JP2019012452A - Information processing system, information processing method, program - Google Patents

Abstract

To provide a technique capable of reducing a false rejection rate by registering an erroneously detected image as a face image of a person.SOLUTION: As a result of authentication using a previously registered authentication image, when accepting selection as to whether or not to register an image determined to be spoofed as an authentication image and accepting selection to register as an image for authentication, the image is registered as an authentication image.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an information processing system, an information processing method, and a program.

In recent years, so-called telework, in which workers work at home instead of working in the office, has been carried out. Compared to working in the office, telework prevents leakage of confidential information, Difficult to manage time. Therefore, using the face image registered in advance, check whether the person shown on the camera equipped on the PC etc. is the person himself, the result of the occurrence of "attended" or "spoofing", and the trail between them A system for recording camera images and screen shots has been developed.

  In such a system, it is required to accurately determine whether the person is the person or the person by analyzing the face image, but false detection can be kept low in an environment close to the registered face image shooting conditions. In an environment where the shooting conditions are different, it is often determined that the person is a different person even though the person is the person himself / herself. In order to reduce such false detection, it is necessary to perform authentication using a face image taken in the same environment as the work place, which is troublesome for the user.

  In Patent Document 1, registration information (dictionary) is used when the similarity at the time of collation is within a predetermined update range in advance in order to reduce the false exclusion rate of the person with respect to aging and variations in input information at the time of authentication. ) To update the technology.

Japanese Patent Laid-Open No. 2004-157602

  However, the technique disclosed in Patent Document 1 updates the registered image to a better one when it is recognized as the person, and the face image is replaced when the environment or appearance is erroneously recognized. Reshooting is required.

  Therefore, an object of the present invention is to reduce the false rejection rate by registering an erroneously detected image as the facial image of the true person.

  In addition, an object of the registered face image that has a low contribution to the personal authentication is intended to suppress the increase in the other-person tolerance rate by stopping the use.

  The information processing system according to the present invention includes: a receiving unit that receives a selection as to whether to register an image determined to be impersonation as an authentication image as a result of authentication using a pre-registered authentication image; And a registration unit that registers the image as an authentication image when receiving a selection for registration as an authentication image.

  According to the present invention, the false rejection rate can be reduced by registering an erroneously detected image as the facial image of the principal.

  Further, by stopping the use of the registered face images that have a low contribution to the personal authentication, it is possible to suppress an increase in the other person permission rate.

It is a figure which shows an example of the system configuration | structure of a telework management system. 2 is a block diagram illustrating an example of a hardware configuration of an information processing apparatus applicable to the management server 101, the teleworker PC 111, and the administrator PC 121. FIG. It is a flowchart which shows an example of the registration process of the image for authentication. It is a flowchart which shows an example of the invalidation process of the image for authentication. It is a figure which shows an example of the registration screen of the image for authentication.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a diagram showing an example of a system configuration of a telework management system (information processing system) according to the present invention.

  The telework management system 100 is configured such that one or more management servers 101, one or more teleworker PCs 111, and one or more administrator PCs 121 are connected via the Internet 130.

  The management server 101 is a server that centrally manages, as telework information, information on the presence / absence status of teleworkers, information on work hours, and the like, and is constructed on the service environment network 104.

  When the teleworker PC 111 and the administrator PC 121 are connected to the management server 101 by an authentication process using an account ID and a password, and the management server 101 receives telework information from the teleworker PC 111, the management server 101 Store in the database. When there is a telework information acquisition request from the administrator PC 121, the necessary telework information is extracted from the database of the management server 101.

  The teleworker PC 111 receives an application (declaration) whether the teleworker is working or not working from the teleworker, and detects the teleworker's presence / absence / spoofing / peeping etc. from the video taken by the connected imaging device. Terminal. Information that is present on the home network 110 and that indicates whether the user is working or not working, and information on the presence / absence of the work is created by a dedicated application, and is managed by the management server 101 via the router 112, the Internet 130, and the router 103. Sent to.

  Attendance is a state when the person in the photo is determined to be the teleworker by comparing the face image of the person registered in advance with the face of the person in the captured video. .

  Leaving a seat is a state in which no person is shown in the captured video.

  Spoofing is a state in which it is determined that a third party other than the teleworker himself / herself is captured as a result of collating the face image of the teleworker himself / herself registered in advance with the face of the person in the captured video. .

  Peeping is a state in which the teleworker himself and another person are shown in the captured video.

