JP6505970B2 - Access control system and access control method - Google Patents

Description

    The present invention relates to an access control system and an access control method for connecting a monitoring device that monitors a gate (door) of a building and a management server that manages gate information via the Internet.

    Patent Document 1 discloses an access control system (apparatus) for sharing a system between a lender and a borrower, “the access control system is provided at a gate (door) of each tenant in a building, And an electric lock device 2 controlled to be unlocked by the input of an unlock control signal, and a central monitoring device 3 for monitoring the entire building (all gates of the building), said central monitoring device comprising a storage medium (for example, Information reader (reader) 11 for reading approval information of IC card, control unit 12 for processing the approval information read by the information reading unit, and memory (gate information for storing the approval information processed by the control unit Storage unit) and the input / output unit 14 (the reference numeral is that of Patent Document 1).

    The electric lock device 4 is an intelligent electric lock provided to a user by a lock maker, for example, an applicant, and includes a communication unit 4, a control unit 22, and a locking and unlocking mechanism 23 (paragraph 0034).

    Further, the central monitoring device 3 is a control device for monitoring a so-called gate (door) provided to a customer by a lock maker, for example, an applicant, and is, for example, an external terminal device disposed in a common part of a building. 2 and wired or wireless connection. Further, when the central monitoring device 3 receives an inquiry from the control unit 12 via the first communication unit 13a, the central monitoring device 3 collates with the registered information stored in advance to determine whether the information read by the information reading unit 11 is correct. When it is determined that the two pieces of information match and are determined to be normal, an unlocking command is output to the control unit 12 via the first communication unit 13a (paragraph 0034).

    Further, the control unit 12 includes a CPU and a memory (gate information storage unit), and centrally controls each unit of the electric lock device 4. The memory of the control unit 12 registers information for determining the type of the information storage medium 5, information for determining whether the second information storage medium 5b is correct, etc., a series of operation logs by the information storage medium 5, Log information (gate history) including the access status is stored (paragraph 0036).

    Therefore, a building lender (owner: manager) and a building borrower (renter: tenant) can retrieve their own log information (gate history) using an external terminal (claim 2 of Patent Document 1, See Figure 2). When a building borrower loses a storage medium (for example, an IC card), for example, a locksmith (trader) or the like connects a portable terminal (computer) to the input / output unit 14 to delete old key data, For example, the latest key data can be input (set).

    Thus, in the access control system of Patent Document 1, for example, only a vendor (a specific lock shop: SD store) that has received permission from a lock maker under contract to the memory (gate information storage unit) of the control unit 12 Although key data can be input (set), at present, from the viewpoint of security, the lock maker and contractor must sufficiently manage the key data, and the lock maker and / or contractor can quickly input the key data. It is expected that what can be done, the lock maker sufficiently manages the request when requested by the vendor, and that the vendor (trader terminal) can respond promptly. Thus, the applicant provides a business model to meet the above expectations.

    By the way, according to Patent Document 2, when the ID reader receives a transmission radio wave from a non-contact type card and the identification information (personal information or ID information) included in the radio wave matches the information recorded in advance. It is intended to unlock the door lock. At present, communication technology of non-contact type card (responder) and ID reader (interrogator) regardless of whether the IC card is inserted into the IC reader or held up, the form of response within the irradiation range of radio waves, etc. The prior art using the is a known or well known matter.

    Further, Patent Document 3 discloses a face authentication apparatus A which extracts feature points of a person's "face" and regards the feature points as identification information such as an ID. Referring to FIG. 1 of this patent document 3, an optical system first camera 6 for photographing a feature point of a person's face that has passed through the condenser lens 3, the half mirror 4 and the first filter 4; 3. A face authentication apparatus A which combines the second mirror 6 with an optical system second camera 6 for photographing the contour of the face of a person who has passed through the half mirror 4 and the second filter 8. The authentication unit 7 of the face authentication apparatus A is The face of a person corresponding to the plurality of templates is identified (judged) by comparing the feature points of the face acquired by the first optical system camera 6 with a large number of templates recorded in advance in the storage unit. It states that it can be done (claim 1, paragraph 0037). The system control board G of the face authentication apparatus shown in FIG. 4 describes that the electric lock of the electric lock control board D can also be unlocked if the authentication result of the face authentication apparatus A is OK. (Paragraph 0038).

Therefore, for example, the electric lock control panel is obtained by capturing the "face" of the resident with a digital camera and matching "feature point information" acquired in the image database regarding the feature points of the "face" of the resident stored in the storage unit. It is also well known or well known matter to prevent the automatic door from being unlocked or opened.
Finally, Patent Document 4 relates to a third embodiment of the present invention. The patent document 4 is, for example, a wireless for maintenance which is physically separate from the wireless transmitter 13 possessed by the resident with respect to a wireless receiver fixedly arranged on a wall of a common part or a dedicated part of an apartment, for example. The transmitter 4 is used to easily delete and register the resident's ID code without removing the receiver equipped with the wall change switch (paragraph 0012).

    That is, the wireless receiver for maintenance of Patent Document 4 is for maintenance separate from the wireless transmitter 13 for transmitting a wireless signal for causing the wireless receiver 5 to unlock the electric lock 1. The wireless transmitter 4 includes a command signal for changing and setting the operation mode of the wireless receiver 5 to the normal standby mode and either the registration mode of the ID code or the erasure mode, and registration or erasure. There is provided means for wirelessly outputting data of a desired ID code to be processed.

