JP5316374B2 - Authentication system and authentication method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To perform authentication between the portable equipment of a crew and on-board information equipment while securing privacy and security without having a user perform any special operation. <P>SOLUTION: The time-sequential data of detection values (position information and acceleration information, etc.) detected by respective sensor parts 11 and 21 of the on-board information equipment 10 and the portable equipment 20 are utilized as an authentication key for determining the propriety of the authentication. Such time-sequential data of the detection values of the sensor parts 11 and 21 are data which are extremely difficult to obtain even when they are to be obtianed outside an automobile. Thus, by using such time-sequential data of the detection values as an authentication key, the authentication is performed with the on-board information equipment 10 with only the portable equipment 20 carried by the crew as an object. As a result, when authenticating the on-board information equipment 10 and the portable equipment 20 and connecting them through a network, sufficient security is secured and the privacy is protected. <P>COPYRIGHT: (C)2011,JPO&amp;INPIT

Description

  The present invention relates to an authentication system and an authentication method for performing authentication for establishing a network connection between an information device having a communication function installed in a vehicle and a portable device having a communication function carried by an occupant of the vehicle About.

  Conventionally, in a vehicle, it is possible to make a call without operating the mobile phone by connecting the mobile phone and the in-vehicle information device using wireless communication such as Bluetooth (registered trademark; hereinafter the same) and wireless LAN. A hands-free system is known.

  Further, Patent Document 1 describes an in-vehicle communication device that enables communication with a connection target device inside and outside a vehicle interior. In this in-vehicle communication device, an antenna having directivity toward the outside of the vehicle interior and an antenna having directivity toward the interior of the vehicle are selectively used to authenticate with the connection target devices inside and outside the vehicle interior. . Corresponding antenna information indicating the relationship between the device that has performed this authentication and the antenna used at the time of authentication is registered, and when performing data communication with any of the connection target devices, the antenna to be used is based on the corresponding antenna information. Is switched.

JP 2008-61080 A

  As described above, in recent years, portable devices have been brought into vehicles such as automobiles, and there is a demand for wirelessly connecting portable devices brought in and information devices installed in the automobile and using them in cooperation. Is growing. On the other hand, in order to ensure security and protect privacy, in information equipment, authentication that reliably identifies mobile devices brought into the vehicle cabin and grants connection permission only to those mobile devices. Procedures are required.

  Therefore, for example, in the above-described hands-free system, a mobile phone connected to the in-vehicle information device is registered in the in-vehicle information device in advance, thereby limiting the mobile phone connected to the in-vehicle information device and protecting privacy. .

  However, the registration procedure for a mobile phone is usually complicated and is difficult for ordinary users. In addition, there is a problem in terms of convenience, for example, when a car or a mobile phone is changed, it is necessary to register again. Furthermore, in the case of a car that is temporarily used, such as a rental car, pre-registration cannot be performed, so that the mobile phone cannot be immediately connected to the information device. Moreover, since the communication signal can reach the outside of the passenger compartment, it can theoretically be connected to a mobile phone outside the passenger compartment. That is, since it cannot authenticate that only the mobile phone in a vehicle interior is connected, a privacy problem may arise.

  Moreover, in the vehicle-mounted communication apparatus of patent document 1, whether the control signal containing SSID (Service Set ID) for identifying the wireless network to which it belongs was transmitted from the antenna, and the signal responding to this control signal was able to be received. Therefore, it is detected whether there is a connection target device in the transmission area.

  However, even if an antenna having directivity toward the vehicle interior is used, radio signals that leak out of the vehicle interior cannot be eliminated in the frequency band used by the wireless LAN. For this reason, similarly to the above-described hands-free system, portable devices around the vehicle existing in the direction of the antenna may be connected, which may cause a privacy problem. On the other hand, when the transmission output is adjusted so as to reduce the leaked radio signal, the reception state is deteriorated even in the passenger compartment, and the communication efficiency may be extremely deteriorated.

  In order to eliminate the above-mentioned drawbacks of the prior art, when a portable device such as a mobile phone is brought into the passenger compartment of an automobile, the portable device and the in-vehicle information device authenticate each other without any special operation by the user. Is desired. However, in order to ensure privacy and security, it is necessary to prevent a third-party mobile device that is not in the passenger compartment from easily connecting to the information device through the security hole of the authentication procedure.

  The present invention has been made in view of the above-described points, and a portable device and a vehicle information device brought in by a vehicle occupant while ensuring privacy and security without any special operation by the user. It is an object of the present invention to provide an authentication system and an authentication method capable of performing authentication for establishing a network connection.

To achieve the above object, in the authentication system according to claim 1, a vehicle in which an information device installed in a vehicle and a portable device carried by a passenger are observed by both the information device and the portable device. Having detection means for detecting the same kind of physical quantity with respect to
The degree of similarity is determined by comparing the time-series data of the physical quantity detected by the detection means of the information device and the time-series data of the physical quantity detected by the detection means of the portable device, and whether or not authentication is possible based on the determination result an authentication means for determining,
The authentication means is characterized in that when the detection period of each detection means of the information device and the portable device is different, it extracts a physical quantity by a detection period corresponding to the least common multiple of the detection period of each other and forms time series data. To do.

  As described above, in the authentication system according to claim 1, the time-series data of the physical quantity relating to the vehicle detected by the detection means of each of the information device and the portable device is used as data for determining whether or not to authenticate, that is, as an authentication key. Use. The time-series data of the physical quantities related to the vehicle is very difficult to acquire even if it is acquired outside the vehicle. In addition, even if the time-series data of the physical quantity used for authentication is stolen, the time-series data of the physical quantity changes, and therefore authentication cannot be performed using the time-series data of the stolen physical quantity.

  Accordingly, by using such time-series data of physical quantities as an authentication key, authentication is performed between the information device of the vehicle and the portable device of the occupant only for the portable device carried by the occupant of the vehicle. It becomes possible. As a result, when the information device and the portable device are connected to the network, sufficient security can be ensured and privacy can be protected.

