JP4925852B2 - Authentication system, terminal device, authority writing device, and authentication lock device - Google Patents

Description

  The present invention relates to a technique for authenticating use authority of a cabinet or the like using human body communication.

  As a technique for authenticating the authority to use a cabinet or the like, a wireless terminal device is given to each user, and a lock device capable of communicating with the wireless terminal device is attached to the cabinet side.

  In this system, when a user who possesses a wireless terminal device intends to use a predetermined cabinet, the wireless terminal device and the lock device perform wireless communication to authenticate whether or not the cabinet can be used. Is supposed to do. When it is determined that the lock can be used, the lock device performs an unlocking operation so that the user can use the cabinet. On the other hand, when it is determined that it cannot be used, the locking device maintains the locked state, and the user cannot use the cabinet.

  Such a technique is disclosed in Patent Document 1, for example.

JP 2006-257822 A

  However, as described above, in the technology that performs authentication by wireless communication, in a situation where a person with usage authority is present near the target object, when a person without other usage authority tries to use the target object, There is a possibility that wireless communication is established with an incorrect wireless terminal device possessed by a person with usage authority and erroneous authentication is performed.

  Moreover, even if it is not an authorized owner, as long as the wireless terminal device is owned, it is determined that the authentication device can be used and the object to be used can be used. For this reason, if the wireless communication terminal device is lost, not only a legitimate user cannot use but also there is a possibility that it will be misused.

  Here, if authentication is performed by performing human body communication between the terminal device given to each user and the authentication device provided in the object to be used, erroneous communication establishment is suppressed, It can prevent authentication and solve the former problem.

  However, even in this case, as long as the terminal device is owned, it is determined that the authentication device can be used, so that the problem of being abused by a person who has found the terminal device remains.

  Here, if a legitimate user notices the loss, the authentication device can invalidate the personal identification ID information to prevent subsequent unauthorized use. However, because of the nature of terminal devices that perform human body communication, they are used in a form that is not usually conscious, for example, in the form of a wristband or a name tag, so the loss is often not noticed and can be misused. Will rise.

  Then, an object of this invention is to provide the technique which can prevent erroneous authentication and misuse effectively.

In order to solve the above-mentioned problem, this authentication system is an authentication system for authenticating a lock object, a terminal-side storage unit capable of storing use authority information and use condition information, and a human body as a communication path. The terminal-side human body communication unit that performs human body communication, and the usage authority information and use condition information received through the terminal-side human body communication unit are written in the terminal storage unit according to the communication result through the terminal-side human body communication unit Or a terminal device having a terminal-side control unit that transmits the use authority information and the usable condition information stored in the terminal-side storage unit to the outside through the terminal-side human body communication unit, and obtains personal authentication information a personal authentication section and stores the permissions writing-side human body communication unit for performing human body communication in which the human body communication path, the use authority writing information associates the use authority information of the personal authentication information lock object Conditions for using the usage right information determined based on the limited writing side storage unit, the personal authentication information acquired by the personal authentication unit and the usage right writing information stored on the right writing storage unit side An authority writing device having an authority writing control unit that transmits an instruction to write together with information to the outside via the authority writing side human body communication unit, and provided in the lock target, with the human body as a communication path An authentication lock side human body communication unit that performs human body communication, a lock unit that locks or unlocks the object to be locked, and usage authority information that is received from the terminal device through the authentication lock side human body communication unit can be used. An authentication lock device comprising: a lock control unit that determines whether or not use is possible based on the condition information, and controls the lock unit to switch from the locked state to the unlocked state when it is determined to be usable It is those with a. Here, the human body communication unit that performs human body communication refers to a configuration that performs communication using the human body as a communication path.

  In this case, the authority writing device includes at least one of the available number of times information stored in advance in the authority writing side storage unit and the writing time information determined based on a time signal from the time measuring circuit. The lock control unit determines whether to use the available number of times information and the writing time information based on the available condition information received from the terminal device through the authentication lock side human body communication unit. It may be determined whether or not a condition defined based on at least one of the conditions is satisfied, and if the condition is not satisfied, it may be determined that the service cannot be used.

  Further, the use authority information is an identification code, and the authentication lock device includes an authentication lock side storage unit that stores use permission / denial information that associates the identification code with the use permission / denial of the lock target, The lock control unit may determine whether or not it can be used based on an identification code received from the terminal device through the authentication lock side human body communication unit and use permission / rejection information stored in the authentication lock side storage unit.

  Further, the personal authentication unit may be a biometric authentication device that acquires information unique to a biometric.

  In this case, the personal authentication unit is a biometric authentication device that performs authentication by contact with a living body, and the authority writing side human body communication unit is configured to contact the living body when the living body contacts the biometric authentication device. You may have the electrode for human body communication which can contact.

  The personal authentication unit includes a personal authentication communication unit that performs near field communication with a personal authentication terminal assigned to a user, and the authority writing side human body communication unit connects the personal authentication terminal to the personal authentication terminal. You may have the electrode for human body communication arrange | positioned in the position which can contact with the hand which is going to adjoin to the authentication communication part.

  Further, the authority writing device may be installed at an entrance of an area where the lock object exists.

  In addition, the authentication lock device includes, as the lock unit, a storage lock unit that locks and unlocks an opening / closing unit attached to a storage unit serving as the lock object, and an entrance door that locks and unlocks an entrance door of the room. It may include at least one of a lock portion and a control lock portion that locks the electric device unusably and unlocks the electric device.

  In addition, the authentication lock side human body communication unit may include a contact unit that directly or indirectly contacts the human body as an electrode for human body communication when the lock target is used.

