JP6829698B2 - Authentication system and authentication method - Google Patents

Description

The present invention relates to an authentication system and an authentication method.

Conventionally, there is an authentication system that authenticates a person using biometric information such as feature data of palm veins. An authentication system that uses biometric information has the convenience of being able to authenticate the person using only the biometric information of the user to be authenticated, but the biometric information cannot be freely changed depending on the biological part of the user. Therefore, it is handled carefully. For example, Patent Document 1 discloses a technique for encrypting and transmitting / receiving biological information. Further, for example, Patent Document 2 discloses a technique in which a collation device that receives biometric information such as encoded vein data from a client terminal performs user authentication based on the biometric information.

Since it is necessary to handle biometric information carefully, an authentication system that authenticates the person using biometric information is constructed using a dedicated line.

Japanese Unexamined Patent Publication No. 2016-131335 Japanese Unexamined Patent Publication No. 2010-191856

However, with the above-mentioned technology, the security for using the authentication system in an environment via a public line having a high risk of information leakage is not perfect. That is, in an authentication system that performs personal authentication based on access via a dedicated line, there is a problem that personal authentication cannot be performed based on access from an environment that uses a public line.

The disclosed technology of the present application has been made in view of the above. For example, in a system that performs personal authentication based on access via a dedicated line, personal authentication is performed based on access from an environment that uses a public line. It is intended to provide an authentication system and authentication method.

In one example of the disclosed technology, the authentication system has a terminal and an intermediate server. The terminal transmits the coded data for authentication to the intermediate server via a generation unit that generates coded data for authentication that encodes the biometric information of the user and a public line, and the user. Includes a first authentication requesting unit that requests the intermediate server to authenticate. The intermediate server uses a storage unit that stores the user's biometric information in advance in association with the registration-encoded data encoded by the user's biometric information, and the public line via the public line. When the coded data for the authentication is received from the first authentication request unit, the authentication processing unit that identifies the user by collating the received coded data for the authentication with the coded data for the registration. including. Further, when the authentication processing unit succeeds in identifying the user, the intermediate server transmits the biometric information associated with the coded data for registration to the cooperation destination system via a dedicated line. It includes a second authentication requesting unit that requests the linked system to authenticate the user.

According to an example of the disclosed technology, in a system that performs personal authentication based on access via a dedicated line, personal authentication can be performed based on access from an environment that uses a public line.

FIG. 1 is a diagram for explaining an outline of the authentication system according to the embodiment. FIG. 2 is a diagram showing a configuration of an authentication system according to an embodiment. FIG. 3 is a diagram showing an example of the configuration of the management information table according to the embodiment. FIG. 4 is a diagram showing an example of the configuration of the coded data (registration) table according to the embodiment. FIG. 5 is a diagram showing an example of the configuration of the linked data table according to the embodiment. FIG. 6 is a diagram showing an example of the configuration of the biological information (registration) table according to the embodiment. FIG. 7 is a flowchart showing a process at the time of registration of coded data according to the embodiment. FIG. 8 is a flowchart showing a process at the time of coded data authentication according to the embodiment. FIG. 9 is a diagram showing an example of the hardware configuration of the computer.

Hereinafter, examples of the authentication system and the authentication method according to the disclosed technology of the present application will be described in detail with reference to the drawings. The disclosure techniques of the present application are not limited by the following examples. For example, in the following examples, the case where the characteristic data of the palm vein is used as the biometric data is shown, but the present invention is not limited to this, and other biometric data such as palm epidermis data (palm print data), fingerprint data, iris data, etc. However, the disclosure technology is applicable. In the following examples and modifications, the same names or the same reference numerals will be given to the existing components and processes, and the description thereof will be omitted. In addition, the following examples and modifications can be carried out in combination in part or in whole within a consistent range.

In the following, the authentication data is data based on biological information or biological information of a biological part, which is generated each time an authentication request is made. Further, the registration data is data based on biometric information or biometric information of a biological part collated with the authentication data, which is registered in advance in the authentication device or the authentication system.

(Overview of authentication system)
FIG. 1 is a diagram for explaining an outline of the authentication system according to the embodiment. The authentication system according to the embodiment has a client terminal, an intermediate server, and one or more cooperation destination systems. The client terminal and the intermediate server are connected by a public line such as the Internet. The intermediate server and the linked system are connected by a dedicated line that ensures a certain level of security.

The intermediate server is installed between the client terminal and the cooperation destination system so that the cooperation destination system that authenticates the person with biometric information can be used from the client terminal connected to the public line. The intermediate server holds the pre-registered coded data (for registration) and the biometric information (for authentication) compatible with the system that performs personal authentication using the biometric information in association with each other.

The cooperation destination system is, for example, a system that manages a closed network that allows remote access to a user's computer via personal authentication, a payment system of a financial institution, an ATM (Automatic Teller Machine), or the like. The linked system holds biometric information (for registration) prepared in advance. The coded data (for registration) is registration data for collating with the coded data (for authentication) described later. The biometric information (for registration) is registration data for collating with the biometric information (for authentication) of the user specified by collating the coded data (for authentication) and the coded data (for registration). ..

The client terminal reads the user's biometric information using a biometric authentication device, extracts the features from the read biometric information as a feature code, and generates coded data (for authentication), which is intermediate via a public line. Send to the server. Then, the intermediate server and the linked system perform the following two-step authentication.