Then, by performing authentication using the above-described physical quantity time-series data as an authentication key, the occupant registers some data for identifying the portable device in advance in the vehicle information device regarding the portable device. No special operation such as placing is required, and the convenience of the passenger carrying the portable device can be improved.
However, even if the detection unit of the information device and the detection unit of the portable device detect the same kind of physical quantity, the detection cycle of each detection unit may be different. In such a case, by extracting only the physical quantity in the same detection cycle, the difference in the detection means can be canceled out, so that the similarity determination accuracy can be improved.
In the authentication system according to claim 2, the information device installed in the vehicle and the portable device carried by the occupant are detected by both the information device and the portable device and detect the same kind of physical quantity related to the vehicle. Having means,
The degree of similarity is determined by comparing the time-series data of the physical quantity detected by the detection means of the information device and the time-series data of the physical quantity detected by the detection means of the portable device, and whether or not authentication is possible based on the determination result Authentication means for determining
A determination means for determining whether the time-series data of the physical quantity is close to white noise,
When the determination unit determines that the time-series data of the physical quantity is close to white noise, the time-series data of the physical quantity is not used for authentication.
When the noise component increases due to the influence of thermal noise and the S / N ratio of the detection signal output from the detection means becomes very low, it cannot be said that the time series data is observed only in the vehicle, The validity as an authentication key is reduced. Accordingly, when it is determined that the time-series data of the physical quantity is close to white noise, authentication is not performed using the time-series data of the physical quantity.
The authentication system according to claim 3, wherein the information device installed in the vehicle and the portable device carried by the occupant are detected by both the information device and the portable device to detect the same kind of physical quantity relating to the vehicle. Having means,
The degree of similarity is determined by comparing the time-series data of the physical quantity detected by the detection means of the information device and the time-series data of the physical quantity detected by the detection means of the portable device, and whether or not authentication is possible based on the determination result An authentication means for determining
An information device can authenticate with a plurality of portable devices and be connected to a plurality of portable devices at the same time. When data is received from one portable device connected to the network, the information device is connected to the network. The received data is transmitted to another portable device.
When there are multiple occupants in a vehicle and each of these occupants carries a mobile device, there is a request that these mobile devices also connect to each other through authentication and use them in cooperation. Yeah. In this case, if authentication for network connection is performed between mobile devices, the number of required authentication procedures increases at an accelerated rate as the number of mobile devices increases, and the load for authentication procedures increases. Will do.
On the other hand, in claim 3, when there are a plurality of portable devices, each portable device only needs to authenticate with the information device, so that it is possible to prevent the load for the authentication procedure from increasing. . When the information device receives data from one mobile device connected to the network, the information device transmits the received data to another mobile device connected to the network. Therefore, since each mobile device is in a state of being connected to each other via the information device, the mobile devices can be used in cooperation with each other.
In the authentication system according to claim 4, the information device installed in the vehicle and the portable device carried by the occupant are the same kind of physical quantity relating to the vehicle, which is observed by both the information device and the portable device, Detecting means for detecting at least one of a physical quantity that changes according to the position of the vehicle and a physical quantity that changes according to the movement of the vehicle;
The degree of similarity is determined by comparing the time-series data of the physical quantity detected by the detection means of the information device and the time-series data of the physical quantity detected by the detection means of the portable device, and whether or not authentication is possible based on the determination result It is characterized by comprising authentication means for determining.

As described in claim 5 , the authentication means is provided in one of the information device and the portable device, and the time series data of the physical quantity detected by the other detection means of the information device and the portable device is converted to the information device. It is preferable to obtain it through communication between portable devices and compare it with time-series data of physical quantities detected by one detection means of the information device and the portable device. As described above, when the authentication unit is provided in one of the information device and the portable device, the time-series data of the physical quantity necessary for the authentication can be easily acquired from both the information device and the portable device.

According to a sixth aspect of the present invention, when the authentication is permitted by the authentication unit and the information device and the portable device are connected to the network, the setting unit includes a setting unit that sets a valid period of the network connection. If the authentication means permits another authentication within the valid period, it is preferable to extend the network connection valid period, while if the second authentication is not permitted, it is preferable to disconnect the network connection. In this way, by determining the validity period of the network connection, only when the occupant carrying the mobile device remains in the vehicle, the information device and the mobile device are connected to the network, and after the occupant goes out of the vehicle Can disconnect the network connection between the information device and the portable device. As a result, even if the mobile device is once connected to the information device via the network, the network connection is disconnected after the mobile device is taken out of the vehicle, so that further protection of privacy can be achieved.

As described in claim 7 , the information device and the portable device have a filter unit that filters the physical quantity detected by the detection unit, and the authentication unit compares the time-series data of the filtered physical quantity, It is preferable to determine the similarity. The physical quantity data detected by the detection means may include noise and the like, and the degree of similarity may not be correctly determined by simply comparing such physical quantity data. Therefore, in order to determine the similarity, it is desirable to compare time-series data of physical quantities after performing filtering processing for removing components such as noise.

According to the eighth aspect of the present invention, when the detection means of each of the information device and the portable device has different detection sensitivities, the authentication unit is configured so that the magnitude of the change in the physical quantity detected by each detection unit matches. It is preferable to form time series data from the normalized physical quantities.

  Even if the detection unit of the information device and the detection unit of the portable device detect the same physical quantity, the detection cycle and detection sensitivity of each detection unit may be different. In such a case, it is possible to cancel out the difference in the detection means by extracting only the physical quantity of the same detection period or normalizing so that the magnitude of the change in the physical quantity matches. Can be improved.

As described in claim 9 , the detection means includes a GPS sensor that acquires position information, an acceleration sensor that detects acceleration, a sound sensor that detects ambient sound, a temperature sensor that detects environmental temperature, and an atmospheric pressure sensor that detects atmospheric pressure. It is preferable that it is at least one of the sunshine sensors which detect sunlight illumination. These sensors can detect physical quantities peculiar to the vehicle according to the position and motion of the vehicle, the environment in which the vehicle is placed, the indoor situation, and the like. Therefore, time-series data of physical quantities detected by these sensors can be obtained only for the vehicle and can be used as an authentication key.

In addition, as described in claim 10 , the information device and the portable device detect, as detection means, a GPS sensor that acquires position information, an acceleration sensor that detects acceleration, a sound sensor that detects ambient sound, and an ambient temperature. Among temperature sensors, atmospheric pressure sensors that detect atmospheric pressure, and sunshine sensors that detect daily illuminance, there are multiple types of sensors, and the authentication means uses time-series data of physical quantities detected by these multiple sensors. Thus, whether or not to authenticate may be determined. When only the time-series data of physical quantities detected by a single sensor is used as the authentication key, the possibility that similar time-series data can be acquired outside the vehicle cannot be denied. For example, if a GPS sensor that detects the position of a vehicle is used as the detection means, and there is another vehicle that moves in the same direction and at the same speed in the vicinity of the vehicle, the vehicle position detected by the GPS sensor The series data can be similar to the time series data of positions observed in other vehicles. On the other hand, if time-series data of physical quantities detected by a plurality of different types of sensors is used, the possibility that these time-series data can be acquired outside the vehicle is significantly reduced.

  In addition, since the authentication method described in Claim 11-Claim 20 has the same effect as the authentication system of Claim 1-10 mentioned above, description is abbreviate | omitted.

