JP2020184115A - Authentication method, display method, program, authentication system, and display system - Google Patents

Abstract

To improve business such as management or monitoring while preventing decrease in security concerning data management.SOLUTION: An authentication method relates to a plurality of servers 2 of a unified system 1 which performs at least one of monitoring, management, and control in one or more facilities F1. The plurality of servers 2 comprises at least a first server 21 and a second server 22. The authentication method comprises a first step, a second step, and a third step. In the first step, authentication for a first access to the first server 21 is received. In the second step, when the authentication for the first access succeeds, the first access is permitted. In the third step, when the authentication for the first access succeeds, also, authentication processing concerning a second access to the second server 22 is executed and the second access is permitted.SELECTED DRAWING: Figure 1

Description

The present disclosure generally relates to authentication methods, display methods, programs, authentication systems, and display systems. More specifically, the present disclosure discloses an authentication method for a plurality of servers of an integrated system that performs at least one of monitoring, management, and control, a display method for displaying information about the plurality of servers, a program, an authentication system, and a display. Regarding the system.

As a conventional example, the entry / exit management system (integrated system) described in Patent Document 1 will be illustrated. This entry / exit management system has an identifier with an identifier possessed by the user, an identification device installed near the door at the entrance / exit of the management area existing in the building, and an instruction to allow the door to be unlocked when it is considered that the authentication has been established. It is provided with a controller as a control device for performing the above. The controller is installed in a remote location and manages data related to the success or failure of unlocking all doors in the management area of each building to be managed including buildings other than the building, and the controller is via a communication line. Is connected.

JP-A-2017-89161

By the way, in the integrated system, when the data on the success or failure of unlocking all the doors in a plurality of facilities is collectively managed by the entry / exit center device, the administrator or the monitor of the entry / exit center device can view the data through the display unit. May be desired to be possible. However, when the data can be viewed by the display unit, it is desirable to perform the access authentication process in group units (server units connected to one or a plurality of controllers) in consideration of the security aspect of data management. On the other hand, if the administrator or the observer needs to input the authentication for each group each time, the work such as management or monitoring may become complicated.

This disclosure is made in view of the above reasons, and includes authentication methods, display methods, programs, authentication systems, and display systems that can improve operations such as management or monitoring while suppressing the deterioration of security related to data management. The purpose is to provide.

An authentication method of one aspect of the present disclosure is an authentication method for a plurality of servers in an integrated system that performs at least one of monitoring, management, and control within one or more facilities. The plurality of servers include at least a first server and a second server. The authentication method includes a first step, a second step, and a third step. In the first step, the authentication for the first access to the first server is accepted. In the second step, when the authentication for the first access is successful, the first access is enabled. When the authentication for the first access is successful in the third step, the authentication process for the second access to the second server is further executed to enable the second access.

The display method of one aspect of the present disclosure is a display of a display system having a display unit that displays information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or more facilities. The method. The plurality of servers include at least a first server and a second server. The display method includes a first step and a second step. In the first step, the first window that accepts the authentication for the first access to the first server is displayed on the display unit. When the authentication for the first access is successful in the second step, the second window is displayed on the display unit. The second window contains the first information acquired from the first server and the second information acquired from the second server by the second access to the second server executed with the success of the authentication. Regarding.

The display method of one aspect of the present disclosure is a display of a display system having a display unit that displays information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or more facilities. The method. The plurality of servers include at least a first server and a second server. The display method includes an authentication display step, a main display step, and a sub display step. In the authentication display step, an authentication window that accepts authentication for the first access to the first server is displayed on the display unit. When the authentication for the first access is successful in the main display step, the main window regarding the first information acquired from the first server is displayed on the display unit. In the sub-display step, a sub-window relating to the second information acquired from the second server by the second access to the second server is displayed on the display unit in response to the selection operation on the main window.

The program of one aspect of the present disclosure is a program for causing one or more processors to execute the above authentication method or any of the above display methods.

The authentication system of one aspect of the present disclosure authenticates a plurality of servers of an integrated system that performs at least one of monitoring, management and control within one or more facilities. The plurality of servers include at least a first server and a second server. The authentication system includes a reception unit and an authentication processing unit. The reception unit accepts authentication for the first access to the first server. The authentication processing unit executes an authentication process relating to the success or failure of the authentication for the first access, and enables the first access when the authentication for the first access is successful. When the authentication for the first access is successful, the authentication processing unit further executes an authentication process for the second access to the second server to enable the second access.

The display system of one aspect of the present disclosure includes a display unit that displays information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or more facilities. The plurality of servers include at least a first server and a second server. The display system further includes an image processing unit that causes the display unit to display a first window that accepts authentication for the first access to the first server. The image processing unit causes the display unit to display the second window when the authentication for the first access is successful. The second window contains the first information acquired from the first server and the second information acquired from the second server by the second access to the second server executed with the success of the authentication. Regarding.

The display system of one aspect of the present disclosure includes a display unit that displays information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or more facilities. The plurality of servers include at least a first server and a second server. The display system further includes an image processing unit that causes the display unit to display an authentication window that accepts authentication for the first access to the first server. When the authentication for the first access is successful, the image processing unit causes the display unit to display a main window relating to the first information acquired from the first server. Further, the image processing unit causes the display unit to display a sub-window relating to the second information acquired from the second server by the second access to the second server in response to the selection operation on the main window.

According to the present disclosure, there is an advantage that it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

FIG. 1 is a conceptual diagram showing a configuration of an integrated system including an authentication system and a display system according to an embodiment. FIG. 2 is a conceptual diagram for explaining an authentication window and a main window in the same display system. FIG. 3 is a conceptual diagram for explaining a main window and a sub window in the same display system. FIG. 4 is a conceptual diagram for explaining a main window and a sub window in the same display system. FIG. 5 is an explanatory diagram of an operation example in the same integrated system.

(1) Outline Each figure described in the following embodiments is a schematic view, and the ratio of the size and the thickness of each component in each figure does not necessarily reflect the actual dimensional ratio. Not necessarily.

The authentication method according to the present embodiment is an authentication method for a plurality of servers 2 of the integrated system 1 that performs at least one of monitoring, management, and control in one or a plurality of facilities F1 (two in FIG. 1) (FIG. 1). 1). The plurality of servers 2 includes at least a first server 21 and a second server 22 (only these two are shown in FIG. 1). Further, here, the plurality of servers 2 further include an ID management server 8.

In the following, as an example, the integrated system 1 has a function as an entry / exit management system for managing entry / exit in facility F1 such as an office building and monitoring one or more areas 4 in facility F1. Is assumed. In other words, the integrated system 1 performs "management" and "monitoring" within the facility F1. However, the integrated system 1 has a function as a BEMS (Building Energy Management System) that "controls" and "manages" electrical equipment in the facility F1 instead of (or in addition to) the function of entry / exit management. You may. In addition to office buildings, facility F1 includes theaters, movie theaters, public halls, amusement halls, complex facilities, restaurants, department stores, schools, hotels, inns, hospitals, nursing homes, kindergartens, libraries, museums, art galleries, underground streets, and stations. , Non-residential facilities such as airports. In addition to non-residential facilities, facility F1 may be a detached house or an apartment such as an apartment.

When there are a plurality of facilities F1 managed and monitored by the integrated system 1, the plurality of facilities F1 may be facilities existing in a specific area (for example, in the same town) or in areas separated from each other (for example, prefectures). It may be a facility that exists in each of the straddling areas).

The first server 21 and the second server 22 have jurisdiction over the information regarding the two facilities F1 respectively. The facility F1 under the jurisdiction of the first server 21 may be referred to as the first facility F11, and the facility F1 under the jurisdiction of the second server 22 may be referred to as the second facility F12. However, the object under the jurisdiction of each server 2 does not have to be the unit of the facility F1. For example, the first server 21 controls the lower floors of a certain facility F1, and the second server 22 controls the upper floors of the facility F1. You may have jurisdiction over the floor.