That is, as the first-stage authentication, the intermediate server authenticates the person by 1: 1 authentication or 1: N authentication using the received coded data (for authentication) and the coded data (for registration) held in advance. To identify one user. When the personal authentication using the coded data (for authentication) is OK, the intermediate server extracts the biometric information (for authentication) of one specified user prepared in advance in the intermediate server. .. Then, the intermediate server transmits the extracted biometric information (for authentication) to the cooperation destination system via a dedicated line to request the user to authenticate.

As the second-stage authentication, the linked system performs personal authentication by 1: 1 authentication or 1: N authentication using the received biometric information (for authentication) and the biometric information held in advance (for registration). .. Then, the cooperation destination system returns the authentication result of the personal authentication using the biometric information to the intermediate server via the dedicated line. The intermediate server transfers the authentication result received from the cooperation destination system to the client terminal via the public line.

In this way, the intermediate server is provided between the client terminal and the cooperation destination system. As a result, the linked system that authenticates the person based on the direct access via the dedicated line can also authenticate the person based on the indirect access from the client terminal via the public line. Become.

(Configuration of authentication system according to the example)
FIG. 2 is a diagram showing a configuration of an authentication system according to an embodiment. The authentication system 1 according to the embodiment includes an intermediate server 10, an intermediate DB (Data Base) _20, a client terminal 30, a cooperation destination system A_50A, a cooperation destination system B50B, and a cooperation destination system C_50C. The number of client terminals and linked systems is not limited as shown in FIG. Further, FIG. 2 shows an example in which the intermediate server 10 and the intermediate DB 20 are mounted on different devices, but the present invention is not limited to this, and the intermediate server 10 and the intermediate DB 20 may be mounted on one device.

The intermediate server 10 is connected to the client terminal 30 via a public line 100-1 such as the Internet or a public wireless LAN (Local Area Network). Further, the intermediate server 10 is connected to each of the cooperation destination system A_50A, the cooperation destination system B_50B, and the cooperation destination system C_50C via the dedicated line 100-2 in which a certain level of security is ensured. The client terminal 30 is not directly connected to the cooperation destination system A_50A, the cooperation destination system B_50B, and the cooperation destination system C_50C, but via the public line 100-1 and the dedicated line 100-2 via the intermediate server 10. Be connected.

The intermediate server 10 is a computer having a processing device such as a processor. The intermediate server 10 has a registration processing unit 11, an authentication processing unit 12, and an authentication request unit 13. Further, the intermediate server 10 is connected to the intermediate DB 20 via a dedicated line 100-3, which is different from both the public line 100-1 and the dedicated line 100-2. The intermediate DB 20 is isolated from the public line 100-1 by the function of the intermediate server 10 such as a firewall, and is protected from threats such as unauthorized access via the public line 100-1.

The intermediate DB 20 includes a management information table 21, a coded data (for registration) table 22, a linked data table 23, and a database management system (DBMS: Data Base Management System, not shown) that manages the data stored in these tables. Has.

(Structure of management information table according to the example)
FIG. 3 is a diagram showing an example of the configuration of the management information table according to the embodiment. The management information table 21 according to the embodiment is a table that manages information related to items such as "management ID", "name", "address", and "Tel" for each user to be authenticated. "Tel" is a contact phone number. Information related to items such as "name", "address", and "Tel" associated with the "management ID" is called "management information". The "management ID" is information that uniquely identifies the user to be authenticated. The "name", "address", "Tel", etc. are personal attribute information of the user identified by the "management ID". In FIG. 3, for example, a user whose "management ID" is "00001" has a "name" of "X1", an "address" of "Y1", and a "Tel" of "Z1".

(Structure of coded data (for registration) table according to the example)
FIG. 4 is a diagram showing an example of the configuration of the coded data (registration) table according to the embodiment. The coded data (registration) table 22 according to the embodiment is a user whose authentication target is information related to items such as "management ID", "coded data (for registration) right hand", and "coded data (for registration) left hand". It is a table managed for each. The "coded data (for registration) right hand" and "coded data (for registration) left hand" associated with the "management ID" are referred to as "coded data (for registration)". In FIG. 4, "coded data (for registration) right hand" and "coded data (for registration) left hand" are indicated by V-shaped symbols. The "coded data (for registration) right hand" is coded data (for registration) in which the characteristic data (biological information) of the palm of the user's right hand identified by the "management ID" is encoded. The "coded data (for registration) left hand" is coded data (for registration) in which the characteristic data (biological information) of the left palm of the user identified by the "management ID" is encoded.

The coded data is binary data generated by applying a technique such as hashing to biological information. The coded data becomes different data by different conversion conditions when converting to binary data.

In FIG. 4, for example, each coded data (for registration) of "coded data (for registration) right hand" and "coded data (for registration) left hand" is associated with a user whose "management ID" is "00001". ) Is stored. The coded data (for registration) managed for each user identified by the "management ID" in the coded data (registration) table 22 is "coded data (for registration) right hand" and "coded". The data is not limited to both "left hand (for registration)", and may be either one.

(Structure of linked data table according to the example)
FIG. 5 is a diagram showing an example of the configuration of the linked data table according to the embodiment. The linkage data table 23 according to the embodiment includes "management ID", "biological information (for authentication) right hand", "biological information (for authentication) left hand", "cooperation destination system A", "cooperation destination system B", and "cooperation destination system C". It is a table that manages information related to items such as, etc. for each user to be authenticated. "Biological information (for authentication) right hand", "Biological information (for authentication) left hand", "Cooperation destination system A", "Cooperation destination system B", and "Cooperation destination system C" associated with "Management ID" are called "Cooperation data". .. In FIG. 5, "biological information (for authentication) right hand" and "biological information (for authentication) left hand" are indicated by V-shaped symbols.

