JP2018042745A - Authentication system, authentication device, and authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To conveniently and accurately authenticate a plurality of terminals possessed by the same person at the same time.SOLUTION: In a terminal 10, a transmission part 15a transmits a time series signal of acceleration of a user's own terminal 10 measured by an acceleration sensor 16 to an authentication device 20, and an authentication part 15b causes another terminal 10b and a user's own terminal 10a to be usable if the information on the user's own terminal 10a reported from the authentication device 20 and the another terminal 10b possessed by the same person is stored in pairing terminal information 14a. In the authentication device 20, an extraction part 25b extracts an acceleration component derived from a human physical activity from the time series signal of each acceleration of a plurality of the terminals 10 acquired by an acquisition part 25a, and a determination part 25c determines that the corresponding two terminals 10 are possessed by the same person if a degree of similarity of the time series change in the extracted acceleration component between the terminals 10 is higher than a predetermined threshold, and notifies the two terminals 10 accordingly.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an authentication system, an authentication device, and an authentication method.

  Nowadays, so-called wearable terminals such as smart watches and smartphones are beginning to spread, it is not uncommon for a user to have a plurality of terminals alone. Since many wearable terminals hold personal information and confidential information, they are locked so that they cannot be used by anyone other than the user, and biometric authentication and password authentication are required each time they are used.

  However, the convenience of the user is impaired if biometric authentication or password authentication is required for each use. Therefore, for example, when the presence of a wearable terminal that has been paired and registered in advance is recognized in a short distance such as a Bluetooth (registered trademark) communication range with an authenticated smartphone, the wearable terminal is unlocked. (Hereinafter referred to as possession authentication).

  However, if there is a smartphone that can be operated by a person other than the wearer in the vicinity of the wearable terminal when the user sleeps or leaves the seat, the wearable terminal may be illegally used. Therefore, there is a demand for a technique for guaranteeing that a person is possessed when authenticating a plurality of terminals using possession authentication, such as possession authentication of a wearable terminal using a smartphone.

  For example, a technique is known that ensures that the wearable terminal is worn by the user by detecting attachment / detachment of the wearable terminal using a special sensor or performing biometric authentication using an electrocardiogram or the like when the wearable terminal is worn ( Non-patent documents 1 and 2). In these technologies, only when a wearable terminal is attached to the user, other pre-registered terminals within the Bluetooth communication range of the wearable terminal are unlocked and can be used.

  However, since these technologies are realized using dedicated sensors, they cannot be applied to general-purpose wearable terminals or smartphones. In addition, even if the wearable terminal is worn by a legitimate user, if a smartphone in the Bluetooth communication range of the wearable terminal is authenticated using possession authentication, the possibility of being manipulated by someone else and being used illegally is denied. Can not.

  Therefore, there are a plurality of terminals at a short distance from the Bluetooth communication range by calculating the distance between the terminals using a proximity sensor or determining that the vehicle is in the same vehicle using an acceleration sensor. Techniques for guaranteeing the performance are known (see Non-Patent Documents 3 and 4).

“Safeband: Ultimate Security System.Bracelet & Tags”, [Online], Indiegogo, [Search July 15, 2016], Internet <URL: https://www.indiegogo.com/projects/1267504> “Nymi | Convenient Authentication Anywhere”, [Online], [Search July 15, 2016], Internet <URL: https://nymi.com/> “The 267th Lecture Management with Bluetooth Device: Ubuntu Weekly Recipe”, [Online], March 27, 2013, Technical Review, [Search August 3, 2016], Internet <URL: http: // gihyo.jp/admin/serial/01/ubuntu-recipe/0267> Yuki Nishida, Toshihiro Kawahara, Toru Asami, “B-15-6 Examination of passenger detection method in the same train using accelerometer” [in Japanese] Society Conference Proceedings, vol.2011, no.1, Aug.2011, p.520

  However, according to the above-described conventional technology, it is not possible to specify a person who operates each of a plurality of terminals at a short distance. In addition, in a normal terminal usage environment, there is no acceleration derived from the external environment other than the gravitational acceleration, and therefore the person who owns each terminal cannot be specified using the acceleration of the external environment. In particular, even if the acceleration of a characteristic external environment such as a vehicle is used, the acceleration derived from the external environment is commonly applied to a plurality of people traveling together, so the person who owns the terminal is uniquely identified I can't do it. Therefore, according to any conventional technique, it is not guaranteed that the operator of the smartphone and the wearer of the wearable terminal are the same person.