Here, the authentication method includes a first step, a second step, and a third step. In the first step, the authentication for the first access to the first server 21 is accepted. In the second step, when the authentication for the first access is successful, the first access is enabled. In the third step, when the authentication for the first access is successful, the authentication process for the second access to the second server 22 is further executed to enable the second access. In the following, it is assumed that the first to third steps of the authentication method are executed by the ID management server 8 (see FIG. 1) of the integrated system 1.

According to this configuration, when the authentication for the first access is successful, the authentication process for the second access is executed without accepting the authentication for the second access to the second server 22, and the second access is performed. To enable. Therefore, for the user who uses the integrated system 1 (for example, the administrator or the monitor of the facility F1), after inputting the authentication for the first access, further inputting the authentication for the second access is performed. You can save time and effort. As a result, it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

Further, the display method according to one aspect of the present embodiment is a display method of a display system 6 (see FIG. 1) having a display unit 61 for displaying information about a plurality of servers 2 of the integrated system 1 on a screen. Here, the display system 6 is applied to the monitoring device 5 which is separate from the ID management server 8.

Here, the display method includes a first step and a second step. In the first step, a first window (authentication window W1: see FIG. 2) that accepts authentication for the first access to the first server 21 is displayed on the display unit 61. When the authentication for the first access is successful in the second step, the second window (main window W2: see FIG. 2) is displayed on the display unit 61. The second window (main window W2) is the first information acquired from the first server 21 and the second access acquired from the second server 22 by the second access to the second server 22 executed with the success of the authentication. 2 Information and.

According to this configuration, when the authentication for the first access is successful, the second window regarding the first information acquired from the first server 21 and the second information acquired from the second server 22 ( The main window W2) is displayed. Therefore, it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

Further, the display method according to another aspect of the present embodiment includes an authentication display step, a main display step, and a sub display step. In the authentication display step, the authentication window W1 that accepts the authentication for the first access to the first server 21 is displayed on the display unit 61. In the main display step, when the authentication for the first access is successful, the main window W2 regarding the first information acquired from the first server 21 is displayed on the display unit 61. In the sub-display step, the sub-window W3 relating to the second information acquired from the second server 22 by the second access to the second server 22 is displayed on the display unit 61 in response to the selection operation on the main window W2.

According to this configuration, when the authentication for the first access is successful, the main window W2 regarding the first information acquired from the first server 21 is displayed, and regarding the second information acquired from the second server 22. The sub window W3 is displayed. Therefore, it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

(2) Details Hereinafter, the overall configuration of the integrated system 1 according to the present embodiment will be described in detail with reference to FIGS. 1 to 5.

(2.1) Overall Configuration As shown in FIG. 1, the integrated system 1 according to the present embodiment has a monitoring device 5, an ID management server 8 (authentication server), and a first group G1 having jurisdiction over the first facility F11. And a second group G2 that has jurisdiction over the second facility F12. As described above, the integrated system 1 has a function as an entry / exit management system as an example.

(2.2) Room entry / exit management The first group G1 and the second group G2 will be described below.

As shown in FIG. 1, the first group G1 is composed of, for example, a first server 21 and a plurality of (three in the illustrated example) controllers 3 (equipment). The first group G1 may further include one or more imaging units (equipment: eg cameras) installed in one or more areas 4 within the first facility F11. The first group G1 may further include one or more motion sensors (equipment) that are installed in one or more areas 4 and detect a person existing in the area 4. Each area 4 may correspond to, for example, one floor.

Each controller 3 is installed near the door (security gate) of the area where restrictions should be set for admission, entry, etc. in the first facility F11, and controls the unlocking and locking of the door. Each controller 3 is communicably connected to, for example, a card reader capable of reading the identification information from a non-contact IC (Integrated Circuit) card having the identification information to which a specific authority is given. When the user using the first facility F11 brings the non-contact IC card closer to the card reader, the controller 3 authenticates the identification information, and if the authentication is successful, unlocks the door. Each controller 3 may be communicably connected to an operation panel for inputting a personal identification number. Each controller 3 may be communicably connected to a device having an authentication function such as a fingerprint, an iris, or a voiceprint.

The first server 21 is one server that constitutes the "plurality of servers 2" in the present disclosure. The first server 21 is, for example, a Web server. The first server 21 is installed in a room (server management room, etc.) in the first facility F11. The first server 21 is connected to a plurality of controllers 3, an image pickup unit, a motion sensor, and the like belonging to the first group G1 so as to be able to communicate (either wired or wireless). The first server 21 manages the "first target". The "first target" referred to here is a plurality of controllers 3 (equipment) and area 4 of the first facility F11. Here, it is assumed that the first server 21 is composed of one server device, but it may be composed of a plurality of server devices.

The first server 21 receives a signal from each controller 3 of the first group G1 including an identifier that can identify the controller 3, door opening / closing information, and the like. Further, the first server 21 receives a signal including an identifier that can identify the image pickup unit and the captured image (information) from each image pickup unit of the first group G1. Further, the first server 21 receives from each motion sensor of the first group G1 a detection signal including an identifier that can identify the motion sensor and the fact that a person has been detected. That is, the first server 21 is a management server that manages various information received from equipment such as the controller 3 of the first group G1. Further, the first server 21 manages map information of one or a plurality of areas 4 (first map information of one or a plurality of first areas 41) in the first facility F11.

The first server 21 can communicate with the monitoring device 5 and the ID management server 8 via a gateway in the first facility F11 connected to a public network such as the Internet. When the first server 21 receives the ID information (operator ID) and password required for the authentication process in the ID management server 8 from the monitoring device 5, the first server 21 transfers the ID information (operator ID) and the password to the ID management server 8. When the first server 21 receives the authentication result from the ID management server 8, it transmits it to the monitoring device 5. Further, the first server 21 monitors the information received from the equipment such as the controller 3 belonging to the first group G1 and the first map information (when the authentication for the first access described later is successful). Send to.

As shown in FIG. 1, the second group G2 is composed of, for example, a second server 22 and a plurality of (three in the illustrated example) controllers 3 (equipment). The second group G2 may further include one or more imaging units (equipment: for example, a camera) and one or more motion sensors (equipment), similarly to the first group G1.

Since each controller 3 of the second group G2 has substantially the same configuration as the controller 3 of the first group G1, the description thereof will be omitted.

The second server 22 is one server that constitutes the "plurality of servers 2" in the present disclosure. The second server 22 is, for example, a Web server. The second server 22 is installed in a room (server management room, etc.) in the second facility F12. The second server 22 is connected to a plurality of controllers 3, an image pickup unit, a motion sensor, and the like belonging to the second group G2 in a communicable manner (either wired or wireless). The second server 22 manages the "second target". The "second target" referred to here is a plurality of controllers 3 (equipment) and area 4 of the second facility F12. That is, the second server 22 manages the "second target" different from the "first target" of the first server 21. Here, the second server 22 is assumed to be composed of one server device, but may be composed of a plurality of server devices.

The second server 22 receives from each controller 3 of the second group G2 a signal including an identifier that can identify the controller 3, door opening / closing information, and the like. Further, the second server 22 receives a signal including an identifier that can identify the image pickup unit and the captured image (information) from each image pickup unit of the second group G2. Further, the second server 22 receives from each motion sensor of the second group G2 a detection signal including an identifier that can identify the motion sensor and the fact that a person has been detected. That is, the second server 22 is a management server that manages various information received from equipment such as the controller 3 of the second group G2. Further, the second server 22 manages map information of one or a plurality of areas 4 (second map information of one or a plurality of second areas 42) in the second facility F12.

