JP5493478B2 - Authentication system and authentication method - Google Patents

Description

  The present invention relates to an authentication system and an authentication method.

  With the development of network technology, it is possible to access a company's data system from outside the home or at home using electronic devices typified by laptop computers, for example. However, if an electronic device such as a laptop computer is lost or stolen, personal information stored in the electronic device is leaked to a third party, and the electronic device is used to make a third party. Can gain unauthorized access to the data system.

  Conventionally, authentication using a password (hereinafter referred to as “password authentication”) has been widely used to deal with problems such as data leakage and unauthorized access to a data system. Password authentication is safe as long as the password is not decrypted by a third party. However, if the password is decrypted, there is a problem that the third party can freely browse data and access the data system.

  Therefore, for the purpose of improving the safety of authentication, a position authentication technique for authenticating that a user terminal such as a notebook personal computer is used in a specific place has been devised (for example, Patent Document 1). .

JP 2008-250627 A

  The position authentication technique disclosed in Patent Document 1 is a technique for allowing a file to be used only at a specific location and prohibiting the use at other locations. Specifically, the location where the use of the file is permitted is registered in the access management server, and when the access management server authenticates that the user terminal exists at the registered location, the user terminal It is a technology that enables access to files by. Upon authentication, the user terminal notifies the access management server of the position calculated using GPS (Global Positioning System).

  However, such location authentication technology cannot eliminate so-called “spoofing”. The position authentication disclosed in Patent Document 1 uses position information such as latitude and longitude for authentication. For this reason, when the registered location is known to a third party, the third party can easily access the file by notifying the access management server of the location information.

  The present invention has been made in view of the above-described problems, and aims to further enhance the safety of position authentication.

  A first form for solving the above problems is a transmitting device installed in a predetermined place, and an electronic device capable of receiving the transmission signal when positioned within a transmission signal reachable range of the transmitting device, An authentication system including an authentication device capable of communicating with the electronic device via a predetermined communication network, wherein the transmission device includes a transmission unit that transmits an authentication code with a valid period, and the electronic device Includes an authentication request control unit that transmits an authentication request signal including the authentication code to the authentication device when receiving the authentication code transmitted by the transmission device, and the authentication device includes the authentication code and the authentication code. A storage unit that stores the validity period of the authentication code in association with each other, and when the authentication request signal is received from the electronic device, the authentication code included in the authentication request signal and the current code stored in the storage unit By collating the authentication code are within the validity period is an authentication system and an authentication processing unit that executes whether authentication process to authenticate the electronic device.

  Further, as another form, via a predetermined communication network, a transmission device installed at a predetermined location, an electronic device capable of receiving the transmission signal when located within the transmission signal reachable range of the transmission device, An authentication method for authenticating the electronic device using an authentication device communicable with the electronic device, wherein the transmission device transmits an authentication code having a valid period, and the electronic device When the authentication code transmitted by the device is received, the authentication request signal including the authentication code is transmitted to the authentication device, and the authentication device receives the authentication request signal from the electronic device. By comparing the authentication code currently in the valid period with the authentication code included in the authentication request signal from the storage unit that stores the code and the valid period of the authentication code in association with each other. It may be configured authentication method of authenticating the electronic device.

  According to this 1st form etc., the transmitter which transmits the authentication code with which the effective period was defined is installed in the predetermined place. When the electronic device receives the authentication code transmitted by the transmission device, the electronic device transmits an authentication request signal including the authentication code to the authentication device. The authentication device stores the authentication code and the validity period of the authentication code in association with each other. When the authentication request signal is received from the electronic device, the authentication device stores the authentication code and the authentication code included in the authentication request signal. The authentication code stored within the current effective period is collated. And the authentication process of whether to authenticate an electronic device is performed.

  When the authentication device receives an authentication code after the validity period from the electronic device, the authentication result is not approved because the verification result of the authentication code is incompatible. On the other hand, if the authentication result is approved, the electronic device is currently located within the transmission signal reachable range of the transmission device. Therefore, if the transmitting device is arranged at a specific place where position authentication is desired, it can be surely authenticated that the electronic device is currently located at the specific place.

  Further, as a second mode, the authentication system according to the first mode, wherein the transmission unit further transmits position information of the transmission device, and the authentication request control unit transmits the transmission request to the authentication request signal. The location information received from the device is further transmitted to the authentication device, and the storage unit, for each of a plurality of transmission devices, the location information of the transmission device, an authentication code transmitted by the transmission device, Storing the validity period of the authentication code in association with each other, and the authentication processing unit includes a combination of the authentication code and the position information included in the authentication request signal, and a current validity period stored in the storage unit. An authentication system that executes the authentication process may be configured by collating the authentication code and the combination of position information.

  According to this 2nd form, the transmission part of a transmission device further transmits own positional information. Then, the authentication request control unit of the electronic device further includes the position information received from the transmitting device in the authentication request signal and transmits it to the authentication device. On the other hand, the storage unit of the authentication device stores, for each of the plurality of transmission devices, the location information of the transmission device, the authentication code transmitted by the transmission device, and the validity period of the authentication code in association with each other. Yes. Then, the authentication processing unit of the authentication device includes a combination of the authentication code and the position information included in the authentication request signal, and a combination of the authentication code and the position information within the current effective period stored in the storage unit. Authentication processing is executed by collating. As a result, it is possible to identify which transmitting device the electronic device is currently located within the transmission signal reachable range.

  Further, as a third mode, in the authentication system according to the first or second mode, the authentication unit includes a position calculation unit that performs a position calculation calculation including a predetermined position error based on a positioning satellite signal; An authentication code generating unit that generates the authentication code using the position calculated by the position calculating unit, an effective period setting unit that sets an effective period of the generated authentication code, and the generated authentication code An authentication system may further comprise an authentication code update instruction unit that transmits an authentication code update instruction signal for instructing transmission as a simple authentication code to the transmitting device.

