and a fax unit that performs fax communication. The engine 317 may include a specific option such as a finisher that sorts printed sheet materials or an ADF (Auto Document Feeder) that automatically feeds a document.

  The moving body sensor 318 is a sensor that detects a moving body (such as a user) within the detection range around the image forming apparatus 101. The moving body sensor 318 is composed of, for example, a pyroelectric sensor. The moving body sensor 318 corresponds to the moving body sensor 106 shown in FIG.

  A system bus 319 is a transmission path that connects the above-described components to each other and transmits an address signal, a data signal, various control signals, and the like.

<Hardware configuration of operation unit>
As shown in FIG. 3, the operation unit 330 includes a CPU 331, a ROM 332, a RAM 333, a flash memory 334, a communication I / F 335, an operation panel 336, a connection I / F 337, an external connection I / F 338, A short-range wireless communication device 339, a camera 340 (imaging device), and a system bus 341 are included.

  The CPU 331 comprehensively controls the operation of the operation unit 330. The CPU 331 controls the operation of the entire operation unit 330 by executing a program stored in the ROM 332, the flash memory 334, or the like using the RAM 333 as a work area (working area). For example, the CPU 331 realizes various functions such as displaying information (image) in accordance with the input received from the user on the operation panel 336.

  The ROM 332 is a non-volatile memory that stores, for example, a BIOS executed when the operation unit 330 is activated, and various settings. The RAM 333 is a volatile memory used as a work area for the CPU 331. The flash memory 334 is a non-volatile storage device that stores an OS, application programs, various data, and the like, for example.

  The communication I / F 335 is a network interface for connecting the operation unit 330 to the network 360 and performing communication with an external device connected to the network 360.

  The operation panel 336 accepts various inputs according to user operations and displays various types of information (for example, information according to the accepted operations, information indicating the operation status of the image forming apparatus 101, setting information, and the like). The device has an input function and a display function. The operation panel 336 is configured by, for example, a liquid crystal display device (LCD: Liquid Crystal Display) equipped with a touch panel function. Note that the operation panel 336 is not limited to a liquid crystal display device, and may be configured by, for example, an organic EL (Electro-Luminescence) display device equipped with a touch panel function. The operation panel 336 can include an operation unit such as a hardware key or a display unit such as a lamp in addition to or instead of the touch panel function.

  The connection I / F 337 is an interface for communicating with the main body 310 via the communication path 350. The external connection I / F 338 is an interface such as a USB for connecting an external device.

  The short-range wireless communication device 339 is a short-range wireless device for communicating with a wireless tag within a predetermined range by short-range wireless communication. The short-range wireless communication device 339 includes, for example, the RFID tag reader 103 shown in FIG. 1 and the like, and transmits a radio wave from an RFID passive tag that returns a response to a radio wave transmitted from the short-range wireless communication device 339 or from its own device. Predetermined information is received from an RFID active tag or the like. Note that the short-range wireless communication device 339 may be a short-range wireless device that performs short-range wireless communication such as BLE or NFC described above.

  The camera 340 is an imaging device that captures an image within a predetermined imaging range. The camera 340 corresponds to the camera 102 shown in FIG.

  The system bus 341 is a transmission path that connects the above-described components to each other and transmits an address signal, a data signal, various control signals, and the like.

(Software configuration)
FIG. 4 is a diagram illustrating an example of a software configuration of the image forming apparatus according to the present embodiment. The software configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

  As shown in FIG. 4, the main body 310 of the image forming apparatus 101 includes an application layer 411, a service layer 412, and an OS layer 413. The entities of the application layer 411, the service layer 412, and the OS layer 413 are various software stored in the ROM 312 or the storage 314. When the CPU 311 executes these software (programs), various functions of the main body 310 are provided.

  The application layer 411 is application software (hereinafter, simply referred to as “application” in some cases) for operating hardware resources and providing a predetermined function. Examples of the application include a copy application for providing a copy function, a scanner application for providing a scanner function, a fax application for providing a fax function, and a printer application for providing a printer function.

  The service layer 412 is software that is interposed between the application layer 411 and the OS layer 413 and provides an interface for using hardware resources of the main body 310 for the application of the application layer 411. Specifically, the service layer 412 provides a function of accepting operation requests for hardware resources and arbitrating operation requests. The operation request received by the service layer 412 includes a request for reading by a scanner and printing by a plotter. Note that the interface function by the service layer 412 is provided not only to the application layer 411 of the main body 310 but also to the application layer 431 of the operation unit 330. The Web API interface function of the service layer 412 is provided by, for example, the Web API. That is, the application layer 431 of the operation unit 330 can also realize a function using hardware resources (for example, the engine 317) of the main body 310 via the Web API interface function of the service layer 412 of the main body 310.

  The OS layer 413 is basic software (operating system) for providing a basic function for controlling hardware included in the main body 310. The service layer 412 converts a hardware resource use request from various applications into a command interpretable by the OS layer 413 and passes it to the OS layer 413. Then, when the command is executed by the OS layer 413, the hardware resource performs an operation in accordance with the request of the application.

  As illustrated in FIG. 4, the operation unit 330 of the image forming apparatus 101 includes an application layer 431, a service layer 432, and an OS layer 433. The application layer 431, the service layer 432, and the OS layer 433 included in the operation unit 330 have the same hierarchical structure as that of the main body 310. However, the functions provided by the applications in the application layer 431 and the types of operation requests that can be accepted by the service layer 432 are different from those on the main body 310 side.

  The application of the application layer 431 may be software for operating a hardware resource included in the operation unit 330 to provide a predetermined function, but is mainly a UI for performing an operation and display related to the function included in the main body 310. (User Interface) functions are provided. The application of the application layer 431 provides an authentication function using the short-range wireless communication device 339 provided in the operation unit 330, the camera 340, and the like.

  In the present embodiment, the software of the OS layer 413 on the main body 310 side is different from the software of the OS layer 433 on the operation unit 330 side in order to maintain the independence of functions. That is, the main body 310 and the operation unit 330 operate independently of each other by different operating systems. For example, it is possible to use Linux (registered trademark) as the software of the OS layer 413 on the main body 310 side and Android (registered trademark) as the software of the OS layer 433 on the operation unit 330 side.