The second server 22 can communicate with the monitoring device 5 and the ID management server 8 via a gateway in the second facility F12 connected to a public network such as the Internet. When the second server 22 receives the ID information (operator ID) and password required for the authentication process in the ID management server 8 from the monitoring device 5, the second server 22 transfers the ID information (operator ID) and the password to the ID management server 8. When the second server 22 receives the authentication result from the ID management server 8, it transmits it to the monitoring device 5. Further, the second server 22 sends the information received from the equipment such as the controller 3 of the second group G2, the second map information, and the like to the monitoring device 5 (when the authentication for the first access described later is successful). Send.

(2.3) Monitoring device The monitoring device 5 can be used by a monitor (or manager) who collectively monitors a plurality of facilities F1. The monitoring device 5 can communicate with a plurality of servers 2. The monitoring device 5 is installed in a monitoring room or the like in, for example, a security company or a plurality of facilities F1. The monitoring device 5 is configured as, for example, a personal computer to which a display unit 61 described later is attached.

The monitoring device 5 includes an image processing unit 60, a display unit 61, and the like. The image processing unit 60 and the display unit 61 constitute the "display system 6" in the present disclosure.

As shown in FIGS. 2 to 4, the display unit 61 has a display screen 610 including, for example, a liquid crystal display. The display unit 61 displays the image generated by the image processing unit 60. The display unit 61 may be provided integrally with the housing accommodating the image processing unit 60, or may be provided separately.

The image processing unit 60 includes, for example, a computer system. A computer system mainly comprises one or more processors and one or more memories as hardware. The function of the image processing unit 60 is realized by executing a program recorded in one or more memories of a computer system by one or more processors. The program is pre-recorded in one or more memories of the computer system. The program may be provided through a telecommunication line, or may be recorded and provided on a non-temporary recording medium such as a memory card, an optical disk, or a hard disk drive that can be read by a computer system.

The image processing unit 60 causes the display unit 61 to display information on the plurality of servers 2 on the screen.

The image processing unit 60 displays the authentication window W1 (see FIG. 2) for accepting the authentication for the first access to the first server 21 on the display screen 610 of the display unit 61. Specifically, the authentication window W1 includes an input area for receiving input of information necessary for first access to the first server 21. As shown in FIG. 2, the input area is two areas for inputting the ID information (operator ID) and the password (hereinafter, may be collectively simply referred to as "input information") given to the observer. including. The authentication window W1 further includes a transmission button area for confirming transmission of the input information to the first server 21 after inputting the input information. When the observer moves the cursor to the input area using the mouse to input the input information and then clicks the send button area with the pointer, the monitoring device 5 sends an authentication request signal including the input information to the first server 21. Send.

The authentication window W1 includes a menu bar at the upper end in addition to the input area. The authentication window W1 can be closed by clicking the area marked with "x" at the right end of the menu bar with the pointer.

The authentication window W1 is displayed together with the main window W2 (application screen) described later by activating the dedicated management application software (hereinafter, simply referred to as “management software”) pre-installed in the monitoring device 5. Is displayed in. The authentication window W1 is displayed on the screen in, for example, a Web browser format.

As described above, the image processing unit 60 causes the display unit 61 to display the main window W2 by starting the management software. The main window W2 is a vertically long window for presenting information acquired from a plurality of servers 2. The main window W2 is a window in a frame separate from the authentication window W1, and is output side by side on the left side of the authentication window W1.

As shown in FIGS. 2 to 4, the main window W2 includes an operation area B1 and a display area B2.

The operation area B1 includes five square small areas B10 (see FIG. 2), respectively, represented by “1” to “5”. Hereinafter, when the five small regions B10 are distinguished from each other, they may be referred to as small regions B11 to B15 in order from the left. The five small areas B10 present to the observer whether the connection status related to the plurality of servers 2 (excluding the ID management server 8) is "connected" or "not connected" (status information) by different colors. .. For example, the color of the small area B11 indicates the connection state of the first server 21, and the color of the small area B12 indicates the connection state of the second server 22. The small areas B13 to B15 show the connection states of the third to fifth servers (not shown in FIG. 1). That is, the main window W2 (second window) includes state information indicating the state of access to the first server 21 and the second server 22.

Immediately after starting the management software, if the authentication for accessing the first server 21 has not been completed yet, the colors of the five small areas B10 are all gray indicating that they are "not connected" (FIG. 2). Reference: Light dot hatching in the illustrated example). When the connection state to the server 2 becomes "connected", the image processing unit 60 changes, for example, the color of the small area B10 corresponding to the server 2 to white.

Further, the operation area B1 functions as an area for receiving a selection operation from the observer. If the connection state to the server 2 is "connection", the observer can select by clicking the small white area B10 indicating that the connection is in progress with a pointer, for example, using a mouse. The image processing unit 60 causes the display unit 61 to display information about the server 2 corresponding to the selected small area B10 as a sub-window W3 described later. Further, the image processing unit 60 changes the color of the selected small area B10 from white to green (see FIGS. 3 and 4: dark dot hatching in the illustrated example).

As shown in FIGS. 2 to 4, the main window W2 further includes a name area B3 for displaying the name of the facility F1 in characters. The name area B3 is arranged immediately below the operation area B1. The monitoring device 5 stores, for example, data in which the identification information and the name information of each server 2 are associated with each other in the storage unit of the own machine. The storage unit is composed of a device selected from ROM (Read Only Memory), RAM (Random Access Memory), EEPROM (Electrically Erasable Programmable Read Only Memory), and the like. The image processing unit 60 refers to the data in the storage unit and causes the display unit 61 to display the name (name information) of the server 2 corresponding to the (green) small area B10 currently being selected in the operation area B1. .. If the connection status to all the servers 2 is "not connected" and the selected small area B10 does not exist, the name area B3 is blank as shown in FIG.

The display area B2 is an area for displaying event information. Based on the information acquired from all the servers 2 (excluding the ID management server 8) whose connection status is "connection", the image processing unit 60 displays information (notification information) about the event generated in the server 2 in characters. Output to the display area B2. In other words, the main window W2 provides information (including the first information acquired from the first server 21 and the second information acquired from the second server 22) for notifying the observer (user) who has succeeded in authentication. Includes broadcast information based on.

Each of the plurality of event columns B20 indicated by "No. 001", "No. 002", "No. 003" ... In the display area B2 presents one event information. Each event column B20 includes, for example, a five-line content display area B21.

For example, date and time information regarding the date and time when the event occurred can be output to the content display area B21 on the first line of each event column B20.

In the content display area B21 on the second line of each event column B20, for example, location information regarding the location where the event has occurred can be output. The location information includes information that can identify the facility F1, information that can identify the server 2, information that can identify the controller 3, information that can identify the door that the controller 3 corresponds to, and the like. The identifiable information may be name information or code information. In short, since the broadcast information includes the location information under the jurisdiction of the server 2, it can be said that the broadcast information includes information that can identify the first server 21 or the second server 22. Therefore, since it is possible to know which server 2 the broadcast information is related to through the main window W2, operations such as management or monitoring are further improved.

Information that can identify the type of event can be output to the content display area B21 of the third to fifth lines of each event column B20. The types of events are, for example, communication abnormalities, locking / unlocking abnormalities, recovery of communication abnormalities, and detection of suspicious persons.

The image processing unit 60 outputs the event information of all the servers 2 (excluding the ID management server 8) whose connection state is "connected" to the event column B20 in real time. The latest event information is always output to the event column B20 of "No. 001". Every time the latest event information is output, the old event information is output in the order of "No. 002" and "No. 003".

The image processing unit 60 has a secondary window W3 (see FIG. 4: a second described later) relating to the second information acquired from the second server 22 by the second access in response to the selection operation to the operation area B1 on the main window W2. The sub-window W32) is displayed on the display unit 61. In particular, the image processing unit 60 executes screen transitions related to the plurality of sub-windows W3 in response to the selection operation to the operation area B1 on the main window W2.