The "biological information (for authentication) right hand" is the authentication data of the characteristic data (biological information) of the palm of the user's right hand identified by the "management ID". The "biological information (for authentication) left hand" is the authentication data of the characteristic data (biological information) of the palm of the user's left hand identified by the "management ID".

The "cooperation destination system A" is information indicating that when the user identified by the "management ID" has the cooperation destination system A_50A set as the cooperation destination system (in FIG. 5, "○" is conceptual). Shown in) is stored. Further, in the "cooperation destination system A", when the cooperation destination system A_50A is set as the cooperation destination system by the user identified by the "management ID" and 1: 1 authentication is performed in the cooperation destination system A_50A, 1: 1 authentication is performed. The ID used for authentication is also stored. In FIG. 5, the stored state of the ID is conceptually indicated by “◯ + ID”.

In FIG. 5, for example, each coded data of "biological information (for authentication) right hand" and "biological information (for authentication) left hand" is stored in association with a user whose "management ID" is "00001". Is shown. Further, in FIG. 5, the cooperation destination system A_50A is set in association with the user whose “management ID” is “00001”, and the ID used in the 1: 1 authentication performed by the cooperation destination system A_50A. Indicates that is stored. Further, FIG. 5 shows that the cooperation destination system C_50C is set in association with the user whose “management ID” is “00001”.

Returning to the description of FIG. The client terminal 30 is a portable or stationary computer, tablet terminal or smartphone to which a display device (not shown) is connected and can be connected to the public line 100-1. The client terminal 30 has a reception unit 31, a coded data (authentication) generation unit 32, and an authentication request unit 33.

Further, the reception unit 31 is connected to an input unit 41 including a touch panel for tap input or flick input, a microphone for voice input, a keyboard for key input, a mouse for click input, and the like. Further, the reception unit 31 is connected to a biological part photographing unit 42 that photographs the living body portion of the user held over.

The cooperation destination system A_50A has an authentication processing unit 51A and a biometric information (for registration) DB 52A. Further, the biometric information (for registration) DB 52A has a biometric information (for registration) table 52A-1. Similarly, the cooperation destination system B_50B has an authentication processing unit 51B and a biometric information (for registration) DB 52B. Further, the biometric information (for registration) DB 52B has a biometric information (for registration) table 52B-1. Similarly, the cooperation destination system C_50C has an authentication processing unit 51C and a biometric information (for registration) DB 52C. Further, the biometric information (for registration) DB 52C has a biometric information (for registration) table 52C-1. The biometric information (for registration) DBs 52A to 52C each have a database management system (DBMS, not shown) that manages the data stored in the biometric information (for registration) tables 52A-1 to 52C-1.

(Biological information (for registration) table related to the examples)
FIG. 6 is a diagram showing an example of the configuration of the biological information (registration) table according to the embodiment. Since the biological information (registration) table 52B-1 and the biological information (registration) table 52C-1 are the same as the biological information (registration) table 52A-1, the biological information (registration) table 52A-1 is used. It will be illustrated and described. The illustration of the biological information (for registration) table 52B-1 and the biological information (for registration) table 52C-1 is omitted.

In the biometric information (registration) table 52A-1 according to the embodiment, information on items such as "management ID", "biological information (for registration) right hand", and "biological information (for registration) left hand" is stored for each user to be authenticated. It is a table to be managed in. The "biological information (for registration) right hand" is data for registration of characteristic data (biological information) of the palm of the user's right hand identified by the "management ID". The "biological information (for registration) left hand" is data for registration of characteristic data (biological information) of the palm of the user's left hand identified by the "management ID". In FIG. 6, “biological information (for registration) right hand” and “biological information (for registration) left hand” are indicated by V-shaped symbols. The "biological information (for registration) right hand" and "biological information (for registration) left hand" stored in the biometric information (registration) table 52A-1 are the "biological information (authentication)" stored in the linked data table 23 of the intermediate DB 20. This is data generated separately from "right hand" and "biological information (for authentication) left hand".

The biometric information (for registration) managed for each user identified by the "management ID" in the biometric information (registration) table 52A-1 includes "biological information (for registration) right hand" and "biological information (for registration)". It is not limited to both "left hand" (for registration), and may be either one. The biometric information (for registration) tables 52B-1 to 52C-1 are also the same as the biometric information (for registration) table 52A-1, "management ID", "biological information (for registration) right hand", and "biological information (for registration)". It is a table that manages information related to items such as "left hand" for each user to be authenticated.

(Operation of each part of the intermediate server, client terminal, and linked system)
Hereinafter, the operations of the intermediate server 10, the client terminal 30, and the cooperation destination system A_50A to the cooperation destination system C_50C will be described with reference to FIGS. 7 and 8.

(Processing when registering coded data related to the example)
FIG. 7 is a flowchart showing a process at the time of registration of coded data according to the embodiment. The process at the time of coded data registration according to the embodiment is executed by the registration processing unit 11 of the intermediate server 10. When the intermediate server 10 cooperates with a securely connected console terminal (not shown) and receives an instruction to start execution from the console terminal, the intermediate server 10 executes the process at the time of coded data registration according to the embodiment.

First, in step S11, the registration processing unit 11 receives an instruction to start encoding data registration from the console terminal and assigns a management ID. Next, in step S12, the registration processing unit 11 receives the input of management information via the console terminal, associates the management ID assigned in step S11 with the management information, and associates the work storage area (not shown) of the intermediate DB 20. ) Temporarily stores.

