JP6680970B2 - Information processing device, information processing method, and program - Google Patents

Description

  The present invention relates to an information processing device, an information processing method, and a program.

  In recent years, interest in telework is increasing in each company. Telework has issues such as preventing access to confidential information by third parties and optimizing labor management, and these issues must be resolved before they can be introduced.

  In order to solve these problems, a telework management support system using face recognition technology is currently being developed.

  By using this system, it is possible to authenticate the person from the webcam image, detect the labor situation, security incidents such as spoofing and peeping by a third party, and notify the administrator.

  However, in the above system, the work manager of the teleworker guarantees that the face image used for personal authentication of the person who performs the telework work (for example, the teleworker) belongs to the teleworker himself. There is a need.

Japanese Patent Laid-Open No. 2015-103198

  In Patent Document 1, first, when a teleworker starts working, a face image of the teleworker is photographed, and the face image and the face image which is first guaranteed to be the teleworker himself are used. Personal authentication is performed by setting the authentication level (high / medium / low) according to the degree of possibility of being a telecommuting person.

  When the authentication level is medium, the face image used for personal authentication is updated with the captured face image to prevent deterioration of personal authentication accuracy. When the authentication level is low, the administrator is asked to confirm whether the captured face image can be used for personal authentication. When the administrator determines that the face image is the face image of the teleworker himself, the face image used for personal authentication is updated with the captured face image.

  The above mechanism provides a mechanism for recording the labor status of teleworkers and the trail of security incidents while reducing the burden on the administrator.

  However, in this mechanism, it is necessary to first register a face image, which is guaranteed to be the teleworker himself, in the system.

  Therefore, until the face image that is guaranteed to be the teleworker himself is first registered in the system, the teleworker cannot start working, and the productivity of the teleworker decreases.

  Therefore, in the present invention, in monitoring the occurrence of information security problems in the telework management support system, a mechanism for reducing detection omissions of information security problems and the like from the time when a person who performs telework operations starts telework operations I will provide a. Furthermore, it provides a mechanism to reduce the productivity drop of the person who performs the telework work.

  An information processing apparatus according to the present invention includes a face image acquisition unit that acquires an applied authentication face image, and trail data that acquires trail data obtained by using the authentication face image acquired by the face image acquisition unit. Acquisition means, approval processing acceptance means for accepting approval processing for the authentication face image acquired by the face image acquisition means, and obtaining using the authentication face image based on the status of the approval processing for the authentication face image. Trail data management means for managing the state of the obtained trail data.

  Further, an information processing method of the present invention is an information processing method in an information processing apparatus, wherein the face image acquisition means of the information processing apparatus acquires a face image acquisition step of acquiring an authentication face image applied by a user, A trail data acquisition process of the information processing device, wherein the trail data acquisition device acquires the trail data obtained by using the authentication face image acquired in the face image acquisition process, and an approval processing acceptance device of the information processing device. However, the approval processing acceptance step of accepting the approval processing for the authentication face image acquired by the face image acquisition step, the trail data management means of the information processing device, based on the state of the approval processing for the authentication face image, A trail data management step of managing the state of the trail data obtained using the authentication face image.

  A program of the present invention is a program that can be executed by an information processing device, the information processing device comprising: a face image acquisition unit that acquires an authentication face image applied by a user; and a face image acquisition unit. Trail data obtaining means for obtaining trail data obtained using the obtained face image for authentication, approval processing receiving means for receiving approval processing for the face image for authentication obtained by the face image obtaining means, and the authentication It is characterized in that it functions as a trail data management means for managing the state of the trail data obtained by using the authentication face image based on the state of the approval processing for the face image.

  According to the present invention, it is possible for a person who performs a telework task to detect an information security problem or the like from the time the telework task is started. Further, it is possible to reduce the productivity decrease of the person who performs the telework work.

It is a system block diagram which shows an example of a structure of the telework management support system in this invention. FIG. 3 is a block diagram showing a hardware configuration of an information processing apparatus applicable to the management server 101, the teleworker PC 111, and the administrator PC 121 shown in FIG. 1. It is a block diagram showing an example of functional composition of a telework management support system in the present invention. It is a flow chart which shows an example of the trail data registration processing of the telework management support system in the present invention. It is a flowchart which shows an example of the detailed process of the authentication face image application of the telework management support system in this invention. It is a flowchart which shows an example of the detailed process of the authentication face image approval of the telework management support system in this invention. It is a flowchart which shows an example of the detailed process of the authentication face image reselection at the time of sending back the authentication face image of the telework management support system in this invention. It is a flowchart which shows an example of the detailed process of the said trail data correction at the time of the authentication face image denial of the telework management support system in this invention. It is a data block diagram which shows an example of the user information storage table of the telework management support system in this invention. It is a data block diagram which shows an example of the trail data storage table of the telework management support system in this invention. It is a screen image which shows an example of the approval screen of the face image for authentication of the telework management support system in this invention. It is a screen image which shows an example of the re-selection screen of the authentication face image of the telework management support system in this invention. It is a screen image which shows an example of the trail data correction screen at the time of rejecting the face image for authentication of the telework management support system in this invention. It is a flowchart which shows an example of the detailed process of the authentication face image reselection at the time of sending back the authentication face image of the telework management support system in this invention. It is a screen image which shows an example of the re-selection screen of the authentication face image of the telework management support system in this invention.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a system configuration diagram showing an example of the configuration of a telework management support system to which the information security monitoring process of the present invention is applied.

  The telework management support system 100 has a configuration in which one or more management servers 101, one or more teleworker PCs 111, and one or more administrator PCs 121 are connected via the Internet 130.

  The management server 101 is a server that centrally manages, as telework information, trail data of a teleworker, peep by another person, or impersonation, and is constructed on the service environment network 104.