    However, the wireless receiver of Patent Document 4 also needs to change (deletion, new registration, etc.) the gate information (ID code of resident, gate number, etc.) of the control device at the building site as in Patent Document 1. The In this regard, Patent Document 5 also uses a computer (management server at a remote place), but it is unclear whether or not to change gate information using the Internet.

JP 2012-36704 A Unexamined-Japanese-Patent No. 3-228988 Patent No. 4981700 Unexamined-Japanese-Patent No. 5-248128 Unexamined-Japanese-Patent No. 2006-28884

  The first object of the present invention is to provide predetermined key data capable of opening and closing a gate to an authorized vendor (key shop) terminal while maintaining security, and the vendor monitors the gate on the building side It is an object of the present invention to enable quick input of key data to a device (control device).

  The second object is that an authorized trader terminal can view, for example, operation log information via the Internet, or can periodically obtain, for example, operation log information from a management server.

  The third object is that the management server (for example, a lock maker) promptly gives information corresponding to the trader (trader terminal) when there is a request from the trader terminal having the authority for a failure or maintenance.

  In addition, referring to the gate information database, the key data database, etc. stored in the storage unit by the management server itself, which has been siphoned from the gate monitoring device (control device) in advance through the Internet, the gate monitoring device (control Maintenance of the gate information stored in the device).

  The access control system according to the present invention comprises a control server for granting an access right to a vendor terminal, the Internet, and a control device disposed in either the exclusive or shared part of a building and monitoring gate information of the building. The gate information includes at least predetermined key data capable of opening the gate, the control device acquires the gate information, and the gate information is transmitted to the management server via the Internet, or The gate information is acquired by the management server connecting to the control device via the Internet, and the management server stores the acquired gate information as non-disclosure information in the storage unit, and the vendor terminal transmits the gate information via the Internet Whether the gate information including at least the predetermined key data is accessed by accessing the non-public information of the management server Characterized in that it is possible obtaining (claim 1).

In the above configuration, the management server sends the latest key data or backup data to the vendor terminal periodically, at the time of a disaster, or when the customer of the vendor terminal loses the key data, via the Internet. One of the key data is transmitted (Claim 2).

Further, the management server is characterized in that, when the control device fails, repair information of the control device is transmitted to a vendor terminal via the Internet (claim 3).
It is characterized by

Also, access control method of the present invention, a management server to grant access rights to agent terminal, the Internet and are disposed to either the proprietary portion or common areas of a building and the gate or sharing the proprietary portion of the building a control device for monitoring the gate information including a gate identification number portion, the gate information includes a predetermined key data that can be opened at least the gate, wherein the control device, the said gate information stored in the storage unit of the control device, and the authentication result of the key data the gate information and tying, and transmitted to the management server via the Internet, the management server said the authentication result received stored in the storage unit of the management server in the gate information and linking state as private information, the agent terminal non of the management server via the Internet Access to the open information, and a width and is capable of obtaining the gate information including at least the predetermined key data from the management server (claim 4).

Furthermore, in the access control method described above, the trader terminal may be a gate history linked to gate information corresponding to the non-public information , or a latest one linked to gate information corresponding to the non-public information . One of key data and backup key data linked to gate information corresponding to the non-public information is obtained (claim 5).

(A) In each invention described in the independent claims, since the vendor terminal having the access right can browse the gate information of the management server via the Internet, desired information (at least a predetermined key) is selected from the gate information. Data) can be obtained immediately. In addition, the management server can, for example, assign either the latest key data or the backup key data for opening the gate of the user to the locker's vendor terminal.
(B) In the invention according to claim 2, since the authorized vendor terminal can obtain either the latest key data or the backup key data immediately from the management server via the Internet, the key data is obtained. The vendor can quickly input (set) key data to a gate monitoring device (control device) of a building.
(C) According to the invention as recited in claim 3, when the contractor requests repair and replacement from the building manager or resident, the request and the repair information etc. are obtained from the management server, and immediately at the site. It can correspond. In addition, when the printed circuit board of the control device, the reader or the like is broken, the printed circuit board or the reader can be taken to the site.
(D) The invention described in claim 5 can obtain the same effect as that of the invention described in claim 2.

1 to 11 are explanatory views showing a first embodiment of the present invention. 12 to 14 are explanatory views showing a second embodiment of the present invention. FIGS. 15 to 17 are schematic explanatory views showing a third embodiment of the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS The schematic explanatory drawing which shows the structural example of the basic system of this invention. The schematic explanatory drawing which shows the structural example of the interrogator which is an example of an information acquisition means. Explanatory drawing which shows the information acquisition aspect of an information acquisition means. Schematic explanatory drawing which shows the example of a structure of a responder and an interrogator. Explanatory drawing which shows the content of the memory | storage part of a control apparatus. Explanatory drawing of the gate information transmitted to a management server from a control apparatus. The schematic explanatory drawing which shows the structural example of a management server. Explanatory drawing which shows the constructional example of supplier DB among the memory | storage parts of a management server. Explanatory drawing which shows the content of key database and key data. The schematic diagram which a management server transmits key data to a provider terminal by a communication network. The flowchart which shows the example of the flow of a process in FIG. Schematic explanatory drawing similar to FIG. 1 which shows 2nd Embodiment. The schematic explanatory drawing which shows the structural example of a management server. The schematic diagram which a management server transmits key data etc. to the user of a building by a communication network. The schematic explanatory drawing similar to FIG. 1 which shows 3rd Embodiment (....... line shows remote maintenance). The schematic explanatory drawing which shows the structural example of a management server (an example which a management server performs remote maintenance directly). Explanatory drawing which shows the flowchart of suction or the maintenance of gate information containing key data in 3rd Embodiment.