  The present invention has been made in view of the above, and an object of the present invention is to authenticate a plurality of terminals simultaneously possessed by the same person with high convenience and high accuracy.

  In order to solve the above-described problems and achieve the object, an authentication system according to the present invention is an authentication system having a plurality of terminals and an authentication device, and each terminal measures an acceleration for measuring the acceleration of the terminal itself. A sensor, a transmission unit that transmits a time-series signal of measured acceleration to the authentication device, a storage unit that stores information of other terminals capable of proximity communication, and the same terminal as the own terminal notified from the authentication device An authentication unit that enables use of the other terminal and the own terminal when information of the other terminal possessed by the person is stored in the storage unit, and the authentication device includes a plurality of the terminals An acquisition unit that acquires a time-series signal of each acceleration of the terminal, an extraction unit that extracts an acceleration component derived from human physical activity from the acquired acceleration, and a time-series change of the extracted acceleration component Similarity between devices If higher than Iga predetermined threshold, it determines that the corresponding both terminals same person in possession, characterized in that it comprises a determination unit that notifies the both said terminal.

  According to the present invention, it is possible to authenticate a plurality of terminals simultaneously owned by the same person with high convenience and high accuracy.

FIG. 1 is a schematic diagram showing a schematic configuration of an authentication system according to an embodiment of the present invention. FIG. 2 is an explanatory diagram for explaining an outline of processing of the authentication apparatus according to the present embodiment. FIG. 3 is a sequence diagram illustrating an authentication processing procedure according to the present embodiment. FIG. 4 is an explanatory diagram for explaining the effect of the authentication process of the authentication system of the present embodiment. FIG. 5 is a diagram illustrating a computer that executes an authentication program.

  Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings. In addition, this invention is not limited by this embodiment. Moreover, in description of drawing, the same code | symbol is attached | subjected and shown to the same part.

[Configuration of authentication system]
First, the schematic configuration of the authentication system according to the present embodiment will be described with reference to FIG. As illustrated in FIG. 1, the authentication system 1 according to the present embodiment includes a plurality of terminals 10 such as smartphones and wearable terminals, and an authentication device 20.

  In the authentication system 1, the authentication device 20 determines the terminals 10 owned by the same person among the plurality of terminals 10 by an authentication process described later. Each terminal 10 has a proximity communication function such as a Bluetooth function, for example. The terminals 10 that are determined to be possessed by the same person are connected to each other via Bluetooth, and each terminal 10 is unlocked to be usable. Perform mutual authentication.

[Terminal configuration]
As illustrated in FIG. 1, the terminal 10 is realized by a smartphone or a wearable terminal, and includes an input / output unit 11, a proximity communication function unit 12, a communication control unit 13, a storage unit 14, a control unit 15, and an acceleration sensor 16.

  The input / output unit 11 is realized by a touch panel or the like, and inputs various instruction information to the control unit 15 in response to an input operation by the operator, and also gives a result of authentication processing described later to the operator. Or output. The communication control unit 13 is realized by a NIC (Network Interface Card) or the like, and controls communication between an external device such as the authentication device 20 and the control unit 15 via a telecommunication line such as a LAN (Local Area Network) or the Internet. To do.