  When the teleworker PC 111 and the administrator PC 121 connect to the management server 101 by an authentication process using an account ID and a password, and the management server 101 receives telework information from the teleworker PC 111, the management server 101 Store in database. Further, when there is a request for acquisition of telework information from the administrator PC 121, necessary telework information is retrieved from the database of the management server 101.

  The teleworker PC 111 is a terminal that creates trail data that is the basis of telework information, exists on the home network 110, and the trail data is created by a dedicated application, and passes through the router 112, the Internet 130, and the router 103. It is transmitted to the management server 101. The information security monitoring process of this embodiment operates as a function within this dedicated application.

  The administrator PC 121 is a terminal for confirming telework information and exists on the in-house network 120. To confirm telework information, a web management console (operating on a web browser) is used, a router 122, the Internet. The management server 101 is connected via the router 130 and the router 103.

  Hereinafter, the hardware configuration of the information processing apparatus applicable to the management server 101, the teleworker PC 111, and the administrator PC 121 illustrated in FIG. 1 will be described with reference to FIG. 2.

  FIG. 2 is a block diagram showing a hardware configuration of an information processing apparatus applicable to the management server 101, the teleworker PC 111, and the administrator PC 121 shown in FIG. Since each device has the same configuration, description will be given using the same reference numerals.

  In FIG. 2, reference numeral 201 denotes a CPU, which centrally controls each device and controller connected to the system bus 204. Further, the ROM 202 or the external memory 212 is necessary to realize a control program of the CPU 201, such as a BIOS (Basic Input / Output System), an operating system program (hereinafter, OS), and a function executed by each server or each PC. Various programs described below are stored.

  A RAM 203 functions as a main memory and a work area of the CPU 201. The CPU 201 implements various operations by loading a program or the like required for executing the processing from the ROM 202 or the external memory 212 into the RAM 203 and executing the loaded program.

  An input controller 205 controls input from a keyboard (KB) 209, a web camera 210, a pointing device such as a mouse (not shown), or the like. A video controller 206 controls display on a display such as a CRT display (CRT) 211. In addition, although it is described as CRT 211 in FIG. 2, the display device is not limited to the CRT, and may be another display device such as a liquid crystal display. These are used by the administrator as needed.

  A memory controller 207 is installed in an external storage device (hard disk (HD)) that stores a boot program, various applications, font data, user files, edit files, various data, a flexible disk (FD), or a PCMCIA card slot. It controls access to an external memory 212 such as a CompactFlash (registered trademark) memory connected via an adapter.

  A communication I / F controller 208 connects and communicates with an external device via a network (for example, the network 104 shown in FIG. 1) and executes communication control processing in the network. For example, communication using TCP / IP is possible.

  The CPU 201 enables display on the CRT 211 by executing outline font rasterization processing in a display information area in the RAM 203, for example. Further, the CPU 201 enables a user instruction with a mouse cursor or the like (not shown) on the CRT 211.

  Various programs to be described later for implementing the present invention are recorded in the external memory 212, and are executed by the CPU 201 by being loaded into the RAM 203 as necessary. Further, the setting files and the like used when the above program is executed are also stored in the external memory 212, and detailed description thereof will be given later.

  The overall flow of the telework management support system 100 will be described below with reference to FIG.

  In the telework management support system 100, the teleworker PC 111 monitors labor and information security by personal authentication processing, the management server 101 manages monitoring information, and the administrator PC 121 displays monitoring information.

  The teleworker PC 111 uses a dedicated application to perform personal authentication processing using an image based on the data obtained by shooting with the web camera 210. The dedicated application uses the account ID and password to establish a communication connection with the management server 101.

  After establishing the connection with the management server 101, the labor monitoring and the information security monitoring of the teleworker are performed by the personal authentication processing. During monitoring, it detects events such as leaving the seat, impersonating the other person, and looking into a third party as events. When an event is detected, or at a predetermined timing (for example, every 10 seconds), the teleworker PC 111 transmits the event trail data to the management server 101.

  Further, the teleworker PC 111 has a function of applying for an authentication face image to be used in the personal authentication processing by using a dedicated application, and transmits the authentication face image to the management server 101.

  Upon receiving the event trail data from the teleworker PC 111, the management server 101 stores it as telework information in the trail data storage table of the management database 402. Further, when the trail data is received, the management server 101 notifies the administrator PC 121 of event detection. When the management server 101 receives the authentication face image from the teleworker PC 111, the management server 101 stores the authentication face image in the user information storage table of the management database 402 as trail data processing information. When receiving the authentication face image, the management server 101 notifies the administrator PC 121 of the approval request. The notification of the event detection and the approval request may be realized, for example, by sending an email, or may be notified on the web management console described later.

  In the administrator PC 121, the trail data of the event of the teleworker on the management server can be confirmed using the web management console. The web management console can be used by accessing the dedicated URL from a web browser. In the Web management console, you can check the time when the event was detected and the image, as well as the running application and the file being queried. Further, the face image for authentication of the teleworker on the management server can be confirmed using the web management console, and approval, rejection, and remand can be performed.

  Next, with reference to FIG. 3, each function of the teleworker PC 111 and the management server 101 in this embodiment will be described.

  The teleworker PC 111 includes an image capturing unit 303 and a camera image acquisition unit 304. The image capturing unit 303 represents a camera for capturing an image of a teleworker that is a subject, and corresponds to the above-described web camera 210 and a camera image. The acquisition unit 304 acquires data obtained by the image capturing unit 303 as an image (hereinafter, referred to as a camera image). The camera image may be acquired at preset time intervals, or may be acquired as soon as the previous process in the repeated process is completed.