It is a block diagram which shows schematic structure of the apparatus cooperation system containing the authentication system by embodiment of this invention. It is a flowchart which shows the life cycle regarding the network connection in this apparatus cooperation system. It is a state transition diagram which shows an example of the state transition regarding the connection state with the vehicle-mounted information apparatus of a portable apparatus. It is a state transition diagram which shows the other example of the state transition regarding the connection state with the vehicle-mounted information apparatus of a portable apparatus. It is a sequence diagram which shows the detail of an authentication process procedure. It is a sequence diagram which shows the detail of a session lease update process. It is a sequence diagram which shows the system which cooperates between in-vehicle information equipment and a some portable apparatus when a some portable apparatus exists in a vehicle interior. An example of observation data of an acceleration sensor is shown, and (a) is a graph showing the acceleration in the vertical direction of an actual automobile when observing acceleration as data for authentication in an in-vehicle information device and a portable device, (b) ) Is a graph showing observation data as discrete data observed by the acceleration sensor unit of the in-vehicle information device, (c) is a graph showing observation data as discrete data observed by the acceleration sensor unit of the portable device, and (D) is a graph which shows another acceleration time series data which the acceleration sensor part of the apparatus outside a vehicle observed. (A) to (d) are normalized so that the average value is zero and the standard deviation is 1 and the observation period is long with respect to the time-series data of speeds shown in FIGS. It is a graph which shows the data normalized so that it may fit. The square value of the cross-correlation function when the horizontal axis is the variable j for correcting the difference in observation timing when the mobile device is in the same vehicle as the in-vehicle information device and when the mobile device is outside the vehicle. It is the graph which showed the mode of change.

  Hereinafter, an authentication system according to an embodiment of the present invention will be described with reference to the drawings. FIG. 1 is a configuration diagram illustrating a schematic configuration of a device cooperation system including an authentication system according to the present embodiment.

  In the present embodiment, an example in which an information device is mounted on a vehicle as a vehicle will be described. However, the application target of the present invention is not limited to automobiles, but can be applied to vehicles such as ships, airplanes, and railway vehicles. Furthermore, in the present embodiment, not only the cooperation between the information device and the portable device, but also the vehicle has a plurality of passengers, and when the plurality of passengers bring the portable devices into the vehicle interior, The cooperation will also be explained.

  In FIG. 1, the in-vehicle information device 10 and the portable device 20 include communication units 17 and 27 for performing wireless communication with each other. In the present embodiment, the communication units 17 and 27 perform wireless communication with each other via a wireless LAN. However, the communication method is not limited to this method, and other communication methods such as Bluetooth may be adopted.

  The communication units 17 and 27 perform communication using well-known TCP / IP according to a wireless LAN system. This TCP / IP has a four-layer structure including a data link layer, a network layer, a transport layer, and an application layer. In the data link layer protocol, broadcast messages can be exchanged. Moreover, each processing part (especially authentication part 13 and 23) of the vehicle-mounted information apparatus 10 and the portable apparatus 20 can acquire the message exchanged by this data link layer via the communication parts 17 and 27. And

  Message exchange by broadcast is first started when the authentication unit 23 of the mobile device 20 transmits an authentication request signal that does not specify a communication partner via the communication unit 27 (broadcast transmission). The authentication request signal includes an authentication request command and information on the public key of the mobile device 20. When the authentication unit 13 of the in-vehicle information device 10 receives the authentication request signal via the communication unit 17, a signal including the public key of the in-vehicle information device 10 and the public key information of the in-vehicle information device 10 is transmitted to the mobile device 20. Return it. As a result, the public key is exchanged between the in-vehicle information device 10 and the portable device 20, and a connection (data link connection) in the data link layer is established. The in-vehicle information device 10 may transmit an authentication request signal instead of the mobile device 20, and the mobile device 20 may be configured to return a signal including public key information in response to the authentication request signal. In this case, the authentication process described below may be performed by the mobile device 20.

  FIG. 2 shows a life cycle related to network connection in the device cooperation system. As described above, the in-vehicle information device 10 and the portable device 20 first exchange public keys based on the Diffie-Hellman algorithm or the like. Then, a common key shared with each other is generated from the exchanged public keys. Based on the encryption method, mutual information (data) encrypted using a common key is exchanged. At this time, the respective public keys are stored in advance in the encryption key information storage units 15 and 25, and the exchanged public key and the generated common key are newly stored in the encryption key information storage units 15 and 25. Further, the encryption and decryption of the message is performed in the respective encoding units 14 and 24.

  On the in-vehicle information device 10 side, this public key is used as an identifier (ID) for identifying each portable device 20. Similarly, the mobile device 20 side also identifies a message coming from the in-vehicle information device 10 using this public key as an ID. That is, this public key is always added as a sender ID to messages exchanged in the data link layer. In the message exchange between the in-vehicle information device 10 and the portable device 20, data contents other than the command name and ID (public key) for identifying the other party are encrypted with the common key. Therefore, another device cannot impersonate the portable device 20 and authenticate with the in-vehicle information device 10.

  Although details of the authentication process will be described later, if it is determined in the authentication process in the in-vehicle information device 10 that the portable device 20 that has made the authentication request is not in the same vehicle, the authentication fails (authentication denied). The process is then complete. In this case, the in-vehicle information device 10 once clears the ID (public key) of the portable device 20 that has issued the authentication request and the generated common key. When the portable device 20 tries authentication again, it starts again from the exchange of the public key.

  When it is determined that the mobile device 20 is in the same vehicle, authentication is successful (authentication permitted), and the in-vehicle information device 10 and the mobile device 20 start exchanging information. In order to simplify this state, the portable device 20 and the in-vehicle information device 10 are referred to as being network-connected. Further, after the authentication, the in-vehicle information device 10 and the portable device 20 exchange information by the TCP / IP protocol in the network layer and the transport layer.

  Here, since the data link layer protocol does not normally notify that the message has been successfully received, in the message exchange in the data link layer, the message transmitted from one device is transmitted to the other device. It is not possible to confirm whether or not the message has been received. On the other hand, in the TCP / IP protocol, a message can be transmitted by specifying a partner by an IP address or the like, and acceptance of a message transmitted by a response message can be confirmed, so that messages can be exchanged more reliably. Can do.

  The content of the information exchange includes user operation information, operation history information, application activation information, vehicle information, and the like for each of the in-vehicle information device 10 and the mobile device 20. For this reason, as shown in FIG. 1, the in-vehicle information device 10 and the portable device 20 detect an operation performed by the user, generate information according to the operation, or obtain user operation information acquired from other devices. User operation information processing units 12 and 22 for processing are provided.