  In this case, as a fourth form, the authentication code generation part of the third form either calculates the coordinate value of the position calculated by the position calculation part and the distance between the position and the given reference position. It is also possible to configure the authentication system to use to generate the authentication code.

  Since there are various error factors in the position calculation using the positioning satellite signals, the position calculation calculation may include some position errors. Therefore, values such as the coordinate value of the position calculated by the position calculation calculation and the distance between the position and a given reference position change every time the position calculation calculation is performed. Therefore, according to the 3rd and 4th form, the random authentication code which cannot be guessed easily can be produced | generated, and the safety | security of authentication can be improved further.

  Further, as a fifth mode, the authentication system according to any one of the first to fourth modes, wherein the authentication device is directed to a predetermined data system by the electronic device when the authentication process is successful. You may comprise an authentication system provided with the access control part which performs control which permits access of this.

  According to the fifth aspect, the authentication device executes control to permit access to a predetermined data system by the electronic device when authentication by the authentication process is successful. Thereby, if the electronic device is not located within the transmission signal reachable range of the transmission device, it is possible to realize an authentication system in which access to the data system by the electronic device is restricted.

  Further, as a sixth aspect, the authentication system according to any one of the first to fourth aspects, wherein the authentication device sends predetermined content data to the electronic device when authentication by the authentication process is successful. You may comprise the authentication system provided with the content data provision part to provide.

  According to the sixth aspect, the authentication device provides predetermined content data to the electronic device when authentication by the authentication process is successful. Accordingly, it is possible to realize an authentication system in which provision of content data to the electronic device is restricted unless the electronic device is located within the transmission signal reachable range of the transmission device.

The schematic block diagram of an authentication system. The block diagram which shows the function structure of a notebook personal computer. Explanatory drawing of the flow of the position calculation by a GPS position calculation part. The block diagram which shows the function structure of an authentication server. The figure which shows an example of the data stored in the hard disk of a notebook type personal computer. The figure which shows an example of the data stored in RAM of a notebook personal computer. The figure which shows an example of the data stored in the hard disk of an authentication server. The figure which shows an example of the data stored in RAM of an authentication server. The figure which shows an example of a data structure of an authentication ID database. The flowchart which shows the flow of a main process. The flowchart which shows the flow of an authentication request process and an authentication process. The flowchart which shows the flow of an authentication request process and an authentication process. The flowchart which shows the flow of pseudo | simulation satellite control processing. The flowchart which shows the flow of an authentication ID production | generation process. The schematic block diagram of the authentication system in a modification.

  Hereinafter, an example of a preferred embodiment of the present invention will be described with reference to the drawings. However, embodiments to which the present invention can be applied are not limited to the embodiments described below.

1. System Configuration FIG. 1 is a schematic configuration diagram of an authentication system 1 which is an example of a system for authenticating a notebook personal computer which is a kind of electronic equipment. The authentication system 1 includes a plurality of notebook computers 2, a plurality of GPS (Global Positioning System) satellites 3, a plurality of pseudo satellites 4, an authentication server 5, and an in-company system 6. The notebook personal computer 2 and the authentication server 5 are connected by wireless or wired communication via a predetermined network N.

  The notebook personal computer 2 is a portable personal computer that is used by a user to use various application software such as document creation software, spreadsheet software, and presentation software, and to send and receive mail and search the Internet. The notebook personal computer 2 includes a position calculation device 21, which exhibits the original function as a personal computer, as well as a GPS satellite signal transmitted from the GPS satellite 3 or a pseudo signal transmitted from the pseudo satellite 4. The position is calculated based on the satellite signal, and the position display screen on which the calculated position is plotted is displayed on the display unit, thereby displaying the function of notifying the user of the current position.

  The GPS satellite 3 is a kind of positioning satellite, and four or more satellites are arranged on each of the six orbiting surfaces of the earth. In principle, four or more satellites are geometrically arranged from anywhere on the earth. It is operated so that it can be observed. The GPS satellite 3 transmits navigation data such as almanac and ephemeris in a GPS satellite signal which is a kind of positioning satellite signal. The GPS satellite signal is a 1.57542 [GHz] communication signal that is modulated by a direct spread spectrum system with a PRN (Pseudo Random Noise) code that is a unique modulation code assigned to each GPS satellite 3. The PRN code is a pseudo-random noise code having a repetition period of 1 ms with a code length of 1023 chips as one PN frame.

  The pseudo satellite 4 is a kind of transmission device, and always transmits a pseudo satellite signal including information on the arrangement position. The pseudo satellite signal transmitted from the pseudo satellite 4 is a communication signal simulating a GPS satellite signal transmitted from the GPS satellite 3, and the transmission frequency is 1.57542 [GHz], which is the same as the GPS satellite signal. That is, the pseudo satellite 4 is configured to transmit a pseudo satellite signal compliant with the signal standard (communication standard) of the GPS satellite signal from the GPS satellite 3. The GPS satellite signal and the pseudo satellite signal have the same signal standard, but the PRN code assigned to each is different.

  In the company, an area (hereinafter referred to as “access permission area”) in which access to the in-company system 6 using the notebook computer 2 is permitted is provided. The access permission area is, for example, an area corresponding to a floor where employees perform business in a company. The pseudo satellites 4 are arranged in the access permission area, and a necessary number of the pseudo satellites 4 are arranged at a necessary density in consideration of the signal reachable range of the pseudo satellite signals and the size of the access permission area.