  The teleworker PC 111 also includes a user information storage unit 301, a person identifying unit 305, an authentication face image application unit 306, and an authentication face image transmission unit 307.

  The user information storage unit 301 stores information about a user managed by this system, including face photograph data necessary for face recognition. In the present embodiment, the user information is stored in the management server 101, and the difference data of the user information is distributed from the management server 101 to the teleworker PC 111 when the system is started.

  The person identifying unit 305 recognizes the face of a person in the camera image acquired by the camera image acquiring unit 304, and based on the face photograph data (authentication face image) stored in the user information storage unit 301. Specify the person. These can be realized by using known face detection technology and face recognition technology.

  Further, the person identifying unit 305 classifies the terminal front state by the identified person. That is, the front face state of the terminal is classified into "only person", "third party imaged", etc. using the authentication face image.

  The state in front of the terminal means “only the person” when only the teleworker is shown in the camera image, the teleworker himself, and the other user (hereinafter referred to as other user) stored in the user information storage unit 301. A person who has not been identified as the teleworker and the user stored in the user information storage unit 301 by the person identification unit 305 when both are in the image or when only the other user is imaged (Hereinafter referred to as “third party”), or when only a third party is shown, “Third party reflection” is displayed. Seats ".

  The authentication face image application portion 306 applies for the authentication face image used for the personal authentication processing of the teleworker. A camera image can be acquired from the camera image acquisition unit 304, the position of the face shown in the camera image can be detected by a known face detection technique, and the detected face area can be acquired as an authentication face image.

  The authentication face image transmission unit 307 transmits the authentication face image acquired by the authentication face image application unit 306 to the management server 101 together with the user information.

  The teleworker PC 111 also includes a trail data transmission unit 308 and an authentication face image approval result reception unit 309.

  The trail data transmission unit 308 sends the camera image acquired by the camera image acquisition unit 304 and the terminal front state divided by the person identification unit 305 using the authentication face image to the management server 101 as the trail data together. .

  The authentication face image approval result receiving unit 309 receives the approval result notified from the authentication face image approval unit of the management server 101 described later. If the authentication face image approval result receiving unit 309 sends back the authentication face image, the authentication face image approval result reception unit 309 notifies the authentication face image application unit 306 of the authentication face image acquisition request again. The notification of the authentication face image acquisition request may be realized, for example, by sending an email to a teleworker PC, or may be notified by a dedicated application.

  The management server 101 includes an authentication face image reception unit 401, a management database 402, a trail data reception unit 403, a trail data processing unit 404, and an authentication face image approval unit 405.

  The authentication face image receiving unit 401 receives (acquires) the authentication face image applied by the user from the authentication face image application unit 306 and transmitted from the teleworker PC 111 authentication face image transmission unit 307, and the management database 402. Save to the user information save table of. Further, the manager PC 121 is notified of an approval request for the received (acquired) authentication face image.

  The management database 402 is a storage area that stores the user information illustrated in FIG. 9 and the trail data illustrated in FIG. 10.

  The trail data receiving unit 403 receives (acquires) the trail data transmitted from the trail data transmitting unit 308 of the teleworker PC 111, and stores the trail data in the trail data storage table of the management database 402.

  The trail data processing unit 404 acquires the trail data from the trail data storage table of the management database 402 when the trail data storage unit 403 requests the trail data storage, and acquires the teleworker user identification information from the trail data. Then, based on the value of the face image state for authentication of the user identification information, any one of "confirmed", "temporary approval", and "hold" is set to the state of the trail data. Also, when a trail data browsing request is issued from the administrator PC 121, the trail data is acquired from the trail data storage table of the management database 402, and the teleworker user identification information is acquired from the trail data.

The authentication face image approval unit 405 performs an approval process for the approval request of the notified authentication face image. That is, the approval process for the authentication face image is accepted based on the operation content of the administrator PC 121.
(Explanation of FIG. 9)

  Here, an example of the user information storage table of the management database 402 according to the embodiment of this invention will be described with reference to FIG.

  The user information storage table of FIG. 9 represents a user who uses this telework management support system, one row of which is stored in the management database 402.

  The data set in the user ID column is an alphanumeric string that identifies a user who uses this telework management support system.

  The data set in the authentication face image field represents a link destination to the face photograph data (authentication face image) used for face recognition, that is, a folder path name and a file name, and is specified by the link destination. Actual face image data is stored in the place.

  The data set in the registration date / time column stores the time when the authentication face image of the record is saved.

The data set in the authentication face image status column indicates whether or not the authentication face image of the record has been approved by the administrator. "Waiting for approval", which has not been approved yet, "Approved" indicating that it has been approved by the administrator, "Rejected" indicating that it has not been approved as a result of the approval process by the administrator, and the image of the person himself / herself One of "Send back" is set to indicate that the image was not approved because it was unclear or an inappropriate image.
(Explanation of FIG. 10)

  Here, an example of the trail data storage table of the management database 402 in the embodiment of the present invention will be described with reference to FIG.

  The data set in the trail ID column is a number string uniquely set for each trail data in order to specify the trail data.

  The data set in the date / time column is the date and time indicating when the trail data was acquired.

  The data set in the terminal front state column is the terminal front state classified by the person identifying unit 305, and is “only the person”, “imprinted by another user”, “imprinted by a third party”, “away”. Is set.

  The data set in the user ID column is an alphanumeric string that is assigned to each teleworker and that identifies the user who uses this telework management support system to identify from which teleworker the trail data was transmitted.

  The data set in the camera image column represents a link destination for the camera image acquired by the camera image acquisition unit 304, that is, a folder path name and a file name, and the actual camera is stored in the location specified by the link destination. The image is stored.

