JP4091611B2 - Authentication registration processing apparatus and authentication registration processing method - Google Patents

Description

  The present invention relates to an authentication registration processing apparatus and an authentication registration processing method for associating an authentication unit with an object unit that becomes operable when identification data can be received from an authentication unit existing within a predetermined range.

  Conventionally, for the purpose of improving security, a technique related to a card loss automatic notification method and system has been disclosed for early detection of loss or theft of valuables or the like (see, for example, Patent Document 1). According to the technique described in Patent Document 1, the portable read / write unit starts reading a timer and then reads the ID card when a certain time elapses, and determines the presence or absence of the ID card. When the ID card is lost, the distance between the ID card and the portable read / write unit is outside the communicable range. In this case, data indicating the loss of the ID card is transmitted to the mobile phone, the mobile phone calls the management center, and notifies the management center that the ID card has been lost via the communication network.

  In addition, a technique related to a security device and method capable of realizing a high level of security without impairing the original convenience has been disclosed (see, for example, Patent Document 2). According to the technique described in Patent Document 2, two devices are paired by mutual authentication using short-range wireless communication, and a partial function provided in the portable information device when the pair condition is not satisfied Is temporarily revoked. If the pair condition is satisfied, the invalidated function is reactivated.

  Furthermore, a technique that can manage valuables without worrying about the presence or absence of a power supply is also disclosed (see, for example, Patent Document 3). According to the technique described in Patent Document 3, an electronic tag attached to a valuable item is used, and a signal from the electronic tag is received by a mobile phone.

  Furthermore, wireless electronic keys using wireless communication technology have begun to be introduced into car locking and unlocking systems. At this time, one or two wireless electronic keys are provided to the purchaser for one purchased automobile. The purchased car already has an electronic key identification code, and the electronic key already has an automobile identification code written at the factory. Then, personal authentication is performed by mutual authentication between the automobile and the wireless electronic key.

As described above, the security can be improved by associating the monitoring device with the monitoring object.
Japanese Patent Laying-Open No. 2001-312702 (first page) JP 2003-288328 A (first page) JP 2004-86411 A (first page)

  Today, various cards such as cash cards, credit cards, and electronic money are used. However, the use of IC cards is being promoted to improve security. Further, in a society where wireless electronic keys are widespread, there is a possibility that they will be used not only for the above-mentioned automobiles but also for keys of entrance doors at home.

In such an environment, if a monitoring device is provided for each monitoring target, management is complicated. Therefore, it is convenient if the user can associate the monitoring apparatus with various monitoring objects, but in that case, it is necessary to confirm the intention of the right owner of the monitoring object.

  However, as shown in the above example, it is not assumed that the user himself / herself performs the mutual association between the wireless electronic key and the control target device such as an automobile. For this reason, when the user performs the association, there is no disclosure of a concise and efficient method that can be a valid owner of the wireless electronic key or the device to be controlled or confirm the intention of the owner.

  Further, when attention is paid to the card as a device to be controlled by the wireless electronic key, conventionally, since each card company performs its own security management, there is no commonality in the system. Furthermore, since this security management is determined by the business operator, there is no self-defense measure that can be taken by the user for security.

  In addition, biometric information or a seal may be used as user authentication. However, in such an authentication method, since fingerprints, vein information, and seals are directly used in transactions, there is a risk of loss or theft of each transaction.

  The present invention has been made to solve the above-mentioned problems, and its purpose is to improve the security of a wireless electronic key and a card or automobile that is a control target device of the wireless electronic key and the card or automobile. An object of the present invention is to provide an authentication registration processing apparatus and an authentication registration processing method capable of managing associations safely and efficiently.