  As a specific example of information exchange and cooperative operation, for example, when the mobile device 20 has a function of connecting to the Internet and a search for a desired restaurant is performed in the mobile device 20, the search result is displayed as in-vehicle information. Transmit to the device 10. At this time, if the in-vehicle information device 10 is a navigation device and has a map display function and a route guidance function, a map around the received restaurant is displayed, or route guidance is performed using the restaurant as a destination. It becomes possible to do. In addition, for example, when the mobile device 20 has a telephone function, information necessary for transmitting / receiving a telephone call is transmitted from the mobile device 20 to the in-vehicle information device 10. This makes it possible to make a hands-free call using the in-vehicle information device 10.

  Further, in the present embodiment, the portable devices 20 connected to the in-vehicle information device 10 communicate user operation information of the other portable devices 20 with each other by the information relay unit 16 of the in-vehicle information device 10 mediating. You can get it. That is, the information transmitted by each mobile device 20 to the in-vehicle information device 10 is encrypted and can be correctly restored only by the in-vehicle information device 10. The information relay unit 16 of the in-vehicle information device 10 transmits the restored information only to the mobile device 20 that has been successfully authenticated and is still connected to the network. Therefore, since each mobile device 20 is in a state of being connected to each other via the in-vehicle information device 10, it is possible to use the mobile devices 20 in cooperation with each other. Furthermore, in this embodiment, even when there are a plurality of portable devices 20 in the vehicle interior, the portable devices 20 do not need to authenticate each other, and each portable device 20 is only connected to the in-vehicle information device 10. Since authentication only needs to be performed, an increase in the load for the authentication procedure can be prevented.

  When necessary information exchange is completed, the network connection between the in-vehicle information device 10 and the portable device 20 is disconnected. In the in-vehicle information device 10, when authentication is successful, the session management unit 18 generates session information and transmits it to the mobile device 20. The generated session information is stored in the session information storage unit 19. The session information includes a session ID and a session lease period. The session ID is used for identifying the session, that is, the mobile device 20 connected to the network. For example, a serial number generated according to the network connection order is used. The session lease period defines the valid period of the session. If the session lease is not renewed within this valid period, the session becomes invalid.

  The mobile device 20 recognizes its own session ID from the received session information and acquires information on the validity period of the session. The session information is stored in the session information storage unit 29. Then, the portable device 20 performs the session lease renewal procedure by the session renewal unit 28 when a predetermined period within the valid period has elapsed (for example, when two thirds of the valid period has elapsed). Specifically, the same processing as that at the time of authentication is performed again. Thereby, if the authentication is successful in the in-vehicle information device 10, the session lease period is extended, and the session information including the extended session lease period is transmitted to the mobile device 20. On the other hand, if the authentication fails in the in-vehicle information device 10, the connection is disconnected when the expiration date of the session has passed. Note that information (such as a common key and user operation information) associated with an invalid session is deleted.

  By doing in this way, even if it is the portable apparatus 20 once authenticated, when the user takes the portable apparatus 20 out of the vehicle, the network connection can be disconnected. In other words, the network connection of the mobile device 20 in the vehicle is maintained unless a request for disconnecting the network connection is explicitly issued from the mobile device 20 side or the in-vehicle information device 10 side.

  The above is a series of life cycles related to network connection in the device cooperation system of the present embodiment.

  Next, communication between the communication units 17 and 27 using the wireless LAN method will be described. FIG. 3 shows an example of state transition related to the connection state of the mobile device 20 with the in-vehicle information device 10. As shown in FIG. 3, in this embodiment, public key exchange is performed in the data link layer of the wireless LAN, and a data link connection is established. At this point, TCP / IP is still in a disconnected state, and transmission / reception of information for authentication processing is performed in the data link layer. When an authentication processing procedure is performed by communication in the data link layer and the authentication is successful, the communication unit 17 of the vehicle information device 10 and the communication unit 27 of the portable device 20 are TCP / IP connected. The IP address of the mobile device 20 may be dynamically assigned by DHCP or set manually. If the TCP / IP connection is disconnected due to communication failure, authentication failure in the lease renewal procedure, etc., the authentication state is cleared, so the authentication procedure is restarted from the beginning.

  On the other hand, in FIG. 4, the example of another state transition regarding the connection state with the vehicle-mounted information apparatus 10 of the portable apparatus 20 is shown. In this method, when the public key is exchanged, the communication unit 17 of the in-vehicle information device 10 and the communication unit 27 of the mobile device 20 are connected by TCP / IP, and an authentication processing procedure is performed using this TCP / IP connection. carry out. Also in this case, the IP address of the mobile device 20 may be dynamically assigned by DHCP or set manually. This method has an advantage that authentication data can be exchanged reliably compared to the method of FIG. Even if the TCP / IP connection is disconnected for some reason after authentication, the authentication state is maintained if the TCP / IP connection is restored within the lease period.

  FIG. 5 shows details of the authentication processing procedure. As shown in this figure, the portable device 20 broadcasts an authentication request signal including its own public key together with the authentication request command to the in-vehicle information device 10 at the data link level. When the in-vehicle information device 10 receives the authentication request signal, it broadcasts its own public key together with the public key of the portable device 20. When the portable device 20 receives this message, the portable device 20 can recognize that its own authentication request has been transmitted to the in-vehicle information device 10. If the portable device 20 cannot receive the message from the in-vehicle information device 10 within a certain time, the portable device 20 retransmits the authentication request signal described above.

  The following describes an example in which a TCP / IP connection is established after exchanging public keys, and an authentication procedure is executed using the TCP / IP connection. However, the authentication procedure can also be performed at the data link layer as described above.

  After exchanging public keys and TCP / IP connection between the communication units 17 and 27, the in-vehicle information device 10 and the portable device 20 observe and record each other's authentication data (authentication key). Here, as shown in FIG. 1, the in-vehicle information device 10 and the mobile device 20 include sensor units 11 and 21 for observing authentication data. Specifically, the sensor units 11 and 21 include GPS units 11a and 21a that measure positions using radio waves from GPS satellites, and acceleration sensor units 11b and 21b that detect acting acceleration, respectively. .

  When the user carrying the portable device 20 is in a car, the position information acquired by the GPS unit 11a of the in-vehicle information device and the GPS unit 21a of the portable device 20 shows the same movement locus. Therefore, the time series data of the position information acquired by the GPS unit 21a of the mobile device 20 is transmitted to the in-vehicle information device 10 and acquired by the GPS unit 11a of the in-vehicle information device 10 in the authentication unit 13 of the in-vehicle information device 10. By comparing with time-series data of position information, it is possible to determine whether or not authentication is possible. In addition, although the time series data of the position information by the observed GPS units 11a and 21a may be directly compared, the data subjected to filtering and smoothing, for example, by comparing the respective position information by the result of map matching This is preferable because the influence of errors and noise can be reduced. When the portable device 20 does not have road map information, the position information acquired by the GPS unit 21a may be transmitted to an external server including road map data, and map matching processing may be performed in the external server.