Next, in step S13, the registration processing unit 11 inputs the coded data (for registration) of the biological information based on the biological part photographed by the biological part imaging device (not shown) with the management ID numbered in step S11. It is temporarily stored in the work storage area (not shown) of the intermediate DB 20 in association with each other. The registration processing unit 11 registers the coded data (for registration) in which the biological information based on the biological part of either the left or right hand is encoded in one process of step S13. The registration processing unit 11 executes step S13 for each of the "coded data (for registration) right hand" and the "coded data (for registration) left hand".

Next, in step S14, the registration processing unit 11 temporarily stores the "coded data (for registration) right hand" and "coded data (for registration) left hand" temporarily stored in the work storage area (not shown) of the intermediate DB 20 in step S13. ”Is used to authenticate for registration confirmation. Specifically, the registration processing unit 11 includes "coded data (for registration) right hand" and coded data (for confirmation) of the biological information of the right hand based on the biological part photographed by the biological part imaging device (not shown). ) And check if they match. In addition, the registration processing unit 11 inputs the "coded data (for registration) left hand" and the coded data (for confirmation) of the biological information of the left hand based on the biological part photographed by the biological part imaging device (not shown). Collate and see if they match.

If the process in step S14 is Yes (confirmation authentication OK), the registration processing unit 11 shifts the process to step S15. On the other hand, when the process in step S14 is NO (confirmation authentication NG), the registration processing unit 11 repeats step S13 to re-register the coded data (for registration) that has become confirmation authentication NG.

In step S15, the registration processing unit 11 determines whether or not the registration of the coded data (for registration) in step S13 has been completed for the left and right hands. When the registration of the coded data (for registration) in step S13 is completed (step S15: Yes) for the left and right hands, the registration processing unit 11 shifts the processing to step S16. On the other hand, when the registration of the coded data (for registration) in step S13 is not completed (step S15: No) for the left and right hands, the registration processing unit 11 shifts the processing to step S13. Then, the registration processing unit 11 performs registration processing of the coded data (for registration) in step S13 for the hand for which registration has not been completed.

In step S16, the registration processing unit 11 accepts the selection of the cooperation destination system (one of the cooperation destination system A_50A to the cooperation destination system C_50C in this embodiment) by the input from the console terminal. Then, in step S17, the registration processing unit 11 determines whether or not the authentication method in the linked system selected in step S16 is 1: 1 authentication. When the authentication method in the linked system selected in step S16 is 1: 1 authentication (step S17: Yes), the registration processing unit 11 shifts the process to step S18. On the other hand, when the authentication method in the linked system selected in step S16 is 1: N authentication (step S17: No), the registration processing unit 11 shifts the process to step S19.

In step S18, the registration processing unit 11 accepts the input of the ID used in the 1: 1 authentication of the cooperation destination system selected in step S16 in the cooperation destination system. Then, the registration processing unit 11 transfers the cooperation data in which the information that the cooperation destination system selected in step S16 is used as the cooperation destination system and the ID used in the 1: 1 authentication in the cooperation destination system are associated with each other in the intermediate DB 20. Temporarily stored in the work storage area (not shown). “Collaboration destination system A” “○ + ID” of “management number” “00001” in FIG. 5 shows an example of storing cooperation data. When step S18 is completed, the registration processing unit 11 shifts the process to step S19.

In step S19, the registration processing unit 11 determines whether or not the selection of the cooperation destination system is completed. When the registration processing unit 11 completes the selection of the cooperation destination system (step S19: Yes), the registration processing unit 11 shifts the processing to step S20. On the other hand, when the registration processing unit 11 has not completed the selection of the cooperation destination system (step S19: No), the registration processing unit 11 shifts the processing to step S16 and further accepts the selection of the cooperation destination system.

In step S20, the registration processing unit 11 resets (initializes) the cooperation destination system check counter. The cooperation destination system check counter is counted up when the authentication in each cooperation destination system is OK when the authentication check in the cooperation destination system is performed using the biometric information (for authentication) taken in step S21 described later. To. The cooperation destination system check counter is used to complete the cooperation destination system check of the biometric information (for authentication) normally when the authentication check in all the cooperation destination systems set in the cooperation data table 23 is OK. It is a counter. When step S20 is completed, the registration processing unit 11 shifts the processing to step S21.

Next, in step S21, the registration processing unit 11 photographs the biological information (for authentication) based on the biological portion by the biological portion photographing device connected to the console terminal. The registration processing unit 11 captures biometric information (for authentication) of either the left or right hand in one process of step S21.

Next, in step S22, the registration processing unit 11 selects one of the cooperation destination systems selected in step S16, transmits the biometric information (for authentication) photographed in step S21 to this cooperation destination system, and requests authentication. To do. In step S22, the registration processing unit 11 is stored in the "cooperation destination system A" to "cooperation destination system C" of the cooperation data table 23 when the cooperation destination system making the authentication request performs 1: 1 authentication. The existing "ID" is also transmitted to the linked system together with the biometric information (for authentication). The cooperation destination system that has received the biometric information (for authentication) from the intermediate server 10 performs the user authentication process based on the received biometric information (for authentication), and returns the authentication result to the intermediate server 10. For example, when the cooperation destination system A_50A receives the biometric information (for authentication) from the intermediate server 10, the authentication processing unit 51A uses the biometric information (for registration) DB 52A with reference to the biometric information (for registration) table 52A-1. Person 1: Perform N authentication. Then, the authentication processing unit 51A returns the authentication result to the intermediate server 10. For example, when the cooperation destination system A_50A receives the biometric information (for authentication) and the ID from the intermediate server 10, the authentication processing unit 51A performs 1: 1 authentication of the user and outputs the authentication result to the intermediate server 10. Return to.