  The face image registered in advance may be one image or multiple images, but images registered from various angles and images captured in various brightness environments are registered. By doing so, it is possible to reduce the probability of false detection (identity refusal rate) in which the person is determined to be another person (spoofing).

  The administrator PC 121 is a terminal for confirming telework information, and is present on the in-house network 120. The telework information is confirmed by using a web management console (operating on a web browser), the router 122, the Internet. And the management server 101 via the router 103.

  FIG. 2 is a block diagram illustrating an example of a hardware configuration of an information processing apparatus applicable to the management server 101, the teleworker PC 111, and the administrator PC 121 according to the embodiment of this invention. Since each apparatus has the same configuration, description will be made using the same reference numerals.

  As shown in FIG. 2, the information processing apparatus includes a CPU (Central Processing Unit) 201, a ROM (Read Only Memory) 202, a RAM (Random Access Memory) 203, a storage device 204, an input controller 205, a system bus 200, and the like. An audio input controller 206, a video controller 207, a memory controller 208, and a communication I / F controller 209 are connected.

  The CPU 201 comprehensively controls each device and controller connected to the system bus 200.

  The ROM 202 or the storage device 204 is a control program executed by the CPU 201 such as a basic input / output system (BIOS) or an operating system (OS), a computer-readable program for realizing this information processing method, and various necessary programs. Holds data (including data table).

  The RAM 203 functions as a main memory, work area, and the like for the CPU 201. The CPU 201 implements various operations by loading a program or the like necessary for executing the processing from the ROM 202 or the storage device 204 to the RAM 203 and executing the loaded program.

  The input controller 205 controls input from the input device 210. Examples of the input device 210 include a keyboard, a touch panel, and a pointing device such as a mouse.

  In the case where the input device 210 is a touch panel, various instructions can be given when the user presses (touches with a finger or the like) according to an icon, a cursor, or a button displayed on the touch panel.

  The touch panel may be a touch panel capable of detecting a position touched with a plurality of fingers, such as a multi-touch screen.

  When the microphone / speaker 211 operates as a microphone function, the voice input controller 206 can control voice input from the microphone / speaker 211 and recognize voice input from the microphone / speaker 211. In addition, when the microphone / speaker 211 operates as a speaker function, the voice input controller 206 can control voice output to the microphone / speaker 211 and output voice to the microphone / speaker 211.

  The video controller 207 controls display on an external output device such as the display 212. The display includes a display of a notebook computer integrated with the main body. The external output device is not limited to a display, and may be a projector, for example. An input device 210 is provided for a device that can accept the touch operation described above.

  Note that the video controller 207 can control a video memory (VRAM) for display control, and a part of the RAM 203 can be used as a video memory area, or a dedicated video memory can be provided separately. Is possible.

  In the present invention, the first video memory area used for display when the user normally uses the information processing apparatus and the display content of the first video memory area are overlapped when a predetermined screen is displayed. It has a second video memory area used for display. The number of video memory areas is not limited to two, and a plurality of video memory areas can be provided as long as the resources of the information processing apparatus permit.

  The memory controller 208 controls access to the external memory 213. The external memory is connected via an adapter to an external storage device (hard disk), flexible disk (FD), or PCMCIA card slot that stores boot programs, various applications, font data, user files, editing files, and various data. A compact flash (registered trademark) memory or the like can be used.

  The communication I / F controller 209 connects and communicates with an external device via the network 214, and executes communication control processing in the network. For example, communication using TCP / IP, telephone lines such as ISDN, and communication using 3G lines of mobile phones are possible.

  The storage device 204 is a medium for permanently storing information, and the form is not limited to a storage device such as a hard disk. For example, a medium such as SSD (Solid State Drive) may be used.

  It can also be used as a temporary memory area during various processes performed by the communication terminal in the present embodiment.

  Note that the CPU 201 enables display on the display 212 by executing, for example, outline font development (rasterization) processing on a display information area in the RAM 203. Further, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the display 212.

  Next, processing executed by the telework management system according to the present embodiment will be described with reference to the flowcharts of FIGS.

  The flowchart in FIG. 3 is a flowchart illustrating processing for registering an image determined as impersonation as an image of the person in the manager terminal 121.

  In step S301, the CPU 201 of the manager terminal 121 displays a trail image determined to be impersonation on the screen and accepts an input (selection) of the processing method.

  Specifically, the screen shown in FIG. 5A is displayed, and selection of normal (indicating that it is an image of the principal) or illegal (indicating that it is an image of a third party other than the principal) is accepted. In addition, it may be possible to accept a selection of hold (that is, hold determination of whether the person is a third party).