  The storage unit 14 is realized by a semiconductor memory device such as a RAM (Random Access Memory) or a flash memory, or a storage device such as an optical disk. In the present embodiment, the storage unit 14 stores pairing terminal information 14a. The pairing terminal information 14a represents information of other terminals capable of near field communication such as Bluetooth. For example, the pairing terminal information 14a includes the name and ID (IDentifier) of the own terminal, the name and ID of the partner terminal of the near field communication connection, and are registered in advance.

  The near field communication function unit 12 connects the terminals 10 in the communication area of the near field communication such as Bluetooth, for example, so that information communication can be performed with the near field communication.

  The acceleration sensor 16 measures the acceleration of the terminal 10 itself. For example, the acceleration sensor 16 calculates the acceleration of the terminal 10 by detecting a change in the position of the terminal 10.

  As illustrated in FIG. 1, the control unit 15 functions as a transmission unit 15a and an authentication unit 15b when an arithmetic processing device such as a CPU (Central Processing Unit) executes a processing program stored in a memory.

  The transmission unit 15 a transmits the time series signal of the measured acceleration to the authentication device 20. Specifically, the transmission unit 15a transmits the time series signal of the acceleration of the terminal 10 measured by the acceleration sensor 16 to the authentication device 20 via the communication control unit (13, 23).

  When the information on the other terminal 10b possessed by the same person as the own terminal 10a notified from the authentication device 20 is stored in the storage unit 14 by the authentication process described later, the authentication unit 15b The other terminal 10b and the own terminal 10a are made usable. Hereinafter, the terminal 10a is also referred to as the notified other terminal 10b.

  Specifically, the authentication unit 15b refers to the pairing terminal information 14a when notified from the authentication device 20 of information on another terminal 10b determined to be possessed by the same person as the terminal 10a. The presence / absence of registration of information of the terminal 10b is confirmed. When the information of the corresponding terminal 10b is registered in the pairing terminal information 14a, the authentication unit 15b notifies the proximity communication function unit 12 of the information and establishes proximity communication such as Bluetooth (hereinafter referred to as pairing). ). Further, the authentication unit 15b performs processing for notifying information that instructs the other terminal 10 to release the lock and enable the operator to use it, that is, possession authentication, using the established near field communication. The authentication unit 15b is sufficient if at least one of the plurality of terminals 10 is provided.

[Configuration of authentication device]
As shown in FIG. 1, the authentication apparatus 20 according to the present embodiment is realized by a general-purpose computer such as a workstation or a personal computer, and includes an input unit 21, an output unit 22, a communication control unit 23, a storage unit 24, and a control unit. 25.

  The input unit 21 is realized by using an input device such as a keyboard or a mouse, and inputs various instruction information to the control unit 25 in response to an input operation by the operator. The output unit 22 is realized by a display device such as a liquid crystal display, a printing device such as a printer, an information communication device, and the like, and outputs a result of an authentication process described later to the operator.

  The communication control unit 23 is realized by a NIC or the like, and controls communication between an external device such as the terminal 10 and the control unit 25 via a telecommunication line such as a LAN (Local Area Network) or the Internet.

  The storage unit 24 is realized by a semiconductor memory device such as a RAM or a flash memory, or a storage device such as a hard disk or an optical disk. In the storage unit 24, a processing program for operating the authentication device 20, data used during the execution of the processing program, and the like are stored in advance, or temporarily stored for each processing. The storage unit 24 may be configured to communicate with the control unit 25 via the communication control unit 23.

  The control unit 25 functions as an acquisition unit 25a, an extraction unit 25b, and a determination unit 25c as illustrated in FIG. 1 when an arithmetic processing unit such as a CPU executes a processing program stored in a memory.

  The acquisition unit 25 a acquires time series signals of accelerations of the plurality of terminals 10. That is, the acquisition unit 25a acquires a time series signal of acceleration transmitted from the transmission unit 15a of each terminal 10 via the communication control unit (13, 23).

  The extraction unit 25b extracts an acceleration component derived from human physical activity from the acquired acceleration. Here, the time series signal of the acceleration of each terminal 10 acquired by the acquisition unit 25a includes an acceleration component derived from an external environment such as a vehicle and an acceleration component derived from human physical activity.