  The pseudo satellite 4 includes a transmitter that transmits a pseudo satellite signal. The transmitter transmits information on the position of the position where the pseudo satellite 4 is located, such as latitude, longitude, altitude, and floor information. Included in the pseudo-satellite signal. Further, the transmission unit of the pseudo satellite 4 transmits ID (IDentification), which is an authentication code of the notebook personal computer 2, as its additional information in its pseudo satellite signal. In the present embodiment, the ID transmitted by the pseudo satellite functions as an ID for authenticating that the notebook personal computer 2 is currently located in the access permission area (hereinafter referred to as “authentication ID”).

  The pseudo satellite 4 has an intensity of a transmission signal so that a pseudo satellite signal reachable range (hereinafter referred to as “signal reachable range”) is a prescribed distance (for example, a radius of 10 m centering on the location of the pseudo satellite 4). Etc. are designed in advance. In this embodiment, for simplification of explanation, the area of the access permission area is equal to or smaller than the signal reachable range of the pseudo satellite 4, and one pseudo satellite 4 is included in one access permission area. Will be described as arranging. However, as a matter of course, a plurality of pseudo satellites 4 that transmit the same pseudo satellite signal may be arranged according to the size of the access permission area.

  The authentication server 5 is a kind of authentication device, and is a server for authentication of the notebook personal computer 2 installed in a predetermined place in the company (for example, a management room of a network in the company). The authentication server 5 is communicatively connected to the pseudo satellite 4 installed in each access permission area. The authentication server 5 generates an authentication ID for each pseudo satellite 4 at a predetermined generation timing (for example, once every 10 minutes) and sets a validity period (for example, a period of 12 minutes from the generation date and time) of the generated authentication ID. To do. Then, the authentication server 5 transmits to the pseudo satellite 4 an instruction signal for instructing to change the authentication ID included in the pseudo satellite signal transmitted from the pseudo satellite 4 to the newly generated authentication ID. Control / adjustment is performed such that different authentication IDs are transmitted from the pseudo satellite 4 over time.

  The authentication server 5 executes an authentication process in accordance with an authentication request from the notebook computer 2 and authenticates whether or not the notebook computer 2 is currently located in the access permission area. Specifically, the authentication server 5 associates each pseudo satellite 4 arranged in each access permission area with the arrangement position of the pseudo satellite 4 and the authentication ID transmitted by the pseudo satellite 4 and its valid ID. A database storing authentication ID data associated with periods is provided. Then, when the authentication server 5 receives the authentication request signal from the notebook personal computer 2, the authentication server 5 extracts the authentication ID data associated with the arrangement position of the pseudo satellite 4 included in the authentication request signal from the database and receives the authentication ID data. The authentication ID included in the authentication request signal is collated with the authentication ID within the valid period. If the authentication IDs match, control is performed so that the notebook personal computer 2 is connected to the in-company system 6.

  As shown in (1) of FIG. 1, when the notebook computer 2 is located in the access permission area, the notebook computer 2 authenticates including the arrangement position and the authentication ID included in the pseudo satellite signal being received. Since the request signal can be transmitted to the authentication server 5 and the authentication approval can be obtained, the in-company system 6 can be accessed. However, when the notebook computer 2 is located outdoors as shown in (2) of FIG. 1 or inside the company as shown in (3) of FIG. 1, it is located outside the access permission area. If it is, the notebook personal computer 2 cannot receive the pseudo satellite signal. For this reason, the notebook computer 2 cannot transmit an authentication request signal to the authentication server 5 and cannot obtain an authentication approval. Even if the notebook personal computer 2 holds and stores the old authentication ID and arrangement position whose validity period has expired, and the authentication request signal including these pieces of information is transmitted to the authentication server 5, the validity period of the authentication ID remains. Since the verification result of the authentication ID is inconsistent due to the fact that it has expired, authentication approval cannot be obtained. As described above, access to the in-company system 6 by the notebook personal computer 2 from a place other than the access permission area is effectively prevented.

  The in-company system 6 is a network system that stores and stores in-company information such as trade secrets and trade secrets that can be viewed only within the company. The in-company system 6 is communicatively connected to the authentication server 5, and when it is authenticated that the notebook personal computer 2 is currently located in the access permission area, the notebook system 2 is controlled via the network N under the control of the authentication server 5. Communication with the personal computer 2.

2. Functional configuration 2-1. FIG. 2 is a block diagram showing a functional configuration of the notebook personal computer 2. The notebook computer 2 includes a CPU (Central Processing Unit) 210, an operation unit 220, a display unit 230, a communication unit 240, a GPS position calculation unit 250, a ROM (Read Only Memory) 260, a hard disk 270, The computer system includes a RAM (Random Access Memory) 280, and each unit is communicably connected via a bus 290.

  The CPU 210 is a processor that comprehensively controls each part of the notebook computer 2 according to various programs and various data such as system programs stored in the ROM 260 and the hard disk 270. The CPU 210 performs various application processes, mail transmission / reception processes, a process for displaying the position calculated by the GPS position calculation unit 250 on the display unit 230 in accordance with an instruction operation input made by the user via the operation unit 220. Do.

  The operation unit 220 is an input device configured with, for example, a keyboard and a mouse, and outputs a pressed key or button signal to the CPU 210. By operating the operation unit 220, various operation inputs such as character input, activation of various applications, and an instruction to access the corporate system 6 are performed.

  The display unit 230 is a display device that includes an LCD (Liquid Crystal Display) or the like and performs various displays based on display signals input from the CPU 210. The display unit 230 displays various application screens.

  The communication unit 240 is a communication device for exchanging information used inside the device with the outside (the authentication server 5 or another personal computer) via the network N based on the control of the CPU 210. This function can be realized by a wireless communication module such as a wireless LAN based on IEEE802.11 or Bluetooth (registered trademark).