  As described above, in the image forming apparatus 101 according to the present embodiment, the main body 310 and the operation unit 330 operate with different operating systems, and therefore communication between the main body 310 and the operation unit 330 is performed in a common apparatus. This is not communication between processes but communication between different devices. The operation (command communication) for transmitting information (operation instruction content from the user) received by the operation unit 330 to the main unit 310, the operation for transmitting information to the operation unit 330, and the like correspond to this. Here, the function of the main body 310 can be used when the operation unit 330 performs command communication to the main body 310. The information transmitted from the main body 310 to the operation unit 330 includes, for example, the execution status of the operation in the main body 310 and the contents set on the main body 310 side. In the present embodiment, since the power supply to the operation unit 330 is performed from the main body 310 via the communication path 350, the power control of the operation unit 330 is performed separately from the power control of the main body 310 (independently). Can do).

(Functional configuration)
FIG. 5 is a diagram illustrating an example of a functional configuration of the image forming apparatus according to the present embodiment. The functional configuration of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

<Functional configuration of main unit>
As illustrated in FIG. 5, the main body 310 of the image forming apparatus 101 includes a moving body detection unit 501, a power state control unit 502, an image forming unit 503, a storage unit 504, and a communication unit 505.

  The moving body detection unit 501 is a functional unit that detects a moving body (for example, a person) within the detection range around the image forming apparatus 101 using the moving body sensor 318. The moving body detection unit 501 is realized by, for example, a program that operates on the CPU 311 illustrated in FIG. When the moving object detection unit 501 detects a moving object within the detection range, the moving object detection unit 501 notifies the power state control unit 502 that the moving object has been detected.

  The power state control unit 502 is a functional unit that controls the power states of the main body 310 and the operation unit 330. The power state control unit 502 is realized by, for example, a program that operates on the CPU 311 illustrated in FIG. The power state control unit 502 puts the image forming apparatus 101 into a power saving state that consumes less power than the normal state in which the image forming process can be performed when the image forming apparatus 101 is not used for a preset time. Transition. In the power saving state, power consumption can be reduced by, for example, stopping the functions of the operation unit 330 and the engine 317 and storage 314 of the main body 310. When the power state control unit 502 receives a notification from the moving body detection unit 501 indicating that the moving body has been detected while the image forming apparatus 101 is in the power saving state, the power state control unit 502 moves the operation unit 330 from the power saving state to the normal state. It returns to the normal state that can operate. The power state control unit 502 notifies the operation unit 330 of a return command via the communication path 350 to return the operation unit 330 from the power saving state to the normal state.

  In the normal state, power is supplied to the function units related to image authentication (camera 340, image receiving unit 513, etc.) and the function units related to wireless authentication (short-range wireless communication device 339, wireless communication unit 511). Note that the state may be changed to a state other than the normal state as long as power is supplied to at least the functional units related to image authentication and wireless authentication. The power state control unit 502 notifies each unit (image receiving unit 513, wireless communication unit 511, device authentication unit 516, update unit 522, etc.) in the operation unit 330 that the normal state has been restored (power on).

  The power state control unit 502 may be configured to activate the camera 102 when the moving object ((user 105)) is detected by the moving object detection unit 501 (the moving object sensor 106). A function of activating the camera 102 when it is detected may be provided in the operation unit 330.

  The image forming unit 503 is a functional unit that executes various image forming functions (for example, a printer function, a copy function, a scanner function, and a fax function) provided in the image forming apparatus 101. The image forming unit 503 is realized by, for example, a program that operates on the engine 317 illustrated in FIG. 3 and the CPU 311 illustrated in FIG.

  The storage unit 504 is a functional unit that stores various pieces of information such as user information A 506 including information indicating the user of the image forming apparatus 101 registered in advance. The storage unit 504 is realized by, for example, the RAM 313 and the storage 314 illustrated in FIG. 3 and a program that operates on the CPU 311 illustrated in FIG.

  The communication unit 505 is a functional unit that connects the main body 310 to the network 360 and communicates with an external device connected to the network 360. The communication unit 505 is realized by, for example, a communication I / F 315 illustrated in FIG. 3 and a program that operates on the CPU 311 illustrated in FIG.

  Note that the moving body detection unit 501, the power state control unit 502, the image forming unit 503, the storage unit 504, and the communication unit 505 of the main body 310 shown in FIG. The configuration is not limited. For example, a plurality of functional units illustrated as independent functional units in the main body 310 illustrated in FIG. 5 may be configured as one functional unit. On the other hand, in the main body 310 illustrated in FIG. 5, the functions of one function unit may be divided into a plurality of functions and configured as a plurality of function units.

  In addition, some or all of the moving body detection unit 501, the power state control unit 502, and the image forming unit 503 of the main body 310 are not software programs, but are an FPGA (Field-Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). ) Or the like.

<Functional configuration of operation unit>
As illustrated in FIG. 5, the operation unit 330 of the image forming apparatus 101 includes a wireless communication unit 511, a wireless authentication unit 512 (second authentication unit), an image reception unit 513, and a face detection unit 514 (detection unit). An image authentication unit 515 (first authentication unit), a device authentication unit 516, a user information management unit 517, a storage unit 518, a communication unit 519, and a password authentication unit 521 (third authentication unit). And an update unit 522 and an input / output control unit 523 (output control unit).

  The wireless communication unit 511 is a functional unit that receives predetermined information (such as a wireless tag ID) from a wireless tag within a predetermined range by short-range wireless communication using the short-range wireless communication device 339. The wireless communication unit 511 is realized by, for example, a program that operates in the short-range wireless communication device 339 illustrated in FIG. 3 and the CPU 331 illustrated in FIG. The wireless communication unit 511 receives predetermined information such as a wireless tag ID from the RFID tag 104 within the detection range 252 of the RFID tag reader 103 illustrated in FIG.

  The wireless authentication unit 512 is a functional unit that authenticates a wireless tag that has transmitted predetermined information based on predetermined information received by the wireless communication unit 511 and user information registered in advance. The wireless authentication unit 512 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. The wireless authentication unit 512 is based on the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 and user information registered in advance (for example, user information a520 and user information A506 described later). The RFID tag 104 is authenticated (wireless authentication). The wireless authentication unit 512 permits authentication of the RFID tag 104 when the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 is included in the previously registered user information.

  The wireless authentication unit 512 sends the wireless tag ID received from the wireless communication unit 511 to the user information management unit 517, for example. The wireless authentication unit 512 receives the result received from the user information management unit 517 (the presence / absence of the corresponding user, the user number if the corresponding user exists). If the user is present in the user information, short-range wireless authentication is possible, and if not, short-range wireless authentication is not possible. The wireless authentication unit 512 sends an authentication result to the device authentication unit 516. In addition, the wireless authentication unit 512 outputs information indicating the user of the RFID tag 104 permitted to be authenticated to the device authentication unit 516. Note that the wireless authentication unit 512 may output and store the information indicating the user of the RFID tag 104 permitted to be authenticated in the storage unit 518.