The plurality of sub-windows W3 include, for example, a first sub-window W31 (see FIG. 3) and a second sub-window W32 (see FIG. 4). Each sub-window W3 is displayed on the screen in, for example, a Web browser format. The first sub-window W31 shows the first map information about one or more first areas 41 under the jurisdiction of the first server 21. The second sub-window W32 shows the second map information about one or more second areas 42 under the jurisdiction of the second server 22. The first map information may be included in the first information. The second map information can be included in the second information.

For example, when the white small area B11 indicating that the connection state of the first server 21 is "connected" is clicked, the image processing unit 60 displays the first sub-window W31 showing the first map information in the display unit 61. To display. Here, when the white small area B12 indicating that the connection state of the second server 22 is “connected” is clicked, the image processing unit 60 switches the first sub-window W31 to the second sub-window W32. .. In this case, the image processing unit 60 may close the first sub-window W31 to hide it, or move the first sub-window W31 so as to hide behind the second sub-window W32 to hide it. Good. In short, the main window W2 includes an operation area B1 for switching between the first map information and the second map information, and the first sub window W31 and the second sub window W32 are arranged according to the selection operation for the operation area B1. It is switchable.

The switching of the map information does not have to be linked to the switching between the first sub-window W31 and the second sub-window W32 by the click operation to the operation area B1. For example, the operation area for map switching may be displayed in the main window W2, and the map information to be displayed in the first sub window W31 may be switched on a floor-by-floor basis according to the operation for the operation area for map switching. .. Alternatively, for example, an icon corresponding to each floor may be displayed on the first sub-window W31, and the map information to be displayed on the first sub-window W31 may be switched for each floor by clicking the icon.

The sub-window W3 also includes a menu bar at the top. When a plurality of first areas 41 exist (when a plurality of floors exist), the first map information displayed in the first sub-window W31 can be selected from a plurality of first areas 41 through the menu bar. May be good. Similarly, when a plurality of second areas 42 exist, the second map information displayed in the second sub-window W32 may be selected from the plurality of second areas 42 through the menu bar.

(2.4) ID Management Server The ID management server 8 collectively manages a plurality of operator IDs and passwords, and executes an authentication process. The ID management server 8 can communicate with the first server 21 and the second server 22. The ID management server 8 is one server that constitutes the "plurality of servers 2" in the present disclosure. The ID management server 8 stores, for example, reference data associated with a plurality of operator IDs and passwords in a storage unit of its own machine. The storage unit is composed of a device selected from ROM, RAM, EEPROM, and the like. In the reference data, each operator ID is also associated with the authority level regarding viewing of the information acquired from the server 2. For example, an observer who is given an operator ID with the highest authority level can view all the information, and as the authority level goes down, the information that can be viewed is restricted.

The ID management server 8 is assumed to be composed of one server device, but may be composed of a plurality of server devices. In particular, the function of the ID management server 8 may be provided in each of the first server 21 and the second server 22, for example. Further, the ID management server 8 may collectively manage the identification information regarding the IC card owned by the user who uses the facility F1.

Like the monitoring device 5, the ID management server 8 may be installed in a monitoring room or the like in, for example, a security company or a plurality of facilities F1, or is installed in a place different from the monitoring device 5. May be good.

As shown in FIG. 1, the ID management server 8 has a control unit 70. The control unit 70 includes, for example, a computer system. A computer system mainly comprises one or more processors and one or more memories as hardware. The function of the control unit 70 is realized by executing a program recorded in one or more memories of a computer system by one or more processors. The program is pre-recorded in one or more memories of the computer system. The program may be provided through a telecommunication line, or may be recorded and provided on a non-temporary recording medium such as a memory card, an optical disk, or a hard disk drive that can be read by a computer system.

The control unit 70 has a reception unit 71 and an authentication processing unit 72. In other words, the control unit 70 has a function as a reception unit 71 and a function as an authentication processing unit 72. The reception unit 71 and the authentication processing unit 72 constitute the "authentication system 7" in the present disclosure.

The reception unit 71 is configured to accept authentication for the first access to the first server 21. That is, when the input information (operator ID and password) is input to the authentication window W1 by the monitoring device 5, the ID management server 8 requests the authentication including the input information from the monitoring device 5 via the first server 21. Receive a signal. The reception unit 71 receives the authentication (request) for the first access by receiving the authentication request signal.

The authentication processing unit 72 is configured to execute an authentication process regarding the success or failure of the authentication for the first access. In the authentication process, the authentication processing unit 72 searches the reference data in the storage unit of the ID management server 8 for data that matches the input information included in the received authentication request signal. If there is matching data, the authentication processing unit 72 determines that the authentication is successful. If there is no matching data, the authentication processing unit 72 determines that the authentication has failed.

The authentication processing unit 72 enables the first access when the authentication for the first access is successful. That is, when the authentication processing unit 72 determines that the first server 21 has "successful authentication", the authentication processing unit 72 transmits an authentication result signal including an instruction for permitting the first access to the monitoring device 5 via the first server 21. .. That is, the first server 21 also obtains information that the authentication has been successful. When the monitoring device 5 receives the authentication result signal including the instruction for permitting the first access, the monitoring device 5 changes the color of the small area B11 corresponding to the first server 21 from gray to white, and the connection state of the first server 21 is changed. Presents that is a "connection". It is desirable that the monitoring device 5 display a message including "authentication success" on the display unit 61. Then, since the first access is permitted, the monitoring device 5 can acquire the first information (map information and the like) from the first server 21 and can display it on the display unit 61.

When the authentication processing unit 72 determines that the first server 21 has "authentication failure", the authentication processing unit 72 transmits an authentication result signal including an instruction for disallowing the first access to the monitoring device 5 via the first server 21. That is, the first server 21 also obtains information that the authentication has failed. When the monitoring device 5 receives the authentication result signal including the instruction for disallowing the first access, the monitoring device 5 keeps the color of the small area B11 corresponding to the first server 21 gray, and the connection state of the first server 21 is changed. Present that you are "not connected". It is desirable that the monitoring device 5 display a message including "authentication failure" on the display unit 61. Since the first access is denied, the monitoring device 5 cannot acquire the first information (map information, etc.) from the first server 21.

Here, when the authentication processing unit 72 of the present embodiment succeeds in the authentication for the first access, the authentication processing unit 72 further executes the authentication process for the second access to the second server 22 (if the authentication is successful). 2 Enable access. That is, the authentication processing unit 72 automatically executes the authentication processing related to the second access without the reception unit 71 receiving the authentication (request) for the second access to the second server 22. Therefore, the observer does not need to input the input information for obtaining the permission of the second access to the second server 22 in the authentication window W1.

Here, as an example, the operator ID is linked in the reference data so as to have not only the authority of the first access to the first server 21 but also the authority of the access to the second server 22 and the third to fifth servers. It is attached. In short, the operator ID of the first server 21 and the operator ID of the second server 22 are, for example, common. Therefore, unless there is an abnormality such as a communication error or a setting error such as an operator ID and a password, the second access is substantially permitted when the authentication process relating to the second access to the second server 22 is executed.

It is desirable that the password is different between the first server 21 and the second server 22. The ID management server 8 stores information in which the first password for the first server 21 and the second password for the second server 22 are associated with each other. When the input information includes the first password, the second password associated with the first password is used when the authentication process related to the second access is automatically executed.

However, the password may be common to the first server 21 and the second server 22 as well as the operator ID. Further, conversely, the password is common to the first server 21 and the second server 22, and the operator ID may be different between the first server 21 and the second server 22. In this case, the ID management server 8 may store information in which the first operator ID for the first server 21 and the second operator ID for the second server 22 are associated with each other. When the input information includes the first operator ID, the second operator ID associated with the first operator ID is used when the authentication process related to the second access is automatically executed.