  In order to solve the above problems, the invention according to claim 1 is directed to an authentication unit and an object unit that is operable when identification data can be received from an authentication unit existing within a predetermined range. An authentication registration processing device associated with a registration authority key corresponding to the authentication registration processing device, the authentication registration processing device comprising the code determination means and the write control means, wherein the code determination means is stored in an authentication unit. First authority for reading first unique data and second unique data stored in a registration authority key corresponding to the authentication unit and collating the first unique data with the second unique data Verification processing, and further, third unique data stored in the object unit, and fourth unique data stored in the registration authority key corresponding to the object unit Is read, the second authority collation process for collating the third unique data and the fourth unique data is executed, and the code determination means completes the first and second authority collation processes. In addition, the writing control means executes a mutual registration process of writing the identification data recorded in the object unit into the authentication unit, and further writing the identification data recorded in the authentication unit into the object unit. And

  According to a second aspect of the present invention, in the authentication registration processing apparatus according to the first aspect, the mutual registration processing is already written when identification data of the authentication unit is already written in the object unit. The identification data for which authority verification processing is newly completed is written while maintaining the identification data, and when the identification data of the object unit is already written in the authentication unit, the identification data already written is maintained. However, the gist is to write the identification data for which the authority verification process is newly completed.

  According to a third aspect of the present invention, in the authentication registration processing device according to the first or second aspect, when the authentication registration processing device completes the first authority verification processing, the object recorded in the authentication unit The gist is to allow the display or deletion of the unit identification data.

According to a fourth aspect of the present invention, in the authentication registration processing apparatus according to any one of the first to third aspects, when the authentication registration processing apparatus completes the second authority verification process, the object unit The gist is to allow the display or deletion of the identification data of the authentication unit recorded in the above.

  The invention according to claim 5 uses the registration authority key corresponding to each unit for the authentication unit and the object unit that becomes operable when the identification data can be received from the authentication unit existing within the predetermined range. An authentication registration processing method to be associated, wherein first unique data stored in an authentication unit and second unique data stored in a registration authority key corresponding to the authentication unit are read, and the first unique data A first authority collation process for collating the second unique data and the third unique data stored in the object unit and a registration authority key corresponding to the object unit. Reading the fourth unique data and executing a second authority collation process for collating the third unique data with the fourth unique data; The writing control means writes the identification data of the object unit to the authentication unit and further writes the identification data of the authentication unit to the object unit when the first and second authority verification processes are completed. And a stage of executing the processing.

(Function)
According to the present invention, on the condition that the registration authority key is collated, the identification data recorded in the object unit is written in the authentication unit, and further the identification data recorded in the authentication unit is written in the object unit. For this reason, the user can perform the mutual registration process after confirming the intention of the person using the registration authority key. Therefore, even if the object unit passes over to a third party regardless of the intention of the owner, it is possible to prevent the third party from performing the mutual registration process without permission. In this way, the user can ensure safety by managing the registration authority key separately from the object unit and the authentication unit.

  According to the present invention, even when identification data has already been registered, identification data for which authority verification processing has been newly completed is added. Thereby, when one identification data of the identification data written in the object unit or the authentication unit can be received, mutual authentication can be completed. In this case, when one identification data of the written identification data can be received from the authentication unit, it is set in an operable state. Therefore, an additional wireless electronic key serving as a spare key can be created using the authority registration key and can be used by a family member other than the person himself / herself, thereby ensuring convenience as well as security.

  Further, when all the identification data of the identification data written in the object unit or the authentication unit can be received, the mutual authentication can be completed. In this case, security can be strengthened by making it operable when all identification data of the written identification data is received from the authentication unit.

  According to the present invention, when the first authority verification process is completed, in order to allow display or deletion of the identification data of the object unit recorded in the authentication unit, the information recorded in the authentication unit is leaked or changed. Can be suppressed.

  According to the present invention, when the second authority verification process is completed, in order to allow display or deletion of the identification data of the authentication unit recorded in the object unit, information recorded in the object unit is leaked or changed. Can be suppressed.

ADVANTAGE OF THE INVENTION According to this invention, the authentication which can manage the correlation of this authentication unit and an object unit safely and efficiently, improving the security of the authentication unit used as a wireless electronic key and the object unit which is the control object apparatus. A registration processing apparatus and an authentication registration processing method can be provided.