Next, in step S23, the registration processing unit 11 determines whether or not the authentication result in the linked system for which the biometric information (for authentication) is transmitted and the authentication request is made in step S22 is OK. When the authentication result in the linked system for which the biometric information (for authentication) is transmitted and the authentication request is made in step S22 is OK (step S23: Yes), the registration processing unit 11 shifts the process to step S24. On the other hand, when the authentication result in the linked system for which the biometric information (for authentication) is transmitted and the authentication request is made in step S22 is NG (step S23: No), the registration processing unit 11 returns the process to step S20. Then, the registration processing unit 11 resets (initializes) the linked system check counter (step S20), and photographs the biometric information (for authentication) again (step S21).

In step S24, the registration processing unit 11 counts up the cooperation destination system check counter. Next, in step S25, the registration processing unit 11 determines whether or not the authentication check in all the cooperation destination systems set in the cooperation data table 23 has been completed. Specifically, in step S25, the registration processing unit 11 sets the number of linked systems associated with the management ID numbered in step S11 in the linked data table 23, and the linked system check counter. Determines if the values of are matched.

When the registration processing unit 11 matches the number of linked systems set in association with the management ID numbered in step S11 in the linked data table 23 with the value of the linked system check counter (step). S25: Yes), the process is transferred to step S26. On the other hand, when the registration processing unit 11 does not match the number of linked systems set in association with the management ID numbered in step S11 in the linked data table 23 with the value of the linked system check counter. (Step S25: No), the process is transferred to step S22. Then, the registration processing unit 11 transmits the biometric information to the linked system for which the authentication check is not OK yet, and performs the authentication check.

In step S26, the registration processing unit 11 determines whether or not the imaging of the biometric information (for authentication) in step S21 has been completed for the left and right hands. When the imaging of the biometric information (for authentication) in step S21 is completed (step S26: Yes) for the left and right hands, the registration processing unit 11 shifts the processing to step S27. On the other hand, the registration processing unit 11 shifts the processing to step S20 when the imaging of the biometric information (for authentication) in step S21 is not completed for the left and right hands (step S26: No).

In step S27, the registration processing unit 11 saves the management ID and management information temporarily stored in the work storage area (not shown) of the intermediate DB 20 in step S12 in the management information table 21. Next, in step S28, the registration processing unit 11 stores the management ID and the coded data (for registration) temporarily stored in the work storage area (not shown) of the intermediate DB 20 in the coded data (for registration) table in step S13. Save to 22. Next, in step S29, the registration processing unit 11 saves the cooperation data temporarily stored in the work storage area (not shown) of the intermediate DB 20 in step S18 in the cooperation data table 23. When step S29 is completed, the registration processing unit 11 ends the processing at the time of coded data registration according to the embodiment.

(Processing at the time of coded data authentication according to the example)
FIG. 8 is a flowchart showing a process at the time of coded data authentication according to the embodiment. The processing at the time of coded data authentication according to the embodiment is executed by the authentication processing unit 12 and the authentication request unit 13 of the intermediate server 10. The process at the time of coded data authentication shown in FIG. 8 takes the case of 1: N authentication as an example, but the process is the same for 1: 1 authentication. When the intermediate server 10 is instructed to start execution by the console terminal (not shown), the intermediate server 10 is connected to the client terminal 30 connected via the public line 100-1 and the linked system A_50A connected via the dedicated line 100-2. ~ Executes processing in cooperation with the cooperation destination system C_50C.

First, in step S51, the authentication processing unit 12 acquires all the coded data (for registration) from the coded data (for registration) table 22 and stores it in the work storage area (not shown) of the intermediate server 10. Next, in step S52, the authentication processing unit 12 waits for an authentication request from the client terminal 30.

Next, in step S53, the authentication processing unit 12 determines whether or not the termination request has been received from the console terminal (not shown). When the authentication processing unit 12 receives the end instruction from the console terminal (not shown) (step S53: Yes), the authentication processing unit 12 ends the processing at the time of coded data authentication according to the embodiment. On the other hand, when the authentication processing unit 12 has not received the end instruction from the console terminal (not shown) (step S53: No), the authentication processing unit 12 shifts the processing to step S54.

In step S54, the authentication processing unit 12 determines whether or not the authentication request has been accepted from the authentication request unit 33 of the client terminal 30 together with the coded data (for authentication) and the cooperation destination system information. This coded data (for authentication) is data generated by the coded data (authentication) generation unit 32 based on the biological part photographed by the biological part photographing unit 42. When the authentication processing unit 12 receives the authentication request from the authentication request unit 33 of the client terminal 30 (step S54: Yes), the authentication processing unit 12 shifts the processing to step S55. On the other hand, when the authentication processing unit 12 has not received the authentication request from the authentication request unit 33 of the client terminal 30 (step S54: No), the processing returns to step S52.

In step S55, the authentication processing unit 12 performs 1: N authentication based on the coded data in response to the authentication request received in step S54. Specifically, the authentication processing unit 12 includes the coded data (for authentication) received in step S54 and all the coded data (for registration) stored in the work storage area (not shown) of the intermediate server 10. And 1: N authentication is performed.

The coded data (for authentication) received by the intermediate server 10 in step S54 has an amount of information necessary for carrying out this 1: N authentication according to the scale of 1: N authentication in step S55. Further, in step S55, not only 1: N authentication but also 1: 1 authentication using an ID or the like may be performed. When performing 1: 1 authentication in step S55, the management ID is received from the authentication request unit 33 of the client terminal 30 in addition to the coded data (for authentication) and the cooperation destination system information.