In addition, this terminal device is a terminal device for authenticating a lock object, and a terminal-side storage unit capable of storing use authority information and use condition information, and human body communication using the human body as a communication path. According to the communication result through the terminal side human body communication unit to perform the terminal side human body communication unit, the usage authority information and the usable condition information received through the terminal side human body communication unit are written in the terminal storage unit, or A terminal-side control unit configured to transmit the usage authority information and the usable condition information stored in the terminal-side storage unit to the outside through the terminal-side human body communication unit;

Further, this authority writing device is an authority writing device capable of writing information to a terminal device for performing authentication of a lock object, and a personal authentication unit for acquiring personal authentication information and a human body as a communication path An authority writing side human body communication unit that performs human body communication, an authority writing side storage unit that stores usage authority writing information in which personal authentication information and usage authority information of the lock object are associated, and the personal authentication unit A command to write the usage authority information determined on the basis of the personal authentication information acquired in step 1 and the usage authority writing information stored on the authority writing storage unit side together with the availability condition information, And an authority writing control unit that transmits to the outside via the human body communication unit.

Furthermore, this authentication lock device is an authentication lock device that is provided on a lock object and communicates with a terminal device to authenticate the lock object, and is an authentication lock that performs human body communication using the human body as a communication path. Based on the side human body communication unit, the lock unit that locks or unlocks the object to be locked, and the usage authority information and use condition information received from the terminal device through the authentication lock side human body communication unit A lock control unit configured to determine whether or not use is possible, and to control the lock unit to switch from the locked state to the unlocked state when it is determined that use is possible;

  According to this authentication system, since human body communication is performed between the terminal device and the authentication lock device, human body communication is performed between the terminal device possessed by the user and the authentication lock device, and whether or not use is possible is determined. The For this reason, communication with an incorrect terminal device possessed by a non-user is suppressed, and erroneous authentication can be prevented.

  Also, the personal authentication information is acquired by the authority writing device, and the usage authority information and the usable condition information determined based on the personal authentication information and the usage authority writing information are written in the terminal device. And in the authentication lock device, the use permission information and the use condition information received from the terminal device through the authentication lock side human body communication unit are determined to determine whether or not the use is possible. The lock unit is controlled to be unlocked. For this reason, since a lock part can be made into an unlocked state, when an availability condition is satisfy | filled, abuse can be prevented effectively.

  Further, the authority writing device includes at least one of usable number information stored in advance in the authority writing side storage unit and writing time information determined based on a timing signal from a timing circuit. Determining the availability condition information, the lock control unit, based on the availability condition information received from the terminal device through the authentication lock side human body communication unit, at least the available number of times information and the writing time information If it is determined whether or not the condition specified based on one of the conditions is satisfied and the condition is not satisfied, and it is determined that the terminal cannot be used, for example, a predetermined time elapses after the terminal device is lost, or the number of times of use is satisfied. Otherwise, the locked object will not be available.

  Further, the lock control unit determines whether or not to use based on an identification code received from the terminal device through the authentication lock side human body communication unit and use permission / rejection information stored in the authentication lock side storage unit. Thus, it is possible to change the availability of each use on the authentication lock device side.

  In addition, if the personal authentication unit is a biometric authentication device that acquires information unique to a living body, the user can conveniently perform personal authentication by hand.

  The personal authentication unit is a biometric authentication device that performs authentication by contact with a living body, and the authority writing side human body communication unit can contact the living body when the living body contacts the biometric authentication device. If the electrode for human body communication is provided, the terminal device can be written during the authentication operation by the user.

  The personal authentication unit includes a personal authentication communication unit that performs near field communication with a personal authentication terminal assigned to a user, and the authority writing side human body communication unit connects the personal authentication terminal to the personal authentication terminal. Having a human body communication electrode arranged at a position where it can come into contact with a hand to be brought close to the authentication communication unit, when the user tries to authenticate the personal authentication terminal close to the personal authentication communication unit, the human body Use authority information can be written through communication.

  In addition, when the authority writing device is installed at an entrance of an area where the lock object exists, the authority writing device can write the usage authority information to the terminal device when the user passes through the entrance.

  In addition, the authentication lock device includes, as the lock unit, a storage lock unit that locks and unlocks an opening / closing unit attached to a storage unit serving as the lock object, and an entrance door that locks and unlocks an entrance door of the room. By including at least one of the lock unit and the control lock unit that locks and unusably locks the electrical device, use of the storage means, entry into the room, use of the personal computer, and the like can be restricted.

  In addition, when the authentication lock side human body communication unit has a contact portion that directly or indirectly contacts the human body as the human body communication electrode when using the lock target, the user uses the lock target. Since the authentication is performed by contacting the contact portion, no special operation operation is required.

  Moreover, according to this terminal device, since human body communication is performed, incorrect authentication can be prevented. The terminal side storage unit can store the use authority information and the use condition information, and the terminal control unit receives the terminal side human body communication unit according to the communication result through the terminal side human body communication unit. The right-of-use information and the usable condition information are written in the terminal storage unit, or the right-of-use information and the usable condition information stored in the terminal-side storage unit are transmitted to the outside through the terminal-side human body communication unit. Therefore, the availability condition information can be provided as a material for determining availability, and abuse can be effectively prevented.

  Also, according to this authority writing device, since the personal authentication information is written and the usage authority information is written, the usage authority information and the usable condition information are written in the terminal device possessed by the authorized person. Can do. Since the use authority information and the use condition information can be provided as materials for determining whether or not the lock target can be used, misuse can be effectively prevented.