The authentication processing unit 72 enables the second access when the authentication for the second access is successful. When the authentication processing unit 72 determines that the second server 22 has "successful authentication", the authentication processing unit 72 transmits an authentication result signal including an instruction for permitting the second access to the monitoring device 5 via the second server 22. That is, the second server 22 also obtains information that the authentication has been successful. When the monitoring device 5 receives the authentication result signal including the instruction for permitting the second access, the monitoring device 5 changes the color of the small area B12 corresponding to the second server 22 from gray to white, and the connection state of the second server 22 is changed. Presents that is a "connection". It is desirable that the monitoring device 5 display a message including "authentication success" of the second server 22 on the display unit 61. Then, since the second access is permitted, the monitoring device 5 can acquire the second information (map information and the like) from the second server 22 and can display it on the display unit 61.

When the authentication processing unit 72 determines that the second server 22 has "authentication failure", the authentication processing unit 72 transmits an authentication result signal including an instruction for disallowing the second access to the monitoring device 5 via the second server 22. That is, the second server 22 also obtains information that the authentication has failed. When the monitoring device 5 receives the authentication result signal including the instruction for disallowing the second access, the monitoring device 5 keeps the color of the small area B12 corresponding to the second server 22 gray, and the connection state of the second server 22 is changed. Present that it is "not connected". It is desirable that the monitoring device 5 display a message including "authentication failure" on the display unit 61. Since the second access is denied, the monitoring device 5 cannot acquire the second information (map information, etc.) from the second server 22. As described above, the "authentication failure" of the second server 22 is highly likely to be caused by a communication error or a setting error such as an operator ID and password. Therefore, a message including that fact is displayed on the display unit 61. Is desirable.

Even if the authentication processing unit 72 determines that the authentication processing related to the server 2 other than the first server 21 is "authentication failure", the authentication processing unit 72 changes the target server 2 and executes the authentication processing. Specifically, even if the authentication processing unit 72 determines that the second server 22 has "authentication failure", the authentication processing unit 72 sequentially executes the authentication processing related to the third to fifth servers. When the authentication processing unit 72 determines that "authentication failed" in the authentication processing of the second server 22 or later, the authentication processing may be retried at least once.

(2.5) Operation of Integrated System The operation of the integrated system 1 when the observer performs the monitoring work using the monitoring device 5 will be described below.

[Operation example related to authentication]
First, an operation example related to authentication will be described with reference to FIG.

The observer starts the management software on the monitoring device 5 (step S1). The monitoring device 5 displays the authentication window W1 and the main window W2 on the display unit 61 (step S2). In other words, the authentication window W1 (first window) that accepts the authentication for the first access to the first server 21 is displayed on the display unit 61 (first step of the display method and the authentication display step of the display method). .. At this point, the main window W2 may not be displayed.

The observer inputs the operator ID and password (input information) in the authentication window W1 (step S3). When the observer inputs the input information and clicks on the send button area, the authentication window W1 may be closed.

When the monitoring device 5 receives the input information from the monitor, it transmits an authentication request signal including the input information to the first server 21 (step S4). The first server 21 transmits the authentication request signal received from the monitoring device 5 to the ID management server 8 (step S5).

The ID management server 8 receives the authentication request signal received from the first server 21. In other words, the reception unit 71 of the ID management server 8 accepts the authentication for the first access to the first server 21 (step S6: first step of the authentication method).

The authentication processing unit 72 of the ID management server 8 executes the authentication process based on the input information (step S7). Then, when the authentication for the first access is successful, the ID management server 8 enables the first access (second step of the authentication method). That is, the ID management server 8 transmits an authentication result signal including an instruction for permitting the first access to the first server 21 (step S8). If the authentication fails, the ID management server 8 transmits an authentication result signal including an instruction for disallowing the first access to the first server 21. The first server 21 transmits the authentication result signal received from the ID management server 8 to the monitoring device 5 (step S9).

Here, when the authentication processing unit 72 of the ID management server 8 succeeds in the authentication for the first access, the authentication processing unit 72 further executes the authentication process (step S10) for the second access to the second server 22 to perform the second access. (Third step of the authentication method). That is, the ID management server 8 sends an authentication result signal including an instruction for permitting the second access when the authentication for the second access is successful after the authentication for the first access is successful. It is transmitted to 22 (step S11). The second server 22 transmits the authentication result signal received from the ID management server 8 to the monitoring device 5 (step S12).

As a result, in the monitoring device 5, the first access to the first server 21 is permitted, and the second access to the second server 22 is also permitted. That is, the monitoring device 5 can acquire the first information (map information and the like) from the first server 21 (step S13), and can display the information on the display unit 61. Further, the monitoring device 5 can acquire the second information (map information and the like) from the second server 22 (step S13), and can display the information on the display unit 61. The monitoring device 5 makes the colors of the small areas B11 and B12 of the operation area B1 in the main window W2 white, and presents that the connection state of the first server 21 and the second server 22 is "connection".

If the authentication fails, the monitoring device 5 cannot acquire information from the corresponding server 2. In particular, if the authentication for the first access to the first server 21 fails, the authentication process for the second access to the second server 22 is not executed either, so that the monitoring device 5 is supplied from the first server 21 and the second server 22. I can't get the information.

After that, the image processing unit 60 of the monitoring device 5 sets the event information (notification information) in all the servers 2 (here, the first to fourth servers) whose connection state is "connection" as the "latest alarm display". Output to the display area B2 of the main window W2 in real time (step S14). In other words, the image processing unit 60 has a main window W2 (second window) relating to the first information (first event information) and the second information (second event information) when the authentication for the first access is successful. ) Is displayed on the display unit (61). (Second step of display method). In other words, the image processing unit 60 causes the display unit 61 to display the main window W2 regarding the first information acquired from the first server 21 when the authentication for the first access is successful (in the display method). Main display step).

That is, the display area B2 displays both the first event information and the second event information. The first event information is acquired from the first server 21. The first event information is information about an event that occurs in the first area 41 (see FIG. 3) under the jurisdiction of the first server 21. The second event information is acquired from the second server 22 by the second access to the second server 22 executed with the success of the authentication for the first access. The second event information is information about an event that occurs in the second area 42 (see FIG. 4) under the jurisdiction of the second server 22. In this way, the notification information including the first information (first event information) and the second information (second event information) is displayed in the main window W2, so that the observer knows the notification information through the main window W2. Therefore, operations such as management or monitoring are further improved.

Although detailed description will be omitted, the ID management server 8 has the third to third servers 2 (third to third, which have jurisdiction over the other three facilities F1) after executing the authentication process for the second access to the second server 22. The authentication process is also executed sequentially for the 5 servers). In the examples of FIGS. 3 and 4, the monitoring device 5 receives the authentication result for access to the third to fifth servers, makes the small areas B13 and B14 white, and makes the third server and the fourth server fourth. It also indicates that the server connection status is "connected". In the illustrated example, the fifth server has failed to authenticate. The monitoring device 5 keeps the color of the small area B15 gray to indicate that the connection state of the fifth server is "not connected".

[Operation example after authentication]
Next, an operation example after authentication will be described with reference to FIGS. 3 and 4.

The observer clicks the white small area B11 (“1”) in the main window W2 (indicating that the connection is in progress) with the pointer (selection of “1”).

The monitoring device 5 changes the color of the small area B11 from white to green indicating that the selection is being made in response to the click operation, and further, the first sub-window W31 (see FIG. 3) showing the first map information. ) Is displayed on the display unit 61 so as to be arranged on the right side of the main window W2. The first sub-window W31 includes first map information (for example, a plan view) of the first area 41 under the jurisdiction of the first server 21. The first map information may include markers indicating the positions of the door, the controller 3, the imaging unit, the motion sensor, and the like.