  The GPS position calculation unit 250 is a position calculation device that measures the position of the notebook computer 2 based on a GPS satellite signal transmitted from the GPS satellite 3, and is a functional block corresponding to a so-called GPS receiver. The GPS position calculation unit 250 includes an RF (Radio Frequency) reception circuit unit and a baseband processing circuit unit.

  FIG. 3 is a diagram for explaining the flow of position calculation performed by the GPS position calculation unit 250. The GPS position calculation unit 250 performs a correlation operation with a received signal while changing a replica PRN code that is a pseudo-PNN code generated inside the apparatus, and obtains a GPS satellite signal or a pseudo satellite signal from the received signal. To capture.

  When the captured signal is a GPS satellite signal, navigation data and time information are acquired by demodulating the GPS satellite signal. Then, a predetermined position calculation operation is performed using these data to calculate a position, and the calculated position (hereinafter referred to as “GPS calculated position”) is output to the CPU 210 as GPS data 281. As the position calculation calculation, a known method such as a position calculation calculation using the least square method or a position calculation calculation using a Kalman filter can be used. However, in the position calculation by GPS, the calculated position does not become exactly unmatched due to the presence of various error factors, and some errors are included.

  On the other hand, if the captured signal is a pseudo satellite signal, the pseudo satellite signal is demodulated to obtain the arrangement position and authentication ID of the pseudo satellite 4 and output them to the CPU 210 as pseudo satellite data 283. When the captured signal is a pseudo satellite signal, the arrangement position of the pseudo satellite 4 is output and displayed as the current position of the notebook computer 2.

  The ROM 260 is a read-only storage device, and stores various programs and various data such as a system program for the CPU 210 to control the notebook personal computer 2 and an application program for executing various application processes.

  The hard disk 270 is a storage device that reads and writes data using a magnetic head or the like, and stores various programs and various data for the CPU 210 to control the notebook personal computer 2, similar to the ROM 260.

  The RAM 280 is a readable / writable volatile storage device, and forms a work area for temporarily storing a system program executed by the CPU 210, various processing programs, data being processed in various processing, processing results, and the like.

2-2. Functional Configuration of Authentication Server FIG. 4 is a block diagram showing a functional configuration of the authentication server 5. The authentication server 5 includes a CPU 510, an operation unit 520, a display unit 530, a communication unit 540, a GPS position calculation unit 550, a ROM 560, a hard disk 570, and a RAM 580, which are connected by a bus 590. Yes. The functional configuration of the authentication server 5 is substantially the same as the functional configuration of the notebook personal computer 2.

  The authentication server 5 is provided with a GPS position calculation unit 550 similar to the notebook type personal computer 2, and the GPS position calculation unit 550 is based on the GPS satellite signal transmitted from the GPS satellite 3. Is calculated. Only the authentication server 5 main body or the GPS position calculation unit 550 is installed in a place where the GPS satellite signal can be captured such as near a window so that the GPS position calculation unit 550 can receive the GPS satellite signal and perform position calculation. There is a need to.

  Since the installation position of the authentication server 5 is fixed and does not move, the position calculation performed by the GPS position calculation unit 550 is so-called “fixed-point positioning”. However, as described above, in the position calculation by GPS, it is difficult to calculate an accurate and unmatched position due to the presence of various error factors, and therefore there is some error in the position calculated by the GPS position calculation unit 550. included. Although details will be described later, the authentication server 5 uses this characteristic to generate a random authentication ID using the position calculated by the GPS position calculation unit 550.

3. Data configuration 3-1. FIG. 5 is a diagram showing an example of data stored in the hard disk 270 of the notebook computer 2. The hard disk 270 stores a main program 271 that is executed as a main process (see FIG. 10). The main program 271 includes an authentication request program 2711 executed as an authentication request process (see FIGS. 11 and 12) as a subroutine.

  The main process is when the CPU 210 performs various application processes, displays a position calculated by the GPS position calculation unit 250, and accesses the in-company system 6 in accordance with a user instruction operation input. This is processing for performing authentication request processing to the authentication server 5 and the like.

  The authentication request process is a process executed when the CPU 210 performs an access request instruction operation to the in-company system 6 by the user, and the pseudo satellite 4 included in the pseudo satellite signal received from the pseudo satellite 4. This is a process of requesting / requesting the authentication server 5 to authenticate the notebook personal computer 2 by transmitting an authentication request signal including the arrangement position and the authentication ID to the authentication server 5. These processes will be described later in detail using a flowchart.

  FIG. 6 is a diagram illustrating an example of data stored in the RAM 280 of the notebook computer 2. In the RAM 280, GPS data 281 and pseudo satellite data 283 are stored.

  The GPS data 281 is data acquired by the GPS position calculation unit 250 performing a position calculation calculation using a GPS satellite signal, and includes a GPS calculated position 2811. CPU 210 acquires GPS data 281 from GPS position calculation unit 250 and stores it in RAM 280.

  The pseudo satellite data 283 is data acquired by the GPS position calculation unit 250 demodulating the pseudo satellite signal, and includes the arrangement position 2831 and the authentication ID 2833 of the pseudo satellite 4. The CPU 210 acquires the pseudo satellite data 283 from the GPS position calculation unit 250 and stores it in the RAM 280.

3-2. FIG. 7 is a diagram illustrating an example of data stored in the hard disk 570 of the authentication server 5. The hard disk 570 includes a pseudo satellite control program 571 that is executed as a pseudo satellite control process (see FIG. 13), an authentication ID generation program 573 that is executed as an authentication ID generation process (see FIG. 14), and an authentication process (see FIG. 11). And an authentication program 575 executed as an authentication ID database 577 and an authentication server installation position 579 are stored.