  Moreover, according to this authentication lock device, since human body communication is performed with the terminal device, erroneous authentication can be prevented. In addition, the lock control unit determines whether or not the use is permitted based on the use authority information and the use condition information received from the terminal device through the authentication lock side human body communication unit, and when the use is determined to be possible In addition, since the lock unit is unlocked, misuse can be effectively prevented.

  The authentication system according to the embodiment will be described below.

<1. Overall configuration>
First, the overall configuration of the authentication system will be described. FIG. 1 is an explanatory diagram showing the overall configuration of the authentication system.

  This authentication system is a system that performs authentication of a lock object, and includes a terminal device 20, an authority writing device 40, and an authentication lock device 60.

  The lock target is managed by switching between an unusable locked state and an available unlocked state. As such an object to be locked, an opening / closing part attached to a storage means, a doorway of a room, an electric device, and the like are assumed. Here, when the object to be locked is the door 12 or the drawer 13 of the cabinet 10 which is an opening / closing part as a storage means (see FIG. 8), or the door 16 of the room R, a personal computer as an electrical device The case of 18 will be described.

  The terminal device 20 is given to the user of this system. The authority writing device 40 is a device commonly used for each terminal device 20, and is preferably installed at a place where a user passes when using the system, for example, at an entrance / exit of the system. The authentication lock device 60 is a device provided in each use object, and is a device that switches the use object to a locked state or an unlocked state.

  Explaining the general usage method of this system, a user who uses this authentication system possesses the terminal device 20 and moves in front of the authority writing device 40. Then, the authority writing device 40 personally authenticates whether or not the user is a legitimate user, and when the user is a legitimate user, the authority writing device 40 stores the use authority information and the terminal device 20 possessed by the user. Write usage condition information.

  Thereafter, the user possesses the terminal device 20 and moves in front of the door 12, the entrance door 16, and the personal computer 18. Then, the authentication lock device 60 performs human body communication with the terminal device 20 possessed by the user, determines whether or not the user can use the device, and switches to the unlocked state when it is determined that the user can use the device. As a result, the user can open the door 12 and the entrance door 16 or use the personal computer 18.

  Hereinafter, each part structure is demonstrated in detail.

<2. Terminal device>
FIG. 2 is a block diagram showing the terminal device and the authority writing device, and FIG. 3 is a block diagram showing the terminal device and the authentication lock device.

  The terminal device 20 includes a storage unit 22 on the terminal side, a human body communication circuit unit 24a and a human body communication electrode 24b as a human body communication unit on the terminal side, and a terminal side control unit 26.

  The terminal-side control unit 26 is configured by a general microcomputer including a CPU, a ROM, a RAM, and the like, and performs an arithmetic operation using a software program stored in advance to execute processing described later.

  The storage unit 22 is configured by a rewritable nonvolatile memory such as a flash memory, and is configured to be able to store a personal identification ID as usage authority information and a writing time as usage condition information.

  The human body communication circuit unit 24a includes a modulation circuit, a demodulation circuit, an amplifier circuit, and the like, and modulates a signal supplied from the terminal side control unit 26 and outputs the modulated signal to the human body communication electrode 24b. A signal received through the communication electrode 24b is demodulated and provided to the terminal-side control unit 26. The human body communication electrode 24b is provided so as to be able to contact the human body directly or indirectly through clothes or the like. Thereby, the human body communication circuit unit 24a performs human body communication using the human body as a communication path. Note that the human body communication unit includes a configuration in which a current signal is supplied to the human body for communication and a configuration in which a voltage signal is applied to the human body to perform communication using electrostatic coupling.

  FIG. 4 is a flowchart showing the operation of the terminal device.

  First, the terminal device 20 is in a sleep mode with less power consumption in a normal state after the end of processing described later, and receives a signal via the human body from the authority writing device 40 or the authentication lock device 60, etc. When an electric signal of a predetermined voltage level or higher is received via the human body communication electrode 24b, the operation is started to shift to the operation mode. Thereby, the power saving of the terminal device 20 is achieved.

  And after starting of the terminal device 20, first, in step S1, the presence or absence of establishment of human body communication is determined. Here, if the establishment of the human body communication is denied, the process returns to step S1, and if it is determined that the human body communication is established, the process proceeds to step S2.

  In step S2, it is determined whether the signal received by human body communication includes a write request or a read request.

  If it is determined that a write request is included, the process proceeds to step S3. In step S3, the personal identification ID and the writing time included in the signal received by human body communication are written in the storage unit 22, and the process is terminated.

  On the other hand, if it is determined in step S2 that a read request is included, the process proceeds to step S4. In step S4, the personal identification ID and the writing time stored in the storage unit 22 are read out and transmitted to the outside through the human body communication circuit unit 24a and the human body communication electrode 24b, and the process ends.

  Such a terminal device 20 is given to each user. Even if it is a form that is granted permanently or continuously to each user (that is, a form that is given as a dedicated product), it is given to each user every time the system is used. (That is, a form used as a shared product).

  Moreover, it is preferable that the terminal device 20 is configured as a form that is always worn by each user. For example, the terminal device 20 is configured as a wristband worn on the user's wrist (see FIG. 7), a neck strap hanging from the neck, or a name tag-like shape worn on clothes with pins or the like. Composed. In addition, the terminal device 20 may be configured in a card shape that can be stored in a pocket of clothes or the like, or may be incorporated in a mobile phone.