  Hereinafter, an embodiment of the present invention will be described with reference to FIGS. In the present embodiment, as shown in FIG. 1, an IC card 50 is assumed as an object unit that is a controlled object. A wireless electronic key (transmission unit 10 as a key holder type authentication unit) corresponding to the IC card 50 is used in combination. The shape of the transmission unit 10 is not particularly limited as long as it can be worn and carried.

  FIG. 1 shows a functional block diagram of the transmission unit 10 and the IC card 50 for performing mutual authentication. The transmission unit 10 incorporates a transmission module 100. The transmission module 100 includes a control unit 110, a communication unit 120, a right authentication memory 130, a first memory 140, and a second memory 150.

The control part 110 controls the communication part 120 mentioned later and each memory (130-150).
The communication unit 120 transmits a signal for performing mutual authentication within a predetermined range as a radio wave. This signal is received from the transmission unit 10 by the IC card 50 within a predetermined range.

  In the authority authentication memory 130, when a mutual authentication code is written in the memory, a unique code is recorded as first unique data for confirming the person's intention. Identification data used for mutual authentication is recorded in the first memory 140 and the second memory 150. Identification code data for specifying the transmission module 100 is recorded in the first memory 140 of the transmission unit 10. In the second memory 150 of the transmission unit 10, identification code data for specifying the reception module 500 that performs mutual authentication with the transmission module 100 is recorded. A plurality of identification codes can be written in the second memory 150.

  On the other hand, the IC card 50 is an IC card that is used when another utilization device 70 is used. For example, the present invention can be applied to a cash card used for an automatic teller machine, a credit card used at a store, an IC card for electronic money, and the like. For this purpose, the IC card 50 has an IC chip 51 on which various information is recorded.

  Further, the IC card 50 includes a receiving module 500 that controls the IC chip 51. The receiving module 500 includes a control unit 510, a communication unit 520, a right authentication memory 530, a first memory 540, and a second memory 550.

The control unit 510 controls a communication unit 520 and memories (530 to 550) described later.
Communication unit 520 receives a signal for performing mutual authentication within a predetermined range as a radio wave. A signal transmitted from the IC card 50 by the transmission unit 10 within a predetermined range is received.

  In the authority authentication memory 530, when a mutual authentication code is written in the memory, a unique code is recorded as third unique data for confirming the person's intention. Identification data used for mutual authentication is recorded in the first memory 540 and the second memory 550. Identification code data for specifying the receiving module 500 is recorded in the first memory 540 of the IC card 50. In the second memory 550 of the IC card 50, identification code data for specifying the transmission module 100 that performs mutual authentication with the reception module 500 is recorded. Note that a plurality of identification codes can be written in the second memory 550.

In this way, as shown in FIG. 2, the transmission unit 10 and the IC card 50 can perform mutual authentication as long as they are within the radio wave reachable range A.
(Registration management process)
When the transmission unit 10 and the IC card 50 perform mutual authentication processing, it is necessary to perform registration management processing for mutual authentication in advance. In this registration management process, the module mutual writing device 30 as the authentication registration processing device shown in FIG. 3, the transmission unit registration authority key 20 and the reception unit registration authority key 60 are used. The transmission unit registration authority key 20 and the reception unit registration authority key 60 are provided when the user acquires each unit of the transmission unit 10 and the IC card 50. The transmission unit registration authority key 20 includes a memory 21. In the memory 21, the same code as the unique code recorded in the authority authentication memory 130 of the transmission unit 10 corresponding to the transmission unit registration authority key 20 is recorded. The receiving unit registration authority key 60 includes a memory 61. In the memory 61, the same code as the unique code recorded in the authority authentication memory 530 of the IC card 50 corresponding to the receiving unit registration authority key 60 is recorded.

  The module mutual writing device 30 includes an interface unit for exchanging data with the transmission unit registration authority key 20, the reception unit registration authority key 60, the transmission unit 10, and the IC card 50. The module mutual writing device 30 further includes a code determination unit 31 as a code determination unit, a write control unit 32 as a write control unit, and a selection key 33 connected to each interface unit.

  The code determination unit 31 stores the data recorded in the memory (21, 61) of the transmission unit registration authority key 20 and the reception unit registration authority key 60, and the authority authentication memory (130, 530) of the transmission unit 10 and the IC card 50. read.