  The data set in the status column is a value set by the trail data processing unit 404 according to the state of the authentication face image of the user ID of the trail data, and is any of “confirmed”, “temporary approval”, and “pending”. Is set.

  Hereinafter, the procedure of trail data registration processing in the telework management support system 100 according to the present embodiment will be described with reference to FIG.

  The processes of steps S401 to S404 and S411 shown in FIG. 4 are processes in which the CPU 201 of the teleworker PC 111 reads and executes a predetermined control program.

  Further, the processes of steps S405 to S410 are processes in which the CPU 201 of the management server 101 reads and executes a predetermined control program.

  In step S401, the person identifying unit 305 of the teleworker PC 111 determines whether or not the authentication face image of the record corresponding to the user ID that has activated the dedicated application in the user information storage unit 301 has been registered. If registered, the process proceeds to step S402. If not registered, the process proceeds to step S411.

  In step S402, the camera image acquisition unit 304 of the teleworker PC 111 acquires the camera image captured by the imaging unit 303.

  In step S403, the person identifying unit 305 of the teleworker PC 111 classifies the terminal front state for the camera image acquired in step S402.

  In step S404, the trail data transmitting unit 308 of the teleworker PC 111 transmits the trail data including the camera image acquired in step S402 and the terminal front state divided in step S403 to the management server 101.

  In step S405, the trail data receiving unit 403 of the management server 101 receives the trail data transmitted from the teleworker PC 111.

  In step S406, the trail data processing unit 404 of the management server 101 refers to the authentication face image state of the record that matches the user ID of the trail data received in step S405 from the user information storage table of the management database 402 to perform authentication. It is determined whether or not the face image is “approved”. If the authentication face image state is “approved”, the process proceeds to step S407. If the authentication face image state is not “approved”, the process proceeds to step S408.

  In step S407, the state of the received trail data is registered as “fixed” in the management database 402 of the management server 101.

  That is, since the state of the authentication face image has been approved, the trail data obtained by using the authentication face image is registered as confirmed data.

  In step S408, the trail data processing unit 404 of the management server 101 determines whether or not the authentication face image state referred to in step S406 is “send back”. If the authentication face image state is “remand”, the process proceeds to step S409. If the authentication face image state is not "remand", the process proceeds to step S410.

  In step S409, the state of the received trail data is registered in the management database 402 of the management server 101 as "pending".

  That is, if the face image of the person is sent back due to being unclear, for example, it is considered that the trail data obtained using the face image that has been sent back has low accuracy in determining the front state of the terminal. Therefore, the status of the trail data is put on hold.

  In step S410, the state of the received trail data is registered in the management database 402 of the management server 101 as "provisional approval".

  The status of the trail data registered as pending or temporary approval is updated to confirmed by the approval process for the authentication face image.

  As described above, even when the authentication face image is not approved by the administrator, the trail data can be registered by setting the status in the trail data obtained by using the authentication face image. . As a result, the telecommuter can start working without waiting for the authentication face image approval process, and thus it is possible to reduce the decrease in productivity.

  Then, by updating the status of the trail data in accordance with the approval process for the authentication face image, it is possible to reduce the omission of recording or detection of the security problem of the trail data.

  In step S411, the person identifying unit 305 of the teleworker PC 111 inputs an application request for an authentication face image to the authentication face image application unit 306. In response to the application request for the authentication face image, the application process for the authentication face image in FIG. 5 described later is performed. The application process here may be performed by being instructed by a user (teleworker) using the teleworker PC 111.

  The procedure of the trail data registration process in the telework management support system 100 according to the embodiment of the present invention has been described above with reference to FIG.

  Next, with reference to FIG. 5, an application process of an authentication face image in the telework management support system 100 according to the embodiment of the present invention will be described.

  The processes of steps 501 to S504 and S506 shown in FIG. 5 are processes in which the CPU 201 of the teleworker PC 111 reads and executes a predetermined control program.

  The process of step S505 (the process shown in detail in the flowchart of FIG. 6) is a process in which the administrator PC 121 and the management server 101 read and execute a predetermined control program.

  In step S501, the authentication face image application unit 306 determines whether or not there is an authentication face image shooting request from the dedicated application of the teleworker PC 111. If there is a request to capture the authentication face image, the process proceeds to step S502. If there is no request, the process advances to step S501 to wait again for a request for capturing an authentication face image.

  In step S502, the authentication face image application unit 306 acquires a camera image from the camera image acquisition unit 304.

  In step S503, the authentication face image application unit 306 performs face detection processing on the camera image acquired in step S502 to detect the position of the face. An authentication face image is cut out from the camera image based on the detected face position, and the authentication face image is passed to the authentication face image transmission unit 307.

  In step S504, the authentication face image transmission unit 307 transmits the authentication face image input in step S503 to the authentication face image reception unit 401 of the management server 101.

  In step S505, the authentication face image receiving unit 401 of the management server 101 receives the authentication face image transmitted in step S504, and the administrator uses the administrator PC 121 to approve the authentication face image. I do. The authentication face image approval unit 405 of the management server 101 transmits the approval result of the authentication face image to the authentication face image approval result reception unit 309 of the teleworker PC 111. Detailed processing of the approval of the authentication face image in step S505 will be described later with reference to FIG.

  In step S506, the authentication face image approval result receiving unit 309 of the teleworker PC 111 receives the approval result of the authentication face image transmitted in step S505. If the teleworker confirms the received approval result, is sent back, and is requested to retake an image, the teleworker may perform the application process for the authentication face image described in FIG. 5 again.

  The procedure of the authentication face image application process in the telework management support system 100 according to the embodiment of the present invention has been described above with reference to FIG.

  Next, with reference to FIG. 6, detailed processing of approval of the authentication face image in the telework management support system 100 according to the embodiment of the present invention will be described.