Next, in step S56, the authentication processing unit 12 is a candidate (match) for coded data (for registration) that matches the coded data (for authentication) received from the client terminal 30 in the 1: N authentication in step S55. Determine if a candidate) exists. In the 1: N authentication in step S55, the authentication processing unit 12 shifts the process to step S57 when there is a match candidate for the coded data (for authentication) received from the client terminal 30 (step S56: Yes). On the other hand, in the 1: N authentication in step S55, the authentication processing unit 12 processes the coded data (for authentication) received from the client terminal 30 when there is no match candidate (step S56: No) in step S66. Move.

In step S57, the authentication processing unit 12 determines whether or not there are a plurality of matching candidates for the coded data (for authentication) received from the client terminal 30 in the 1: N authentication in step S55. In the 1: N authentication in step S55, the authentication processing unit 12 shifts the process to step S66 when there are a plurality of matching candidates for the coded data (for authentication) received from the client terminal 30 (step S57: Yes). .. On the other hand, when the authentication processing unit 12 has only one matching candidate for the coded data (for authentication) received from the client terminal 30 in the 1: N authentication in step S55 (step S57: No), step S58 Move the process to.

In step S58, the authentication processing unit 12 acquires the management ID of the coded data (for registration) which is the only match candidate (authentication OK) of the coded data (for authentication) in step S57. Next, in step S59, the authentication processing unit 12 refers to the cooperation data table 23 based on the management ID acquired in step S58, and acquires a record corresponding to the management ID for which authentication is OK.

Next, in step S60, the authentication processing unit 12 determines whether or not the record of the cooperation data table 23 acquired in step S59 has a registration of the cooperation destination system that matches the cooperation destination system information received from the client terminal 30. To do. "There is a registration of the cooperation destination system" means, for example, as shown in FIG. 5, "○" or "○" in any of "cooperation destination system A" to "cooperation destination system C" associated with the "management ID". It means that "○ + ID" is stored. When the record of the cooperation data table 23 acquired in step S59 has the registration of the cooperation destination system (step S60: Yes), the authentication request unit 13 shifts the process to step S61. On the other hand, when the record of the cooperation data table 23 acquired in step S59 does not have the registration of the cooperation destination system (step S60: No), the authentication request unit 13 shifts the process to step S67.

In step S61, the authentication request unit 13 transmits an authentication request to the linked system registered in step S60. When the authentication request unit 13 transmits the authentication request in step S61, the biometric information (for authentication) of the hand on the same side as the coded data (for registration) which is the only match candidate of the coded data (for authentication). To send. When the authentication requested to the cooperation destination system is 1: 1 authentication, the authentication request unit 13 includes the ID stored in the cooperation data table 23 in the authentication request and transmits it to the cooperation destination system.

For example, when the authentication request unit 13 has the coded data (for registration) of the only match candidate of the coded data (for authentication) for the right hand of the user to be authenticated, the biometric information of the right hand in the linkage data table 23. Send an authentication request including (for authentication). For example, the authentication processing unit 51A of the cooperation destination system A_50A has the biometric information (for authentication) included in the authentication request received from the intermediate server 10 and the biometric information (for registration) stored in the biometric information (registration) table 52A-1. Authenticate the user by collating with (for authentication). Then, the authentication processing unit 51A transmits the authentication result to the intermediate server 10. The cooperation destination system B_50B and the cooperation destination system C_50C are the same as those of the cooperation destination system A_50A.

When the authentication request unit 13 transmits the authentication request to the cooperation destination system in step S61, the authentication request unit of the intermediate server 10 sends the authentication request so that the authentication result by the cooperation destination system is returned to the intermediate server 10 which is the request source. Include network identification information, etc.

Next, in step S62, the authentication request unit 13 waits for the reception of the authentication result from the linked system that sent the authentication request in step S61. Next, in step S63, the authentication request unit 13 determines whether or not the authentication result has been received from the linked system that sent the authentication request in step S61. When the authentication request unit 13 receives the authentication result from the linked system that sent the authentication request in step S61 (step S63: Yes), the authentication request unit 13 shifts the process to step S64. On the other hand, when the authentication request unit 13 has not received the authentication result from the cooperation destination system to which the authentication request was sent in step S61 (step S63: No), the authentication request unit 13 shifts the process to step S62 and obtains the authentication result from the cooperation destination system. Wait for reception.

In step S64, the authentication request unit 13 receives the authentication result (authentication OK (success) or authentication NG (failure)) from the linked system determined to have received the authentication result in step S63 in the authentication request in step S54. Is returned to the client terminal 30 which is the source of the above. Next, the authentication requesting unit 13 determines whether or not the termination request has been received from the console terminal (not shown). When the authentication request unit 13 receives the end request from the console terminal (not shown) (step S65: Yes), the authentication request unit 13 ends the process at the time of coded data authentication according to the embodiment. On the other hand, when the authentication request unit 13 has not received the end request from the console terminal (not shown) (step S65: No), the authentication request unit 13 shifts the process to step S52.

On the other hand, in step S66, the authentication processing unit 12 returns the authentication NG to the client terminal 30 which is the sender of the authentication request received in step S54. When the step S66 is completed, the authentication processing unit 12 shifts the process to the step S52. Further, in step S67, the authentication processing unit 12 returns the unregistered cooperation destination system in the cooperation data table 23 acquired in step S59 to the client terminal 30 which is the transmission source of the authentication request received in step S54. When step S67 is completed, the authentication processing unit 12 shifts the process to step S52.