  The writing control unit 32 reads data recorded in the transmission unit 10 and the first memory (140, 540) of the IC card 50. Further, when performing registration management processing, identification data is recorded in the second memory (150, 550). The selection key 33 is used when the user selects various processes. In the present embodiment, each processing in the mutual registration processing mode, the display mode, and the deletion mode can be selected as will be described later.

The module mutual writing device 30 executes the registration management process shown in FIG.
First, the code determination unit 31 of the module mutual writing device 30 acquires a unique code (step S1-1). Specifically, the code determination unit 31 is preset in the authority authentication memory 130 of the transmission module 100 mounted on the transmission unit 10 via the interface unit in order to execute the first authority verification process. The unique code (first unique data) is read. Further, a unique code (second unique data) preset in the memory 21 of the transmission unit registration authority key 20 is read through the interface unit corresponding to the transmission unit 10.

  Next, the code determination unit 31 collates whether or not the two acquired unique codes match (step S1-2). Only when the two unique codes match (in the case of “YES” in step S1-2), the code determination unit 31 permits the write control unit 32 to access each memory of the unit. (Step S1-3). Here, access to the second memory 150 of the transmission module 100 built in the transmission unit 10 is permitted. By this access, writing to the second memory 150 of the transmission module 100 and a written identification code can be deleted. Further, reading of the identification code set in advance in the first memory 140 of the transmission module 100 is permitted. If the two do not match (in the case of “NO” in step S1-2), it is determined that there is no access authority, and the process ends.

  Similarly, the code determination unit 31 of the module mutual writing device 30 reads the unique code for the IC card 50 in order to execute the second authority verification process (step S1-1). Specifically, a unique code (third unique data) preset in the authority authentication memory 530 of the reception module 500 mounted on the IC card 50 is acquired via the interface unit. Further, a unique code (fourth unique data) preset in the memory 61 of the reception unit registration authority key 60 is read via the interface unit corresponding to the IC card 50.

  Next, the code determination unit 31 determines whether the two unique codes acquired for the receiving module 500 match (step S1-2). As in the case of the transmission unit 10, only when the two unique codes match (in the case of “YES” in step S <b> 1-2), the code determination unit 31 instructs each unit to write control unit 32. Is allowed to access (step S1-3). Here, access to the second memory 550 of the receiving module 500 of the IC card 50 is permitted. By this access, writing to the second memory 550 of the receiving module 500 and the written identification code can be deleted. Furthermore, reading of an identification code set in advance in the first memory 540 of the receiving module 500 is permitted. If the two do not match (in the case of “NO” in step S1-2), it is determined that there is no access authority, and the process ends.

  Then, the write control unit 32 permitted to access each memory executes various designated processes (step S1-4). This process is selected by the selection key 33 of the module mutual writing device 30.

<Mutual registration process>
When the mutual registration processing mode is selected, the writing control unit 32 writes the identification code preset in the first memory 140 of the transmission module 100 in the second memory 550 of the reception module 500. Further, the writing control unit 32 writes the identification code set in advance in the first memory 540 of the receiving module 500 in the second memory 150 of the transmitting module 100. When the identification code is written in the second memory (150, 550) of the transmission module 100 or the reception module 500, the identification code can be encrypted. Thereby, security can be further improved.

<Display processing>
Processing when the display processing mode is selected will be described below.
When the authority verification process of the unique code recorded in the transmission unit 10 and the transmission unit registration authority key 20 is completed, the writing control unit 32 specifies the transmission module 100 written in the first memory 140 of the transmission module 100. The identification code and the identification code of the reception module 500 written in the second memory 150 of the transmission module 100 are displayed.

  On the other hand, when the authority verification process of the unique code recorded in the IC card 50 and the reception unit registration authority key 60 is completed, the write control unit 32 receives the reception module written in the first memory 540 of the reception module 500. The identification code identifying 500 and the identification code of the transmission module 100 written in the second memory 550 of the reception module 500 are displayed. When a plurality of identification codes are recorded in the second memory 150 or the second memory 550, all are displayed.