(1) Basic Concept of the Present Invention In the first embodiment of the present invention, a control device (gate monitoring device) 6 for monitoring a gate (door) 1 of a building and a management server 10 for managing gate information connected via the control device 6, for example, when building a housing complex is disposed in any of its proprietary areas or common areas, also in the case of individual houses indoor (exclusive section min disposed equivalent) or site (according to common areas), proprietary unit amount of the gate, the gate of the common areas, monitoring the gate information such as the entrance gate. And a user terminal is "trader terminal 11" (refer FIG. 1). Here, the gate information and the gate history are different concepts, and the gate information is, for example, ID data, lock data, lock data, gate open / close data, etc. as shown in FIG. On the other hand, the gate history is a concept including operation log information of the handle device as described in paragraph 0052, and is past history information linked with other identification information.

    In this first embodiment, the person having access authority is the trader terminal 11 occupied by at least a locker who can perform maintenance, and the user of the building whose residence is the customer of the trader terminal 11 from the management server 10 The gate information is acquired on behalf of the person, the manager, and key data is set to the control device 6 using the setting input external terminal 14 (see FIG. 2). Further, the vendor terminal 11 can show the customer's gate history (for example, operation log information of a handle device provided at a gate included therein) to the user of the building.

    That is, according to the first embodiment, a control device disposed in the management server 10 for giving access authority to the trader terminal 11, the Internet 9, and either the exclusive part or the common part of the building and monitoring gate information of the building 6, the gate information includes at least predetermined key data capable of opening the gate, the control device 6 acquires the gate information, and the gate information is transmitted via the Internet 9 to the management server 10. And the management server stores the acquired gate information as non-disclosure information in the storage unit, and the trader terminal 11 accesses the non-public information of the management server via the Internet 9 to make the gate information It can be acquired from the management server.

Next, in the second embodiment of the present invention, similarly, a control device (gate monitoring device) 6 monitoring a gate (door) 1 of a building and a management server 10 managing gate information are connected via the Internet 9 the control device 6, for example, when building a housing complex is disposed in any of its proprietary areas or common areas, also (according to proprietary section min) room in the case of private houses or on site ( disposed equivalent) in common areas, exclusive unit amount of the gate, the gate of the common areas, but monitors the gate information such as the entrance gate, the user terminal is a "user 13 of a building" (see FIG. 12 ).

    That is, in the second embodiment, control is provided for managing the gate information of the building, which is disposed in the management server 10 for giving the user 13 of the building an access right, the Internet 9, and either the exclusive part or the common part of the building. The gate information includes at least predetermined key data capable of opening the gate, the control device 6 acquires the gate information, and the gate information is transmitted to the management server 10 via the Internet. , The management server stores the acquired gate information as private information in the storage unit, and the user 13 of the building accesses the private information of the management server 10 via the Internet to access the gate information. It can be acquired from the management server.

    In both of the first embodiment and the second embodiment, the management server 10 periodically connects via the Internet 9 and acquires the gate information stored in the storage unit by the control device 6. You may configure it. In addition, the management server may periodically transmit private information (such as a gate history that does not have a problem in distribution) managed by itself to either the trader terminal or / and the building user. Furthermore, when the control device 6 is disposed in an exclusive part of a building, it is desirable that the control device 6 and the interrogator 4 be physically separated and the interrogator 4 be disposed in a common part of the building .

    The control device 6 according to the present invention is, for example, key data (ID tag information) obtained by correspondence performed between the interrogator 4 and the responder 5 possessed by a person, and key data by transmission rule setting means described later. Together with the gate identification number, the identification number of the relevant control device, the application / unlocking information, the unlocking information, etc., the gate information associated with it is transmitted to the management server 10 via the Internet 9 and the management server receives the gate information 10 is characterized in that the gate information is managed as non-disclosure information, and a trader terminal having access authority (authorization) can view the non-public information within the scope of the authority (feature point 1) .

    In addition to the feature point 1 described above, according to the present invention, the contractor terminal is a predetermined locker as a user terminal having an authority, and history information based on predetermined key data and predetermined key data from a predetermined trader terminal (for example, locker) And, when there is a request for repair information etc., the request can be satisfied quickly via the Internet (feature point 2).

In addition, when the management server itself embodiments with maintenance means, the gate information managing gate monitoring device that the server provided in the shared portion or only part component of the building through the Internet (controller) stores, For example, maintenance can be performed regularly or in an emergency (feature point 3).

    In addition, there is a new matter such as a member having access authority can view return information, receive notification of return information when predetermined conditions are satisfied, and switch part of non-public information to public information However, the detailed description is omitted herein.

(4) Basic components: Fig. 1
Although the present invention is two types of apparatus and method inventions, the basic components (terms) of these inventions are identical. First, “invention of device (article)” and “invention of method” will be described with reference to FIG.

    The access control system X on the network shown in FIG. 1 is, for example, a control device 6 for monitoring a first floor gate (rooms 101, 102, 103... Room n) of an apartment complex (an apartment building) as an example of a building. A wide area communication network (Internet) 9, a management server 10 that manages gate information collected from the control device, and permits a vendor terminal (user terminal) 11 having access authority (authorization) to view the gate information And consists of

In this Figure 1, 1 101 Room No. 102, Room, at the gate of distinguishing doorway to a proprietary unit components such as 103, Room and communal area 2 (the door in the embodiment), a part or the whole of each gate An electric lock device 3 is provided.

    In the embodiment, an interrogator (for example, an IC reader) disposed on a wall surface, a floor surface, a ceiling, etc. near the gate 1 in the embodiment, the interrogator 4 is a transponder (IC tag shown in FIG. 2). , An IC card, a tag portable terminal, etc. 5).