(Example of effect by example)
Since biological information is unique information of the living body, if the information is leaked, it cannot be used as information for authenticating the user. Therefore, transmitting and receiving biometric information via the public line 100-1, which has a high risk of information leakage, is dangerous from the viewpoint of security of the authentication system.

However, in the embodiment, prior to the authentication in the linked system that authenticates the user with the biometric information, the intermediate server 10 transmits the coded data (for authentication) in which the biometric information is encoded to the public line 100-1. Is received from the client terminal 30 via. Then, the intermediate server 10 authenticates the user based on the received coded data (for authentication). When the authentication based on the coded data (for authentication) is OK, the intermediate server 10 dedicates the biometric information (for authentication) stored in the intermediate server 10 in association with the coded data (for authentication). It transmits to the cooperation destination system A_50A to the cooperation destination system C_50C via the line. Then, the cooperation destination system A_50A to the cooperation destination system C_50C authenticate the user based on the biometric information (for authentication) received from the intermediate server 10.

That is, in the embodiment, the environment is connected to the public line by connecting only through the dedicated line 100-2 and connecting to the cooperation destination system A_50A to the cooperation destination system C_50C which authenticates with biometric information via the intermediate server 10. The cooperation destination system A_50A to the cooperation destination system C_50C can be used from. If the linked system A_50A to linked system C_50C is an existing system, it can be used without changing the authentication function, providing higher security authentication than the existing system and improving user convenience. Can be improved. For example, even when the cooperation destination system A_50A to the cooperation destination system C_50C perform large-scale 1: N authentication, no function change is required. Further, if the cooperation destination system A_50A to the cooperation destination system C_50C are new systems, it is possible to provide the user with high-level security authentication that cannot be ensured only by authentication using coded data.

In addition, since the coded data is converted into binary data and is not compatible with biometric information, authentication by the collaborative system A_50A to the collaborative system C_50C that authenticates the user with high accuracy using the biometric information (for example). It cannot be used for large-scale 1: N authentication). However, according to the embodiment, the cooperation destination system A_50A to the cooperation destination system C_50C perform authentication using the biometric information corresponding to the coded data acquired by the intermediate server 10. Therefore, the user only transmits the coded data from the client terminal 30 to the intermediate server 10 via the public line 100-1, and is authenticated by the authentication function of the cooperation destination system A_50A to the cooperation destination system C_50C, and the authentication function. You can receive the service according to. In addition, since the coded data is converted into binary data by applying a technique such as hashing to the biometric information, it is difficult to estimate the original biometric information from the coded data, and when the information is leaked. Damage can be reduced.

Further, since the authentication on the intermediate server 10 is also performed by the coded data generated from the biometric information, spoofing cannot be performed and security is ensured. Further, since the intermediate server 10 and the cooperation destination system A_50A to the cooperation destination system C_50C perform two-step authentication, security can be improved. Further, since a plurality of coded data transmitted / received on the public line 100-1 can be generated from one biometric information, different coded data can be newly generated even if the information is leaked. By using the newly generated coded data, it is possible to improve the continuity of service provision. In this way, according to the embodiment, the coded data (for authentication) transmitted / received on the public line 100-1 and the coded data (for registration) stored in the intermediate DB 20 are protected from security threats. be able to.

(Modification example)
(1) Multiple coded data In the embodiment, each of the "coded data (for registration) right hand" and "coded data (for registration) left hand" (see FIG. 4) has only one data for each control number. Then. However, the coding data is not limited to this, and each coded data may have a plurality of data. That is, a plurality of coded data (for registration) (for registration) for one biometric information (for authentication) (each of "biological information (for authentication) right hand" and "biological information (for authentication) left hand" in FIG. 4). "Coded data (for registration) right hand" and "coded data (for registration) left hand") may be associated. For example, the coded data has two data generated by different methods for each control number, such as "coded data (for registration) right hand 1" and "coded data (for registration) right hand 2". You may. Here, "coded data (for registration) right hand 1" and "coded data (for authentication) right hand 1" correspond to "coded data (for registration) right hand 2" and "coded data (for authentication) right hand 1". ) Right hand 2 ”corresponds. The same applies to the left hand.

For example, the intermediate server 10 uses "coded data (for registration) right hand 1" to authenticate with the coded data at the initial stage. Then, when the "coded data (authentication) right hand 1" leaks information on the public line 100-1, the intermediate server 10 invalidates the "coded data (registration) right hand 1". Alternatively, the intermediate server 10 invalidates the "coded data (registration) right hand 1" when the "coded data (registration) right hand 1" leaks information due to an attack on the intermediate DB 20.

Then, the intermediate server 10 switches from the "coded data (for registration) right hand 1" and authenticates with the coded data using the "coded data (for registration) right hand 2". In the intermediate server 10, new spare coded data (for registration) that replaces the invalid "coded data (for registration) right hand 1" is re-registered at an appropriate timing. By preparing a plurality of coded data generated by different methods corresponding to the same biological part in advance, the intermediate server 10 can quickly deal with information leakage of the coded data (for authentication) and reduce security. It can be avoided and the continuity of service can be maintained.

(2) Linkage data In the embodiment, which link destination system A_50A to link destination system C_50C the intermediate server 10 requests for authentication is determined by the "linkage destination system" of the "linkage data" stored in the link data table 23. It is assumed that it is based on the information of "A", "cooperation destination system B", and "cooperation destination system C". However, not limited to this, the information on which cooperation destination system A_50A to the cooperation destination system C_50C the intermediate server 10 makes an authentication request is not registered in advance, and is transmitted from the client terminal 30 together with the coded data (for authentication). May be done. Further, when the cooperation destination system A_50A to the cooperation destination system C_50C performing the authentication request perform 1: 1 authentication, the client terminal 30 may also transmit the ID used for the 1: 1 authentication.