  The processes of steps S601, S602, and S608 to 612 illustrated in FIG. 6 are processes in which the CPU 201 of the management server 101 reads and executes a predetermined control program.

  Further, the processes of steps S603 to S607 are processes in which the CPU 201 of the administrator PC 121 reads and executes a predetermined control program.

  In step S601, the authentication face image receiving unit 401 of the management server 101 receives the authentication face image transmitted in step S504, and saves the received authentication face image in the user information storage table of the management database 402. . At this point, the status is pending approval.

  Then, the request for approval of the authentication face image is input to the authentication face image approval unit 405.

  In step S602, the authentication face image approval unit 405 of the management server 101 transmits the authentication face image approval request input in step S601 to the administrator PC 121.

  In step S603, the administrator PC 121 receives the authentication face image approval request transmitted in step S602.

  In step S604, the administrator PC 121 determines whether or not the administrator has performed the approval process in response to the authentication face image approval request received in step S603. If the approval process has been performed, the process proceeds to step S605. If not, the process proceeds to step S604. The administrator can perform the approval process on the authentication face image approval screen illustrated in FIG. 11.

  Here, with reference to FIG. 11, an example of a display screen for the administrator to approve the authentication face image in the web management console of the administrator PC 121 of the telework management support system 100 according to the present invention will be described.

  The display area designated by 1101 is an area for displaying the authentication face image that is the target of the approval process. The administrator may browse the image displayed in the display area designated by 1101, and approve the authentication face image if the image is sufficient for personal authentication of the teleworker.

  A button 1102 accepts the approval of the authentication face image that is the approval processing target from the administrator.

  A button 1103 accepts an instruction from the administrator to send back the authentication face image that is the object of the approval process.

  A button 1104 is used by the administrator to accept an instruction to reject the authentication face image that is the target of the approval process.

  When the administrator presses either the approval button 1102, the return button 1103, or the rejection button 1104, the approval process is accepted, and the processing result is transmitted to the management server 101.

As described above, the administrator can use the screen shown in FIG. 11 to confirm the face image for authentication applied by the teleworker and to approve the face image for authentication.
Returning to the explanation of FIG.

  In step S605, the administrator-use PC 121 determines whether or not the administrator approval processing result is “remand”. If it is “return”, the process proceeds to step S606. If it is not "return", the process proceeds to step S607.

  In step S606, the administrator PC 121 performs the reselection process of the authentication face image. Detailed processing of the authentication face image reselection processing in step S606 will be described later with reference to FIG.

  In step S607, the administrator PC 121 transmits the administrator approval processing result and the authentication face image to the authentication face image approval unit 405 of the management server 101.

  In step S608, the authentication face image approval unit 405 of the management server 101 receives the authentication face image and the approval result transmitted in step S607 and determines whether the approval result is “approval”. If the approval result is “approval”, the process proceeds to step S609. If it is “rejection”, the process proceeds to step S610.

  In step S609, the authentication face image approval unit 405 of the management server 101 matches the user ID of the authentication face image received in step S608 from the trail data storage table of the management database 402, and the status is “pending”. Judge whether or not a certain trail data exists. If it exists, the trail data group is stored in the primary storage device, and the process proceeds to step S611. If not, the process proceeds to step S612.

  In step S610, the authentication face image approval unit 405 of the management server 101 matches the user ID of the authentication face image received in step S608 from the trail data storage table of the management database 402, and the status is “provisional approval”. Further, the correction process is performed on the trail data group whose terminal front state is “third party reflection”. Detailed processing of the trail data correction processing in step S610 will be described later with reference to FIG.

  In step S611, the authentication face image approval unit 405 of the management server 101 uses the authentication face image received in step S608 to reclassify the terminal front state of the trail data group stored in step S609, respectively. Update the terminal front state of the trail data record of.

  By this processing, the trail data that has been managed as a hold because the authentication face image has been returned can be updated by redetermining the terminal front state with the approved authentication face image.

  In step S612, the authentication face image approval unit 405 of the management server 101 matches the user ID of the authentication face image received in step S608 from the trail data storage table of the management database 402, and the status is “pending” or The state of each record is updated to “confirmed” for the “temporary approval” trail data.

  That is, in step S <b> 608, the status of the trail data obtained by using the authentication face image can be updated from the temporary approval to the final approval by the approval of the authentication face image waiting for approval.

  In the above, the procedure of the detailed process of approval of the authentication face image in the telework management support system 100 according to the embodiment of the present invention has been described with reference to FIG.

Next, detailed processing of the re-selection processing of the authentication face image in the telework management support system 100 according to the embodiment of the present invention will be described with reference to FIG. 7.

  The processes of steps S701, S704, S705, and S708 to S710 shown in FIG. 7 are processes in which the CPU 201 of the administrator PC 121 reads and executes a predetermined control program.

  Further, the processing of steps S702, S703, S706, S707, S711, and S712 is processing in which the CPU 201 of the management server 101 reads and executes a predetermined control program.

In step S <b> 701, the administrator PC 121 approves the authentication face image reselection request, the authentication face image, and the trail ID if the trail ID is stored in the primary storage device. It is transmitted to the unit 405. The administrator can reselect the authentication face image on the authentication face image reselection screen illustrated in FIG.
Returning to the explanation of FIG.

  In step S702, the authentication face image 405 of the management server 101 receives the authentication face image reselection request, the authentication face image, and the trail ID transmitted in step S701.