  The image receiving unit 513 receives an image from the camera 340. The image receiving unit 513 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. The image receiving unit 513 causes the camera 340 to capture an image in front of the image forming apparatus 101 and receives an image of the user 105 in front of the image forming apparatus 101 from the camera 340.

  The face detection unit 514 is an example of a detection unit that detects user authentication information. For example, the face detection unit 514 authenticates a user's face image, feature information extracted from the user's face image (an example of feature information indicating a biometric feature), and the like from the received image. Detect as information. When performing authentication other than face authentication, authentication information used for other authentication may be detected instead of a face image or the like. For example, a walking pattern, key input speed, key input timing, voice characteristics, fingerprint characteristics, vein characteristics, and the like may be detected as authentication information. The face detection unit 514 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. Note that the feature information of the face image includes information such as the shape and relative position of each part such as the face outline, eyes, nose, chin, and cheekbone.

  The face detection unit 514 detects a face image (face area) from the image using, for example, a face detection method based on the following Haar-like feature. The Haar-like feature value is a value obtained by subtracting the sum of the pixel values of the white region from the sum of the pixel values of the black region in the rectangle to be calculated in the search region. Since this rectangle may be arranged anywhere and how in the search area, there are tens of thousands of possible arrangement places in the search area. Each weak classifier in the search area is weighted by prior learning by boosting these rectangles, and a strong classifier is created by selecting only a few dozen weak classifiers with the highest importance. Is done. Then, it is determined by this strong classifier (by a black and white rectangular number pattern indicating the human face likeness) whether or not the area is a human face area.

  When the feature information of the face image is used as the authentication information, the face detection unit 514 may further detect the feature information from the face image (face region). For example, the face detection unit 514 may extract a feature point (for example, 13-dimensional data) of the face image from the face image as authentication information by a method using a subspace method or the like.

  The image authentication unit 515 is a functional unit that authenticates a user included in the image received by the image receiving unit 513 based on the image received by the image receiving unit 513 and user information registered in advance. . The image authentication unit 515 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. The image authentication unit 515 includes user authentication information (face image or face image feature information) detected by the face detection unit 514 from the image received by the image reception unit 513, and user information registered in advance. Based on (for example, user information a520 and user information A506 described later), image authentication of the user included in the image is performed.

  When one feature information corresponding to the feature information of the face image extracted by the face detection unit 514 is included in the previously registered user information, the image authentication unit 515 permits authentication of the user included in the image.

  For example, the image authentication unit 515 receives a face image from the face detection unit 514, receives pre-registered user authentication information from the user information management unit 517, and collates it. The image authentication unit 515 repeats the verification for the number of users registered in the user information until the verification is successful. As a matching method, a method of comparing feature points detected from face images, a method of matching by pattern recognition using the luminance value of each pixel per face image as one vector, and the like can be applied. .

  The image authentication unit 515 passes the face image or data (such as feature information of the face image) generated from the face image to the update unit 522. In addition, the image authentication unit 515 outputs information indicating a user who has been authenticated to the device authentication unit 516. Note that the image authentication unit 515 may output and store information indicating a user who has been authenticated in the storage unit 518.

  The authentication method by the image authentication unit 515 is not limited to the above-described method, and any known face authentication technology (for example, see Japanese Patent Application Laid-Open No. 2015-35178) can be applied. Further, the image authentication unit 515 performs various well-known image authentication methods (for example, for performing user authentication) based on feature information indicating characteristics of the user's biological body included in the image received by the image reception unit 513 (for example, User authentication may be performed by fingerprint authentication, iris authentication, vein authentication, or the like.

  The device authentication unit 516 is configured to perform login authentication of the user (device) based on information indicating the user permitted to be authenticated by the wireless authentication unit 512 and information indicating the user permitted to be authenticated by the image authentication unit 515. It is a functional unit that performs authentication. The device authentication unit 516 is realized by, for example, a program that operates on the CPU 331 illustrated in FIG. If the user of the wireless tag (RFID tag 104) authorized by the wireless authentication unit 512 and the user authorized by the image authentication unit 515 are the same user, the device authentication unit 516 The user is permitted to use the image forming apparatus 101. As a preferred example, the device authentication unit 516 includes identification information indicating a user of a wireless tag permitted to be authenticated by the wireless authentication unit 512 and identification information indicating a user permitted to be authenticated by the image authentication unit 515. If they match, the user's use of the image forming apparatus 101 is permitted.

  Note that when the identification information indicating the user obtained from the wireless authentication unit 512 matches the identification information indicating the user obtained from the image authentication unit 515, the two identification information completely match. In addition, the case where the two pieces of identification information can be determined as identification information indicating substantially the same user may be included. For example, the identification information indicating the user obtained from the image authentication unit 515 is an 8-digit employee ID, and the identification information indicating the user obtained from the wireless authentication unit 512 is 10 digits obtained by adding two characters to the employee ID. It may be determined that the two pieces of identification information coincide with each other. As described above, in the device authentication unit 516, the identification information indicating the user obtained from the wireless authentication unit 512 and the identification information indicating the user obtained from the image authentication unit 515 are identification information regarding the same user. In this case, the use of the image forming apparatus 101 of the user may be permitted.

  For example, upon receiving a power-on command from the power state control unit 502, the device authentication unit 516 initializes the value of the variable “number of logins” to 0. Thereafter, the device authentication unit 516 performs the above-described login authentication. In general, a result notification from the wireless authentication unit 512 is transmitted early. For this reason, the apparatus authentication unit 516 may perform authentication preparation (pre-authentication) in advance, and may make it available to the user as soon as the remaining authentication results are transmitted. If the login authentication fails, the device authentication unit 516 adds 1 to the value of the variable “number of logins”. The device authentication unit 516 receives the result from the image authentication unit 515 until login fails three times, and tries login authentication. If the login fails three times, the device authentication unit 516 requests the password authentication unit 521 to perform password authentication. When the password authentication unit 521 returns authentication permission, the device authentication unit 516 logs in the user and requests the update unit 522 to update the authentication information.

  The user information management unit 517 is a functional unit that manages user information a 520 (first user information, second user information) stored in the storage unit 518. The user information management unit 517 is realized by, for example, a program that runs on the CPU 331 shown in FIG.