  Further, when the mobile device 20 is fixed in the vehicle, the same acceleration (vibration) acts on the in-vehicle information device 10 and the mobile device 20 in accordance with the vibration or running state of the automobile. Therefore, based on whether or not the same acceleration (vibration) is shared by using time series data of accelerations observed by the acceleration sensor unit 11b of the in-vehicle information device 10 and the acceleration sensor unit 21b of the portable device 20. Whether to authenticate can be determined.

  It should be noted that the time series data of acceleration is also preferably compared after filtering and smoothing to remove noise components. In the case of the acceleration sensor, the detection axes of the acceleration sensor unit 11b of the in-vehicle information device 10 and the acceleration sensor unit 21b of the portable device may be different depending on the posture of the portable device 20. Therefore, for example, the time series data of acceleration is observed multiple times, the principal component analysis is performed on those time series data, the main principal component is extracted from each observed time series data, and the detection axis is set. It is preferable to perform coordinate conversion so as to estimate and offset the difference in detection axis. Further, instead of the acceleration itself, time-series data of acceleration may be spectrally decomposed into frequencies, and comparison may be performed using the spectral characteristics.

  As described above, the portable device 20 transmits the observed time series data to the in-vehicle information device 10. At this time, the encoding unit 24 of the mobile device 20 encrypts time-series data to be transmitted using a common encryption key with the in-vehicle information device 10. In this way, the authentication data can be prevented from being read by a third party. In addition to the time series data, metadata such as observation period and observation time are encrypted and transmitted together.

  After receiving the authentication data, the in-vehicle information device 10 uses the common encryption key with the corresponding mobile device 20 in the encoding unit 14 to decrypt the received authentication data. The authentication unit 13 of the in-vehicle information device 10 compares and verifies the decrypted authentication data and the authentication data observed by the sensor unit 11 thereof, and determines whether authentication is possible based on the verification result. Details of the collation process at this time will be described later.

  If the authentication is successful, the in-vehicle information device 10 generates session information and notifies the mobile device 20 side. On the other hand, if the authentication fails, null session information (session information indicating that the session is invalid) is notified. In this case, the mobile device 20 restarts the authentication procedure from the beginning. However, it may be re-executed from the observation of the authentication data while maintaining the TCP / IP connection.

  FIG. 6 shows details of the session lease update process. After the authentication is permitted by the in-vehicle information device 10, the mobile device 20 performs a lease information update procedure after a predetermined time within the lease period of the session information stored in the session information storage unit 29 by the session update unit 28. . Specifically, the mobile device 20 sends a lease renewal request to the in-vehicle information device 10. After transmitting this message (and receiving a response message indicating that the message has been received), the in-vehicle information device 10 and the portable device 20 observe and record each other's authentication data. Hereinafter, the authentication process for updating the lease period is performed in the same manner as the initial authentication process. If the authentication is successful, the in-vehicle information device 10 extends the lease period of the session information for the mobile device 20 that has requested the lease renewal. The extended lease period is notified to the mobile device 20 as session information. On the other hand, when the authentication fails, session information indicating the extended lease time 0 (zero) is notified. Thereafter, the mobile device 20 repeats the execution of the lease period extension process as needed to maintain the session.

  FIG. 7 shows a method of performing cooperation between the in-vehicle information device 10 and the plurality of portable devices 20 when there are a plurality of portable devices 20 in the vehicle interior. Here, a mechanism for sharing state changes of each device and operation information by the user will be described as a device cooperation function. Further, it is assumed that the plurality of mobile devices 20 have been authenticated by the in-vehicle information device 10. In FIG. 7 and the following description, in order to distinguish a plurality of portable devices 20, it is assumed that there are n portable devices 20, and the portable devices 20 are further numbered 1 to n.

  If the user performs an operation on the mobile device 20-1, the information is encrypted with a common encryption key between the mobile device 20-1 and the in-vehicle information device 10, and is transferred to the in-vehicle information device 10 together with the session information. Sent. The in-vehicle information device 10 checks whether or not the mobile device 20-1 that transmitted the message is an authenticated mobile device based on the session information. If it is determined that the session information is valid, the encrypted information included in the message is decrypted.

  The in-vehicle information device 10 routes the decrypted information to the mobile devices 20-2 to 20-n other than the mobile device 20-1 that has transmitted data having a valid session by the information relay unit 16. At this time, the in-vehicle information device 10 encrypts and transmits data using a common encryption key with the destination mobile devices 20-2 to 20-n. In this way, a portable device that does not have a valid session cannot understand (decode) the operation information. That is, this operation information is routed only to the mobile device 20 that is in the vehicle and has been authenticated by the in-vehicle information device 10.

  Further, when a user operation is performed on the in-vehicle information device 10, the in-vehicle information device 10 transmits information (in-vehicle device operation information and vehicle information) to each of the mobile devices 20-1 to 20-n. Transmits to the mobile devices 20-1 to 20-n having a valid session at that time. In this case, similarly to the above-described example, the in-vehicle information device 10 encrypts and transmits data using a common encryption key with the transmission destination portable device 20.

  Thus, when there are a plurality of portable devices 20 in the vehicle compartment, the in-vehicle information device 10 and the plurality of portable devices 20 can be linked. In addition, this cooperation is performed only by the devices in the vehicle, and at that time, a procedure for authenticating each other between the portable devices 20 is not necessary.

  Next, collation processing of time series data such as position information and acceleration as data for authentication, which is observed by the sensor unit 11 of the in-vehicle information device 10 and the sensor unit 21 of the portable device 20 will be described in detail. In addition, the process demonstrated below is performed in the authentication part 13 of the vehicle-mounted information apparatus 10. FIG.

  The time-series data of the position information observed by the GPS unit 11a of the in-vehicle information device 10 can be expressed as Equation 1 below.

なお、位置情報は緯度と経度、あるいは緯度、経度、標高などのベクトル値としている。

The position information is a latitude and longitude, or a vector value such as latitude, longitude, and altitude.

  Further, the time series data of the position information observed by the GPS unit 21a of the mobile device 20 can be expressed as the following formula 2.

  Here, the in-vehicle information device 10 also acquires information related to the observation period of the GPS unit 21a of the portable device 20, and when the observation period of the GPS unit 11a of the in-vehicle information device 10 and the GPS unit 21a of the portable device are different, The observation period is adjusted by extracting the observation value at the least common multiple of the observation period and reconstructing the time series data. Thereby, when collating the time series data of the positional information observed by the GPS unit 11a of the in-vehicle information device 10 and the GPS unit 21a of the portable device, the similarity between the two can be determined with higher accuracy. The similarity between the two can be defined by Equation 3 below.