  In step S703, the authentication face image 405 of the management server 101 matches the user ID of the authentication face image received in step S702 from the trail data storage table of the management database 402, and also receives the trail ID in step S702. If so, a trail data group that does not match the trail ID, has a status of “provisional approval”, and has a terminal front status of “only person” is acquired. The authentication face image 405 of the management server 101 stores the trail data record with the earliest date and time from the trail data group in the primary storage device. At this time, the trail data to be stored in the primary storage device may be randomly selected, or may be selected according to the orientation of the face detected by performing face detection processing, for example, received in step S702. The face image for authentication may be selected according to the order of highest similarity calculated by performing the personal authentication process. The authentication face image 405 of the management server 101 performs face detection processing on the camera image of the trail data stored in the primary storage device, detects the face position, and detects the detected face position from the camera image. Based on this, the authentication face image is cut out, and the authentication face image and the trail ID of the trail data stored in the primary storage device are transmitted to the administrator PC 121.

  In step S704, the administrator PC 121 receives the trail ID and the authentication face image transmitted in step S703, and stores the trail ID in the primary storage device.

  In step S705, the administrator PC 121 determines whether the administrator has performed the approval process on the authentication face image received in step S704. If the approval process is performed, the approval result and the authentication face image are transmitted to the authentication face image approval unit 405 of the management server 101, and the process proceeds to step S706. If not, the process proceeds to step S708.

  In step S706, the authentication face image approval unit 405 of the management server 101 receives the authentication face image transmitted in step S705 and sets the user ID of the authentication face image from the trail data storage table of the management database 402. A trail data group that matches and is in the “temporary approval” or “pending” state is acquired. The front image of the terminal of each trail data record is re-classified by using the authentication face image, and the front image of the trail data record is updated.

  In step S707, the authentication face image approval unit 405 of the management server 101 matches the user ID of the authentication face image transmitted in step S705 from the trail data storage table of the management database 402, and the status is “pending”. Alternatively, the state of each record is updated to “confirmed” for the “temporary approval” trail data.

  In step S708, the administrator PC 121 determines whether the administrator has issued a reselection request to the authentication face image received in step S704. If the reselection request is made, the process proceeds to step S701. If not, the process proceeds to step S709.

  In step S709, the administrator PC 121 determines whether or not the administrator has issued a re-photographing request to the authentication face image received in step S704. If the re-imaging request has been issued, the process proceeds to step S710. If not, the process proceeds to step S708.

  In step S710, the administrator PC 121 transmits a re-photographing request for the authentication face image to the authentication face image approval unit 405 of the management server 101.

  In step S711, the authentication face image approval unit 405 of the management server 101 receives the re-photographing request of the authentication face image transmitted in step S710, and sends the authentication face image application unit 306 of the teleworker PC 111 to the authentication face image application unit 306. Send a request to take a face image.

  In step S712, the authentication face image approval unit 405 of the management server 101 uses, from the trail data storage table of the management database 402, the user ID of the authentication face image in response to the re-capture request of the authentication face image transmitted in step S710. And the state of the trail data that is “provisionally approved” and that is “pending” is updated.

  The detailed processing procedure of reselection of the authentication face image in the telework management support system 100 according to the embodiment of the present invention has been described above with reference to FIG. 7.

  Here, with reference to FIG. 12, an example of the display screen for the administrator to reselect the authentication face image in the web management console of the administrator PC 121 of the telework management support system 100 according to the present invention will be described.

  The display area 1201 is an area for displaying the authentication face image that is currently the target of the approval process. The administrator may browse the image displayed in the display area designated by 1201 and approve the authentication face image if the image is sufficient for personal authentication of the teleworker.

  A button 1202 receives an approval instruction from the administrator for the authentication face image that is the object of approval processing.

  A button 1203 accepts an instruction from the administrator to request re-imaging of the face image for authentication of the teleworker.

  A button 1204 accepts an instruction of an authentication face image reselection process from the administrator.

  As described above, the administrator uses the screen shown in FIG. 12 to send back the authentication face image applied by the teleworker, and then the management server 101 automatically selects the state of “temporary approval”. It is possible to perform the approval process and the reselection process of the authentication face image acquired from the camera image of the trail data registered as “”, and the re-shooting request to the teleworker.

  Next, detailed processing of the trail data correction processing in the telework management support system 100 according to the embodiment of the present invention will be described with reference to FIG.

  The processing of steps S801, S802, S807, and S808 shown in FIG. 8 is processing in which the CPU 201 of the management server 101 reads and executes a predetermined control program.

  Further, the processes of steps S803 to S806 are processes in which the CPU 201 of the administrator PC 121 reads and executes a predetermined control program.

  The process shown in FIG. 8 is a process in which the administrator corrects the terminal front state with respect to the trail data obtained by using the rejected face image for authentication.

  That is, the fact that the authentication face image is rejected means that the face of another person is shown. Therefore, regarding the trail data obtained by the face of another person, the state in which the front of the terminal is improper (the trail data determined to be the person using the face of the other person should be originally determined to be a third party reflection). Since it is data), it is a process for correcting it.

  In step S801, the authentication face image approval unit 405 of the management server 101 matches the user ID of the authentication face image received in step S608 of FIG. 6 from the trail data storage table of the management database 402, and the state is “ Temporary approval ”, and a trail data group in which the terminal front state is“ third party reflection ”is acquired and stored in the primary storage device.

  In step S802, the authentication face image approval unit 405 of the management server 101 transmits the trail data group stored in step S801 to the administrator PC 121.

  In step S803, the administrator PC 121 receives the trail data group transmitted in step S802.

  In step S804, the administrator PC 121 starts a repetitive process for the trail data group received in step S803.

  In step S805, the administrator PC 121 determines whether the administrator has performed correction processing on the trail data being processed. If the correction process has been performed, the process proceeds to step S806. If not, the process proceeds to step S805. The administrator can perform the correction process on the trail data correction screen illustrated in FIG.