    6 is a control device disposed on the wall surface, floor surface, other equipment, storage box, support stand, etc. of the common part of the building, and this control device 6 is a control unit, storage unit, transmission as shown in FIG. It has rule setting means etc., and processes information of gate information (including at least key data for opening the gate) acquired by one or more detection means (information acquisition means 16) as shown in FIG. 3, FIG. 4 etc. .

    In FIG. 2, the interrogator 4 is physically separate from the control device 6 and is connected to the control device 6 in a wired or wireless manner. However, the interrogator 4 and the control device 6 are physically one. It may be a unit. Further, the interrogator 4 may be provided on the wall surface of the gate (door) 1.

(5) Control device 6
One or more control devices 6 are referred to as Versa OOOOOOOO (registered trademark) and are configured as shown in FIG. In FIG. 2, the interrogator 4 is separate from the control device 6 but may be integrated into the control device 6 to be unitized.

    Thus, 31 is a control unit that processes gate information acquired by the interrogator 4 from the responder 5, 32 is authentication / determination means for authenticating and determining the gate information, and 33 is a date and time of the result determined by the authentication / determination means. Before entering the gate history registered in the storage unit 34 to the input / output unit 37, the key data 17, 17A, and the control device 6 are registered. Transmission rule setting means for associating identification numbers, gate numbers etc. 8 is a router for configuring the control device 6 by LAN, 14 is an external terminal for setting input used for deleting key data, inputting etc. 3 is an electric lock is there. In addition, the control unit 31 controls registration information (eg, identification number of responder, gate identification number, identification number of lock, identification number of a portable terminal having a tag function, etc.) for permitting access to the gate 1, operation of the handle , And collectively manage gate information 1A (see FIG. 3) such as opening and closing of the gate, and monitoring the whole or a part of the building.

    The data and transmission contents of the storage unit 34 of the control device 6 are as shown in FIG. 5 and FIG. That is, the storage unit 34 stores, for example, each data as shown in FIG. Each data includes gate information 1A acquired by the information acquisition means. The storage unit 34 also stores an execution program 19 for processing information, control device identification data 20 and the like.

    Thus, as shown in FIG. 5, the gate information 1A includes a resident such as a gate 1, a gate 2, a gate 3, a gate n, a husband A1, a wife A2, a child A3, etc., locking, unlocking, opening, closing, etc. Each piece of information is appropriately associated.

    Therefore, as shown, for example, in FIG. 6, the transmission rule setting means 36 links key data, gate number, entry time, gate open state and control device identification number, and the linked information is "gate history". As a predetermined time, the information is automatically transmitted to the management server 10 via the input / output unit 37, the router 8, and the Internet 9 (the first embodiment).

    In this access control system X, as in Patent Document 1, an IC card or the like storing information necessary for unlocking the electric lock device 3 (for example, tag identification number, gate information, family identification information, employee identification information, etc.) A responder (information storage medium) 5 is used, and a required number of responders 5 are issued in advance for each gate, and a user who is permitted to unlock the electric lock device 3 (in the embodiment, a resident, the terminal is It is owned by "user".

    Therefore, a large number of control devices 6 disposed in either the exclusive part or the common part 2 of the building correspond to the size of the building, and the large number of control devices 6 perform switching functions by turning around in turn. 7 and is connected to the Internet 9 via a router 8 (which constitutes a LAN).

    As described above, the management server 10 manages the gate information collected from the control device 6 and browses the gate information (non-public information) to the trader terminal (user terminal) 11 having access authority (authorization). And, in some embodiments, transmits key data, failure information, etc. of the building's occupants (users).

    On the other hand, the trader terminal 11 connects to the Internet 9 through the gateway 12 having a specific rule, and uses E-mail to request the resident (the second user terminal in the second embodiment) who is the customer of the trader terminal 11. When the management server 10 receives the request from the trader terminal 11, the management server 10 appropriately processes the request information and immediately transmits necessary information via the Internet 9.

(6) Gate information 1A
FIG. 3 shows an example of gate information 1A of a building. The present invention is characterized in that key data (for example, ID data to be authenticated) 17 is given to a terminal having an access right (right to pass through the gate) through the communication network 9. It is necessary to acquire one or more key data (17, 17A) which can be opened and closed via the information acquisition means 16.

    Although the information acquisition means 16 (correspondence of the interrogator 4 and the responder 5) shown in FIG. 3 is the best typical example, for example, biological data 17A acquired using the camera with sensor 5A (fifth detection means 4D) is also The same as the key data 17 described above.

    The gate information 1A also preferably includes typical operation log information 18. In addition, in the gate history, not only the above-mentioned key data (17, 17A) but also the locking / unlocking data 18 by the second detection means 4A disposed to the output shaft of the cylinder 18A, the gate (door And open / close data 18 of the gate by the third detection means 4B disposed to face the door frame 18B, and operation log information by the fourth detection means 4C disposed at the handle device 18C. For example, a reed switch or a micro switch is used as the second detection unit 4A. The third detection means 4B uses a reed switch. Furthermore, a touch sensor is used as the fourth detection means 4C.