Further, the monitoring device 5 displays the name "office A building" of the first facility F11 under the jurisdiction of the first server 21 as information that can identify the currently selected first server 21 in the name area B3 of the main window W2. To do. In other words, the main window W2 contains information that can identify the first server 21.

When the observer clicks, for example, the marker of the imaging unit on the first map information indicated by the first sub-window W31 with the pointer, another window showing the image currently being imaged by the imaging unit is displayed as the first sub-window. It may be displayed in a pop-up on W31 so as to overlap. Further, when the observer clicks the marker of the controller 3 on the first map information indicated by the first sub window W31 with the pointer, the identification information related to the controller 3 and the history information related to locking / unlocking are popped up. Good.

For example, it is assumed that the observer finishes the monitoring work of the first area 41 under the jurisdiction of the first server 21, and then performs the monitoring work of the second area 42 under the control of the second server 22. The observer clicks the white small area B12 (“2”) in the main window W2 (indicating that the connection is in progress) with the pointer (selection of “2”).

Then, the monitoring device 5 changes the color of the small area B12 from white to green indicating that the selection is being made in response to the click operation, and further, the second sub-window W32 (FIG. 4) showing the second map information. (See) is displayed on the display unit 61 so as to be arranged on the right side of the main window W2. That is, the monitoring device 5 causes the display unit 61 to display the sub-window W3 regarding the second information acquired from the second server 22 by the second access to the second server 22 in response to the selection operation for the operation area B1. Sub-display step of the display method). In other words, the monitoring device 5 switches from the first sub-window W31 showing the first map information to the second sub-window W32 showing the second map information in response to the selection operation for the operation area B1 (screen transition: sub). Display step switching step).

The second sub-window W32 includes the second map information (for example, a plan view) of the second area 42 under the jurisdiction of the second server 22. Like the first map information, the second map information may include markers indicating the positions of the door, the controller 3, the imaging unit, the motion sensor, and the like.

Further, the monitoring device 5 displays the name “office B building” of the second facility F12 under the jurisdiction of the second server 22 as information that can identify the currently selected second server 22 in the name area B3 of the main window W2. To do. In other words, the main window W2 contains information that can identify the second server 22.

Similarly, when the observer clicks the small area B13 (or the small area B14) with the pointer, the sub-window W3 showing the map information of the area under the jurisdiction of the third server (or the fourth server) in response to the click operation. Switch to.

In the present embodiment, as described in the operation example described above, when the authentication for the first access is successful, the authentication process for the second access is performed without accepting the authentication for the second access to the second server 22. Execute to enable a second access. Therefore, for the user who uses the integrated system 1 (for example, the administrator or the monitor of the facility F1), after performing the input operation related to the authentication for the first access, the input operation related to the authentication for the second access is further performed. You can save the trouble of doing it. As a result, it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

Further, since the ID management server 8 executes the first to third steps of the authentication method, the configuration of the monitoring device 5 can be simplified as compared with the case where the authentication method is executed by the monitoring device 5 (management terminal), for example. Can be planned.

Further, as described in the operation example described above, the main window relating to the first information acquired from the first server 21 and the second information acquired from the second server 22 when the authentication for the first access is successful. W2 (second window) is displayed. Therefore, it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

Further, as described in the operation example described above, when the authentication for the first access is successful, the main window W2 regarding the first information acquired from the first server 21 is displayed, and the second window acquired from the second server 22 is displayed. A sub-window W3 regarding information is displayed. Therefore, it is possible to improve operations such as management or monitoring while suppressing deterioration of security related to data management.

Further, as described in the operation example described above, the main window W2 (second window) includes state information (difference in color of the small area B10 of the operation area B1) indicating the access state to the first server 21 and the second server 22. .. Therefore, since the access status to the server 2 can be known through the main window W2, the business such as management or monitoring is further improved. Further, since the screen transition is executed according to the selection operation for the operation area B1, the management work is further improved.

(3) Modified Example The above embodiment is only one of various embodiments of the present disclosure. The above-described embodiment can be changed in various ways depending on the design and the like as long as the object of the present disclosure can be achieved. The authentication system 7 according to the above embodiment may be embodied by an authentication method, a computer program, a non-temporary recording medium on which a computer program is recorded, or the like. Further, the same function as the display system 6 according to the above embodiment may be embodied by a display method, a computer program, a non-temporary recording medium on which the computer program is recorded, or the like.

Hereinafter, modifications of the above embodiment will be listed. The modifications described below can be applied in combination as appropriate. Hereinafter, the above embodiment may be referred to as a “basic example”.

The display system 6 and the authentication system 7 in the present disclosure include a computer system. The main configuration of a computer system is a processor and memory as hardware. When the processor executes the program recorded in the memory of the computer system, the functions as the display system 6 and the authentication system 7 in the present disclosure are realized. The program may be pre-recorded in the memory of the computer system, may be provided through a telecommunication line, and may be recorded on a non-temporary recording medium such as a memory card, optical disk, hard disk drive, etc. that can be read by the computer system. May be provided. A processor in a computer system is composed of one or more electronic circuits including a semiconductor integrated circuit (IC) or a large scale integrated circuit (LSI). The integrated circuit such as IC or LSI referred to here has a different name depending on the degree of integration, and includes an integrated circuit called a system LSI, VLSI (Very Large Scale Integration), or ULSI (Ultra Large Scale Integration). Further, an FPGA (Field-Programmable Gate Array) programmed after the LSI is manufactured, or a logical device capable of reconfiguring the junction relationship inside the LSI or reconfiguring the circuit partition inside the LSI should also be adopted as a processor. Can be done. A plurality of electronic circuits may be integrated on one chip, or may be distributed on a plurality of chips. The plurality of chips may be integrated in one device, or may be distributed in a plurality of devices. The computer system referred to here includes a microcontroller having one or more processors and one or more memories. Therefore, the microcontroller is also composed of one or more electronic circuits including a semiconductor integrated circuit or a large-scale integrated circuit.

Further, it is not an essential configuration for the display system 6 and the authentication system 7 that a plurality of functions in each of the display system 6 and the authentication system 7 are integrated in one housing. Each component of the display system 6 and the authentication system 7 may be distributed in a plurality of housings. On the contrary, a plurality of functions in each of the display system 6 and the authentication system 7 may be integrated in one housing. Further, at least a part of each function of the display system 6 and the authentication system 7, for example, a part of each function of the display system 6 and the authentication system 7 may be realized by a cloud (cloud computing) or the like.

In the basic example, the first to third steps of the authentication method are executed by the ID management server 8. However, the first to third steps of the authentication method may be executed by the other servers 2 other than the ID management server 8 or by the monitoring device 5 (management terminal). When the first to third steps of the authentication method are executed by another server 2 or the monitoring device 5, a dedicated authentication server (ID management server 8) becomes unnecessary, and for example, installation cost can be reduced. In particular, the function of the ID management server 8 may be provided in each of the first server 21 and the second server 22, for example. Even in this case, if the observer succeeds in logging in to the first server 21, the observer can automatically log in to the second server 22. Similarly, if the observer succeeds in logging in to the second server 22, the observer can automatically log in to the first server 21. Even if the number of servers 2 increases (third server, fourth server, etc.), each of these plurality of servers 2 is provided with the function of the ID management server 8, so that login can be started from which server 2. However, it is also possible to automatically log in to another server 2.

In the basic example, the first target of the first server 21 is a plurality of controllers 3 (equipment) and area 4 of the first facility F11, and the second target of the second server 22 is a plurality of controllers 3 (equipment) of the second facility F12. Controller 3 (equipment) and area 4. However, the first target may be the controller 3 of the first facility F11, and the second target may be the area 4 of the same first facility F11.