<3. Authorized writing device>
FIG. 7 is a perspective view showing the authority writing device. As shown in FIGS. 2 and 7, the authority writing device 40 includes an authority writing side storage unit 42, a human body communication circuit unit 44a and a human body communication electrode 44b as a human body communication unit on the authority writing side, It has an authority writing control unit 46 and a personal authentication unit 48 as a personal authentication unit.

  The authority writing control unit 46 is configured by a general microcomputer including a CPU, a ROM, a RAM, and the like, and performs a calculation operation by a software program stored in advance to execute processing described later. The authority writing control unit 46 has a built-in timing circuit 46a.

  The storage unit 42 is configured by a rewritable nonvolatile memory such as a flash memory, and can store use authority writing information in which the personal authentication information is associated with the personal identification ID that is the use authority information of the lock target. It is configured. Here, fingerprint data of each user registered in advance is stored as personal authentication information. The usage authority writing information is set and registered in advance by the administrator of this system.

  The human body communication circuit unit 44a and the human body communication electrode 44b have the same configuration as the human body communication circuit unit 24a and the human body communication electrode 24b, and perform human body communication using the human body as a communication path.

  The personal authentication unit 48 is configured to acquire personal authentication information. Here, when the user's fingertip touches the touch unit 40b provided so as to be exposed to the case 40a of the apparatus 40, the personal authentication unit 48 acquires the fingerprint of the fingertip as personal authentication information, and writes the authority. It gives to the control part 46 (refer FIG. 7).

  The human body communication electrode 44b is installed in the touch unit 40b. When the fingertip is brought into contact with the touch unit 40b, the fingerprint data is acquired as personal authentication information, and the human body communication circuit unit 44a and the human body communication are provided. Communication through the human body is established from the electrode 44b.

  As described above, when the personal authentication unit 48 is a biometric authentication device that accepts a living body by contact, the human body communication electrode 44b is in contact with a part of the personal authentication unit 48 where a part of the living body such as a finger contacts. It is preferable that human body communication can be established simultaneously with personal authentication. Thus, writing to the terminal device 20 can be performed at the time of personal authentication by biometric contact, which is convenient.

  The personal authentication unit 48 is not limited to the above example, and may be configured to acquire authentication information unique to each person such as a vein, a retina, and a voiceprint. As described above, if a biometric authentication device that acquires information specific to a biometric is used as the personal authentication unit 48, the user can conveniently perform personal authentication by hand.

  Further, as described above, the personal authentication unit not only acquires authentication information unique to the living body, but is also stored in the ID card by a card reader that reads an ID card given to each person as an authentication terminal device. A configuration in which the identification ID is read as personal authentication information, or a configuration in which the personal authentication information is acquired by an input personal identification number may be used. A modification using a card reader will be described later.

  FIG. 5 is a flowchart showing the operation of the authority writing device.

  After the start of processing, the authority writing device 40 determines whether or not personal authentication information has been acquired in step S11. If the acquisition of personal authentication information is denied, the process returns to step S11. On the other hand, when the personal authentication information is acquired by the personal authentication unit 48, the process proceeds to step S12.

  In step S12, it is determined whether or not human body communication is established. Here, if the establishment of human body communication is denied, the process returns to step S11. On the other hand, if it is determined that the human body communication is established, the process proceeds to step S13.

  In step S13, a personal identification ID as usage authority information is determined based on the acquired personal authentication information and usage authority writing information stored in the storage unit. That is, pattern matching or the like is performed between the acquired fingerprint data as personal authentication information and each fingerprint data stored in advance in the storage unit 42 to specify the personal identification ID, and then the process proceeds to step S14.

  In step S14, a signal including a command for writing the personal identification ID determined in step S13 together with the writing time is transmitted to the outside through the human body communication circuit unit 44a and the human body communication electrode 44b. Note that the writing time is determined based on a time signal from the time measuring circuit 46a.

  Thereby, in the terminal device 20, personal identification ID and writing time are written, and the process of the authority writing apparatus 40 is complete | finished.

  Such an authority writing device 40 is installed at a place where the user passes when using the system, here, at the entrance of the building B where the system is installed. Only one authority writing device 40 or a plurality of authority writing devices 40 may be installed in the entire system.

<4. Authentication lock device>
FIG. 8 is a diagram illustrating an example of a cabinet in which the authentication lock device is incorporated, and FIG. 9 is a diagram illustrating a usage state of the cabinet.

  The cabinet 10 has a door-type storage portion 10a in the upper half, and a plurality of (here, three) drawer-type storage portions 10b in the lower half.

  The door-type storage unit 10a has a double-open door 12 that can be freely opened and closed. By opening the door 12, an article stored therein can be used, and the door 12 is maintained in a closed state. The state in which the articles housed inside cannot be used is maintained.

  The joint portion of the door 12 is disposed so as to overlap, and when the one door 12 is closed, the other door 12 cannot be opened. Further, a handle portion 12a as an operation portion and a latch mechanism portion 12b are attached to one door 12. The latch mechanism portion 12b is a mechanism that is incorporated in the door 12 and locks so as to keep the door 12 in a closed state. As such a mechanism, various configurations including a well-known mechanism for freely engaging and disengaging the claw portion to the cabinet body 11 side can be adopted. The handle portion 12a is attached to the outer surface side of the door 12 so that the posture can be freely changed. The latch mechanism 12b performs locking and unlocking operations in conjunction with the posture change of the handle 12a. By incorporating a lock unit 68, which will be described later, into the latch mechanism unit 12b, the latch mechanism unit 12b is maintained in a locked state or is in an unlocked state.