(7) Example of Information Acquisition Means FIG. 4 shows an example of the information acquisition means (correspondence between the interrogator and the responder). FIG. 2 is a block diagram showing a configuration of a responder (identification information transmission means: IC tag) 5 and an interrogator (identification information reception means) 4. When the identification information transmission means 5 receives, for example, a transmission radio wave of a narrow range (for example, within 2 meters) from the identification information reception means 4 via the transmission / reception antenna (LF reception unit in the case of reception), An operating power is generated by an electromotive force induced by an induction field, and the power is operated to transmit identification information stored in advance in a memory (storage unit) from a transmitting / receiving antenna (RF transmitting unit in the case of transmission). On the other hand, the identification information receiving unit 4 transmits a radio wave for operating the identification information transmitting unit 5 and receives the identification information transmitted from the identification information transmitting unit 5 and outputs it to the electric lock device 3 shown in FIG. Do.

(8) Configuration of Identification Information Transmission Means 5 The configuration of the identification information transmission means 5 on the upper side of FIG. 4 will be described. In addition, the code of each part is omitted. The identification information transmission unit 5 is provided with a transmission / reception antenna, a card power supply unit, a modulation / demodulation unit, a control unit, a storage unit, and an I / O conversion unit. The transmitting and receiving antenna includes an RF transmitting unit including an antenna and an LF receiving unit including a coil, and is used to transmit and receive radio waves. The card power supply unit rectifies an FSK (frequency shift keying) signal received by the transmitting and receiving antenna to generate a power supply voltage for operating each unit. The modulation / demodulation unit demodulates serial data from the FSK signal received by the transmission / reception antenna, and modulates data (identification information) read from the storage unit (ROM) to the FSK signal. The I / O conversion unit converts serial data from the modulation / demodulation unit into parallel data and outputs the parallel data to the control unit, and converts parallel data from the control unit into serial data and outputs the serial data to the modulation / demodulation unit. The control unit decodes the command from the data-converted received signal, and writes or reads data to the storage unit.

(9) Configuration of the identification information receiving means 4 The identification information receiving means 4 at the lower side of FIG. 4 may be provided separately or integrally with the electric lock device 3, for example, identification information may be provided by the electric lock device 3 or the like. Even if the identification information is determined by the identification information receiving unit 4 instead of the determination, the identification information is substantially the same. Further, identification information receiving means (interrogator) 4 may be provided in the control device 6 to be unitized.

    The identification information receiving unit 4 includes a transmitting / receiving antenna 22, an amplification / detection unit 23, a signal output I / O conversion unit 24, a signal input I / O conversion unit 28, a modulation unit 25, an oscillation unit 26, and power amplification. A part 27 is provided. The transmitting and receiving antenna 22 comprises an RF receiving unit including an antenna and an LF transmitting unit including a coil, and is used to transmit and receive radio waves. The amplification / detection unit 23 amplifies the FSK signal received by the transmission / reception antenna 22 to demodulate serial data. The I / O conversion unit 24 converts the serial data from the amplification / detection unit 23 into parallel data and outputs the parallel data to the electric lock device 3. The I / O conversion unit 28 converts parallel data from the electric lock device 3 into serial data and outputs the serial data to the modulation unit 25. The modulation unit 25 FSK modulates the serial data from the I / O conversion unit 28 based on the two signals of the frequencies f 1 and f 2 from the oscillation unit 26, and outputs the result to the power amplification unit 27. In this case, the modulation unit 25 defines a signal of frequency f1 for data bit “0” and a signal of frequency f2 for data bit “1”, and the data of frequency f1 and f2 is generated for each data bit. Perform FSK modulation to convert.

(10) Specific Configuration of Management Server FIG. 7 is a schematic explanatory view showing a configuration example of the management server. Further, FIG. 8 is an explanatory view showing a structural example of the vendor DB in the storage unit 50 of the management server 10. As shown in FIG. In FIG. 7, 10 is a management server, 41 is an access control means, 42 is a demand information registration means, 43 is a gate information browsing means, 44 is a gate information registration means, 45 is a key data setting means, 46 is billing information These management means constitute the control unit 40.

    Further, 51 is a vendor database, 52 is a request information database, 54 is a gate information database, 55 is a key data database, 56 is a charge information database, and each of these databases is stored in the storage unit 50. Reference numeral 9 denotes the Internet as a communication network, and the management server 10 is connected to the control device 6 disposed on the building side via the communication network. A vendor terminal (contractor) 11 and a user not shown (for example, a resident) are connected via the communication network 9.

    The access control means 41 has a function of checking (authentication / determining) whether or not the user has access authority (authorization) based on encryption information or the like. For example, as shown in FIG. 8, the vendor database 51 includes a vendor ID, a vendor name, a location, a telephone number, a person-in-charge name or a representative name, a service start date, a password, an effective period of authority, a range of authority (history distribution, Since the key data distribution, range such as maintenance information, area), E-mail address and the like are recorded, the access control means 41 authenticates the trader ID, password and the like, and permits the access if the authentication is correct.

    Next, the request information registration means 42 registers a request from a vendor terminal 11 that has permitted access, for example, vendor A, vendor B, and the like. Therefore, the request information registration means 42 plays the role of sucking up the client's request by intermediating the specified many vendor terminals 11 (client's request information collecting function).

    Next, the browsing unit 43 is a unit for viewing the gate information database 54 storing information such as gate history and key data after the request information registration unit 42 registers the request of the trader in the request information database 52. In this case, the browsing means 43 permits browsing within the scope of the respective authority of the A contractor, the B contractor and the like. In addition, the gate information browsing unit 43 searches the data search screen for a specific item in the gate information of the gate information database 54 within the scope of the contract when the access contractor 41 is authenticated by the access control unit 41. Since it transmits to the trader terminal 11, the said trader terminal 11 which received the permission can browse only the data regarding a specific item.

    Next, when the gate information registration means 54 acquires, for example, the linked specific gate information (log information) of FIG. 6, whether the gate information to be stored in the storage unit 50 (for example, the information of the contractor whose key data is legitimate) Whether or not it is authenticated and determined, and if the determination result is OK, it is stored in the gate information database 54.