  In vehicles such as elevators and trains, acceleration / deceleration is controlled electronically, so that the time series signal of acceleration shows a change different from that caused by walking or the like controlled by the human musculoskeletal system. That is, in many cases, electronic acceleration / deceleration control in a vehicle or the like is designed to ideally draw a gentle sine wave curve in order to reduce passenger discomfort. Therefore, for example, by using an index such as a change in jerk, that is, a differential value of acceleration, as the feature amount, it is possible to discriminate between an acceleration component derived from the external environment and an acceleration component derived from human physical activity.

  Specifically, when comparing frequency components by power spectrum analysis, acceleration components derived from the external environment are distributed into low frequency components such as acceleration / deceleration of the vehicle and high frequency components such as vibration noise. On the other hand, acceleration components derived from human physical activity are distributed in a frequency band of approximately 0.25 to 2.5 hertz. Therefore, by designing a filter that excludes the low frequency band and the high frequency band of the acceleration component derived from the external environment, it is possible to extract the acceleration component derived from human physical activity.

  Therefore, for example, the extraction unit 25b compares frequency components by power spectrum analysis, and performs signal processing using a filter such as HF (High-pass Filter), LF (Low-pass Filter), and BF (Band-pass Filter). Thus, an acceleration component derived from human physical activity is extracted.

  Further, for example, noise accompanying the fall or contact of the terminal 10 is larger than the acceleration component derived from physical activity. On the other hand, acceleration components of vehicles and the like, such as raising and lowering elevators, are controlled to take a small value so as not to cause discomfort to passengers. Therefore, the extraction unit 25b can discriminate between an acceleration component derived from human physical activity and an acceleration component derived from the external environment using a predetermined threshold.

  In addition, a technique is disclosed for determining an action state such as posture, walking, running, climbing up and down stairs, cycling, etc. using acceleration obtained from an accelerometer worn on or held by the body to collect action logs. . Therefore, the extraction unit 25b can also extract an acceleration component derived from human physical activity by applying this technique.

  When the degree of similarity between the terminals (10a, 10b) of the time-series change of the acceleration component derived from the extracted physical activity is higher than a predetermined threshold, the determination unit 25c corresponds to both terminals (10a, 10b). Are held by the same person and notified to both terminals.

  FIG. 2 is an explanatory diagram for explaining a processing outline of the authentication device 20. As illustrated in FIG. 2, in the authentication device 20, the acceleration derived from the human physical activity extracted by the extraction unit 25 b out of the time series signals of the accelerations of the plurality of terminals (10 a and 10 b) acquired by the acquisition unit 25 a. The determination unit 25c compares the components.

  Here, when the same person possesses a plurality of terminals (10a, 10b), similarities are recognized in the time domain and the frequency domain for acceleration components derived from human physical activity. For example, the periods in which peaks appear in the time domain match, or the peak positions match in the frequency domain.

  Specifically, the acceleration applied to each terminal (10a, 10b) possessed by the same person with walking will be considered. When a transition is made from the swinging leg phase of walking to the stance phase, acceleration derived from a grounding impact is applied to the terminal 10a such as a wearable terminal worn on the wrist and the terminal 10b such as a smartphone put in the pocket. Since the acceleration applied here propagates from the lower limbs, the time-series change in acceleration for each step is always delayed at the wrist terminal 10a than at the pocket terminal 10b. Therefore, for example, the determination unit 25c analyzes the appearance timing of positive and negative peaks of the time series signal of acceleration, and if the degree of coincidence of the periods in which peaks appear, that is, the degree of similarity is higher than a predetermined threshold value, the determination unit 25c possesses the same person. Can be determined. In that case, the determination unit 25c notifies the determination result to both terminals (10a, 10b) determined to be possessed by the same person together with information such as the name and ID of the partner terminal.