  The drawer-type storage unit 10b has a plurality of drawer units 13 that can be opened and closed, in other words, can be pulled out and pushed in, and by using each drawer unit 13, articles stored therein can be used. By maintaining the drawer portion 13 in the pushed-in state, the state in which the articles housed therein cannot be used is maintained.

  The drawer portion 13 is formed in a bowl shape that opens upward, and a handle portion 13a as an operation portion and a latch mechanism portion 13b are attached to the front surface thereof.

  The latch mechanism 13b is a mechanism that is incorporated in the front side portion of the drawer 13 and locks the drawer 13 so as to keep it closed. As such a mechanism, various configurations including a well-known mechanism can be adopted as in the case of the latch mechanism portion 12b. The handle portion 13a is attached to the front surface of the drawer portion 13 so that the posture can be freely changed, and the latch mechanism portion 13b performs locking and unlocking operations in conjunction with the posture change of the handle portion 13a. . By incorporating a lock unit 68, which will be described later, into the latch mechanism unit 13b, the latch mechanism unit 13b is maintained in a locked state or is in an unlocked state.

  The storage means is not limited to the above configuration. The whole storage means may be configured to be opened and closed by a door, or may be configured to have only a plurality of drawers. Further, the storage means is not limited to the cabinet 10 as described above, and may be a locker, a desk, a drawer of a side desk, or the like.

  The authentication lock device 60 is attached to the outer surface side of the door 12 and the drawer portion 13 in the cabinet 10 as described above.

  As shown in FIG. 3, the authentication lock device 60 includes a storage unit 62 on the authentication lock side, a human body communication circuit unit 64a and a human body communication electrode 64b as a human body communication unit on the authentication lock side, a lock control unit 66, And a lock portion 68.

  The lock control unit 66 is configured by a general microcomputer including a CPU, a ROM, a RAM, and the like, and performs an arithmetic operation using a software program stored in advance to execute processing described later. The lock control unit 66 includes a time measuring circuit 66a.

  The storage unit 62 is configured by a rewritable non-volatile memory such as a flash memory, and stores use permission / rejection information in which a personal identification ID as an identification code is associated with use permission / inhibition of the lock target. The use approval / disapproval information includes, for example, information that associates “use permission” or “use disapproval” as the use approval / disapproval with “0001”, which is the personal identification ID. Settings are registered.

  The basic configurations of the human body communication circuit unit 64a and the human body communication electrode 64b are the same as those of the human body communication circuit unit 24a and the human body communication electrode 24b. Here, the handle portions 12a and 13a are formed of a conductive material such as metal and are used as the human body communication electrode 24b (see FIG. 9). Accordingly, when the user touches the book handles 12a and 13a, human body communication is established between the terminal device 20 possessed by the user and the authentication lock device 60. However, the electrode 24b for human body communication may be configured to be exposed to the outside of the door 12 or the lead-out portion 13 as electric power dedicated for human body communication.

  The lock unit 68 is configured to be able to switch the lock target to a locked state or an unlocked state under the control of the lock control unit 66. Here, the lock part 68 maintains the door 12 or the drawer | drawing-out part 13 which are lock | rock objects in a locked state or an unlocked state by restrict | limiting the operation | movement of the said latch mechanism parts 12b and 13b. As such a lock unit 68, for example, a combination of an actuator such as an electromagnetic plunger that operates to restrict or allow the locking and unlocking operations of the latch mechanism units 12 b and 13 b and a drive circuit that drives the actuator. Since it can be realized by various configurations including well-known techniques applied to various electronic lock devices such as combination, the description thereof is omitted here.

  FIG. 6 is a flowchart showing the operation of the authentication lock device.

  First, in the initial state, the lock portion 68 is in a locked state in which the door 12 and the drawer portion 13 are kept closed.

  After the start of processing from this initial state, first, in step S21, it is determined whether or not human body communication is established. Here, if establishment of human body communication is denied, the process of step S21 is repeated. On the other hand, if it is determined that the user possessing the terminal device 20 touches the handle portions 12a and 13a and the human body communication is established, the process proceeds to step S22.

  In step S22, a signal requesting the personal identification ID and the writing time is transmitted to the outside through the human body communication circuit unit 64a and the human body communication electrode 64b. Thereby, the personal identification ID and the writing time are transmitted from the terminal device 20, and the personal identification ID and the writing time are received via the human body communication.

  In the next step S23, the presence / absence of use authority is determined based on the personal identification ID received through the human body communication and the use permission / denial information stored in the storage unit 62. For example, if “use permission” is associated with the received personal identification ID, it is determined that there is a use authority, and if “use not permitted” is associated with it, it is determined that there is no use authority. To do. If it is determined that there is no usage authority, the process returns to step S21. On the other hand, if it is determined that the use authority exists, the process proceeds to the next step S24.

  In step S24, it is determined whether or not an available condition is satisfied based on the writing time received through the human body communication and the timing signal from the built-in timing circuit 66a. The usable condition is, for example, a condition such as whether or not it is within a predetermined time (for example, 12 hours) set in advance from the writing time, and the predetermined time is set in advance by the administrator of the system or the like It's time.

  If it is determined in step S24 that the availability condition is not satisfied, the process returns to step S21. At this time, since the locked state of the lock portion 68 is maintained, the door 12 and the drawer portion 13 cannot be opened for use. On the other hand, if it is determined in step S24 that the available condition is satisfied, the process proceeds to step S25. In this way, whether or not it can be used is determined in step S23 and step S25.

  In step S25, the lock unit 68 performs an unlock operation. Thereby, the latch mechanism parts 12b and 13b are unlocked, and the door 12 and the drawer part 13 can be opened and used. Thereby, the process is terminated.