  In step S806, if there is unprocessed trail data, the administrator PC 121 returns to step S805. If there is no unprocessed trail data, the repetitive process is terminated, and the target trail data group and the correction result for the terminal front state of the trail data group are transmitted to the authentication face image approval unit 405 of the management server 101. .

  In step S807, the authentication face image approval unit 405 of the management server 101 receives the trail data group and the correction result of the trail data group with respect to the front state of the terminal, and stores the corresponding trail data in the trail data storage table of the management database 402. The terminal front state of the record is updated to each correction result, and the state is further updated to "fixed".

  By this processing, the trail data determined to be the original person by using the face of another person can be updated to the third party reflection which is the original front state of the terminal.

  In step S808, the authentication face image approval unit 405 of the management server 101 matches the user ID of the authentication face image received in step S608 of FIG. 6 from the trail data storage table of the management database 402, and the state is “ "Temporary approval", and for the trail data group in which the terminal front state is "only the person", the terminal front state is updated to "third party reflection" and the state is updated to "fixed".

  Referring to FIG. 13, in the web management console of the administrator PC 121 of the telework management support system 100 according to the present invention, after the administrator rejects the authentication face image, the terminal front state is “third party reflection”. An example of a screen for correcting the terminal front state of the trail data whose state is registered as “temporary approval” will be described.

  The display area indicated by 1301 is an area for displaying the camera image of the trail data that is the correction processing target. The administrator may browse the image displayed in the display area designated by 1301 and decide whether to determine the front state of the terminal as “third-person reflection” or to correct it to “only the person”.

  A button 1302 accepts an instruction from the administrator to confirm the front state of the terminal of the trail data that is the correction processing target as “third party image”. When the button 1302 is pressed, the terminal front state of the trail data is stored in the primary storage device as “third party image”.

  Reference numeral 1303 denotes a button that receives an instruction from the administrator to correct the terminal front state of the trail data that is the correction processing target to “only the person”. When the button 1303 is pressed, the state of the trail data in the front of the terminal is corrected to “only the person” and is saved in the primary storage device.

  As described above, the administrator uses the screen shown in FIG. 13 to reject the authentication face image applied by the teleworker, and then the management server 101 sets the status to “provisional approval” and the terminal front status. It is possible to correct the front state of the terminal of the trail data registered as “third party reflection”.

As described above, in the telework management support system, the system that can detect the information security problem at the same time when the person who performs the telework work starts to work is provided, and the productivity decline of the person who performs the telework work is reduced. In addition, the administrator can reduce the work load when approving the face image for authentication for personal authentication.
<Second Embodiment>
A second embodiment of the present invention will be described.

  However, regarding the processing flow, the screen, and the data configuration, the description of the same parts as those in the first embodiment will be omitted, and only the differences from the first embodiment will be described.

  FIG. 14 shows an example of detailed processing of the reselection processing of the authentication face image in the telework management support system 100 according to the embodiment of the present invention.

  The process illustrated in FIG. 14 is performed subsequent to step S703 with step S706 as step S1401 of the detailed process of the re-selection process of the authentication face image in the telework management support system 100 of the first embodiment illustrated in FIG. The processing flow is changed as follows.

  Hereinafter, different processes will be described according to the first embodiment.

  In step S703, the authentication face image 405 of the management server 101 matches the user ID of the authentication face image received in step S702 from the trail data storage table of the management database 402, and also receives the trail ID in step S702. If so, a trail data group that does not match the trail ID, has a state of “provisional approval”, and has a terminal front state of “only the person” is acquired. The authentication face image 405 of the management server 101 stores the trail data record with the earliest date and time from the trail data group in the primary storage device. At this time, the trail data to be stored in the primary storage device may be randomly selected, or may be selected according to the orientation of the face detected by performing face detection processing, for example, received in step S702. The face image for authentication may be selected according to the order of highest similarity calculated by performing the personal authentication process. The authentication face image 405 of the management server 101 performs face detection processing on the camera image of the trail data stored in the primary storage device, detects the face position, and detects the detected face position from the camera image. Based on the above, the authentication face image is cut out, and the authentication face image and the trail ID of the trail data saved in the primary storage device are saved in the primary storage device as the reselected authentication face image.

  In step S1401, the authentication face image 405 of the management server 101 matches the user ID of the authentication face image stored in the primary storage device in step S1402 from the trail data storage table of the management database 402, and the state is “temporary”. Acquire the trail data group that is “approved” or “pending”. The front image of the terminal is re-segmented from the obtained camera image of each trail data record using the authentication face image. The authentication face image 405 of the management server 101 manages the authentication face image, the trail ID of the trail data stored in the primary storage device, the acquired trail data group, and the result of reclassification of the terminal front state. To the personal computer 121.

  In step S704, the administrator PC 121 receives the trail ID, the face image for authentication, the trail data group, and the result of reclassification of the terminal front state transmitted in step S703, and stores the trail ID in the primary storage device.

  In step S705, the administrator PC 121 determines whether the administrator has performed the approval process on the authentication face image received in step S704. If the approval process has been performed, the approval result, the authentication face image, the trail data group, and the result of re-classification of the terminal front state are transmitted to the authentication face image approval unit 405 of the management server 101, and the process proceeds to step S707. If not, the process proceeds to step S708.

  In step S707, the authentication face image approval unit 405 of the management server 101 receives the authentication face image, the trail data group, and the terminal front state reclassification result transmitted in step S705, and outputs the respective trail data records. The terminal front state is updated, and the state of each record is also updated to “confirmed”.

  Here, with reference to FIG. 15, an example of a display screen for the administrator to reselect the authentication face image in the web management console of the administrator PC 121 of the telework management support system 100 according to the present invention will be described.