    Next, the key data setting means 55 sets (generates or duplicates) appropriate key data from the key data database 55 storing the latest key data and backup key data, and transmits the predetermined key to the authorized dealer terminal. It is a means to transmit data. The charge information management means 46 is a means for managing charge information for the browsing contractor who browsed the data regarding the specific item registered in the trader database 51.

    Therefore, the management server 10 can not only collect and manage gate information from the control device 6 that monitors the gate of a building, but can also collect customer requests via the authorized trader terminal 11, and security Information such as key data and history can be quickly transmitted to the trader terminal 11 as the first user.

(11) Information processing of control device First, when the transponder (IC tag, IC card, portable terminal having tag function, etc.) 5 enters a predetermined area (irradiation range of radio waves) of the gate (door) 1 of the building, a question Correspondence is performed between the device (IC reader) 4 and the response device 5. When the interrogator 4 acquires key data (for example, the ID of the resident, the ID of the employee, the ID of the manager, etc.) after the two exchange signals with each other by radio waves, the authentication / determination means of the control unit (IC) Makes authentication and judgment of the read information. When it is determined that the registration information in the storage unit storing the registration information, gate history, execution program, etc. matches the key data and the key data is "OK", the timer is activated and the user enters and leaves within a predetermined time. For example, based on key data, gate information such as entry (exit if exit), time, locking / unlocking, opening / closing of the gate, etc. in the storage unit via the record registration means Register in exit record DB.

    Next, the transmission rule setting means sets a gate number, an entrance time (or exit time), an unlock (or / and lock) state, an open state (or And the closed state), the identification number of the control device is associated, and the association information is transmitted as “gate information” to the electronic mail address of the management server 10 via the input / output unit, the Internet 9 or the like. In the embodiment, since the LAN is configured using the router 8, it transmits to the management server 10 via the router 8 and the Internet 9.

(12) Management server: Acceptance of gate information When the management server 10 receives gate information, it judges / checks "whether or not it is valid gate information" by the judging means. Then, if the gate information is OK, it is registered in the gate registration information DB 54 through the gate information registration unit 44. Hereinafter, if gate information is received from the specific / multiple control devices via the Internet 9, the gate information is processed in the same manner as described above and gate information is accumulated as gate history in the gate registration information DB 54 each time as described above. . This gate history is non-public information which can not be freely browsed by an unspecified number of terminals.

(13) First user: Registration of trader In the embodiment, the trader terminal 11 having the access right is the “first user”, preferably from the viewpoint of retention of personal secret (problem of the invention). Only the user can view the private information (here, this will be referred to as "first embodiment").
Thus, registration (contract) of the trader as the first user is executed between the trader terminal 11 and the management server 10 via the Internet 9 and with a predetermined reception screen. As is well known, on a predetermined reception screen, necessary matters such as trader's name (locker's name), trader's whereabouts, telephone number, E-mail address, etc. are input, and access authority (password, member ID) is E -Granted by mail or registered mail. The vendor terminal 11 can access the management server 10 after receiving the access authority, and can browse the gate information DB 54.

(14) Generation and Transmission of Key Data FIG. 9 is an explanatory view showing the key data database 55 and the contents of the generated key data. The key data database 55 is associated with a vendor terminal (trader ID), and includes, for example, a control device number, a gate number, old key data (old ID), old key data grant date, new key data (latest), The grant date of the new key data, the backup number, etc. are associated and stored.
Therefore, after the key data setting means 45 receives (registers) the request of the vendor terminal 11, as shown in FIG. 9, for example, the control device number, gate number, old key data, new key data, date of grant etc. To generate key data, and transmit the generated latest key data to the E-mail address of the vendor terminal. Then, after transmitting the generated key data, the key data attachment file of the key data database 55 is recorded.

    In FIG. 10, for example, when the building is an apartment, one control device 6 is appropriately disposed in the common part of the apartment, and the control device 6 and the management server 10 are connected via the Internet 9. 11 is a conceptual view showing that key data can be acquired from the management server 10.

    FIG. 11 is a flowchart showing in detail the distribution of key data of FIG. As a matter of course, the system of the present invention is realized using a home page on the Internet, as with other systems. Therefore, the management server 10 launches a home page on the Internet by a web engine or the like. The trader terminal 11 and the user (general customer) access the access control means 41 having the homepage of the management server 10 as an interface by the access means such as the WWW browser of the trader terminal 11 linked to the wide area computer network 9 and request information Request registration of Before registering the request information, the access control unit 41 of the management server 10 checks whether the trader terminal 11 has an access right (S101). The access control means 41 transmits the menu screen for request input after authenticating that the contractor is a properly registered member based on the contractor authentication information such as the password of the contractor and the trader terminal ID. (S102).

    The trader terminal 11 receives and displays the menu screen for request input (S103, S104). Therefore, since there are a plurality of menu screens for request input (service menu screens), for example, the vendor selects a desired menu screen (for example, a request screen for the latest key data) (S105), and selects instruction information for selecting a request information registration menu. Therefore, after the address, name, etc. are input, the management server is transmitted (S106). In this case, when the request from the trader terminal 11 is browsing of the gate information database 54, the management server 10 uses the browsing unit 43 to select information of the request information matching the browsing conditions as the homepage. This is presented to, for example, the A contractor (member) using the following interface. Then, when the request information such as the gate history is received, the request information registration unit 42 writes the request information in the request information database 52 and manages it. The vendor can also retrieve a desired gate history from the presented selection information of the request information.