  The user information management unit 517 provides user information (user information a520 in FIG. 5) to the image authentication unit 515, the wireless authentication unit 512, and the password authentication unit 521, for example. For example, the user information management unit 517 sends the “user number” and “authentication information” of each user to the image authentication unit 515. The user information management unit 517 may sequentially send information for each authentication process, or may send it in a lump at the beginning. For example, the user information management unit 517 passes the “user number” of the user having the wireless tag ID specified by the wireless authentication unit 512 to the wireless authentication unit 512. For example, the user information management unit 517 returns a “password” for the “user number” received from the password authentication unit 521 to the password authentication unit 521.

  The storage unit 518 is a functional unit that stores various types of information such as user information a520 including information indicating the user of the image forming apparatus 101. The storage unit 518 is realized by, for example, the RAM 333 illustrated in FIG. 3, the flash memory 334, and a program that operates on the CPU 331 illustrated in FIG.

  The communication unit 519 is a functional unit that connects the operation unit 330 to the network 360 and communicates with an external device connected to the network 360. The communication unit 519 is realized by, for example, a communication I / F 335 illustrated in FIG. 3 and a program that operates on the CPU 331 illustrated in FIG.

  The password authentication unit 521 executes password authentication using the password input by the user. The password authentication unit 521 performs authentication (third authentication) different from image authentication and wireless authentication when the user is authenticated by wireless authentication and the user is not authenticated by image authentication (third authentication). It is an example of an authentication part. Authentication using authentication information input by a user other than the password may be executed. For example, authentication using a contact IC (Integrated Circuit) card may be used. In this case, the image forming apparatus 101 may be configured to include a contact type IC card reader.

  For example, the password authentication unit 521 acquires a password input by the user using the operation panel 336, and based on the user number received from the device authentication unit 516, the password included in the user information and the user Determine whether the password entered by matches.

  When the user is authenticated by password authentication, the updating unit 522 updates the authentication information stored in the storage unit 518 or the like with the authentication information detected by the face detection unit 514. For example, the update unit 522 updates the authentication information according to the following procedure.

  When receiving the power-on command from the power state control unit 502, the update unit 522 deletes any data received from the image authentication unit 515. The update unit 522 holds the authentication information received from the image authentication unit 515 without deleting it. The authentication information may be stored in the storage unit 518, for example. When an update process is requested from the device authentication unit 516, the update unit 522 uses the input / output control unit 523 to display on the operation panel 336 a selection screen that allows the user to select whether or not to update. When the user selects update on the selection screen, the update unit 522 acquires authentication information corresponding to the user number received from the device authentication unit 516 from the user information management unit 517.

  The update unit 522 compares the held authentication information with the authentication information acquired from the user information management unit 517, and the similarity between the held authentication information and the authentication information included in the user information Select authentication information larger than the other authentication information (for example, authentication information with the highest similarity). For example, the update unit 522 calculates the cosine similarity of two pieces of authentication information. In the cosine similarity, the similarity between two data is calculated as a value from 0 to 1. The closer the cosine similarity is to 1, the higher the similarity. Note that the method of calculating the similarity of authentication information is not limited to the method of calculating the cosine similarity, and any other method of calculating the similarity can be applied.

  FIG. 6 is a diagram illustrating an example of the calculated similarity. The graph of FIG. 6 indicates that the authentication information detected from the second image has the highest similarity. In this case, the update unit 522 selects authentication information detected from the second image. The update unit 522 passes the selected authentication information to the user information management unit 517 and requests overwriting (update) of the authentication information.

  The input / output control unit 523 controls input / output of various information to the operation panel 336. For example, the input / output control unit 523 controls display of a screen on the operation panel 336, reception of key input from the operation panel 336, and the like. The input / output control unit 523 displays a selection screen 300 as illustrated in FIG. 1 on the operation panel 336 in response to a request from the update unit 522, for example.

  Note that the wireless communication unit 511, the wireless authentication unit 512, the image reception unit 513, the face detection unit 514, the image authentication unit 515, the device authentication unit 516, the user information management unit 517, and the storage unit 518 of the operation unit 330 illustrated in FIG. The communication unit 519, the password authentication unit 521, the update unit 522, and the input / output control unit 523 conceptually illustrate functions, and are not limited to such a configuration. For example, a plurality of functional units illustrated as independent functional units in the operation unit 330 illustrated in FIG. 5 may be configured as one functional unit. On the other hand, the function of one function unit may be divided into a plurality of functions in the operation unit 330 illustrated in FIG. 5 and configured as a plurality of function units.

  In addition, the wireless communication unit 511, the wireless authentication unit 512, the image reception unit 513, the face detection unit 514, the image authentication unit 515, the device authentication unit 516, the user information management unit 517, the password authentication unit 521, and the update unit of the operation unit 330. 522 and a part or all of the input / output control unit 523 may be realized by a hardware circuit such as an FPGA or an ASIC instead of a program that is software.

  In addition, at least a part of the function of the operation unit 330 may be executed in the main body 310, and conversely, at least a part of the function of the main body 310 may be executed in the operation unit 330. For example, the apparatus authentication unit 516 may be included in the main body 310. In this case, the other configuration is the same as that of the image forming apparatus 101 shown in FIG. In such a configuration, the wireless authentication unit 512 notifies the device authentication unit 516 of the authentication result of the wireless authentication unit 512 (for example, information indicating a user permitted to be authenticated) via the communication path 350. Similarly, the image authentication unit 515 notifies the device authentication unit 516 of the authentication result of the image authentication unit 515 (for example, information indicating a user permitted to be authenticated) via the communication path 350. The device authentication unit 516 performs user authentication (device authentication) based on the authentication result of the wireless authentication unit 512 and the authentication result of the image authentication unit 515 received via the communication path 350.

(Configuration of user information)
FIG. 7 is a diagram illustrating an example of user information according to the present embodiment. 8 and 9 are diagrams showing another example of user information according to the present embodiment. The data structure of the user information a520 stored in the storage unit 518 of the operation unit 330 will be described with reference to FIGS.

  User information a520 shown in FIG. 7 is an example of user information registered in advance. In the example of FIG. 7, the user information a520 includes “user number”, “name”, “mail address”, “login ID”, “login password”, “wireless tag ID”, “authentication information”, and the like. Contains information.

  The “user number” is, for example, a serial number assigned when each user's information is registered in the user information a 520 or an identification number unique to each user data. This is an example of unique identification information (identification information indicating a user). The “user number” may be identification information indicating a user, such as an employee ID, for example.