  In the pseudo satellite control process, the CPU 510 newly generates an authentication ID for each pseudo satellite 4 at a predetermined generation timing, and transmits an authentication ID update instruction signal to the pseudo satellite 4, thereby generating the generated authentication. In this process, the pseudo satellite 4 is instructed and controlled to transmit the ID as a new authentication ID.

  The authentication ID generation process is a process in which the CPU 510 generates an authentication ID using the GPS calculated position 2811 acquired by the GPS position calculation unit 250 performing the position calculation calculation.

  The authentication process is a process in which the CPU 510 authenticates the notebook computer 2 in response to an authentication request from the notebook computer 2. Specifically, the arrangement position of the pseudo satellite 4 is extracted from the authentication request signal received from the notebook computer 2, and the authentication ID data 578 associated with the same arrangement position as this arrangement position is read from the authentication ID database 577. Then, the authentication ID within the current effective period stored in the authentication ID data 578 is compared with the authentication ID included in the received authentication request signal. When the authentication IDs match, it is determined that the authentication is successful (authentication approval), and control for permitting access to the in-company system 6 of the notebook computer 2 is executed. These processes will be described later in detail using a flowchart.

  FIG. 9 is a diagram illustrating an example of a data configuration of the authentication ID database 577. The authentication ID database 577 stores and stores authentication ID data 578 (578-1, 578-2, 578-3,...) In which a history of authentication IDs transmitted by the pseudo satellite 4 is stored for each pseudo satellite. Database.

  In the authentication ID data 578, the authentication ID 5783, the generation date 5785 of the authentication ID, and the validity period 5787 of the authentication ID are stored in association with each other in association with the arrangement position 5781 of the pseudo satellite 4. Yes. In the present embodiment, a period obtained by adding a predetermined grace period (for example, 2 minutes) to the period from the current generation date / time of the authentication ID to the next generation date / time (a period of 10 minutes in FIG. 9) is set as the effective period. .

  For example, in FIG. 9, authentication ID data 578-1 is data regarding an authentication ID transmitted from the pseudo satellite 4 whose coordinates of the arrangement position are (X1, Y1, Z1). The authentication ID “12895695” is an authentication ID generated on “May 20, 2009, 12:00”, and its valid period is “May 20, 2009, 12:00 to May 20, 2009”. Day 12:12 ".

  FIG. 8 is a diagram illustrating an example of data stored in the RAM 580 of the authentication server 5. The RAM 580 stores an authentication request signal 581, GPS data 583, and a one-time password 585.

  The authentication request signal 581 is a signal for requesting / requesting authentication transmitted from the notebook personal computer 2, and includes a pseudo satellite arrangement position 5811 and an authentication ID 5813.

  The GPS data 583 is data acquired by the GPS position calculation unit 550 performing a position calculation operation using a GPS satellite signal, and includes a GPS calculated position 5831.

  The one-time password 585 is a password for authentication and is a disposable password that can be used only once. In the authentication process, the CPU 510 issues and stores a one-time password 585 and transmits it to the notebook personal computer 2 when the verification result of the authentication ID matches.

4). Process Flow FIG. 10 is a flowchart showing the flow of the main process executed in the notebook computer 2 by the CPU 210 reading and executing the main program 271 stored in the hard disk 270 of the notebook computer 2. It is.

  The main process is a process of starting execution when the CPU 210 detects that a power-on operation has been performed by the user via the operation unit 220. In the main processing, it is assumed that a position calculation operation using a GPS satellite signal is performed at any time by the GPS position calculation unit 250, and GPS data 281 can be acquired from the GPS position calculation unit 250 at any time.

  First, the CPU 210 determines an instruction operation performed by the user via the operation unit 220 (step A1). If the CPU 210 determines that the instruction operation is an application activation instruction operation (step A1; application activation instruction operation), the ROM 260 Alternatively, the application process instructed to start is read out from the application programs stored in the hard disk 270 and executed to execute application processing (step A3).

  If it is determined in step A1 that the instruction operation is a position display instruction operation (step A1; position display instruction operation), the CPU 210 performs position display processing (step A5). Specifically, the GPS data 281 is acquired from the GPS position calculation unit 250 and stored in the RAM 280, and the GPS calculation position 2811 included in the GPS data 281 is displayed on the display unit 230.

  If it is determined in step A1 that the instruction operation is an in-company system access instruction operation (step A1; in-company system access instruction operation), the CPU 210 reads the authentication request program 2711 stored in the hard disk 270. By executing, authentication request processing is performed (step A7).

  11 and 12 are flowcharts showing in parallel the flow of the authentication request process executed by the CPU 210 of the notebook computer 2 and the authentication process executed by the CPU 510 of the authentication server 5. The left side of the figure shows the authentication request process, and the right side of the figure shows the authentication process.

  First, the CPU 210 of the notebook computer 2 determines whether or not the GPS position calculation unit 250 has received a pseudo satellite signal (step B1). If it is determined that it has been received (step B1; Yes), the GPS position calculation is performed. The pseudo satellite data 283 is acquired from the unit 250 and stored in the RAM 280 (step B3).

  Thereafter, the CPU 210 transmits an authentication request signal 581 including the pseudo satellite arrangement position 2831 and the authentication ID 2833 stored in the pseudo satellite data 283 acquired in step B3 to the authentication server 5 (step B5).

  When receiving the authentication request signal 581 from the notebook personal computer 2, the CPU 510 of the authentication server 5 stores the authentication request signal 581 in the RAM 580 (step C1). Then, authentication ID data 578 in which the same pseudo satellite arrangement position 5781 as the pseudo satellite arrangement position 5811 included in the received authentication request signal 581 is associated is extracted from the authentication ID database 577 stored in the hard disk 570 ( Step C3).