    Thus, if the management server 10 receives the request information (request for key data) (S107), after confirming the range of the authority, if it is within the range of the authority, the request information is also requested information DB 52 Store in Thereafter, the key data setting unit 45 generates and transmits, for example, the latest key data (S109). The vendor terminal 11 receives the latest key data (S110).

    As described above, in the first embodiment, since the trader terminal 11 is occupied by a locksmith who maintains the gate of the building, the management server 10 periodically sends a key data to the trader terminal 11 at the time of a disaster. In any case when lost, the latest key data is transmitted by transmitting either the latest key data or the backup key data via the Internet 9. The management server 10 can transmit repair information of the control device to the trader terminal 11 via the Internet when the control device 6 breaks down.

(15) Viewing of First User, Transmission of Request Items, and Charging The configuration of the management server 10 will be added. As described above, the access control unit 41 has a function of authenticating the trader terminal 11 that has accessed the management server 10 via the Internet 9. Therefore, the access control means 41 searches an access list (contractor information) registered in advance in the trader terminal DB 51, and permits access if the trader terminal is registered in the access list.

    The request information registration means 52 is, for example, request 1 (wants to know gate history), request 2 (wants key data), request 3 (repair information), request 4 (replacement of electric lock and parts) ), Request 5 (others), etc. are roughly classified and registered in the supplier's request information DB 52.

    Therefore, when the request of the vendor terminal is the demand 1, the user wants to know the gate history that the gate information DB 54 wants to know based on the key data or the identification number of the control device or the gate number and via the browsing means 43. Can. When the request of the vendor terminal is the request 2, either the latest key data or the backup key data is assigned via the key data setting unit 45 in response to the request.

    By the way, when giving key data to the trader terminal 11 via the Internet 9, a sufficient code number etc. is set from the viewpoint of secrecy retention, and thereafter, by e-mail, a handy portable terminal 11 such as a smart phone or tablet terminal. Assign key data to When a non-touch key (physical key in appearance) having key data built therein is given, a registered courier service or the like is used. The charging information management means 46 registers charging information corresponding to the request (usage information) of the trader terminal in the charging information DB 56.

    In this section, the second and third embodiments of the present invention will be described. In the description of these embodiments, the same parts as those in the first embodiment will be assigned the same or similar reference numerals and redundant explanations will be omitted.

The second embodiment shown in FIGS. 12 to 14 is mainly different from the first embodiment in that a person having access authority is at least a user 13 of a building. Of course, the person having access authority may be both the trader terminal 11 of the first embodiment and the user 13 of the building.
In the second embodiment, the “trader terminal 11” of the first embodiment is read as the “user 13” without departing from the object of the invention.

    Therefore, in the entry / exit system X1 of the second embodiment, the management server 10A has the database 51A of the building user 13 in the storage unit 50, so the access control system grants the building user 13 an access right. Management server 10A, the Internet 9, and a control device 6 which is disposed in either a private portion or a common portion of a building and monitors gate information of the building, and the gate information can at least open the gate Containing the predetermined key data, the control device 6 acquires the gate information, the gate information is transmitted to the management server 10A via the Internet 9, and the user 13 of the building via the Internet 9 The gate information can be acquired from the management server by accessing the private information of the management server 10A.

    Therefore, the management server 10A can also provide the user 13 of the desired building with either the latest key data for opening the user's gate or the backup key data. The management server 10A can also transmit the operation log information of the gate of the user to the user 13 of the desired building via the Internet 9. Furthermore, the management server 10A can provide various services such as being able to periodically transmit a gate history to the user 13 of the building through the Internet 9.

    The third embodiment shown in FIG. 15 to FIG. 17 mainly differs from the first embodiment in that the access control system X2 is provided to the management server 10B, the Internet 9, and either the exclusive portion or the common portion of the building. The control device 6 is disposed and monitors gate information of a building, the gate information includes at least predetermined key data capable of opening the gate, and the management server 10B performs the control via the Internet 9 A maintenance means 47 is provided which can be connected to the apparatus 6 to delete the key data and perform remote maintenance such as setting of the latest key data.

Therefore, among the gate information stored in the storage unit of the control device 6, the management server 10B remotely controls the latest key data by deleting the old key data, for example, out of the gate information stored in the storage unit of the control device 6. It can be set by In the third embodiment, the maintenance-completed information is accumulated in the maintenance database 57 of the storage unit 50.
FIG. 17 is an explanatory view showing an example in which the management server 10B changes (deletes / registers) the old key data stored in the storage unit 34 of the control device 6 to, for example, the latest key data (also in the flowchart is there).

    In FIG. 17, the step (1) is, for example, wireless exchange between an interrogator (medium information reading means) and a responder (information medium), and key data (eg, resident) whose interrogator can open and close the gate Of the gate information 1A including the ID of The step (2) is a step in which the storage unit 34 of the control device 6 stores the gate information 1A.

    Each of the steps (3) and (4) is a step of extracting the gate information 1A after a predetermined time (for example, 3 seconds) has elapsed and transmitting it via the transmission rule setting means 36 and the Internet 9.

    The step of (5) indicates that the gate information monitored by the control device 6 is collected by the management server 10B via the Internet 9 and registered in the storage unit 50 of the management server 10B.

    Next, in the step (6), management is performed either when a predetermined condition is satisfied (for example, periodically) or in an emergency (for example, when there is a request from the trader terminal 11 or the user 13 of the building). The key data setting unit 45 of the server 10B extracts the necessary information for generating key data from the storage unit 50 from the vendor database 51, the request information database 52, the gate information database 54, and the key data database 56, and associates them. It is a stage of generating key data.