<Delete processing>
Processing when the deletion processing mode is selected will be described below.
When the authority verification process of the unique code recorded in the transmission unit 10 and the transmission unit registration authority key 20 is completed, the writing control unit 32 writes the identification code of the reception module 500 written in the second memory 150 of the transmission module 100. Perform deletion of.

  On the other hand, when the authority verification process of the unique code recorded in the IC card 50 and the reception unit registration authority key 60 is completed, the write control unit 32 transmits the transmission module written in the second memory 550 of the reception module 500. 100 identification codes are deleted. When a plurality of identification codes are recorded in the second memory 150 or the second memory 550, the identification code can be selected using the selection key 33, and only the identification code selected here is deleted. You can also.

(Mutual authentication processing)
Next, the mutual authentication process will be described with reference to FIG. A user of the IC card 50 carries the transmission unit 10 separately from the IC card 50. When the IC card 50 is inserted into the use device 70, the use device 70 recognizes the IC card 50 and supplies power to the IC chip 51 from the power supply of the use device 70. This power is also supplied to the receiving module 500 via the IC chip 51 (“YES” in step S2-1). As a result, the IC chip 51 and the receiving module 500 operate.

  In this case, the transmission process of the identification code is performed between the transmission unit 10 and the IC card 50 (step S2-2). Specifically, the control unit 510 of the reception module 500 of the IC card 50 transmits the identification code recorded in the first memory and receives radio waves from the transmission module 100. Specifically, when the identification code received from the reception module 500 is recorded in the second memory 150, the transmission module 100 transmits the identification code recorded in the first memory 140. Here, when a plurality of identification codes are recorded in the second memory 150, the control unit 110 performs the identification recorded in the first memory 140 on condition that one identification code signal is received. Send the code. When the reception module 500 receives the radio wave from the transmission module 100, the identification code is detected. In this case, the radio wave reachable range A is set within a range of about 2 m so that signals can be received within the range.

  Then, the transmission module 100 and the reception module 500 mutually transmit and receive signals and mutually confirm the identification code (step S2-3). Specifically, it is confirmed whether or not the received identification code matches the identification code recorded in the second memory. If the ID code matches (YES in step S2-3), control unit 510 of receiving module 500 that has confirmed the ID code sends an operation signal to IC chip 51 (step S2-3). S2-4). The sending of the activation signal is continued while the receiving module 500 receives the confirmed identification code signal from the transmitting module 100. Here, when a plurality of identification codes are recorded in the second memory 550, the control unit 510 permits the IC chip 51 to operate on the condition that one identification code signal is received. IC chip 51 is ready for operation. In the present embodiment, a switch is provided in the output circuit of the IC chip 51, and when the identification code signal can be received, the ON state of this switch is maintained.

  On the other hand, when one of the transmission unit 10 or the IC card 50 is lost or stolen, the distance between the reception module 500 and the transmission module 100 increases. In this case, since the reception module 500 cannot receive the identification code signal from the transmission module 100, the control unit 510 of the reception module 500 does not send an operation signal to the IC chip 51.

According to the authentication registration process of the above embodiment, the following effects can be obtained.
In the above embodiment, the code determination unit 31 of the module mutual writing device 30 acquires the unique code of the registration authority key (20, 60) (step S1-1). Only when the unique codes recorded in the authority authentication memory 130 of the transmission module 100 and the authority authentication memory 530 of the reception module 500 match each other, the code determination unit 31 instructs the write control unit 32. Then, access to each unit is permitted (step S1-3). When the owner securely manages the registration authority key (20, 60), mutual authentication registration between the transmission unit 10 and the IC card 50 is performed while confirming the owner of the object and the intention of the owner. be able to. Without a registration authority key, mutual authentication registration cannot be performed. For example, an automobile owned by the owner, an entrance door, a cash card, or a credit card can be identified without permission by the owner. The code is never registered.

  Further, if there is no registration authority key, access to each memory is not allowed, and thus the contents of registration cannot be seen or deleted. Therefore, security can be maintained high.