  Next, the CPU 510 collates the authentication ID 5813 included in the authentication request signal 581 with the authentication ID 5783 that is currently within the valid period among the authentication IDs stored in the authentication ID data 578 extracted in Step C3 (Step S3). C5).

  Then, the CPU 510 determines whether or not the authentication IDs match (step C7). If it is determined that they match (step C7; Yes), the CPU 510 issues a one-time password 585 and stores it in the RAM 580 (step S7). C9). Then, the CPU 510 transmits the issued one-time password 585 to the notebook computer 2 (step C11).

  If it is determined in step C7 that the authentication IDs do not match (step C7; No), the CPU 510 transmits an authentication non-approval notice to the notebook computer 2 (step C13).

  When receiving the password from the authentication server 5 (step B7; password), the CPU 210 of the notebook computer 2 displays the password on the display unit 230 (step B9). Then, the CPU 210 waits until the user inputs a password via the operation unit 220 (step B11), and when the password is input (step B11; Yes), transmits the password to the authentication server 5 (step B11). Step B13). Then, the CPU 210 ends the authentication request process.

  When receiving the password from the notebook personal computer 2 (step C15), the CPU 510 of the authentication server 5 collates the received password with the one-time password 585 stored in the RAM 580 (step C17).

  Then, the CPU 510 determines whether or not the passwords match (step C19). If it is determined that the passwords match (step C19; Yes), the CPU 510 controls the notebook computer 2 to be connected to the in-company system 6. (Step C21). Then, the CPU 510 ends the authentication process.

  If it is determined in step C19 that the passwords do not match (step C19; No), the CPU 210 transmits an authentication non-approval notice to the notebook computer 2 (step C23). Then, the CPU 210 ends the authentication process.

  In addition, when the CPU 210 of the notebook computer 2 receives the non-approval notification from the authentication server 5, the CPU 210 causes the display unit 230 to display that the authentication has failed (step B15). Then, the CPU 210 ends the authentication request process.

  Returning to the main process of FIG. 10, after performing the authentication request process, the CPU 210 determines whether or not the connection to the in-company system 6 is successful (step A9). A9; Yes), browsing processing of the in-company system 6 is performed (step A11). If the connection to the in-company system 6 has failed (step A9; No), the CPU 210 causes the display unit 230 to display a connection failure (step A13).

  After performing the processes of Steps A3 to A13, the CPU 210 determines whether or not a power-off instruction operation has been performed by the user via the operation unit 220 (Step A15), and when it is determined that the user has not performed (Step A15; No), it returns to step A1. If it is determined that the power-off instruction operation has been performed (step A15; Yes), the main process is terminated.

  FIG. 13 is a flowchart showing a flow of pseudo satellite control processing executed in the authentication server 5 when the pseudo satellite control program 571 stored in the hard disk 570 of the authentication server 5 is read and executed by the CPU 510. is there.

  First, the CPU 510 determines whether or not it is a new generation date and time of the authentication ID (step D1), and when it is determined that it is not yet a new generation date and time (step D1; No), the CPU 510 waits as it is. If it is determined that it is a new generation date and time (step D1; Yes), the process of loop A is executed for each pseudo satellite 4 (steps D3 to D13).

  In the process of loop A, the CPU 510 performs an authentication ID generation process by reading and executing the authentication ID generation program 573 stored in the hard disk 570 (step D5).

FIG. 14 is a flowchart showing the flow of authentication ID generation processing.
First, the CPU 510 acquires the GPS data 583 from the GPS position calculation unit 550 and stores it in the RAM 580 (step E1). Then, the CPU 510 calculates the distance between the installation position 579 of the authentication server 5 that is the reference position and the GPS calculation position 5831 included in the GPS data 583 (step E3). Then, CPU 510 generates an authentication ID using the distance calculated in step E3 (step E5).

  The distance calculated in step E3 may be an actual distance between the GPS calculation position and the installation position of the authentication server, or may be a distance in each of the latitude direction and the longitude direction. As a method for generating the authentication ID in step E5, for example, (A) a value obtained by raising the actual distance to the power (including the first power) is used as the authentication ID, and (B) the actual distance is substituted into a predetermined function. A function value is obtained and used as an authentication ID. (C) A value obtained by raising one of the distances in the latitude and longitude directions to the power (including the first power) is used as an authentication ID. (D) Latitude Various methods such as a value obtained by adding and subtracting the distances in the direction and the longitude direction as the authentication ID can be used.

  Since the position calculation calculation performed by the GPS position calculation unit 550 includes a position error, the calculated GPS calculation position 5831 varies even in the fixed-point positioning, and the distance calculated in step E3 also changes each time. Therefore, the authentication ID generated in step E5 is a random value, which is a value that cannot be easily guessed by a third party. By using the authentication ID generated in this way, the security of authentication is improved. After generating the authentication ID, the CPU 510 ends the authentication ID generation process.

  Returning to the pseudo-satellite control process of FIG. 13, after performing the authentication ID generation process, the CPU 510 sets the validity period of the generated authentication ID (step D7). Specifically, a period of a predetermined time (for example, 12 minutes) from the generation date and time of the authentication ID is set as a valid period.

  Then, the CPU 510 associates the authentication ID 5783, the generation date and time 5785, and the validity period 5787, and stores them in the authentication ID database 577 as the authentication ID data 578 together with the arrangement position 5781 of the pseudo satellite 4 (step D9).

  Thereafter, CPU 510 transmits an authentication ID update instruction signal for instructing to transmit the generated authentication ID as a new authentication ID to pseudo-satellite 4 (step D11). Then, the CPU 510 shifts the processing to the next pseudo satellite 4.

  After performing the processing of steps D5 to D11 for all the pseudo satellites 4, the CPU 510 ends the processing of loop A (step D13). Then, after finishing the processing of the loop A, the CPU 510 returns to step D1.