    The control unit 40 of the management server 10B automatically performs maintenance on the control device 6 with respect to the maintenance unit 47 when the key data setting unit 45 generates key data with a string that conforms to the request information. Request to send 'command signal'.

    Therefore, in the step of (7), when the management server 10B transmits the command signal to the control device 6 via the Internet 9, the control device 6 automatically receives the command signal from the management server 10B. In the normal standby mode (a mode in which the interrogator can receive the response signal of the responder), the mode is switched to the maintenance change mode 61 in which the registration information can be rewritten for a predetermined time (for example, 4 seconds).

    The step (8) is a step in which the management server 10B transmits key data (for example, latest key data) via the Internet 9 during the change mode.

    The step (9) is a step of maintaining (erasing / registering) the gate information stored in the storage unit 34 of the control device 6. After maintaining the gate information of the control device 6 in this manner, the management server 10B registers maintenance information in the maintenance database 57.

    Therefore, the third embodiment of the present invention differs from Patent Document 4 and Patent Document 5 in that "the management server 10B, the Internet 6, and either the exclusive portion or the common portion of the building are provided and the building is The gate information 1A includes at least predetermined key data capable of opening the gate, and the management server 10B transmits the control information to the control device 6 via the Internet 9. The gate information 1A connected and including the key data is siphoned through the Internet 9 and registered in its own storage unit 50, and thereafter either when a predetermined condition is satisfied or in an emergency, The control device 6 receives maintenance information from the management server 10B and switches to the change mode 61 for maintenance, deletes old key data during the change mode, and updates It is characterized in that an access control method, "which is characterized in that remote execution rekeying data such as setting the key data via the maintenance unit 47 and the Internet 9.

    In the third embodiment, after performing maintenance on the control device 6, the management server 10 B sends the latest key data corresponding to the maintenance to the vendor terminal 11 or the user terminal 13 of the building through the Internet 9. It is desirable to give. In this case, it is also possible to deliver by mail etc. to the resident of the building, the manager, etc.

    By the way, when remote maintenance is carried out by the system, for example, among the cloud servers which have become popular recently, the management server 10B can perform maintenance and deployment using an apartment network form (a so-called platform). In the case, it is necessary to enter into a contract with a condominium management union and a real estate management company. Then, for example, when the gate of the common part of the apartment becomes inoperable due to lightning strike, earthquake or the like, the management server uses the Internet 9 to directly (for example, manage as much as possible Maintenance can be quickly performed by providing the latest key data to the company management terminal or indirectly (eg, providing the latest key data to the SD store).

    In addition to the maintenance (registration of key data, etc.), the management server 10B provides various service menu screens to the user (resident, manager), and uses the e-mail address used for backup of the present system and notification of coming home. Changes, periodical diagnosis of system operation status, remote response to sudden system failure, etc. In addition, about the flowchart of 3rd Embodiment, description of FIG. 10 of 1st Embodiment or FIG. 13 of 2nd Embodiment is used in the range which does not deviate from the subject of invention.

    INDUSTRIAL APPLICABILITY The present invention can be used as an access control system and an access control method in which a monitoring device that monitors a gate (door) of a building and a management server that manages gate information are connected via the Internet.

1 ... gate,
2 ... common part of the building,
3 ... electric lock device,
4 ... Interrogator, 5 ... Responder,
6 ... Control device,
9-Internet,
10, 10A, 10B: Management server,
11 ... vendor terminal,
13 ... User (terminal of administrator or terminal of resident),
16: Information acquisition means,
17, 17A ... key data,
31 ... control unit,
36 ... Transmission rule setting means,
40: Control unit of management server,
41 ... access control means,
45: Key data setting means,
50: Storage unit of management server,
61 ... Change mode for maintenance.

Claims (5)

The management server for giving access authority to the vendor terminal, the Internet, and a control device disposed in either the exclusive or shared part of the building and monitoring gate information of the building;
The gate information includes at least predetermined key data capable of opening the gate, the control device acquires the gate information, and the gate information is transmitted to the management server via the Internet, or The gate information is acquired by the management server connecting to the control device via the Internet, and the management server stores the acquired gate information as private information in the storage unit.
The access management system, wherein the trader terminal accesses private information of the management server via the Internet, and can acquire the gate information including at least the predetermined key data from the management server.   In the access control system according to claim 1, the management server is periodically updated with the vendor terminal at the time of a disaster or when the customer of the vendor terminal loses the key data, the latest through the Internet. An access management system characterized by transmitting either key data of or backup key data.   The access management system according to claim 1, wherein the management server transmits repair information of the control device to a vendor terminal via the Internet when the control device fails. A management server to grant access rights to agent terminal, and the Internet, the gate information including a gate identification number of gates or shared portions of the proprietary portion or the proprietary portion of the disposed and having the buildings on either shared part of the building Equipped with a control device to monitor
The gate information includes a predetermined key data that can be opened at least the gate, the control device stores the gate information in the storage unit of the control device, and association with said gate information the authentication result of the key data, and sends to the management server via the Internet, of the management server the authentication result the management server that has received the private information in a state in which the gated information and linking Stored in the storage unit,
The skilled terminal access control method, wherein the Internet access to the private information of the management server via a said gate information including at least the predetermined key data can be obtained from the management server. 5. The access control method according to claim 4, wherein the trader terminal is a gate history linked to gate information corresponding to the non-public information , or a latest one linked to gate information corresponding to the non-public information . An access management method comprising: acquiring either key data or backup key data linked to gate information corresponding to the non-public information .

Images