  In step S302, the CPU 201 of the manager terminal 121 determines whether the processing method input (selected) in step S301 is normal, illegal, or on hold.

  If selection of fraudulent (that is, an image of a third party other than the principal) is accepted (step S302: fraud), the process proceeds to step S303.

  When the selection of the fact that it is normal (indicating that it is the person's image) is accepted (step S302: normal), the process proceeds to step S304.

  When the selection of the fact that it is on hold (the decision whether it is the person or the third party is held) is accepted (step S302: hold), the processing of this flowchart is ended.

  In step S303, the CPU 201 of the manager terminal 121 processes the trail image to be processed as an image of a third party other than the teleworker himself, and ends the process of this flowchart.

  In step S304, the CPU 201 of the manager terminal 121 processes the trail image to be processed as the image of the teleworker himself / herself, and the necessity of registration of the face image (the face image as the person's face image for authentication). Accept or not).

  When the selection to register is accepted (step S304: TRUE), the process proceeds to step S306.

  When selection not to register is accepted (step S304: FALSE), the process of this flowchart is terminated.

  In step S305, the CPU 201 of the manager terminal 121 determines whether an instruction to register a face image is received from the manager.

  When an instruction to register is received (step S305: TRUE), the process proceeds to step S306.

  When an instruction not to register is received (step S305: FALSE), the process of this flowchart ends.

  In step S306, the CPU 201 of the manager terminal 121 displays a list of images taken during the time period in which it was determined to be impersonation (from the detection of impersonation until a change to another state). A selection of an image to be registered among the displayed images is accepted.

  In step S307, the CPU 201 of the manager terminal 121 accepts the selection in step S306 and registers the image for which the registration instruction has been accepted.

  And the process of this flowchart is complete | finished.

  Next, the processing shown in the flowchart of FIG. 3 (processing for registering an image determined as impersonation as an image of the person) will be described with reference to FIG.

  The screen shown in FIG. 5A is an example of a screen that displays an image determined as impersonation. The screen shown in FIG. 5 is a screen displayed when an administrator logs in to the management server 101 via the manager terminal 121 and gives an instruction to execute an audit process.

  As shown in FIG. 5A, an image 501 determined as impersonation, information 502 regarding a teleworker (account, name, etc.), a time zone 503 in which impersonation occurred (transition to another state after detecting impersonation) ), A list 504 of images taken in the time zone in which impersonation occurred, buttons for accepting processing contents (normal (face image) button 505, normal button 506, illegal button 507, cancel button 508) ) Is displayed.

  Via the screen shown in FIG. 5A, the manager terminal 121 accepts selection (input) of a processing method for the displayed trail image from the manager.

  Specifically, the processing content is received by receiving a press of a button (normal (face image) button 505, normal button 506, illegal button 507, cancel button 508) that receives input of the processing content.

  In the flowchart of FIG. 3, when a message indicating normality is input, processing for accepting the necessity of registration of the face image is performed. However, in the example of FIG. 5A, the normal (face image) button 505 is displayed. When the button is pressed, both an input indicating that the image is normal and an image indicating that registration of the face image is required are performed.

  FIG. 5B is a screen displayed when the normal (face image) button 505 in FIG. 5A is pressed (in the flowchart of FIG. 3, the screen is displayed in the process of S306). .

  As shown in FIG. 5B, a list of face images taken during the period of impersonation is displayed, and a check box 509 and a check box 509 for selecting a face image to be registered are checked. A registration button 510 that receives an instruction to register a face image and a cancel button 511 that receives an instruction to cancel the registration of a face image are displayed.

  When the pressing of the registration button 510 is accepted, the selected face image is registered as an authentication image in the process of step S307.

  In this way, the face images taken in the time period from the occurrence of impersonation to the transition to another state can be said to be images of the same person because the state has not transitioned. For this reason, it is highly necessary to be able to register face images taken during the time period together, and the face images can be registered efficiently by registering them together.

  Through the above processing, in addition to the face image registered in advance, it is possible to add to the face image for personal authentication the image that the administrator has determined to be the person from among the images determined to be impersonation. Therefore, it is possible to determine that the person is the person even if the angle or appearance has been determined to be another person, and the rejection rate of the person can be reduced.

  In addition, since it is possible to register a face image taken during work, it is possible to eliminate the trouble of creating and shooting various conditions and environments in order to register an authentication image.

  Next, processing for invalidating a registered face image will be described with reference to FIG.