  If the portable device 20 is in the vehicle of the vehicle on which the in-vehicle information device 10 is mounted, the position information R observed by the GPS unit 11a of the in-vehicle information device 10 and the GPS unit 21a of the portable device 20 are observed. The value of the position information r is always similar. However, there are actually small differences due to observation errors. Therefore, if a certain predetermined value L0 is set and the value of the similarity L is equal to or smaller than the predetermined value L0, it is determined that both are in the same vehicle and the authentication of the portable device 20 is permitted. The value of the predetermined value L0 is preferably set according to the magnitude of the actual observation error fluctuation. For example, when the magnitude of the observation error varies depending on the location (area), the value of the predetermined value L0 may be determined for each location.

  As described above, in the present embodiment, the time series data of the position information detected by the GPS units 11a and 21a of each of the in-vehicle information device 10 and the mobile device 20 is authentication data for determining whether or not authentication is possible, That is, it is used as an authentication key. It can be said that the time-series data of the positional information related to the automobile is difficult to acquire even if it is acquired outside the automobile. Also, even if the time series data of the location information used for authentication is stolen by a third party, the time series data of the location information changes, so the time series data of the stolen location information is used. Authentication cannot be performed.

  Therefore, by using such time-series data of position information as an authentication key, only the mobile device 20 carried by the vehicle occupant is targeted, and the in-vehicle information device 10 of the vehicle and the mobile device 20 of the occupant Authentication can be performed between the two. As a result, when the in-vehicle information device 10 and the portable device 20 are connected to the network, sufficient security can be ensured and privacy can be protected.

  Further, by performing authentication using the time-series data of the position information described above as an authentication key, the occupant provides some data for specifying the mobile device 20 in advance to the in-vehicle information device 10 regarding the mobile device 20. No special operation such as registration is required, and the convenience of the passenger carrying the mobile device 20 can be improved.

  Here, in the authentication based on the position information described above, it is impossible to completely deny the possibility of erroneously authenticating the portable device in the passenger compartment of a car that moves adjacently (cars that are front, back, left, and right). . Therefore, in this embodiment, in addition to authentication based on position information, authentication is performed based on vehicle vibration information by an acceleration sensor. That is, in the following, an example in which authentication based on vehicle vibration information is further performed after passing authentication based on position information will be described.

  FIG. 8 shows an example of observation data of the acceleration sensor. First, FIG. 8A shows the actual acceleration in the vertical direction of the vehicle when observing acceleration as authentication data in the in-vehicle information device 10 and the portable device 20. That is, it is the vertical vibration of the actual vehicle and is continuous data.

  At this time, since the acceleration sensor unit 11b of the in-vehicle information device 10 observes acceleration at a predetermined observation cycle, a part of the data in FIG. 8A is observed. FIG. 8B shows observation data as discrete data observed by the acceleration sensor unit 11b. The observation data is after filtering processing, and the observation data is interpolated.

  The acceleration sensor unit 21b of the mobile device 20 also observes a part of the data in FIG. FIG. 8C shows observation data as discrete data observed by the acceleration sensor unit 21b. Note that the observation data shown in FIG. 8C is obtained after performing a coordinate conversion for compensating for a difference in detection axes and after a filtering process.

  Here, the observation data by the acceleration sensor unit 21b of the mobile device 20 is temporally different from the data observed by the acceleration sensor unit 11b of the in-vehicle information device 10, and the observation cycle is different. Regarding the observation period, in the example shown in FIGS. 8B and 8C, the period is almost double. FIG. 8D shows another acceleration time series data observed by the acceleration sensor unit of the device outside the vehicle.

  These observed time series data are expressed as the following Equation 4.

  FIGS. 9A to 9D show the actual vibration data and the observed time series data normalized so that the average value is zero and the standard deviation is 1, and the observation period is longer. It is standardized to fit. That is, the normalized data in FIGS. 9A to 9D is expressed by the following formula 5.

  In addition, m represents an average value and s represents a standard deviation. In addition, i is retaken so that the observation periods of the respective time series data coincide.

  For this normalized time-series data, a cross-correlation function is defined as in Equation 6 below.

  FIG. 10 shows the result of squaring the value of the cross-correlation function calculated in this way. As shown in FIG. 10, the square value of the cross-correlation function G of the time-series data observed by the in-vehicle information device 10 and the mobile device 20 in the same vehicle is a change in the variable j for correcting the observation timing shift. Correspondingly, a very high value is shown. On the other hand, the square value of the cross-correlation function G of the time-series data observed by the in-vehicle information device 10 and the portable device outside the vehicle remains a low level value even when the variable j changes.

  Therefore, when a predetermined threshold is set and the value of the cross-correlation function G (square) is equal to or greater than the threshold, it can be determined that the time series data is similar and can be regarded as being in the same vehicle. In the above-described example, when the amplitude of the cross-correlation function G is equal to or greater than a predetermined value, it is determined that the time-series data is similar. However, the square value graph of the cross-correlation function G surrounds the horizontal axis. The similarity may be determined based on whether the area is equal to or greater than a predetermined value. Alternatively, in order to improve robustness, the number of times that the amplitude exceeds the threshold value may be measured, and it may be determined that the similarity is similar to the case where the number of times of measurement exceeds a predetermined number.

  The time of the in-vehicle information device 10 and the portable device 20 is not always synchronized, and there is also a deviation in the observed acceleration interval. However, by using the cross-correlation function described above, it is possible to determine the similarity of both time series data without being greatly affected by such a difference. However, the observation period must be adjusted.

  In the above-described example, the authentication based on the position information and the authentication based on the acceleration sensor information are executed separately, but both can be executed at once. For this purpose, for example, a function shown in the following Equation 7 may be set, and when this function is a predetermined value H0 or less, it may be determined that the vehicle is in the same vehicle. However, in this case, the acceleration is extended to take into account acceleration in the x and y directions (front and rear direction and left and right direction) in addition to the z direction (vertical direction).

  However, in the example of Expression 7, the acceleration information observed by the acceleration sensor units 11b and 21b of the in-vehicle information device 10 and the portable device 20 is coordinates whose ground plane is the xy plane and whose vertical direction is the z direction by coordinate conversion. It was assumed that the system had already been converted to acceleration. However, such conversion is not always obvious.

  If the mobile device 20 is in the same vehicle as the in-vehicle information device 10, the necessary coordinate transformation is rotation of the coordinate system. If the coordinate system of the in-vehicle information device 10 is used as a reference, the acceleration in the coordinate system of the portable device 20 can be expressed as the following Expression 8.