  In the above embodiment, mutual authentication registration can be performed using the module mutual writing device 30 and the registration authority key (20, 60). For this reason, a free authentication relationship can be formed according to the needs of the user. In particular, with the spread of wireless electronic keys in the future, the number of target items will increase. In addition, the sophistication of the usage of wireless electronic keys may lead to the use of wireless electronic keys for various purposes, and the necessity and number of registration of wireless electronic keys and identification codes for objects have been dramatically increased. Increase. Accordingly, since the safety of the IC card can be secured in common regardless of the IC card issuing company and the type of the IC card, it is possible to improve the safety and convenience of the user while ensuring the flexibility.

  In the above embodiment, a plurality of reception modules can be associated with one transmission unit 10. For this reason, various IC cards can be managed collectively.

  In the above embodiment, when a plurality of identification codes are recorded in the second memory 150, the control unit 110 stores the identification code signal in the first memory 140 on condition that one of the identification codes is received. Send the recorded identification code. Further, when a plurality of identification codes are recorded in the second memory 550, the control unit 510 sends an operation signal to the IC chip 51 on condition that one identification code signal is received. Send it out. Thereby, it is possible to make settings so that the third party (for example, a family member) can use the IC card 50 by using the additional transmission unit 10 that has performed mutual authentication registration, thereby ensuring convenience.

  In the above embodiment, when power is supplied to the IC chip 51 (step S2-1), the control unit 510 transmits the identification code recorded in the first memory of the reception module 500 and from the transmission module 100. Receive radio waves. When the identification code received from the reception module 500 is recorded in the second memory 150, the transmission module 100 transmits the identification code recorded in the first memory 140. Thereby, the transmission module 100 can transmit an identification code only when there is a request from the reception module 500, and can save power.

In addition, you may change the said embodiment into the following aspects.
In the above embodiment, the IC card 50 is used as the object unit. The object unit is not limited to the IC card 50 as long as an IC chip is mounted, and may be an automobile, a front door, or the like, or a wireless electronic key itself. In this case, the module mutual writing device 30 is provided with an interface unit suitable for the device to be controlled so that the identification codes can be registered with each other.

  In the above embodiment, the registration management process is performed using the module mutual writing device 30, the transmission unit registration authority key 20 and the reception unit registration authority key 60. In addition to this, the module mutual writing device 30 may be provided with three or more interface units to simultaneously register mutual authentication. In this case, the identification code recorded in the first memory of the other unit is recorded in the second memory of each unit.

  In the above embodiment, the mutual authentication process is performed using the transmission unit 10 and the IC card 50. In addition to this, another intermediate authentication module may be interposed between the transmission unit 10 and the IC card 50. In this case, the transmission unit 10 and the intermediate authentication module execute the first mutual authentication process, and the intermediate authentication module and the IC card 50 execute the second mutual authentication process. Accordingly, even when the IC card 50 is lost, the intermediate authentication module and the IC card 50 are simultaneously lost, or the transmission unit 10 and the IC card 50 are simultaneously lost, the transmission unit 10, the intermediate authentication module and the IC card are also lost. If all three of 50 are not lost at the same time, the security of the IC card 50 can be maintained. Further, with respect to the intermediate authentication module, a plurality of modules may be interposed in a chain. Thereby, security can be further improved.

  In the above embodiment, when the identification code received from the reception module 500 is recorded in the second memory 150, the transmission module 100 transmits the identification code recorded in the first memory 140. Instead of this, the transmission module 100 may always transmit an identification code signal by radio waves. Then, the radio wave reachable range A is set within a range of about 2 m so that signals can be received within the range. Thereby, a quick process can be performed.

  In the above embodiment, when a plurality of identification codes are recorded in the second memory 150, the control unit 110 records in the first memory 140 on condition that one identification code signal is received. The identified identification code is transmitted. Further, when a plurality of identification codes are recorded in the second memory 550, the control unit 510 sends an operation signal to the IC chip 51 on condition that one identification code signal is received. Send it out. Alternatively, the identification code may be transmitted or the operation signal may be sent to the IC chip 51 on condition that all the identification codes recorded in the second memory (150, 550) are received. Thereby, security can be improved.