  The process of FIG. 4 specifies a face image with a low contribution (not to be used for authentication) according to the usage status of the registered face image, and does not use the face image for authentication. It is a process to make.

  In step S401, the CPU 201 of the management server 101 collects contributions for each image registered as an authentication image.

  In step S402, the CPU 201 of the management server 101 calculates a total contribution by multiplying the contribution collected in step S402 by coefficients that take various factors into consideration.

  For example, the total contribution is calculated in consideration of the number of times the image has been used, the timing and frequency (whether it has been used in the last month or not in use for more than a month).

  Also, when calculating the overall contribution, location information (where the image was taken, where the image was when you were working) and time information (morning or daytime) You may consider whether it is a night photo. As a result, it is possible to keep a face image frequently used in a specific place or time zone valid without invalidating it.

  Moreover, you may consider appearances, such as illumination conditions, face orientation, the presence or absence of makeup, and wearing glasses. Considering these conditions, it is normal to use images that are often used in specific lighting conditions, images that are often used in specific face orientations, and images that are often used when wearing glasses. Although it is used less frequently, images that are frequently used under specific conditions can be enabled without being invalidated.

  Whichever method is used, it is only necessary to be able to classify frequently used and rarely used face images and to identify unused images.

  In step S403, based on the contribution calculated in step S402, the CPU 201 of the management server 101 invalidates (or deletes) an image with a low contribution so as not to be used in future authentication.

  As a method of selecting an image to be invalidated, for example, a method of validating 50 images in descending order of contribution and invalidating the rest may be used.

  As described above, the processing shown in the flowchart of FIG. 3 allows an image taken in various environments to be registered as an authentication image. However, if the number of registered face images increases, it is another person. The probability of determining that the person is the person (acceptability of others) increases. Therefore, as in the process shown in the flowchart of FIG. 4, the registered face images that satisfy the conditions are controlled not to be used for authentication (invalidation, use is stopped, the image itself is It is possible to suppress an increase in the other-person tolerance rate.

  The present invention can take the form of, for example, a system, apparatus, method, program, or recording medium. Specifically, the present invention may be applied to a system composed of a plurality of devices, or may be applied to an apparatus composed of a single device.

  Further, the program according to the present invention is a program capable of executing the processing method of the flowcharts shown in FIGS. 3 and 4, and the storage medium of the present invention is a program capable of executing the processing method of FIGS. Is remembered. Note that the program in the present invention may be a program for each processing method of each apparatus shown in FIGS.

  As described above, a recording medium that records a program that implements the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by reading and executing.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium recording the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, silicon A disk or the like can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (operating system) operating on the computer based on an instruction of the program is actually It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the processing and the processing is included.

  Furthermore, after the program read from the recording medium is written to the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is based on the instructions of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  The present invention may be applied to a system constituted by a plurality of devices or an apparatus constituted by a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

  Furthermore, by downloading and reading a program for achieving the present invention from a server, database, etc. on a network using a communication program, the system or apparatus can enjoy the effects of the present invention. In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

101 Management server 111 Teleworker PC
121 Administrator PC

Claims (6)

Accepting means for accepting a selection as to whether to register as an authentication image for an image determined to be spoofed as a result of authentication using a pre-registered authentication image;
A registration unit that registers the image as an authentication image when the selection unit accepts a selection to register as an authentication image;
An information processing system comprising: Further comprising display means for displaying the image determined to be impersonated,
The information processing system according to claim 1, wherein the accepting unit accepts selection as to whether an image displayed on the display unit is registered as an authentication image. The display means further includes a display means for displaying a list of face images taken during a time period determined as impersonation,
The information processing system according to claim 2, wherein the reception unit further receives a selection of an image to be registered as an authentication image among images displayed by the display unit. A specifying means for specifying an image to be used for authentication based on the registered use status of the authentication image;
Authentication means for performing authentication using the image specified by the specifying means;
The information processing system according to claim 1, further comprising: An accepting step of accepting selection as to whether to register as an authentication image for an image determined to be impersonation as a result of authentication using a pre-registered authentication image;
A registration step of registering the image as an authentication image when receiving the selection to register as an authentication image in the reception step;
An information processing method comprising: Information processing device
Accepting means for accepting a selection as to whether to register as an authentication image for an image determined to be spoofed as a result of authentication using a pre-registered authentication image;
A program for functioning as a registration unit for registering an image as an authentication image when the reception unit receives a selection for registration as an authentication image.

Images