  The usable condition information is not limited to the above example. For example, the writing date may be stored in the terminal device 20 as the usable condition information. In this case, when the authentication lock device 60 determines that the date is the same as the writing date, it may be determined that the usable condition is satisfied.

  Further, as the use condition information, the number of times of use (for example, contents that can be used only once) is set in advance in the authority writing device 40, and the authority writing device 40 can use the information in the terminal device 20. The number information may be written. In this case, the authentication lock device 60 may determine that the usable condition is satisfied when it is determined that the use is performed within the upper limit number defined by the usable number information. In this case, each time the terminal device 20 is used, the terminal device 20 may count the number of times of use, or the individual authentication lock device 60 may count the number of times of use, or You may count the frequency | count of utilization of the whole utilization target object by mutually communicating by all the authentication lock apparatuses 60. FIG. Then, based on the counted number of uses and the number of available times, it may be determined whether or not the use is within a predetermined upper limit number.

  Further, as the usable condition information, the writing time information including at least one of the writing time and the writing date and the usable frequency information are adopted, and the usable condition is satisfied when both the above conditions are satisfied. You may judge.

  Here, the case where the authentication lock device 60 is incorporated in the cabinet 10 has been described as an example, but the same applies to the entrance door 16 of the room R.

  When the object to be used is the personal computer 18, the lock unit 68 is connected to an input / output terminal such as a USB port of the personal computer 18. A usage permission signal for enabling the personal computer 18 may be output so that the personal computer 18 can be used in an unlocked state. In this case, the human body communication electrode 64b may be configured to be exposed to the outside as an electrode dedicated to human body communication. However, it is preferable to install the human body communication electrode 64b at a contact portion that is directly or indirectly touched by the human body when using the personal computer 18, such as a desk, chair, mouse or keyboard.

<5. Overall operation>
The overall operation of the authentication system configured as described above will be described based on the operation of the user.

  First, the user has the terminal device 20 and enters the building B where the present system is installed. Since the authority writing device 40 is installed at the entrance of the building B, the user touches the touch part 40b of the authority writing device 40 with the finger. Then, the authority writing device 40 performs fingerprint authentication, identifies the user, and writes the personal identification ID and the writing time to the terminal device 20 possessed by the user via human body communication.

  The authority writing device 40 is not necessarily installed at the entrance of the building B. For example, when the security area and the open area are set in the building B, the authority writing device 40 may be at the entrance of the security area or at the entrance of a predetermined room. However, by installing the authority writing device 40 at the entrance of the area where the cabinet 10, the personal computer 18, the entrance door 16 and the like as lock objects are installed, when the user uses the entrance, Use authority information can be written in the terminal device 20, which is convenient.

  Next, the user enters a predetermined room R in which the present system is installed through a passage. An authentication lock device 60 is installed at the entrance door 16 of the room R. The user grasps the handle portion of the entrance door 16 and tries to open the entrance door 16. At this time, human body communication is performed between the authentication lock device 60 and the terminal device 20 possessed by the user, and the personal identification ID and the writing time are transmitted from the terminal device 20 to the authentication lock device 60. . As a result, the authentication lock device 60 determines whether or not the usage authority exists, and determines whether or not the usable condition is satisfied. Here, when there is a use authority and the use condition is satisfied, the authentication lock device 60 switches the door 16 from the locked state to the unlocked state. As a result, the user can enter the room R by opening the door 16. On the other hand, if “use not permitted” is registered for the personal identification ID, it is determined that the user has no use authority and cannot enter the room. Also, even if “use permission” is registered for the personal identification ID (use authority), if the specified time has passed since the writing time, the usable condition is not satisfied. The locked state of the entrance door 16 is maintained, and the room cannot be entered.

  When the user enters the room R and closes the entrance door 16, the user is switched to the locked state again.

  Further, when the user enters the room R and uses each cabinet 10 or personal computer 18, the authentication lock device 60 provided in each cabinet 10 or personal computer 18 and the terminal device 20 possessed by the user, In the same manner as described above, the presence / absence of the use authority and whether or not the usable condition is satisfied are determined. Each cabinet 10 and personal computer 18 can be used only when there is a use right and the use condition is satisfied. When the use is finished, each cabinet 10 and the personal computer 18 are switched to an unusable locked state.

  According to the authentication system configured as described above, human body communication is performed between the terminal device 20 possessed by the user who actually intends to use and the authentication lock device 60 to determine whether or not the user can use the device. For this reason, it is possible to prevent authentication from being performed with an erroneous terminal device in the vicinity as in the case of authentication by a wireless communication method, and it is possible to effectively prevent erroneous authentication.

  The authority writing device 40 acquires personal authentication information, and uses authority information (personal identification ID) determined based on the personal authentication information and usage authority writing information, and usable condition information (writing time). ) To the terminal device 20. Then, the authentication lock device 60 determines whether or not it can be used based on usage authority information (personal identification ID) received from the terminal device 20 through human body communication and usage condition information (writing time). When it is determined that the lock portion 68 is in an unlocked state. Therefore, the lock unit 68 can be unlocked only when the usable condition is satisfied, that is, when the predetermined time has not elapsed since the writing time. For this reason, when a legitimate user loses the terminal device 20 and is unaware of it, even if an unauthorized person tries to use the terminal device 20, the terminal device 20 is used when a predetermined time elapses from the writing time. The door 12, the drawer part 13, and the entrance door 16 cannot be opened and used, or the personal computer 18 cannot be used. Therefore, misuse of the terminal device 20 can be effectively prevented.