  The display area indicated by 1501 is currently subject to approval processing for the camera image group of the trail data whose current state is “provisional approval” or “pending” and each camera image of the camera image group. This is an area for displaying the change in the front state of the terminal when the determination of the front state of the terminal is performed using the existing authentication face image.

  The administrator browses the image displayed in the display area designated by 1201 and is sufficient to use for personal authentication of the teleworker, and changes in the terminal front state displayed in the display area designated by 1501. To confirm whether or not the front state of the trail data in the terminal has been appropriately determined, and approve the face image for authentication.

  According to the above, the administrator displays the authentication face image currently being approved displayed in the display area designated by 1201 and the authentication of the display area of 1201 displayed in the display area designated by 1501. With the face image, the approval process can be performed while comparing the results obtained by classifying the camera front images of the “provisional approval” and “holding” trail data in front of the terminal. Therefore, the administrator can directly check the influence of the authentication face image on the trail data, and can efficiently perform the reselection process and the approval process of the authentication face image.

  Further, the program in the present invention is a program that causes a computer to execute the processes of FIGS. 4 to 8 and FIG. 14. Note that the program in the present invention may be a program for each process of FIGS. 4 to 8 and 14.

  As described above, the recording medium recording the program that realizes the functions of the above-described embodiments is supplied to the system or apparatus, and the computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by reading and executing.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium recording the program constitutes the present invention.

  Examples of a recording medium for supplying the program include a flexible disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a CD-R, a DVD-ROM, a magnetic tape, a nonvolatile memory card, a ROM, an EEPROM, and a silicon. A disk or the like can be used.

  When the computer executes the read program, not only the functions of the above-described embodiments are realized, but also an OS (operating system) running on the computer based on the instructions of the program. It goes without saying that a case where some or all of the processing is performed and the functions of the above-described embodiments are realized by the processing is also included.

  Further, after the program read from the recording medium is written into the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is executed based on the instruction of the program code. It goes without saying that a CPU or the like provided in the function expansion unit performs part or all of the actual processing, and the processing realizes the functions of the above-described embodiments.

  Further, the present invention may be applied to a system constituted by a plurality of devices or to an apparatus constituted by a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or an apparatus. In this case, by reading the recording medium storing the program for achieving the present invention into the system or device, the system or device can enjoy the effects of the present invention.

  Further, by downloading and reading out a program for achieving the present invention from a server, a database, or the like on a network by using a communication program, the system or device can enjoy the effects of the present invention. It should be noted that the present invention includes all configurations obtained by combining the above-described embodiments and their modifications.

101 Management Server 111 Teleworker PC
121 Administrator's PC

Claims (8)

Face image acquisition means for acquiring the applied face image for authentication,
Trail data acquisition means for obtaining trail data including a terminal front state obtained using the authentication face image obtained by the face image obtaining means,
Approval processing receiving means for receiving approval processing for the authentication face image acquired by the face image acquisition means,
When accepting an approval process that pair to the authentication face image, the trail data including the obtained terminal forward state by using the authentication face image unapproved acquired by the face image obtaining unit, which is the approved Trail data management means for updating the trail data including the front state of the terminal obtained using the face image for authentication ,
An information processing device comprising:   The trail data obtaining means obtains trail data including a front state of the terminal using the captured image and the face image for authentication,
  The trail data management means may provide trail data including a front state of the terminal obtained by using the captured image and the unapproved authentication face image, to the captured image and the approved authentication face. The information processing apparatus according to claim 1, wherein the information is updated to trail data including a terminal front state obtained by using the image. The approval processing reception means is characterized in that, as the approval processing for the authentication face image, the result of approval, remand, or rejection is received.
3. The information according to claim 1, further comprising a reselection unit for reselecting the authentication face image when the approval process reception unit receives a remand as an approval process for the authentication face image. Processing equipment. The reselection means is
The information processing apparatus according to claim 3 , wherein reselection of the authentication face image is accepted from an image included in the trail data of the user who has applied for the authentication face image. By the approval process receiving means, when receiving a pass-back as an admission process for authentication facial image, claims 2 to 4, characterized by further comprising a re-imaging to accept a request to photograph the authentication face image again The information processing apparatus according to any one of 1 . When the approval process accepting unit accepts a rejection as an approval process for the authentication face image, it further comprises a correction accepting unit for accepting correction of the terminal front state of the trail data obtained using the authentication face image. The information processing apparatus according to any one of claims 2 to 5 , characterized in that: An information processing method in an information processing device, comprising:
A face image acquisition step of the face image acquisition means of the information processing device for acquiring the applied authentication face image;
A trail data acquisition step of the trail data acquisition means of the information processing apparatus, which acquires trail data including a terminal front state obtained by using the authentication face image obtained in the face image obtaining step,
An approval processing acceptance step of the approval processing acceptance means of the information processing apparatus, which accepts an approval processing for the authentication face image acquired in the face image acquisition step;
Trail data management means of the information processing apparatus, when accepting an approval process that pair to the authentication face image, the terminal forward obtained using the authentication face image unapproved said acquired by the face image obtaining step A trail data management step of updating the trail data including the state to the trail data including the terminal front state obtained by using the approved face image for authentication ,
An information processing method comprising: Information processing equipment,
Face image acquisition means for acquiring the applied face image for authentication,
Trail data acquisition means for obtaining trail data including a terminal front state obtained using the authentication face image obtained by the face image obtaining means,
Approval processing receiving means for receiving approval processing for the authentication face image acquired by the face image acquisition means,
When accepting an approval process that pair to the authentication face image, the trail data including the obtained terminal forward state by using the authentication face image unapproved acquired by the face image obtaining unit, which is the approved A program for functioning as trail data management means for updating the trail data including the front state of the terminal obtained using the authentication face image .

Images