The authentication window W1, the main window W2, and the sub window W3 in the basic example are of a window display format including a menu bar at the upper end. However, the authentication window W1, the main window W2, and the sub window W3 may be a simple screen (image area). The authentication window W1 can be replaced with the authentication screen. The main window W2 can be replaced with the main screen. The sub window W3 can be replaced with the sub screen.

In the basic example, the authentication for the first access is performed first with the first server 21 as the starting point, but the authentication for the second access may be performed first with the second server 22 as the starting point. For example, the server 2 to be accessed first may be specified (for example, by URL information) from the menu bar of the authentication window W1.

The monitoring device 5 may be, for example, a tablet-type mobile terminal. The display unit 61 may be a touch panel type display. For example, the screen transition of the plurality of sub-windows W3 may be possible by touching the operation area B1.

(4) Summary As described above, the authentication method according to the first aspect is a plurality of servers of an integrated system (1) that performs at least one of monitoring, management, and control in one or a plurality of facilities (F1). This is the authentication method for (2). The plurality of servers (2) include at least a first server (21) and a second server (22). The authentication method includes a first step, a second step, and a third step. In the first step, the authentication for the first access to the first server (21) is accepted. In the second step, when the authentication for the first access is successful, the first access is enabled. In the third step, when the authentication for the first access is successful, the authentication process for the second access to the second server (22) is further executed to enable the second access. According to the first aspect, it is possible to provide an authentication method capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

Regarding the authentication method according to the second aspect, in the first aspect, the first server (21) performs at least one of monitoring, management, and control regarding the first object. The second server (22) performs at least one of monitoring, management, and control of a second target different from the first target. The first object is at least one of the equipment (controller 3) and the area (4) in one or more facilities (F1). According to the second aspect, for the first server (21) and the second server (22), which have different targets, the operation such as management or monitoring is improved while suppressing the deterioration of security related to data management. be able to.

Regarding the authentication method according to the third aspect, in the first aspect or the second aspect, in the management terminal (for example, the monitoring device 5) in the integrated system (1), the first step, the second step, and the third step. Perform the steps. The management terminal (for example, the monitoring device 5) is communicably connected to the first server (21) and the second server (22). According to the third aspect, a dedicated authentication server becomes unnecessary, and for example, installation costs can be reduced.

Regarding the authentication method according to the fourth aspect, in the first aspect or the second aspect, in any of the plurality of servers (2) (for example, the ID management server 8), the first step, the second step, And perform the third step. According to the fourth aspect, the configuration of the management terminal can be simplified as compared with the case where it is executed by the management terminal (for example, the monitoring device 5).

The display method according to the fifth aspect displays information on a plurality of servers (2) of the integrated system (1) that performs at least one of monitoring, management, and control in one or a plurality of facilities (F1). This is a display method of a display system (6) having a display unit (61). The plurality of servers (2) include at least a first server (21) and a second server (22). The display method includes a first step and a second step. In the first step, the first window (authentication window W1) that accepts the authentication for the first access to the first server (21) is displayed on the display unit (61). In the second step, when the authentication for the first access is successful, the second window (main window W2) is displayed on the display unit (61). The second window (main window W2) is the second server (22) due to the first information acquired from the first server (21) and the second access to the second server (22) executed with the success of authentication. ) And the second information. According to the fifth aspect, it is possible to provide a display method capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

Regarding the display method according to the sixth aspect, in the fifth aspect, the second window (main window W2) includes the first information and the notification information based on the second information for notifying the user who succeeded in the authentication. .. According to the sixth aspect, since the broadcast information can be known through the second window (main window W2), the business such as management or monitoring is further improved.

Regarding the display method according to the seventh aspect, in the sixth aspect, the broadcast information includes information that can identify the first server (21) or the second server (22). According to the seventh aspect, since it is possible to know which server (2) the broadcast information is related to through the second window (main window W2), operations such as management or monitoring are further improved.

Regarding the display method according to the eighth aspect, in any one of the fifth to seventh aspects, the second window (main window W2) has access to the first server (21) and the second server (22). Contains state information indicating the state. According to the eighth aspect, since the access status of the server (2) can be known through the second window (main window W2), the business such as management or monitoring is further improved.

The display method according to the ninth aspect displays information on a plurality of servers (2) of the integrated system (1) that performs at least one of monitoring, management, and control in one or a plurality of facilities (F1). This is a display method of a display system (6) having a display unit (61). The plurality of servers (2) include at least a first server (21) and a second server (22). The display method includes an authentication display step, a main display step, and a sub display step. In the authentication display step, the authentication window (W1) that accepts the authentication for the first access to the first server (21) is displayed on the display unit (61). In the main display step, when the authentication for the first access is successful, the main window (W2) regarding the first information acquired from the first server (21) is displayed on the display unit (61). In the sub-display step, the sub-window (W3) relating to the second information acquired from the second server (22) by the second access to the second server (22) is displayed in response to the selection operation on the main window (W2). , Displayed on the display unit (61). According to the ninth aspect, it is possible to provide a display method capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

With respect to the display method according to the tenth aspect, in the ninth aspect, the main window (W2) includes information that can identify the first server (21) or the second server (22). According to the tenth aspect, since the server (2) can be identified through the main window (W2), the business such as management or monitoring is further improved.

Regarding the display method according to the eleventh aspect, in the ninth aspect or the tenth aspect, the main window (W2) provides state information indicating the access state to the first server (21) and the second server (22). Including. According to the eleventh aspect, since the access status of the server (2) can be known through the main window (W2), the business such as management or monitoring is further improved.

With respect to the display method according to the twelfth aspect, in any one of the ninth to eleventh aspects, the main window (W2) includes the operation area (B1). In the sub-display step, screen transitions related to a plurality of sub-windows (W3) including the sub-window (W3) are executed according to the selection operation for the operation area (B1). According to the twelfth aspect, since the screen transition is executed in response to the selection operation for the operation area (B1), the work such as management or monitoring is further improved.

Regarding the display method according to the thirteenth aspect, in any one of the ninth to twelfth aspects, the first information is the first information relating to an event occurring in the first area (41) under the jurisdiction of the first server (21). 1 Includes at least event information. The second information includes at least the second event information regarding the event occurring in the second area (42) under the jurisdiction of the second server (22). The main window (W2) includes a display area (B2) for displaying both the first event information and the second event information. According to the thirteenth aspect, since both the first event information and the second event information can be known through the display area (B2), the business such as management or monitoring is further improved.

Regarding the display method according to the fourteenth aspect, in any one of the ninth to thirteenth aspects, the first information is the first map information regarding the first area (41) under the jurisdiction of the first server (21). At least include. The second information includes at least the second map information regarding the second area (42) under the jurisdiction of the second server (22). The main window (W2) includes an operation area (B1) for switching between the first map information and the second map information. The sub-display step consists of a first sub-window (W31) showing the first map information and a second sub-window (W3) showing the second map information as the sub-window (W3) according to the selection operation for the operation area (B1). W32) and a switching step for switching are included. According to the fourteenth aspect, since the switching between the first sub-window (W31) and the second sub-window (W32) can be easily performed, the work such as management or monitoring is further improved.