  In particular, since the lock control unit 66 determines that the use condition is not satisfied and the use condition is not satisfied when a predetermined time has elapsed from the write time based on the write time as the use condition information, The terminal device 20 can be reliably prevented from being abused after a predetermined time has elapsed.

  Note that the availability condition information may be the writing date as described above instead of the writing time, and it may be determined that the availability condition is satisfied only for the use of the terminal device 20 on the same day as the writing. Thereby, it can be made available only for the use of the terminal device 20 on the same day as the writing, and abuse on the next day can be effectively prevented.

  Moreover, as described above, the usable number information may be used as the usable condition information, and it may be determined that the usable condition is satisfied when the use is performed within a predetermined upper limit number of times. Thereby, when the predetermined upper limit number is exceeded, the abuse of the terminal device 20 can be prevented.

  Also, the personal identification ID is written in the terminal device 20 as the usage authority information, and the authentication lock device 60 stores the usage approval / disapproval information that correlates the use approval / disapproval between the personal identification ID and the lock object, and performs human body communication. In order to determine whether or not use is possible based on the personal identification ID and use permission / inhibition information received via the authentication lock device 60, it is possible to determine whether or not each terminal device 20 can be used by changing the use permission / denial on the authentication lock device 60 side. For example, after writing the personal identification ID or the like in the terminal device 20, if the user notices at an early stage that the terminal device 20 has been lost, the use permission / inhibition information on the authentication lock device 60 side indicates the personal identification ID. By setting the association to “unauthorized”, the terminal device 20 can be immediately disabled from being used.

  However, it is also possible to simply write “use permission” or “use not-permitted” information to the terminal device 20 as the use authority information. In this case, the authentication lock device 60 may receive the “use permission” or “use not-permitted” information from the terminal device 20 through human body communication, and determine whether or not the use authority exists.

  Further, since the personal authentication information is acquired by the authority writing device 40, the personal authentication operation for that purpose only needs to be performed once.

  For this reason, when a biometric authentication device or the like is used as the personal authentication unit 48, a relatively expensive biometric authentication device is not installed on each object to be used, but only installed on the authority writing device 40. Since only a few installations are required, the overall cost of the system can be reduced.

  Assuming that a card reader is used as the personal authentication unit 48, the authority writing device 40 only allows the user to perform a relatively troublesome authentication operation using an ID card. Therefore, the burden on the user can be reduced.

  In particular, the human body communication electrode 64b of the authentication lock device 60 is operated to use the contact portion with which the human body directly or indirectly comes into contact when using the lock object, particularly the cabinet 10 as the lock object. Since the human body communication electrodes 24b are provided on the handle portions 12a and 13a which are the operation portions to be operated, authentication is performed when the user operates the handle portions 12a and 13a when using the lock object. A special authentication operation other than the authentication unit 48 can be eliminated.

<6. Modification>
FIG. 10 is a diagram showing a modification of the authority writing device. This authority writing device 160 has a personal authentication communication unit 168a that performs proximity communication with a personal authentication terminal 170 given to a user as a personal authentication unit. Such a personal authentication terminal 170 is, for example, an ID card (for example, felica), and the personal authentication communication unit 168a is, for example, a card reader (for example, a personal computer) or the like for reading it. The personal authentication communication unit 168a includes a human body communication electrode 164b that is disposed at a position where the personal authentication terminal 170 can come into contact with a hand that attempts to bring the personal authentication terminal 170 close to the personal authentication communication unit 168a. Here, a mesh-like human body communication electrode 164b is disposed on the surface of the personal authentication communication unit 168a.

  In this modification, when the user tries to bring the personal authentication terminal 170 close to the personal authentication communication unit 168a, the hand and the human body communication electrode 164b come into contact with each other, and human body communication is established. Therefore, when performing personal authentication by the personal authentication terminal 170, it is possible to write the authority to use the terminal device 20 by human body communication.

  FIG. 11 is a view showing a modification of the handle portion. In this modification, the door 112 has a rotatable lever-type handle portion 112a. The handle portion 112a is formed of a conductive material such as metal and is used as the human body communication electrode 64b. As described above, various forms are conceivable as the operation unit that is operated prior to the use of the object to be used.

  In addition, a lock unit is incorporated in the authority writing device 40 installed at the entrance of the building B, and the gate at the entrance of the building B is unlocked to allow entry only when personal authentication is permitted. May be. In this case, the authentication lock device 60 is also incorporated into the authority writing device 40, and when the user enters the building B again, the use of the authentication lock device 60 is determined to determine whether it can be used and the locked state is released. You may make it perform.

It is explanatory drawing which shows the whole structure of the authentication system which concerns on embodiment. It is a block diagram which shows a terminal device and an authority writing apparatus. It is a block diagram which shows a terminal device and an authentication locking device. It is a flowchart which shows operation | movement of a terminal device. It is a flowchart which shows operation | movement of an authority writing apparatus. It is a flowchart which shows operation | movement of an authentication locking device. It is a perspective view showing an authority writing device. It is a figure which shows an example of the cabinet incorporating the authentication locking device. It is a figure which shows the utilization condition of a cabinet. It is a figure which shows the modification concerning an authority writing apparatus. It is a figure which shows the modification of a handle part.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Cabinet 12,112 Door 12a, 13a, 112a Handle part 13 Drawer part 16 Entrance door 18 Personal computer 20 Terminal device 22 Memory | storage part 24a Human body communication circuit part 24b Human body communication electrode 26 Terminal side control part 40 Authority writing apparatus 40b Touch Unit 42 Storage unit 44a Human body communication circuit unit 44b Human body communication electrode 46 Authority write control unit 46a Timing circuit 48 Personal authentication unit 60,160 Authentication lock device 62 Storage unit 64a Human body communication circuit unit 64b, 164b Human body communication electrode 66 Lock Control unit 66a Clock circuit 68 Lock unit 168a Personal authentication communication unit 170 Personal authentication terminal