従って、相互相関関数は、以下の数式９のようになる。

Therefore, the cross-correlation function is as shown in Equation 9 below.

  That is, the inner product of the cross-correlation function matches the inner product of the autocorrelation function related to the in-vehicle information device 10. In general, this relationship does not hold when the portable device 20 is outside the passenger compartment. The left side of Equation 9 can be evaluated without explicitly using information about rotation. That is, the similarity between the acceleration information of the in-vehicle information device 10 and the mobile device 20 can be evaluated by the following formula 10.

  Therefore, it is possible to determine whether or not the mobile device 20 is in the vehicle on the condition that the inner product of the cross-correlation function matches the inner product of the autocorrelation function of the in-vehicle information device 10.

  The preferred embodiments of the present invention have been described above. However, the present invention is not limited to the above-described embodiments, and various modifications can be made without departing from the spirit of the present invention.

  For example, in the above-described embodiment, a method for performing authentication using position information and acceleration information has been described. However, information that can be adopted as authentication data is not limited to such information. If the in-vehicle information device 10 and the portable device 20 can sense the same data, they can be used as authentication data. At this time, the types of the sensors themselves do not have to be the same in the in-vehicle information device 10 and the portable device 20. For example, it is possible to detect the sound in a car or sound generated from a specific sound source, temperature, atmospheric pressure, daily illuminance, the amount of light emitted from a specific light source, etc. by various sensors and use them for authentication. These sensors can detect physical quantities peculiar to the automobile according to the environment in which the automobile is placed, the indoor situation, and the like. Therefore, time-series data of physical quantities detected by these sensors can be obtained only in the automobile and can be used as authentication data.

  In the above-described embodiment, the authentication is performed using the position information and the acceleration information. However, the authentication may be performed based on one type of detection information including the detection information detected by the various sensors described above. good.

  In the above-described embodiment, the authentication process is performed by the in-vehicle information device 10, but is not limited to such a method. For example, when both the in-vehicle information device 10 and the mobile device 20 can be connected to an external server using a mobile communication network, the authentication procedure may be executed by the external server. However, at this time, it is assumed that each device has already exchanged the public encryption key with the external server.

  Further, as the authentication data, at least one of the in-vehicle information device 10 and the portable device 20 is provided with a determination unit that determines whether the time-series data of the detection values detected by the sensor is close to white noise (white noise). When the determination unit determines that the time series data of the detected value is close to white noise, it is preferable not to use the time series data as authentication data. If the noise component increases due to the influence of thermal noise, etc., and the S / N ratio of the detection signal output from the sensor becomes very low, the time-series data cannot be said to be observed only in the automobile, and authentication This is because the effectiveness as the business data is reduced.

  In the above-described embodiment, a dedicated electronic circuit may be used in order to realize the functions of the in-vehicle information device 10 and the mobile device 20, or may be realized by a program executed on the CPU. Also good.

DESCRIPTION OF SYMBOLS 10 Vehicle information equipment, 11 Vehicle information sensor part, 11a GPS part, 11b Acceleration sensor part, 12 User operation information processing part, 13 Authentication part, 14 Encoding part, 15 Encryption key information storage part, 16 Information relay part, 17 Communication Unit, 18 session management unit, 19 session information storage unit, 20 portable device, 21 sensor unit, 21a GPS unit, 21b acceleration sensor unit, 22 user operation information processing unit, 23 authentication unit, 24 encoding unit, 25 encryption key information Storage unit, 27 communication unit, 28 session update unit, 29 session information storage unit

Claims (20)