5. Effect In the authentication system 1, the pseudo satellite 4 is installed in the access permission area in the company. The pseudo-satellite 4 transmits a pseudo-satellite signal including its own arrangement position and an authentication ID that is an ID for authentication of the notebook computer 2. When the notebook personal computer 2 receives the pseudo satellite signal from the pseudo satellite 4, the notebook personal computer 2 transmits an authentication request signal including the arrangement position and the authentication ID included in the pseudo satellite signal to the authentication server 5.

  The authentication server 5 includes a database that stores authentication ID data in which a plurality of pseudo-satellites 4 are associated with an arrangement position, and an authentication ID transmitted from the pseudo-satellite 4 is associated with an effective period. ing. Then, the authentication server 5 extracts the authentication ID data associated with the arrangement position included in the authentication request signal received from the notebook computer 2, and extracts the authentication ID included in the authentication request signal and the extracted authentication ID data. An authentication process for determining whether or not to authenticate the notebook personal computer 2 is executed by checking the authentication ID included in the current effective period. When the notebook personal computer 2 is approved by the authentication process, the in-company system 6 is connected to the notebook personal computer 2.

  When the authentication server 5 receives an authentication ID whose valid period has passed from the notebook personal computer 2, the verification result is unapproved because the verification result of the authentication ID is incompatible. If the notebook personal computer 2 is not located within the transmission signal reachable range of the pseudo satellite 4, the authentication ID cannot be received and the authentication ID within the valid period cannot be transmitted to the authentication server 5. Is approved, it means that the notebook personal computer 2 is located within the transmission signal reachable range of the pseudo satellite 4. Accordingly, the fact that the notebook personal computer 2 is currently located in the access permission area in the company can be used as a condition for accessing and browsing the in-company system 6, thereby further enhancing the safety of position authentication. Can do.

  In addition, the authentication server 5 stores the authentication ID transmitted by the pseudo satellite 4 and the validity period thereof in association with the arrangement positions of the plurality of pseudo satellites 4, and the combination of the position information and the authentication ID is stored. By using the authentication, the authentication server 5 determines which pseudo-satellite signal transmitted from which pseudo-satellite 4 the notebook-type personal computer 2 is receiving, in other words, what access the notebook-type personal computer 2 receives. It is possible to identify whether it is located in the permission area.

  In addition, the GPS position calculation unit 550 of the authentication server 5 calculates a position by performing a position calculation operation including a position error using the GPS satellite signal received from the GPS satellite 3. Then, the distance between the GPS calculated position calculated by the GPS position calculating unit 550 and the installation position of the authentication server 5 which is the reference position is calculated, and an authentication ID is generated using the calculated distance. Then, the authentication server 5 transmits to the pseudo satellite 4 an authentication ID update instruction signal instructing to transmit the generated authentication ID as a new authentication ID.

  Since the position calculation calculation executed by the GPS position calculation unit 550 includes a position error, the distance between the GPS calculated position and the installation position of the authentication server 5 changes every time the position calculation calculation is performed. Therefore, the authentication ID generated by the authentication server 5 is a random value, and a different authentication ID is transmitted for each pseudo-satellite, and a different authentication ID is transmitted according to time. Therefore, it is possible to prevent the authentication ID from being guessed by a third party and realize highly secure authentication.

6). Modification 6-1. Authentication System In the above-described embodiment, an example of an authentication system for accessing a predetermined data system using a notebook personal computer in a company has been described. However, the authentication system for accessing a personal data system is not limited to this. The invention can also be applied. Further, the present invention can also be applied to an authentication system that authenticates an electronic device when providing predetermined content data.

  FIG. 15 is a diagram illustrating a schematic configuration of an authentication system 10 which is an example of an authentication system according to a modification. The authentication system 10 is a system in which a customer who visits a store performs authentication for acquiring coupon data that can be used in the store via a network such as the Internet, using the mobile phone 7 that is carried by the store. .

  In the authentication system 10, the pseudo satellite 4 is installed at a predetermined position of each store. The pseudo satellite 4 is connected to the authentication server 5 and is configured to transmit its own arrangement position and the authentication ID generated by the authentication server 5.

  The authentication server 5 is a server installed by a service provider, and is connected to a coupon data providing server 8 that provides coupon data. The authentication server 5 receives a request from the portable phone 7, and the portable phone 7 is simulated. It authenticates that it is currently located within the signal reachable range of the satellite 4. When the authentication result is approval, the mobile phone 7 is connected to the coupon data providing server 8 so that the mobile phone 7 can download and acquire the coupon data.

  For example, in FIG. 15, when the mobile phone 7 is located at the B store, the mobile phone 7 receives a pseudo satellite signal from the pseudo satellite 4 arranged in the B store. Then, the mobile phone 7 transmits an authentication request signal including an arrangement position of the pseudo satellite 4 included in the received pseudo satellite signal and an authentication ID to the authentication server 5. When the authentication approval is obtained by the authentication server 5, the mobile phone 7 is connected to the coupon data providing server 8, and coupon data usable at the store B is downloaded from the coupon data providing server 8 and acquired.

  Of course, the content data is not limited to coupon data, but may be any type of content data provided to electronic devices via a network.

6-2. Electronic Device The electronic device to which the present invention can be applied is not limited to a notebook personal computer, and can be similarly applied to, for example, a PDA (Personal Digital Assistant), a portable phone, a portable music player, a portable game device, and the like.

6-3. In the above-described embodiment, the GPS is described as an example of the satellite position calculation system, but WAAS (Wide Area Augmentation System), QZSS (Quasi Zenith Satellite System), GLONASS (GLObal NAvigation Satellite System), GALILEO Other satellite position calculation systems may be used.