The program according to the fifteenth aspect causes one or more processors to execute the authentication method in any one of the first to fourth aspects or the display method in any one of the fifth to fourteenth aspects. It is a program for. According to the fifteenth aspect, it is possible to provide a function capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

The authentication system (7) according to the sixteenth aspect authenticates a plurality of servers (2) of the integrated system (1) that performs at least one of monitoring, management, and control in one or a plurality of facilities (F1). .. The plurality of servers (2) include at least a first server (21) and a second server (22). The authentication system (7) includes a reception unit (71) and an authentication processing unit (72). The reception unit (71) accepts the authentication for the first access to the first server (21). The authentication processing unit (72) executes an authentication process relating to the success or failure of the authentication for the first access, and enables the first access when the authentication for the first access is successful. When the authentication processing unit (72) succeeds in the authentication for the first access, the authentication processing unit (72) further executes the authentication process for the second access to the second server (22) to enable the second access. According to the sixteenth aspect, it is possible to provide an authentication system (7) capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

The display system (6) according to the seventeenth aspect provides information on a plurality of servers (2) of the integrated system (1) that performs at least one of monitoring, management and control in one or more facilities (F1). A display unit (61) for displaying a screen is provided. The plurality of servers (2) include at least a first server (21) and a second server (22). The display system (6) further includes an image processing unit (60) for displaying a first window (authentication window W1) that accepts authentication for the first access to the first server (21) on the display unit (61). .. The image processing unit (60) causes the display unit (61) to display the second window (main window W2) when the authentication for the first access is successful. The second window (main window W2) is the second server (22) due to the first information acquired from the first server (21) and the second access to the second server (22) executed with the success of authentication. ) And the second information. According to the seventeenth aspect, it is possible to provide a display system (6) capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

The display system (6) according to the eighteenth aspect provides information on a plurality of servers (2) of the integrated system (1) that performs at least one of monitoring, management, and control in one or more facilities (F1). A display unit (61) for displaying a screen is provided. The plurality of servers (2) include at least a first server (21) and a second server (22). The display system (6) further includes an image processing unit (60) for displaying an authentication window (W1) for receiving authentication for the first access to the first server (21) on the display unit (61). The image processing unit (60) causes the display unit (61) to display the main window (W2) regarding the first information acquired from the first server (21) when the authentication for the first access is successful. .. Further, the image processing unit (60) has a sub window (60) relating to the second information acquired from the second server (22) by the second access to the second server (22) in response to the selection operation on the main window (W2). W3) is displayed on the display unit (61). According to the eighteenth aspect, it is possible to provide a display system (6) capable of improving operations such as management or monitoring while suppressing deterioration of security related to data management.

The configuration according to the second to fourth aspects is not an essential configuration for the authentication method according to the first aspect, and can be omitted as appropriate. Further, the configurations according to the sixth to eighth aspects are not essential configurations for the display method according to the fifth aspect, and can be omitted as appropriate. Further, the configuration according to the tenth to fourteenth aspects is not an essential configuration for the display method according to the ninth aspect, and can be omitted as appropriate.

1 Integrated system 2 Server 21 1st server 22 2nd server 3 Controller (equipment)
4 Area 41 1st area 42 2nd area 5 Monitoring device (management terminal)
6 Display system 60 Image processing unit 61 Display unit 7 Authentication system 71 Reception unit 72 Authentication processing unit 8 ID management server (server)
B1 Operation area B2 Display area F1 Facility W1 Authentication window (1st window)
W2 main window (second window)
W3 secondary window W31 1st secondary window W32 2nd secondary window

Claims (18)

An authentication method for a plurality of servers in an integrated system that performs at least one of monitoring, management, and control within one or more facilities, the plurality of servers including at least a first server and a second server.
The first step of accepting the authentication for the first access to the first server, and
When the authentication for the first access is successful, the second step of enabling the first access and
When the authentication for the first access is successful, the third step of further executing the authentication process for the second access to the second server to enable the second access, and
including,
Authentication method. The first server performs at least one of the monitoring, the management, and the control of the first object.
The second server performs at least one of the monitoring, the management, and the control of a second object different from the first object.
The first object is at least one of the facilities and areas within the one or more facilities.
The authentication method according to claim 1. The first step, the second step, and the third step are executed on the management terminal communicably connected to the first server and the second server in the integrated system.
The authentication method according to claim 1 or 2. The first step, the second step, and the third step are executed on any server of the plurality of servers.
The authentication method according to claim 1 or 2. A display method for a display system having a display unit for displaying information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or a plurality of facilities. , Including at least the first server and the second server,
The first step of displaying the first window for accepting the authentication for the first access to the first server on the display unit, and
When the authentication for the first access is successful, the second server is obtained by the first information acquired from the first server and the second access to the second server executed with the success of the authentication. The second step of displaying the second window regarding the second information obtained from the display unit and the display unit.
including,
Display method. The second window includes the first information and the notification information based on the second information for notifying the user who has succeeded in the authentication.
The display method according to claim 5. The broadcast information includes information that can identify the first server or the second server.
The display method according to claim 6. The second window contains state information indicating the state of access to the first server and the second server.
The display method according to any one of claims 5 to 7. A display method for a display system having a display unit for displaying information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or a plurality of facilities. , Including at least the first server and the second server,
An authentication display step of displaying an authentication window for accepting authentication for the first access to the first server on the display unit, and
When the authentication for the first access is successful, the main display step of displaying the main window related to the first information acquired from the first server on the display unit, and
A sub-display step of displaying a sub-window related to the second information acquired from the second server by the second access to the second server in response to the selection operation on the main window on the display unit.
including,
Display method. The main window contains information that can identify the first server or the second server.
The display method according to claim 9. The main window contains state information indicating the state of access to the first server and the second server.
The display method according to claim 9 or 10. The main window contains an operating area.
In the sub-display step, screen transitions related to a plurality of sub-windows including the sub-window are executed in response to a selection operation for the operation area.
The display method according to any one of claims 9 to 11. The first information includes at least first event information regarding an event occurring in the first area under the jurisdiction of the first server.
The second information includes at least second event information regarding an event occurring in the second area under the jurisdiction of the second server.
The main window includes a display area for displaying both the first event information and the second event information.
The display method according to any one of claims 9 to 12. The first information includes at least the first map information regarding the first area under the jurisdiction of the first server.
The second information includes at least the second map information regarding the second area under the jurisdiction of the second server.
The main window includes an operation area for switching between the first map information and the second map information.
The sub-display step switches between a first sub-window showing the first map information and a second sub-window showing the second map information as the sub-window according to a selection operation for the operation area. Including steps,
The display method according to any one of claims 9 to 13. A program for causing one or more processors to execute the authentication method according to any one of claims 1 to 4 or the display method according to any one of claims 5 to 14. An authentication system that authenticates a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or a plurality of facilities, wherein the plurality of servers include at least a first server and a second server. Including
A reception unit that accepts authentication for the first access to the first server,
An authentication processing unit that executes the authentication process relating to the success or failure of the authentication for the first access and enables the first access when the authentication for the first access is successful.
With
When the authentication processing unit succeeds in the authentication for the first access, the authentication processing unit further executes the authentication process for the second access to the second server to enable the second access.
Authentication system. A display system including a display unit that displays information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or a plurality of facilities on a screen, wherein the plurality of servers are at least the first. Including 1 server and 2nd server
An image processing unit for displaying a first window for receiving authentication for the first access to the first server on the display unit is further provided.
The image processing unit receives the first information acquired from the first server when the authentication for the first access is successful, and the second information for the second server executed with the success of the authentication. A second window relating to the second information acquired from the second server by access is displayed on the display unit.
Display system. A display system including a display unit that displays information on a plurality of servers of an integrated system that performs at least one of monitoring, management, and control in one or a plurality of facilities on a screen, wherein the plurality of servers are at least the first. Including 1 server and 2nd server
An image processing unit for displaying an authentication window for receiving authentication for the first access to the first server on the display unit is further provided.
The image processing unit
When the authentication for the first access is successful, the main window regarding the first information acquired from the first server is displayed on the display unit.
In response to the selection operation on the main window, the display unit displays a sub-window related to the second information acquired from the second server by the second access to the second server.
Display system.

Images