  “Name” is the name of the user. “Mail address” is the user's mail address. “Login ID” and “Login password” are examples of authentication information for the user to log in to the image forming apparatus 101.

  The “wireless tag ID” is identification information such as a tag ID indicating the RFID tag 104 transmitted by the RFID tag 104 possessed by each user, and is represented by, for example, an 8-digit number. The “wireless tag ID” is an example of predetermined information transmitted from the RFID tag 104. The predetermined information may include information other than numbers, for example, identification information indicating a user. Good.

  “Authentication information” is characteristic information regarding the user's face such as the contour and the shape of each part of the user of the image forming apparatus 101, such as the face contour, eyes, nose, chin, and cheekbone, and the relative position. . The “authentication information” needs to be acquired in advance for each user and registered in the user information a520.

  In the user information a520 shown in FIG. 7, for example, when the data type is “data 2”, the user number is “101002”, the name is “BBBB”, the mail address is “bbb@bbb.ccc”, and the login The ID is “BB_BB”, the login password is “abcdef”, the wireless tag ID is “00535213”, the authentication information is “{56, 111, −3,..., −120, 47, 208}”. Are stored in association with each other.

  The storage unit 518 of the operation unit 330 can store, for example, about 300 to 1800 pieces of user information a520 as shown in FIG. For example, the user information management unit 517 of the operation unit 330 stores at least a part of the user information A506 stored in the storage unit 504 of the main body 310 as user information a520 in the storage unit 518 of the operation unit 330. Keep it. Thereby, the wireless authentication unit 512 and the image authentication unit 515 read the user information a520 stored in the storage unit 518 of the operation unit 330 faster than the user information A506 stored in the storage unit 504 of the main body 310. Will be able to.

  The storage unit 518 may store the user information 801 shown in FIG. 8 or the user information 901 shown in FIG. 9 in addition to or instead of the user information a520. The user information 801 illustrated in FIG. 8 stores the above-described “wireless tag ID” and “user ID”, which is an example of identification information indicating the user, in association with each other. The wireless authentication unit 512 can authenticate the RFID tag 104 (wireless authentication) if at least the information shown in the user information 801 is present. For example, when the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 is included in the user information 801, the wireless authentication unit 512 permits the RFID tag 104 to be authenticated, and allows the RFID tag 104 to which the authentication is permitted to be performed. The corresponding user ID is output to the device authentication unit 516 or the like.

  In the user information 901 illustrated in FIG. 9, “user ID” and the above-described “authentication information” are stored in association with each other. The image authentication unit 515 can authenticate the user included in the image (image authentication) if there is at least the information shown in the user information 901. For example, when one feature information corresponding to the feature information of the user's face image extracted by the face detection unit 514 is included in the user information 901, the image authentication unit 515 authenticates the user included in the image. And the user ID of the user who has been authenticated is output to the device authentication unit 516 or the like.

  The user information a520, 801, and 901 shown in FIGS. 7 to 9 are all information in a table format, but the present invention is not limited to this, and the values of the fields can be managed in association with each other. If possible, the information may be in any format.

(Wireless authentication process flow)
FIG. 10 is a flowchart illustrating an example of wireless authentication processing of the image forming apparatus according to the present embodiment. The flow of wireless authentication processing of the image forming apparatus 101 according to the present embodiment will be described with reference to FIG.

<Step S101>
First, the wireless communication unit 511 receives identification information (wireless tag ID) from a wireless tag (RFID tag 104) within a predetermined range (for example, the detection range 252 shown in FIG. 2). When the wireless communication unit 511 receives the identification information (step S101: Yes), the process proceeds to step S102, and when it cannot be received (step S101: No), the reception is performed again.

<Step S102>
The wireless authentication unit 512 authenticates the wireless tag (RFID tag 104) that transmitted predetermined information based on the identification information received by the wireless communication unit 511 and user information registered in advance. Specifically, the wireless authentication unit 512 authenticates the RFID tag 104 based on the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 and the user information a520 or user information A506 registered in advance ( Wireless authentication). The wireless authentication unit 512 permits authentication of the RFID tag 104 when the wireless tag ID of the RFID tag 104 received by the wireless communication unit 511 is included in the user information a520 or the user information A506. Also, the wireless authentication unit 512 does not permit the RFID tag 104 to be authenticated when the wireless tag ID received by the wireless communication unit 511 is not included in the user information a520 or the user information A506. Then, the process proceeds to step S103.

<Step S103>
If authentication of the RFID tag 104 is permitted as a result of wireless authentication by the wireless authentication unit 512 (when the authentication result is “OK”) (step S103: Yes), the process proceeds to step S104. On the other hand, when the authentication of the RFID tag 104 is not permitted (when the authentication result is not “OK”) (step S103: No), the process returns to step S101 and the same processing is repeated.

<Step S104>
The wireless authentication unit 512 permits the authentication (the authentication result is “OK”). Information regarding the user of the RFID tag 104 (for example, the user identification information such as “user number” or “user ID”) ) Is output to the device authentication unit 516. At this time, the wireless authentication unit 512 transmits information indicating that the authentication is permitted (the authentication result is “OK”) together with the identification information of the user of the RFID tag 104 that has permitted the authentication, to the device authentication unit 516. May be output. In step S103 described above, the wireless authentication unit 512 outputs information indicating that authentication is not permitted (authentication result is “NG”) to the device authentication unit 516 when authentication is not permitted. There may be.

  The wireless authentication process is executed by the image forming apparatus 101 through the operations in steps S101 to S104.

(Image authentication processing flow)
FIG. 11 is a flowchart illustrating an example of image authentication processing of the image forming apparatus according to the present embodiment. 12 and 13 are diagrams for describing an example of image authentication according to the present embodiment. The flow of image authentication processing of the image forming apparatus 101 according to the present embodiment will be described with reference to FIGS.

<Step S201>
The image receiving unit 513 acquires a captured image captured by the camera 340. An example of the captured image acquired at this time is shown in FIG. A captured image 1001 illustrated in FIG. 12 includes a user 1002 in front of the image forming apparatus 101. As described above, the camera 340 is installed so that the user in front of the image forming apparatus 101 is included in the captured image 1001. Then, the process proceeds to step S202.

<Step S202>
The face detection unit 514 detects a face portion image (face image) from the captured image acquired by the image reception unit 513. An example of the detected face image at this time is shown in FIG. The face detection unit 514 extracts parts such as the contour 1004, eyes 1005, and nose 1006 of the user's face from the captured image 1001 captured by the camera 340, for example, using a known pattern matching technique or the like. The user's face image 1003 is detected by using this. Then, the process proceeds to step S203.