Claims (12)

An authentication system for authenticating a locked object,
According to the communication result through the terminal side human body communication unit, the terminal side human body communication unit that performs human body communication using the human body as a communication path, and the terminal side human body communication unit that can store the use authority information and the usable condition information. Use authority information and use condition information received through the terminal-side human body communication unit are written in the terminal storage unit, or use authority information and use condition information stored in the terminal-side storage unit are written on the terminal side A terminal device having a terminal-side control unit that transmits to the outside through the human body communication unit;
A personal authority that obtains personal authentication information, an authority writing side human body communication part that performs human body communication using the human body as a communication path, and a usage authority document that associates the personal authentication information with the usage authority information of the lock object Usage authority determined based on the authority writing side storage unit storing the stored information, the personal authentication information acquired by the personal authentication unit, and the usage authority writing information stored on the authority writing storage unit side An authority writing device having an authority writing control unit that transmits an instruction to write information together with the availability condition information to the outside via the authority writing side human body communication unit;
An authentication lock side human body communication unit that is provided on the lock object and performs human body communication using the human body as a communication path; a lock unit that locks or unlocks the lock object; and the authentication lock from the terminal device Based on the usage authority information and usage condition information received through the side human body communication unit, it is determined whether or not it can be used, and when it is determined that it can be used, the lock unit is controlled to be switched from the locked state to the unlocked state. An authentication lock device having a lock control unit,
Authentication system equipped with. The authentication system according to claim 1,
The authority writing device can be used including at least one of available number of times information stored in advance in the authority writing side storage unit and writing time information determined based on a timing signal from a timing circuit. Determine the condition information,
The lock control unit is defined based on at least one of the available number of times information and the writing time information based on the available condition information received from the terminal device through the authentication lock side human body communication unit. An authentication system that determines whether or not the condition is satisfied, and determines that it cannot be used if the condition is not satisfied. The authentication system according to claim 1 or claim 2,
The usage authority information is an identification code,
The authentication lock device has an authentication lock side storage unit that stores use permission / denial information in which an identification code and use permission / denial of the lock object are associated with each other,
The lock control unit determines whether or not use is possible based on an identification code received from the terminal device through the authentication lock side human body communication unit and use permission / rejection information stored in the authentication lock side storage unit. . The authentication system according to any one of claims 1 to 3,
The personal authentication unit is an authentication system that is a biometric authentication device that acquires information unique to a biometric. The authentication system according to claim 4,
The personal authentication unit is a biometric authentication device that performs authentication by contact with a living body,
The authority writing side human body communication unit includes an electrode for human body communication that can contact a living body when the living body contacts the biometric authentication device. The authentication system according to any one of claims 1 to 3,
The personal authentication unit includes a personal authentication communication unit that performs proximity communication with a personal authentication terminal assigned to a user.
The authority writing-side human body communication unit includes an electrode for human body communication disposed at a position where the personal authentication terminal can come into contact with a hand that is about to come close to the personal authentication communication unit. The authentication system according to any one of claims 1 to 6,
The authority writing device is an authentication system installed at an entrance of an area where the lock object exists. The authentication system according to any one of claims 1 to 7,
The authentication lock device includes:
As the lock part,
A storage lock portion for locking and unlocking an opening / closing portion attached to the storage means as the lock object;
An entrance door lock for locking and unlocking the entrance door of the room;
A control lock unit for locking and unlocking the electrical device unusable and usable;
And an authentication system. The authentication system according to any one of claims 1 to 8,
The authentication lock-side human body communication unit has a contact unit as a human body communication electrode that directly or indirectly contacts the human body when using the object to be locked. A terminal device for authenticating a locked object,
A terminal-side storage unit capable of storing use authority information and use condition information;
A terminal-side human body communication unit that performs human body communication using the human body as a communication path ;
In accordance with the communication result through the terminal-side human body communication unit, the usage authority information and the usable condition information received through the terminal-side human body communication unit are written into the terminal storage unit or stored in the terminal-side storage unit. A terminal-side control unit that transmits the usage authority information and the usable condition information to the outside through the terminal-side human body communication unit;
A terminal device comprising: An authority writing device capable of writing information to a terminal device for performing authentication of a lock object,
A personal authentication unit for acquiring personal authentication information;
An authority writing side human body communication unit for performing human body communication using the human body as a communication path ;
An authority writing side storage unit that stores usage authority writing information in which personal authentication information and usage authority information of the lock object are associated;
A command to write usage authority information determined together with the usage condition information determined based on the personal authentication information acquired by the personal authentication unit and the usage authority writing information stored on the authority writing storage unit side, An authority writing control unit that transmits to the outside via the authority writing side human body communication unit;
An authority writing device comprising: An authentication lock device that is provided on a lock object and communicates with a terminal device to authenticate the lock object,
An authentication lock side human body communication unit for performing human body communication using the human body as a communication path ;
A lock unit that locks or unlocks the object to be locked;
Based on the usage authority information and the usage condition information received from the terminal device through the authentication lock side human body communication unit, whether or not the usage can be determined is determined. When it is determined that the usage is possible, the lock unit is unlocked from the locked state. A lock control unit that controls to switch to the locked state;
An authentication lock device comprising:

Images