  On the other hand, when different persons are possessing each terminal (10a, 10b), since the acceleration applied to each terminal (10a, 10b) is different, no similarity is recognized in the appearance timing of the peak. In this case, the determination unit 25c cannot determine that the same person is possessed. Also in this case, the determination unit 25c notifies the determination result to both terminals (10a, 10b) determined not to be possessed by the same person together with information such as the name and ID of the partner terminal. Each terminal (10a, 10b) having received the notification releases the lock to the operator by performing normal biometric authentication, password authentication, passcode authentication, or pattern authentication instead of the above possession authentication. Can be used.

[Authentication process]
Next, the authentication process of the authentication device 20 will be described with reference to FIG. The sequence of FIG. 3 is started, for example, at the timing when the user has a plurality of terminals 10 including the terminal where the user is authenticated and starts an operation such as walking (step S1).

  In each terminal (10a, 10b), acceleration is measured by the acceleration sensor 16 (steps S2a, S2b), and each transmission unit 15a transmits a time series signal of acceleration to the authentication device 20 (steps S3a, S3b).

  In the authentication device 20, the acquisition unit 25a receives the time series signal of the acceleration of each terminal (10a, 10b) (step S4), and the extraction unit 25b extracts an acceleration component derived from human physical activity. . In addition, when the determination unit 25c has a degree of similarity between the terminals (10a, 10b) of the time-series change of the extracted acceleration component higher than a predetermined threshold, both the corresponding terminals (10a, 10b) are the same. It is determined that the person is possessed, and the determination result is notified to both terminals (10a, 10b) (step S5).

  Note that when the received acceleration time-series signal includes only an acceleration component derived from the external environment and no acceleration component derived from human physical activity is extracted, the determination unit 25c performs no processing.

  In each terminal (10a, 10b) that has received the determination result (steps S6a, S6b), when the authentication unit 15b stores the received information on the other terminal in the pairing terminal information 14a, the other terminal And Bluetooth connection (pairing) (steps S7a → S7b → S8b → S8a), and the terminal 10b and the own terminal 10a can be used by possession authentication. Thereby, a series of authentication processing is completed.

  As described above, in the authentication system 1 of this embodiment, in the terminal 10, the transmission unit 15 a transmits the time series signal of the acceleration of the terminal 10 measured by the acceleration sensor 16 to the authentication device 20. In addition, when the authentication unit 15b stores information on the other terminal 10b possessed by the same person as the own terminal 10a notified from the authentication device 20 in the pairing terminal information 14a, the other The terminal 10b and the own terminal 10a are made usable.

  In the authentication device 20, the extraction unit 25b extracts an acceleration component derived from human physical activity from the time series signals of the accelerations of the plurality of terminals (10a, 10b) acquired by the acquisition unit 25a. In addition, when the determination unit 25c has a degree of similarity between the terminals (10a, 10b) of the time-series change of the extracted acceleration component higher than a predetermined threshold, both the corresponding terminals (10a, 10b) are the same. It is determined that the person is possessed, and the both terminals (10a, 10b) are notified.

  Thereby, according to the authentication process of the authentication system 1 of this embodiment, when the same user possesses the authenticated smart phone 10b and the wearable terminal 10a previously registered by pairing, for example, the wearable terminal 10a is unlocked and can be used.

  Conventionally, both terminals (10a, 10b) had to be unlocked by biometric authentication, passcode authentication, or the like. In addition, it is possible for an attacker to illegally use the wearable terminal 10a that can be used by possession authentication using the smartphone 10b that is operable by a person other than the user. Alternatively, as illustrated in FIG. 4, an attacker operates a smartphone 10 b that can be used by possession authentication within a communication range of proximity communication such as Bluetooth with the wearable terminal 10 a used by a legitimate user, and wearable It was possible to illegally use the terminal 10a.