<Step S203>
When the face image 1003 is detected from the captured image 1001 by the face detection unit 514 (step S203: Yes), the process proceeds to step S204. On the other hand, when the face image 1003 is not detected from the captured image 1001 by the face detection unit 514 (step S203: No), the process returns to step S201 and the same processing is repeated.

<Step S204>
The image authentication unit 515 performs authentication (image authentication) using the detected face image. Note that various known face authentication techniques (for example, see the above-mentioned JP-A-2015-35178) can be applied to the image authentication process. Here, only an outline will be described for an example.

  For example, in the “authentication information” of the user information a 520 and the user information A 506, the face outline, eyes, nose, chin, and cheek bone acquired in advance for each user permitted to use the image forming apparatus 101. Etc., such as the shape and relative position of each part. Further, the face detection unit 514 detects a face image 1003 included in the captured image 1001 acquired by the image reception unit 513 and extracts authentication information from the detected face image 1003. The image authentication unit 515 compares the authentication information extracted by the face detection unit 514 with each of the “authentication information” of the user information a520 or the user information A506, and the user included in the captured image 1001 determines that the user It is determined whether the user is registered in the information a520 or the user information A506. If the image authentication unit 515 determines that the user included in the captured image 1001 is a registered user in the user information a520 or the user information A506, the image authentication unit 515 permits authentication of the user included in the captured image 1001. To do. On the other hand, if the image authentication unit 515 determines that the user included in the captured image 1001 is not a user registered in the user information a520 or the user information A506, the image authentication unit 515 authenticates the user included in the captured image 1001. not allowed. Then, the process proceeds to step S205.

<Step S205>
As a result of the image authentication performed by the image authentication unit 515, when user authentication is permitted (when the authentication result is “OK”) (step S205: Yes), the process proceeds to step S206. On the other hand, when the user authentication is not permitted (when the authentication result is not “OK”) (step S205: No), the process returns to step S201 and the same processing is repeated.

<Step S206>
The image authentication unit 515 uses information (for example, user identification information such as “user number”, “user ID”) that is permitted to be authenticated (authentication is “OK”) as device authentication. To the unit 516. At this time, the image authentication unit 515 outputs information indicating that the authentication is permitted (the authentication result is “OK”) to the device authentication unit 516 together with the identification information of the user who has permitted the authentication. It may be. In step S205 described above, the image authentication unit 515 outputs information indicating that the authentication is not permitted (the authentication result is “NG”) to the apparatus authentication unit 516 when the authentication is not permitted. There may be.

  Image authentication processing is executed by the image forming apparatus 101 through the operations in steps S201 to S206 described above.

(Composite authentication process flow)
FIG. 14 is a flowchart illustrating an example of the composite authentication process of the image forming apparatus according to the present embodiment. With reference to FIG. 14, the flow of the composite authentication process of the image forming apparatus 101 according to the present embodiment will be described. It is assumed that the image forming apparatus 101 is controlled by the power state control unit 502 to the power saving state described above at the start of the composite authentication process illustrated in FIG.

<Step S401>
When the moving body detection unit 501 of the main body 310 detects a moving body (for example, a person) around the image forming apparatus 101 (step S401: Yes), the process proceeds to step S402. When the moving object is not detected (step S401: No), the moving object detection unit 501 continues the detecting operation of the moving object.

<Step S402>
The power state control unit 502 of the main body 310 cancels the power saving state of the operation unit 330. For example, the power state control unit 502 notifies the operation unit 330 of a return command via the communication path 350 to return the operation unit 330 from the power saving state to the normal state. For example, the power state control unit 502 transmits power-on to the image reception unit 513, the wireless communication unit 511, the update unit 522, the device authentication unit 516, and the like. As a result, the wireless authentication process of the wireless authentication unit 512 shown in FIG. 10 and the image authentication process of the image authentication unit 515 shown in FIG. 11 can be executed. Then, the process proceeds to steps S403 and S404.

<Step S403>
Upon receiving the power-on command, device authentication unit 516 initializes the variable “number of face authentications” to zero.

<Step S404>
The update unit 522 erases the authentication information for face authentication held in the storage unit 518 or the like.

<Step S405>
For example, the wireless communication unit 511 and the wireless authentication unit 512 of the operation unit 330 execute a wireless authentication process as illustrated in FIG. Here, when the authentication of the RFID tag 104 is permitted by the wireless authentication process, the wireless authentication unit 512 uses information indicating that the processing result of the wireless authentication process is “OK”, and the use of the RFID tag 104 permitted to be authenticated. The identification information of the user (for example, “user number” in FIG. 7) is output to the device authentication unit 516. On the other hand, the wireless authentication unit 512 outputs information indicating that the processing result of the wireless authentication processing is “NG” to the device authentication unit 516 when the authentication of the RFID tag 104 is not permitted by the wireless authentication processing. . Then, the process proceeds to step S407.

<Step S406>
For example, the image reception unit 513, the face detection unit 514, and the image authentication unit 515 of the operation unit 330 execute an image authentication process as illustrated in FIG. Here, when the authentication of the user included in the captured image is permitted by the image authentication process, the image authentication unit 515 includes information indicating that the processing result of the image authentication process is “OK”, and the use permitted for the authentication. The identification information of the user (for example, “user number” in FIG. 7) is output to the device authentication unit 516. On the other hand, the image authentication unit 515 outputs information indicating that the processing result of the image authentication process is “NG” to the device authentication unit 516 when the authentication of the user included in the captured image is not permitted by the image authentication process. It shall be. Then, the process proceeds to step S407.

<Step S407>
The device authentication unit 516 determines whether or not the result of the wireless authentication process is “OK” based on the information output from the wireless authentication unit 512. When the result of the wireless authentication process is “OK” (permitted) (step S407: Yes), the process proceeds to step S408. On the other hand, when the result of the wireless authentication process is not “OK” (permitted) (step S407: No), the process returns to steps S405 and S406, and the same process is repeated.

<Step S408>
The device authentication unit 516 determines whether or not the result of the image authentication process is “OK” based on the information output from the image authentication unit 515. When the result of the image authentication process is “OK” (permitted) (step S408: Yes), the process proceeds to step S409. On the other hand, when the result of the image authentication process is not “OK” (permitted) (step S408: No), the process proceeds to step S410.