An authentication system for performing authentication for establishing a network connection between an information device having a communication function installed in a vehicle and a portable device having a communication function carried by an occupant of the vehicle,
The information device and the portable device have detection means for detecting a physical quantity of the same kind related to the vehicle, which is observed in both the information device and the portable device,
The time series data of the physical quantity detected by the detection unit of the information device and the time series data of the physical quantity detected by the detection unit of the portable device are compared to determine the similarity, and authentication is performed based on the determination result an authentication means for determining the propriety,
When the detection period of each detection unit of the information device and the portable device is different, the authentication unit extracts a physical quantity based on a detection cycle corresponding to the least common multiple of the detection cycle of each other, and forms the time-series data An authentication system characterized by that. An authentication system for performing authentication for establishing a network connection between an information device having a communication function installed in a vehicle and a portable device having a communication function carried by an occupant of the vehicle,
The information device and the portable device have detection means for detecting a physical quantity of the same kind related to the vehicle, which is observed in both the information device and the portable device,
The time series data of the physical quantity detected by the detection unit of the information device and the time series data of the physical quantity detected by the detection unit of the portable device are compared to determine the similarity, and authentication is performed based on the determination result Authentication means for determining whether or not
Determining means for determining whether the time-series data of the physical quantity is close to white noise,
An authentication system, wherein when the time series data of the physical quantity is judged to be close to white noise by the discrimination means, the time series data of the physical quantity is not used for authentication. An authentication system for performing authentication for establishing a network connection between an information device having a communication function installed in a vehicle and a portable device having a communication function carried by an occupant of the vehicle,
The information device and the portable device have detection means for detecting a physical quantity of the same kind related to the vehicle, which is observed in both the information device and the portable device,
The time series data of the physical quantity detected by the detection unit of the information device and the time series data of the physical quantity detected by the detection unit of the portable device are compared to determine the similarity, and authentication is performed based on the determination result Including authentication means for determining whether or not
The information device can authenticate with a plurality of portable devices, and simultaneously connect to a plurality of portable devices via a network. When data is received from a single portable device connected to the network, the information device is connected to the network. An authentication system characterized by transmitting received data to another portable device. An authentication system for performing authentication for establishing a network connection between an information device having a communication function installed in a vehicle and a portable device having a communication function carried by an occupant of the vehicle,
The information device and the portable device are physical quantities of the same kind related to the vehicle, which are observed in both the information device and the portable device, and the physical quantity that varies depending on the position of the vehicle and the motion of the vehicle Detecting means for detecting at least one of a physical quantity that changes according to
The time series data of the physical quantity detected by the detection unit of the information device and the time series data of the physical quantity detected by the detection unit of the portable device are compared to determine the similarity, and authentication is performed based on the determination result An authentication system comprising an authentication means for determining whether or not the authentication is possible. The authentication means is provided in one of the information device and the portable device, and the physical quantity time-series data detected by the other detection means of the information device and the portable device is used as the information device and the portable device. acquired through the communication between, according to any one of claims 1 to 4, characterized in that comparing the time-series data of the detected physical quantity by one of the detection means and the information device and the portable device Authentication system. When the authentication is permitted by the authentication unit and the information device and the portable device are connected to the network, the setting unit includes a setting unit that sets an effective period of the network connection,
The setting means extends the valid period of the network connection when the authentication is permitted again by the authentication means within the set valid period, and disconnects the network connection when the re-authentication is not permitted. The authentication system according to any one of claims 1 to 5, wherein: The information device and the portable device have filter means for filtering the physical quantity detected by the detection means, and the authentication means compares time series data of the filtered physical quantity to determine similarity. The authentication system according to any one of claims 1 to 6 , wherein If the detection means of each of the information device and the portable device has different detection sensitivities, the authentication means normalizes so that the magnitude of the change in physical quantity detected by each detection means matches, and after normalization authentication system according to any one of claims 1 to 7, characterized in that to form the time series data from the physical quantity. The detection means includes a GPS sensor that acquires position information, an acceleration sensor that detects acceleration, a sound sensor that detects ambient sound, a temperature sensor that detects environmental temperature, an atmospheric pressure sensor that detects atmospheric pressure, and a sunshine sensor that detects daily illuminance authentication system according to any one of claims 1 to 3, characterized in that it is characterized in that at least is one of. In the information device and the portable device, as the detection means, a GPS sensor that acquires position information, an acceleration sensor that detects acceleration, a sound sensor that detects ambient sound, a temperature sensor that detects environmental temperature, and an atmospheric pressure that detects atmospheric pressure Among the sunshine sensors that detect the sensor and illuminance, it has a plurality of different types of sensors,
The authentication system according to any one of claims 1 to 3 , wherein the authentication unit determines whether or not authentication is possible by using time-series data of physical quantities detected by the plurality of sensors. An authentication method for performing authentication for establishing a network connection between an information device provided with a communication function installed in a vehicle and a portable device provided with a communication function carried by an occupant of the vehicle,
The information device and the portable device have detection means for detecting a physical quantity of the same kind related to the vehicle, which is observed in both the information device and the portable device,
An acquisition step of acquiring time-series data of physical quantities detected by the detection means of each of the information device and the portable device;
An authentication step for comparing the time series data of the physical quantities detected by the detection means of each of the information device and the portable device to determine the similarity, and determining whether authentication is possible based on the determination result ;
A step of forming a time-series data by extracting a physical quantity based on a detection period corresponding to a least common multiple of the detection periods when the detection units of the information device and the portable device have different detection periods. An authentication method characterized by. An authentication method for performing authentication for establishing a network connection between an information device provided with a communication function installed in a vehicle and a portable device provided with a communication function carried by an occupant of the vehicle,
The information device and the portable device have detection means for detecting a physical quantity of the same kind related to the vehicle, which is observed in both the information device and the portable device,
An acquisition step of acquiring time-series data of physical quantities detected by the detection means of each of the information device and the portable device;
An authentication step for comparing the time series data of the physical quantities detected by the detection means of each of the information device and the portable device to determine the similarity, and determining whether authentication is possible based on the determination result;
A determination step of determining whether the time-series data of the physical quantity is close to white noise,
In the determination step, it was determined that the time-series data of the physical quantity is close to white noise.
An authentication method characterized in that time series data of the physical quantity is not used for authentication. An authentication method for performing authentication for establishing a network connection between an information device provided with a communication function installed in a vehicle and a portable device provided with a communication function carried by an occupant of the vehicle,
The information device and the portable device have detection means for detecting a physical quantity of the same kind related to the vehicle, which is observed in both the information device and the portable device,
An acquisition step of acquiring time-series data of physical quantities detected by the detection means of each of the information device and the portable device;
Comparing the time series data of the physical quantities detected by the detection means of each of the information device and the portable device to determine the similarity, and determining whether to authenticate based on the determination result,
The information device can authenticate with a plurality of portable devices, and simultaneously connect to a plurality of portable devices via a network. When data is received from a single portable device connected to the network, the information device is connected to the network. An authentication method comprising transmitting received data to another portable device. An authentication method for performing authentication for establishing a network connection between an information device provided with a communication function installed in a vehicle and a portable device provided with a communication function carried by an occupant of the vehicle,
The information device and the portable device are physical quantities of the same kind related to the vehicle, which are observed in both the information device and the portable device, and the physical quantity that varies depending on the position of the vehicle and the motion of the vehicle Detecting means for detecting at least one of a physical quantity that changes according to
An acquisition step of acquiring time-series data of physical quantities detected by the detection means of each of the information device and the portable device;
An authentication step of comparing the time series data of the physical quantities detected by the detection means of each of the information device and the mobile device to determine the similarity, and determining whether or not to authenticate based on the determination result. Authentication method. The means for performing the authentication step is provided in one of the information device and the portable device,
The acquisition step includes acquiring time-series data of physical quantities detected by the other detection means of the information device and the portable device via communication between the information device and the portable device. Item 15. The authentication method according to any one of Items 11 to 14 . When authentication is permitted in the authentication step and the information device and the portable device are connected to the network, a setting step for setting an effective period of the network connection is provided.
If re-authentication is permitted by the authentication step within the effective period set by the setting step, the effective period of the network connection is extended, whereas if re-authentication is not permitted, the network connection is disconnected. authentication method according to any one of claims 11 to 15, characterized in that it is. A filtering step of filtering a physical quantity detected by the detection means of each of the information device and the portable device, and the authentication step compares time-series data of the filtered physical quantity to determine similarity. authentication method according to any one of claims 11 to 16, wherein the. When the detection sensitivities of the detection means of the information device and the portable device are different, normalization is performed so that the magnitudes of changes in physical quantities detected by the detection means match, and the normalized physical quantities are used to calculate the time. authentication method according to any one of claims 11 to 17, characterized in that it comprises a step of forming a series data. The detection means includes a GPS sensor that acquires position information, an acceleration sensor that detects acceleration, a sound sensor that detects ambient sound, a temperature sensor that detects environmental temperature, an atmospheric pressure sensor that detects atmospheric pressure, and a sunshine sensor that detects daily illuminance authentication method according to any one of claims 11 to 13, characterized in that the at wherein at least is one. In the information device and the portable device, as the detection means, a GPS sensor that acquires position information, an acceleration sensor that detects acceleration, a sound sensor that detects ambient sound, a temperature sensor that detects environmental temperature, and an atmospheric pressure that detects atmospheric pressure Among the sunshine sensors that detect the sensor and illuminance, it has a plurality of different types of sensors,
Wherein the authentication step, using the time-series data of physical quantities detected by the plurality of sensors, the authentication method according to any one of claims 11 to 13, characterized in that to determine whether authentication is successful or not.

Images