  In the above embodiment, the control unit 510 provides a switch in the output circuit of the IC chip 51 when sending an operation signal to the IC chip 51, and turns on the switch when the identification code signal can be received. Maintain state. In this case, the method of operating the IC chip 51 on condition that the identification code signal is received is not limited to this. For example, a reversible electromagnetic shield may be provided for the IC chip 51 so that the electromagnetic shield can be released on condition that the identification code signal is received.

  In the above embodiment, when the mutual registration processing mode is selected in the mutual registration processing, the writing control unit 32 uses the identification code preset in the first memory 540 of the receiving module 500 as the first of the transmitting module 100. 2 Write to memory 150. The transmission module 100 transmits the identification code recorded in the first memory 140 when it is recorded in the second memory 150 received from the reception module 500. Instead of this, the writing of the identification code to the second memory 150 of the transmission module 100 may be omitted. In this case, the reception module 500 collates the identification code received from the transmission module 100 with the identification code recorded in the second memory 550 of the reception module 500. If the collation can be completed, an operation signal is sent out. Thereby, the memory capacity of the transmission module 100 can be reduced.

Schematic of the functional block of one Embodiment of this invention. Explanatory drawing of mutual authentication. Explanatory drawing of a module mutual writing apparatus. Explanatory drawing of a registration management process. Explanatory drawing of a mutual authentication process.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 ... Transmission unit, 100 ... Transmission module, 120 ... Communication part, 130 ... Authority authentication memory, 20 ... Registration authority key, 30 ... Module mutual writing device, 31 ... Code determination part, 32 ... Write control part, 50 ... IC card, 500 ... receiving module, 520 ... communication unit, 530 ... memory for authority authentication, 60 ... registration authority key.

Claims (5)

An authentication registration processing apparatus that associates an authentication unit with an object unit that is in an operable state when identification data can be received from an authentication unit existing within a predetermined range using a registration authority key corresponding to each unit,
The authentication registration processing apparatus includes a code determination unit and a writing control unit,
The code determination means reads first unique data stored in an authentication unit and second unique data stored in a registration authority key corresponding to the authentication unit, and reads the first unique data and the first unique data. A first authority collation process for collating the two unique data;
Further, the third unique data stored in the object unit and the fourth unique data stored in the registration authority key corresponding to the object unit are read, and the third unique data and the fourth unique data are read. And a second authority verification process for verifying
When the code determination unit completes the first and second authority verification processing, the write control unit writes the identification data recorded in the object unit into the authentication unit, and further records it in the authentication unit. An authentication / registration processing apparatus for executing a mutual registration process for writing the identified identification data into the object unit. The mutual registration process includes:
If the identification data of the authentication unit has already been written to the object unit, the identification data that has been subjected to the authority verification process is newly written while maintaining the identification data that has already been written.
When the identification data of the object unit has already been written in the authentication unit, the identification data for which authority verification processing has been newly completed is written while maintaining the already written identification data. The authentication registration processing apparatus according to Item 1.   3. The authentication registration processing device allows display or deletion of identification data of an object unit recorded in the authentication unit when the first authority verification process is completed. Authentication registration processing device.   4. The authentication registration processing device allows display or deletion of authentication unit identification data recorded in the object unit when the second authority verification process is completed. The authentication registration processing device according to claim 1. An authentication registration processing method for associating an authentication unit with an object unit that becomes operable when identification data can be received from an authentication unit existing within a predetermined range using a registration authority key corresponding to each unit,
The first unique data stored in the authentication unit and the second unique data stored in the registration authority key corresponding to the authentication unit are read, and the first unique data and the second unique data are read out. Performing a first authority verification process for verification;
Further, the third unique data stored in the object unit and the fourth unique data stored in the registration authority key corresponding to the object unit are read, and the third unique data and the fourth unique data are read. Performing a second authority verification process for verifying
Executing a mutual registration process of writing the identification data of the object unit into the authentication unit and further writing the identification data of the authentication unit into the object unit when the first and second authority verification processes are completed; Including an authentication registration processing method.

Images