  Even if the result of the image authentication process is “OK”, the identification information of the user (wireless authenticated user) output from the wireless authentication unit 512 and the user (image authentication) output from the image authentication unit 515 In the case where the identification information does not match, the process may proceed to step S410 as in the case where the result of the image authentication process is not “OK”. As a specific example of the case where the user identification information does not match, a user holding the RFID tag 104 passes around the image forming apparatus 101 and a registered user who does not hold the RFID tag 104 There is a case where the user is in front of the image forming apparatus 101.

<Step S409>
If both the result of the wireless authentication process and the result of the image authentication process are “OK”, the apparatus authentication unit 516 permits login authentication (apparatus authentication) of the user to the image forming apparatus 101. As a result, the user can use the image forming apparatus 101.

<Step S410>
If the result of the image authentication process is not “OK”, the device authentication unit 516 adds 1 to the variable “number of face authentications”.

<Step S411>
The device authentication unit 516 determines whether or not the variable “number of face authentications” after addition is equal to or greater than a predetermined threshold (for example, 3). If the “face authentication count” is equal to or greater than the threshold (step S411: Yes), the process proceeds to step S412. If the “number of face authentications” is smaller than the threshold (step S411: No), the process returns to steps S405 and S406, and the same processing is repeated.

<Step S412>
The password authentication unit 521 performs password authentication. FIG. 15 is a diagram showing an example of a password input screen 1301 used for password authentication. The password input screen 1301 includes a password input field 1311, an OK button 1321, and a Cancel button 1322. The password input column 1311 is a column for the user to input a password. When the OK button 1321 is pressed, the password authentication unit 521 executes password authentication using the input password or the like. When the Cancel button 1322 is pressed, password authentication is stopped.

<Step S413>
Returning to FIG. 14, the password authentication unit 521 determines whether or not the password authentication is successful. When password authentication is successful (step S413: Yes), the process proceeds to step S414. If the password authentication has failed (step S413: No), the process ends.

<Step S414>
The device authentication unit 516 permits login authentication (device authentication) of the user to the image forming apparatus 101. The device authentication unit 516 requests the update unit 522 to update authentication information. When the update processing is requested by the device authentication unit 516, the update unit 522 uses the input / output control unit 523 to display on the operation panel 336 a selection screen that allows the user to select whether or not to update.

<Step S415>
The update unit 522 determines whether the user has selected update on the selection screen. When the update is selected (step S415: Yes), the process proceeds to step S416. When update is not selected (step S415: No), the process proceeds to step S417.

<Step S416>
The update unit 522 updates the authentication information. As described above, the update unit 522 selects the authentication information having the highest similarity to the stored authentication information from the authentication information detected from the image, and stores the authentication information based on the selected authentication information. May be updated.

<Step S417>
The power state control unit 502 determines whether or not a predetermined time (for example, 5 minutes) has elapsed since the power saving state of the operation unit 330 was canceled in step S402. When the predetermined time has elapsed, that is, when the device authentication by the device authentication unit 516 is not successful within the predetermined time (step S417: Yes), the process proceeds to step S418. On the other hand, when the predetermined time has not elapsed (step S417: No), the process returns to steps S405 and S406, and the same processing is repeated.

<Step S418>
The power state control unit 502 shifts the operation unit 330 to the power saving state. For example, the power state control unit 502 shifts the operation unit 330 from the normal state to the power saving state by notifying the operation unit 330 of a transition command via the communication path 350.

  The composite authentication process is executed by the image forming apparatus 101 through the operations in steps S401 to S418 described above.

(Example of updating authentication information)
FIG. 16 is a diagram illustrating an example of updating authentication information. The update unit 522 overwrites the authentication information of the user information corresponding to the corresponding user number with the update authentication information. FIG. 16 shows an example of user information after the authentication information corresponding to the user number “101001” is updated among the user information shown in FIG.

(Modification 1)
In the above embodiment, the user has only specified whether or not to update the authentication information. You may comprise so that a user can select the authentication information to update. Below, the modification 1 comprised in this way is demonstrated.

  In this modification, the input / output control unit 523 causes the operation panel 336 to display a selection screen that displays a plurality of pieces of authentication information detected by the face detection unit 514 in a selectable manner. Further, the update unit 522 updates the authentication information stored in the storage unit 518 or the like with the authentication information selected on such a selection screen.

  FIG. 17 is a diagram illustrating an example of the selection screen 1501 displayed in the present modification. The selection screen 1501 includes thumbnail images 1511 to 1513, an OK button 1521, and a Cancel button 1522. Thumbnail images 1511 to 1513 are thumbnail images of face images used by the face detection unit 514 to detect authentication information. The user can select corresponding authentication information by selecting one of the thumbnail images.

  When an OK button 1521 is pressed after any thumbnail image is selected, the update unit 522 updates the stored authentication information with the authentication information corresponding to the selected thumbnail image. When the Cancel button 1522 is pressed, authentication information replacement is not executed.

  When displaying an image on the selection screen, for example, the image authentication unit 515 transmits a face image to the update unit 522 in addition to the authentication information for face authentication. The update unit 522 holds the received face image and authentication information for face authentication in association with each other.

(Modification 2)
In the above embodiment, the update unit 522 updates the stored authentication information with the authentication information having the highest similarity among the authentication information held. The update unit 522 may obtain an average of the authentication information held and update the authentication information with the obtained value. For example, when 13-dimensional data representing feature points of a face image is used as authentication information, the update unit 522 may obtain an average value for each dimension.

  FIG. 18 is a diagram illustrating an example of an average calculation method according to the present modification. FIG. 18 shows an example in which the average of authentication information used in each of the first to third image authentication processes represented by 13 dimensions is obtained.

  As described above, the image forming apparatus 101 according to the present embodiment performs wireless authentication of the RFID tag 104 and image authentication of a user included in a captured image captured by the camera 340. If wireless authentication is permitted but image authentication is not permitted, password authentication is further executed. If the password authentication is successful, the authentication information already stored can be replaced with the authentication information used for the current image authentication. Thereby, the registered authentication information can be updated more efficiently.

[Supplement of embodiment]
The functional configuration of the image forming apparatus 101 described in the above embodiments is an example, and each functional unit may be mounted on the main body 310 or the operation unit 330.

  In each of the above-described embodiments, the main body 310 and the operation unit 330 operate independently of each other with different operating systems. However, the present invention is not limited to this. May be in the form of operating on the same operating system.