6-4. Process differentiation In the above-described embodiments, the notebook computer 2 and the authentication server 5 have been described as those in which the GPS position calculation unit calculates a position by performing a position calculation operation using a GPS satellite signal. The position may be calculated by performing a position calculation calculation. In this case, the GPS position calculation unit acquires a GPS satellite signal, acquires navigation data and time information, and outputs them to the CPU. And CPU performs a position calculation calculation using the information input from the GPS position calculation part, and calculates a position.

6-5. Generation of Authentication ID In the above-described embodiment, the authentication ID is generated using the distance between the GPS calculated position calculated by the GPS position calculation unit and the installation position of the authentication server. It is not limited to this.

  For example, the authentication ID may be generated using the coordinate value of the GPS calculated position. Specifically, when the GPS calculation position is represented by a three-dimensional coordinate value in the orthogonal coordinate system, for example, one coordinate value randomly selected from the three-dimensional coordinate value may be used as the authentication ID. A value obtained by adding / subtracting two coordinate values selected arbitrarily or adding / subtracting three coordinate values may be used as the authentication ID.

  Also, instead of using the installation position of the authentication server as the reference position, the distance between the GPS calculation position is calculated using another position as the reference position, and the authentication ID is generated using the distance. Also good. For example, it is conceivable as an example that a reference position is randomly generated using a pseudo random number, and an authentication ID is generated using a distance between the generated reference position and a GPS calculated position.

  Note that the method of generating the authentication ID using the GPS position calculation result is merely an example, and any method can be applied as long as an authentication ID that cannot be easily guessed by a third party can be generated. it can. For example, a pseudo random number or a physical random number may be generated based on a known method, and the authentication ID may be generated using the random number.

6-6. Separation of Authentication ID Generation Process and Authentication Process In the above-described embodiment, the authentication server has been described as performing both the process of generating the authentication ID and the process of authentication. However, the process of generating the authentication ID and the process of authentication are separated. It is also possible to do. Specifically, two servers, an authentication ID generation server and an authentication server, are prepared. Then, the authentication ID generation server generates the authentication ID as in the above-described embodiment, and controls the pseudo satellite 4 so as to transmit the generated authentication ID. The authentication server obtains the authentication ID from the authentication ID generation server and stores it in the storage unit. When an authentication request is received from the electronic device, the authentication server uses the authentication ID stored in the storage unit for verification. Authenticate.

1 authentication system, 2 notebook computer, 3 GPS satellite, 4 pseudo satellite,
5 Authentication server, 6 Corporate system

Claims (5)

A transmitter installed at a predetermined location, an electronic device capable of receiving the transmission signal when located within a transmission signal reachable range of the transmitter, and a communication with the electronic device via a predetermined communication network An authentication system comprising an authentication device,
The transmitting device is
Including a transmitter that transmits an authentication code with a valid period,
The electronic device is
An authentication request control unit that transmits an authentication request signal including an authentication code transmitted by the transmission device to the authentication device when the authentication code transmitted by the transmission device is received;
The authentication device
A storage unit that stores the authentication code and the validity period of the authentication code in association with each other;
When the authentication request signal is received from the electronic device, by verifying the authentication code included in the authentication request signal and the authentication code that is within the current effective period stored in the storage unit, An authentication processing unit that executes an authentication process as to whether or not to authenticate the electronic device;
A position calculation unit for performing a position calculation operation including a predetermined position error based on the positioning satellite signal;
An authentication code generation unit that generates an authentication code using either the coordinate value of the position calculated by the position calculation unit and the distance between the position and a given reference position ;
An effective period setting unit for setting an effective period of the authentication code generated by the authentication code generating unit;
An authentication code update instruction unit for transmitting an authentication code update instruction signal for instructing to transmit the generated authentication code as a new authentication code to the transmitting device;
including,
Authentication system. The transmitter further transmits the location information of the transmitter,
The authentication request control unit further includes the location information received from the transmitting device in the authentication request signal, and transmits the authentication request signal to the authentication device.
The storage unit stores, for each of a plurality of transmitting devices, the location information, the authentication code transmitted by the transmitting device, and the validity period of the authentication code in association with each other,
The authentication processing unit collates the combination of the authentication code and the position information included in the authentication request signal with the combination of the authentication code and the position information that are within the current effective period, Performing the authentication process;
The authentication system according to claim 1. The authentication apparatus further includes an access control unit that executes control to permit access to a predetermined data system by the electronic device when authentication by the authentication process is successful.
The authentication system as described in any one of Claims 1-2. The authentication device further includes a content data providing unit that provides predetermined content data to the electronic device when the authentication is successful.
The authentication system as described in any one of Claims 1-2. A transmitter installed at a predetermined location, an electronic device capable of receiving the transmission signal when located within a transmission signal reachable range of the transmitter, and a communication with the electronic device via a predetermined communication network An authentication method for authenticating the electronic device using an authentication device,
The transmitting device is
Sending an authorization code with a valid period;
The electronic device is
When an authentication code transmitted by the transmitting device is received, an authentication request signal including an authentication code transmitted by the transmitting device is transmitted to the authentication device;
The authentication device is
When the authentication request signal is received from the electronic device, the authentication code stored in the storage unit that stores the authentication code and the validity period of the authentication code in association with each other, Executing an authentication process as to whether or not to authenticate the electronic device by collating with an authentication code included in the authentication request signal;
Calculating a position by performing a position calculation operation including a predetermined position error based on a positioning satellite signal;
Generating an authentication code using either the coordinate value of the position and the distance between the position and a given reference position ;
Setting a validity period of the generated authentication code;
Transmitting an authentication code update instruction signal instructing to transmit the generated authentication code as a new authentication code to the transmitting device;
including,
Authentication method.

Images