(Computer hardware configuration)
FIG. 9 is a diagram showing an example of the hardware configuration of the computer. In the computer 100 shown in FIG. 9, the intermediate server 10, the client terminal 30, or the cooperation destination system A_50A to the cooperation destination system C_50C is implemented by executing the program.

The computer 100 has a processor 101, an internal storage device 102, an external storage device 103, a communication interface 104, and various peripheral devices 105 connected via a bus. The processor 101 is a processing device in which a CPU (Central Processing Unit), a GPU (Graphics Processing Unit), a cache memory, and the like are mounted on a single chip. The internal storage device 102 is a semiconductor storage device such as a RAM (Random Access Memory). The internal storage device 102 cooperates with the processor 101 to store the process of the program being executed by the processor 101 and the data to be processed by the process.

The external storage device 103 is a non-volatile storage device that uses a removable medium or a semiconductor storage device as a storage medium. The computer 100 may acquire a program to be executed or data to be processed from the removable media or the semiconductor storage device of the external storage device 103. The communication interface 104 is an interface for communicating with other devices such as a computer via a public network or a closed network. The computer 100 may acquire a program to be executed and data to be processed from another device via the communication interface 104.

The various peripheral devices 105 are peripheral devices connected to or built into the computer 100, including a user interface for input / output (for example, a keyboard, mouse, touch panel, display, speaker, headphone, etc.).

The configuration of each part illustrated in the above examples can be changed, added, omitted, integrated or distributed to the extent that it does not deviate from the technical scope of the authentication system and the authentication method related to the disclosed technology. In addition, the examples are merely examples, and the disclosure technology includes other aspects in which various modifications and improvements are made based on the knowledge of those skilled in the art, including the aspects described in the disclosure column of the invention.

10 ... Intermediate server 11 ... Registration processing unit 12 ... Authentication processing unit 13 ... Authentication request unit 20 ... Intermediate DB
21 ... Management information table 22 ... Coded data (for registration) Table 23 ... Linked data table 30 ... Client terminal 31 ... Reception unit 32 ... Coded data (for authentication) generation Unit 33 ... Authentication request unit 41 ... Input unit 42 ... Biological part imaging unit 50A ... Coordination system A
51A ・ ・ ・ Authentication processing unit 52A ・ ・ ・ Biometric information (for registration) DB
52A-1 ・ ・ ・ Biometric information (for registration) Table 50B ・ ・ ・ Linkage system B
51B ・ ・ ・ Authentication processing unit 52B ・ ・ ・ Biometric information (for registration) DB
52B-1 ・ ・ ・ Biometric information (for registration) Table 50C ・ ・ ・ Linkage system C
51C ・ ・ ・ Authentication processing unit 52C ・ ・ ・ Biometric information (for registration) DB
52C-1 ... Biometric information (for registration) Table 100 ... Computer 100-1 ... Public line 100-2 ... Dedicated line 100-3 ... Dedicated line 101 ... Processor 102 ... -Internal storage device 103 ... External storage device 104 ... Communication interface 105 ... Various peripheral devices

Claims (5)

An authentication system that has a terminal and an intermediate server.
The terminal
A generator that generates coded data for authentication that encodes the biometric information of the user,
Includes a first authentication requesting unit that transmits the coded data for authentication to the intermediate server via a public line and requests the intermediate server to authenticate the user.
The intermediate server
A storage unit that stores the user's biometric information in advance in association with the registration-encoded data in which the user's biometric information is encoded.
When the coded data for the authentication is received from the first authentication requesting unit via the public line, the received coded data for the authentication is collated with the coded data for the registration and used. Authentication processing department that identifies the person and
When the user is successfully identified by the authentication processing unit, the biometric information associated with the coded data for registration is transmitted to the cooperation destination system via the dedicated line, and the user is authenticated. An authentication system characterized in that it includes a second authentication requesting unit that requests the linked system. The storage unit is
The authentication system according to claim 1, wherein a plurality of coded data for registration generated by different methods and one biometric information are associated and stored in advance. The intermediate server
A first server having the authentication processing unit and the second authentication requesting unit and connected to the public line,
The authentication system according to claim 1 or 2, wherein the authentication system has the storage unit, is connected to the first server by a dedicated line, and includes a second server isolated from the public line. .. When the authentication processing unit fails to identify the user, the authentication processing unit returns the authentication failure to the terminal via the public line.
Claims 1 to 3 characterized in that the second authentication request unit transfers the success or failure of the user's authentication in the cooperation destination system to the terminal when notified from the cooperation destination system. The authentication system according to any one of the above. An authentication method in an authentication system having a terminal and an intermediate server.
The terminal
Generates coded data for authentication that encodes the biometric information of the user,
The coded data for the authentication is transmitted to the intermediate server via a public line, and the user is requested to authenticate to the intermediate server.
The intermediate server
Includes a storage unit in which the coded data for registration, which is the coded biometric information of the user, and the biometric information of the user are stored in advance in association with each other.
When the coded data for authentication is received from the terminal via the public line, the received coded data for authentication is collated with the coded data for registration to identify the user.
When the user is successfully identified, the biometric information associated with the coded data for registration is transmitted to the cooperation destination system via a dedicated line, and the cooperation destination system is requested to authenticate the user. An authentication method characterized by doing so.

Images