  On the other hand, according to the authentication process of this embodiment, the authentication by biometric authentication etc. of the wearable terminal 10a can be omitted. In addition, since this attacker and a legitimate user possessing the wearable terminal 10a are different persons, the wearable terminal 10a cannot be used illegally by operating the smartphone 10b. In this way, it is possible to authenticate a plurality of terminals 10 simultaneously owned by the same person with high convenience and high accuracy.

  If the authentication apparatus 20 of this embodiment is used, business terminals, such as a tablet which can access an in-house system, can be easily used, for example using the smart phone which has an authentication function. That is, when a person who has an authenticated smart phone has a pre-registered business terminal at the same time, it is guaranteed that a legitimate user of the smart phone has the business terminal. Accordingly, authentication such as biometric authentication of the business terminal can be omitted and used, and user convenience is improved. Even if it is misplaced or stolen while the business terminal is unlocked, it can be automatically locked if it is determined that it is not possessed at the same time as the smartphone.

  Moreover, it is also possible to automate the pairing between a plurality of terminals 10 not registered in advance using the authentication device 20 of the present embodiment. For example, the pairing may be automatically performed by simultaneously holding the terminal 10 that the user wants to pair, such as a headphone and a player. That is, when it is determined that the same person is possessed, pairing is performed without performing an explicit pairing operation such as selection of the terminal 10 in the communication range such as Bluetooth and input of a PIN code for pairing. As a result, user convenience is improved.

  Moreover, the process of the determination part 25c is not limited to the process using an acceleration. Distance using external environment information such as temperature, humidity, or light quantity, movement information such as GPS logs or Wi-fi (registered trademark) logs, and Bluetooth Proximity profile instead of or in addition to acceleration Information or the like may be used.

  For example, when the movement trajectories by GPS of two terminals (10a, 10b) match and the speed calculated from the movement amount per unit time of GPS is smaller than a predetermined threshold, movement by a vehicle or the like is excluded. In addition, it may be considered that the same person is possessed.

  Alternatively, in addition to the above-described similarity in acceleration change, the same person is possessed when the distance between a plurality of terminals (10a, 10b) measured using a proximity sensor is smaller than a predetermined threshold value. May be considered. As a result, it is possible to easily authenticate a wide variety of terminals 10.

[program]
It is also possible to create a program in which processing executed by the terminal 10 and the authentication device 20 of the authentication system 1 according to the embodiment is described in a language that can be executed by a computer. As an embodiment, the terminal 10 and the authentication device 20 can be implemented by installing an authentication program for executing the above-described authentication processing as package software or online software on a desired computer. For example, the information processing apparatus can function as the terminal 10 or the authentication apparatus 20 by causing the information processing apparatus to execute the authentication program. The information processing apparatus referred to here includes a desktop or notebook personal computer. In addition, the information processing apparatus includes mobile communication terminals such as smartphones, mobile phones and PHS (Personal Handyphone System), and slate terminals such as PDA (Personal Digital Assistants). Further, the authentication device 20 may be implemented as a cloud that provides services related to the above-described authentication processing by outsourcing. Further, the function of the authentication device 20 may be included in any of the terminals 10. Below, an example of the computer which performs the authentication program which implement | achieves the function similar to the terminal 10 and the authentication apparatus 20 is demonstrated.

  As shown in FIG. 5, a computer 1000 that executes an authentication program includes, for example, a memory 1010, a CPU 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface. 1070. These units are connected by a bus 1080.

  The memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM 1012. The ROM 1011 stores a boot program such as BIOS (Basic Input Output System). The hard disk drive interface 1030 is connected to the hard disk drive 1031. The disk drive interface 1040 is connected to the disk drive 1041. For example, a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive 1041. For example, a mouse 1051 and a keyboard 1052 are connected to the serial port interface 1050. For example, a display 1061 is connected to the video adapter 1060.

  Here, as shown in FIG. 5, the hard disk drive 1031 stores, for example, an OS 1091, an application program 1092, a program module 1093, and program data 1094. Each data described in the above embodiment is stored in, for example, the hard disk drive 1031 or the memory 1010.