  In each of the above-described embodiments, when at least one of the functional units of the image forming apparatus 101 is realized by executing a program, the program is provided by being incorporated in advance in a ROM or the like. The programs executed by the image forming apparatus 101 according to each of the above-described embodiments are files in an installable format or an executable format, such as a CD-ROM (Compact Disc Read Only Memory), a flexible disk (FD), a CD -R (Compact Disk-Recordable) or DVD (Digital Versatile Disc) may be recorded and provided on a computer-readable recording medium. Further, the program executed by the image forming apparatus 101 of each of the above-described embodiments may be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. Further, the program executed by the image forming apparatus 101 of each of the above embodiments may be configured to be provided or distributed via a network such as the Internet. The program executed by the image forming apparatus 101 of each of the above-described embodiments has a module configuration including at least one of the above-described functional units. As actual hardware, the CPU 311 or the CPU 331 includes the above-described module. By reading and executing a program from a storage device (for example, ROM 312, ROM 332, storage 314, flash memory 334, etc.), the above-described functional units are loaded on the main storage device (for example, RAM 313, RAM 333, etc.) and generated. It has come to be.

DESCRIPTION OF SYMBOLS 100 Information processing system 101 Image forming apparatus 102 Camera 103 RFID tag reader 104 RFID tag 105 User 251 Imaging range 252 and 253 Detection range 310 Main body 311 CPU
312 ROM
313 RAM
314 Storage 315 Communication I / F
316 Connection I / F
317 Engine 318 Moving body sensor 319 System bus 330 Operation unit 331 CPU
332 ROM
333 RAM
334 Flash memory 335 Communication I / F
336 Operation panel 337 Connection I / F
338 External connection I / F
339 Short-range wireless communication device 340 Camera 341 System bus 350 Communication path 360 Network 411 Application layer 412 Service layer 413 OS layer 431 Application layer 432 Service layer 433 OS layer 501 Moving body detection unit 502 Power state control unit 503 Image formation unit 504 Storage Part 505 Communication part 506 User information A
511 Wireless communication unit 512 Wireless authentication unit 513 Image reception unit 514 Face detection unit 515 Image authentication unit 516 Device authentication unit 517 User information management unit 518 Storage unit 519 Communication unit 520 User information a
521 Password authentication unit 522 Update unit 523 Input / output control unit

JP 2006-072540 A

Claims (16)

A storage unit for storing user authentication information;
A detection unit for detecting user authentication information;
A first authentication unit that performs first authentication for comparing the detected authentication information with the authentication information stored in the storage unit;
A second authentication unit that executes second authentication different from the first authentication;
If the user is not authenticated by the first authentication and the user is authenticated by the second authentication, a third authentication that executes a third authentication different from the first authentication and the second authentication is executed. An authentication unit;
An update unit that updates the authentication information stored in the storage unit with the detected authentication information when the user is authenticated by the third authentication;
An information processing apparatus comprising: The authentication information is feature information indicating features of the user's biological body.
The information processing apparatus according to claim 1. The authentication information is a user's face image included in the captured image, or feature information extracted from the user's face image.
The information processing apparatus according to claim 1. The second authentication is authentication using a wireless tag storing authentication information associated with a user.
The information processing apparatus according to claim 1. The wireless tag is an RFID (Radio Frequency Identification) tag.
The information processing apparatus according to claim 4. The third authentication is authentication using authentication information input by the user.
The information processing apparatus according to claim 1. The third authentication is authentication using a password or authentication using a contact type IC (Integrated Circuit) card.
The information processing apparatus according to claim 6. When the user is authenticated by the third authentication, the apparatus further includes an output control unit that causes the display unit to display a selection screen for selecting whether to update the authentication information.
The update unit updates the authentication information stored in the storage unit with the detected authentication information when updating the authentication information is selected on the selection screen.
The information processing apparatus according to claim 1. The output control unit causes the display unit to display the selection screen that displays a plurality of pieces of authentication information detected by the detection unit.
The update unit updates the authentication information stored in the storage unit with the selected authentication information among a plurality of authentication information when updating the authentication information on the selection screen is selected.
The information processing apparatus according to claim 8. The detection unit detects a plurality of authentication information,
The update unit updates the authentication information stored in the storage unit with authentication information having a degree of similarity with the authentication information stored in the storage unit that is greater than other authentication information among the plurality of authentication information. ,
The information processing apparatus according to claim 1. The detection unit detects a plurality of authentication information,
The update unit updates the authentication information stored in the storage unit with information obtained by averaging a plurality of the authentication information.
The information processing apparatus according to claim 1. It further includes a moving body detection unit that detects the moving body,
The detection unit radiates a radio wave to a detection range when a mobile unit is detected by the mobile unit detection unit, and detects authentication information from a wireless tag within the detection range.
The information processing apparatus according to claim 1. A moving body detection unit for detecting the moving body;
A power state control unit that activates the detection unit when a mobile unit is detected by the mobile unit detection unit;
The information processing apparatus according to claim 1. An information processing system for authenticating a user,
A storage unit for storing user authentication information;
A detection unit for detecting user authentication information;
A first authentication unit that performs first authentication for comparing the detected authentication information with the authentication information stored in the storage unit;
A second authentication unit that executes second authentication different from the first authentication;
If the user is not authenticated by the first authentication and the user is authenticated by the second authentication, a third authentication that executes a third authentication different from the first authentication and the second authentication is executed. An authentication unit;
An update unit that updates the authentication information stored in the storage unit with the detected authentication information when the user is authenticated by the third authentication;
An information processing system comprising: A detection step for detecting user authentication information; a first authentication step for executing a first authentication for comparing the detected authentication information with the authentication information stored in the storage unit;
A second authentication step for performing a second authentication different from the first authentication;
If the user is not authenticated by the first authentication and the user is authenticated by the second authentication, a third authentication that executes a third authentication different from the first authentication and the second authentication is executed. An authentication step;
An update step of updating the authentication information stored in the storage unit with the detected authentication information when the user is authenticated by the third authentication;
An authentication method that includes: On the computer,
A detection step for detecting user authentication information; a first authentication step for executing a first authentication for comparing the detected authentication information with the authentication information stored in the storage unit;
A second authentication step for performing a second authentication different from the first authentication;
If the user is not authenticated by the first authentication and the user is authenticated by the second authentication, a third authentication that executes a third authentication different from the first authentication and the second authentication is executed. An authentication step;
An update step of updating the authentication information stored in the storage unit with the detected authentication information when the user is authenticated by the third authentication;
A program for running