  Further, the authentication program is stored in the hard disk drive 1031 as a program module 1093 in which a command executed by the computer 1000 is described, for example. Specifically, a program module 1093 describing each process executed by the authentication device 20 described in the above embodiment is stored in the hard disk drive 1031.

  Data used for information processing by the authentication program is stored as program data 1094 in, for example, the hard disk drive 1031. Then, the CPU 1020 reads the program module 1093 and the program data 1094 stored in the hard disk drive 1031 to the RAM 1012 as necessary, and executes the above-described procedures.

  Note that the program module 1093 and the program data 1094 related to the authentication program are not limited to being stored in the hard disk drive 1031, but are stored in, for example, a removable storage medium and read out by the CPU 1020 via the disk drive 1041 or the like. May be. Alternatively, the program module 1093 and the program data 1094 related to the authentication program are stored in another computer connected via a network such as a LAN (Local Area Network) or a WAN (Wide Area Network), and are transmitted via the network interface 1070. It may be read by the CPU 1020.

  As mentioned above, although embodiment which applied the invention made | formed by this inventor was described, this invention is not limited with the description and drawing which make a part of indication of this invention by this embodiment. That is, other embodiments, examples, operational techniques, and the like made by those skilled in the art based on this embodiment are all included in the scope of the present invention.

DESCRIPTION OF SYMBOLS 1 Authentication system 10, 10a, 10b Terminal 11 Input / output part 12 Proximity communication function part 13 Communication control part 14 Storage part 14a Pairing terminal information 15 Control part 15a Transmission part 15b Authentication part 20 Authentication apparatus 21 Input part 22 Output part 23 Communication Control unit 24 Storage unit 25 Control unit 25a Acquisition unit 25b Extraction unit 25c Determination unit

Claims (3)

An authentication system having a plurality of terminals and an authentication device,
Each terminal
An acceleration sensor that measures the acceleration of the terminal itself;
A transmission unit that transmits a time-series signal of measured acceleration to the authentication device;
A storage unit for storing information of other terminals capable of near field communication;
An authentication unit for enabling use of the other terminal and the own terminal when information on the other terminal possessed by the same person as the own terminal notified from the authentication device is stored in the storage unit; With
The authentication device
An acquisition unit for acquiring a time series signal of acceleration of each of the plurality of terminals;
An extraction unit that extracts an acceleration component derived from human physical activity from the acquired acceleration;
If the degree of similarity between the extracted time-series changes of the extracted acceleration component is higher than a predetermined threshold, it is determined that the corresponding person has the corresponding terminal, and the both terminals are notified. An authentication system comprising: a determination unit. An acquisition unit for acquiring a time series signal of acceleration of each of a plurality of terminals;
An extraction unit that extracts an acceleration component derived from human physical activity from the acquired acceleration;
If the degree of similarity between the extracted time-series changes of the extracted acceleration component is higher than a predetermined threshold, it is determined that the corresponding person has the corresponding terminal, and the both terminals are notified. A determination unit;
An authentication device comprising: An authentication method executed in an authentication system having a plurality of terminals and an authentication device,
In each terminal, a transmission step of transmitting a time series signal of acceleration measured by an acceleration sensor that measures acceleration of the terminal itself to the authentication device;
In the authentication device, an acquisition step of acquiring a time series signal of each acceleration of the plurality of terminals,
An extraction step for extracting an acceleration component derived from human physical activity from the acquired acceleration in the authentication device;
In the authentication device, when the degree of similarity between the terminals of the extracted time-series change of the extracted acceleration component is higher than a predetermined threshold, it is determined that the same person is possessing both corresponding terminals, A determination step to notify both terminals;
When information of other terminals possessed by the same person as the terminal notified from the authentication device in each terminal is stored in a storage unit that stores information of other terminals capable of proximity communication An authentication step for enabling the other terminal and the own terminal;
The authentication method characterized by including.

Images