JP6848480B2 - Management program, management method, and management system - Google Patents

Description

The present invention relates to management programs, management methods, and management systems.

Conventionally, there is an entrance / exit management system that manages the entry / exit of people into / from the entrance of an office or a room. In the entry / exit management system, for example, an IC (Integrated Circuit) card reader or a biometric authentication device is installed at the entrance / exit of the room, and individual authentication is performed using an IC card, a fingerprint, a palm vein, or the like as a key.

As the prior art, for example, the passage authority to be given to the user is determined from the authority ID association information that associates the attribute of the user information with the attribute of the user and the passage authority that allows the passage of the door. There is a device that generates setting information indicating a user's card number and a passage authority ID and distributes the setting information to a door control device.

Japanese Unexamined Patent Publication No. 2011-65564

However, in the prior art, the load on the setting of the user who has the authority to enter and exit the office room and the like increases. For example, it takes time and effort to manually set a user who has the authority to enter and exit each room in the office. In addition, in order to convert the customer's personnel information into data that can be used in the entry / exit management system, a customer-specific data conversion system must be constructed according to the format of the customer's personnel database and the format of the entry / exit management database. become.

In one aspect, it is an object of the present invention to be able to efficiently set up users who have the authority to enter and exit the facility.

In one embodiment, the value of each attribute of a plurality of attributes associated with the identification information of each user is associated with the identification information of each user to be managed, and the value of each attribute has a plurality of items. A predetermined number of items are stored in the storage unit in association with each item of the above and used as a condition for selecting a user who has the authority to enter and exit the facility from the plurality of items for each facility to be managed. Control to display an operation screen that is stored in the storage unit and can set the value of each item stored in the condition item storage unit for each facility, and is represented by the user information stored in the storage unit. Among the persons, on the operation screen, for the facility, each item stored in the condition item storage unit and the set value of each item are stored in the condition storage unit and stored in the condition storage unit. A management program is provided that generates qualified person information indicating users who satisfy the conditions specified from each item and value.

According to one aspect of the present invention, it is possible to efficiently set a user who has the authority to enter and exit the facility.

FIG. 1 is an explanatory diagram showing an embodiment of a management method according to an embodiment. FIG. 2 is an explanatory diagram showing a system configuration example of the entry / exit management system 200. FIG. 3 is a block diagram showing a hardware configuration example of the management device 101. FIG. 4 is a block diagram showing a hardware configuration example of the entry / exit management terminal 201. FIG. 5 is an explanatory diagram showing an example of the stored contents of the personnel information DB 270. FIG. 6 is an explanatory diagram showing an example of the stored contents of the user information DB 220. FIG. 7 is an explanatory diagram showing an example of the stored contents of the room information DB 230. FIG. 8 is an explanatory diagram showing an example of the stored contents of the room-specific distribution condition DB 240. FIG. 9 is an explanatory diagram showing an example of the stored contents of the qualified person DB 250 for each room. FIG. 10 is an explanatory diagram showing an example of the stored contents of the authentication device information DB 260. FIG. 11 is a block diagram showing a functional configuration example of the management device 101. FIG. 12 is an explanatory diagram showing a screen example of the room-specific distribution setting screen S1. FIG. 13 is an explanatory diagram showing a screen example of the qualified person setting screen S2 for each room. FIG. 14A is an explanatory diagram (No. 1) showing a specific example of the personal qualification information possessed by the authentication control device GC. FIG. 14B is an explanatory diagram (No. 2) showing a specific example of the personal qualification information possessed by the authentication control device GC. FIG. 14C is an explanatory diagram (No. 3) showing a specific example of the personal qualification information possessed by the authentication control device GC. FIG. 15 is a flowchart showing an example of the personnel information linkage processing procedure of the management device 101. FIG. 16 is a flowchart showing an example of the distribution condition registration processing procedure of the management device 101. FIG. 17 is a flowchart showing an example of the manual registration processing procedure for qualified persons of the management device 101. FIG. 18 is a flowchart (No. 1) showing an example of the automatic qualification distribution processing procedure of the management device 101. FIG. 19 is a flowchart (No. 2) showing an example of the automatic qualification distribution processing procedure of the management device 101. FIG. 20 is a flowchart showing an example of the personal qualification information update processing procedure of the authentication control device GC.

The management program, the management method, and the embodiment of the management system according to the present invention will be described in detail with reference to the drawings below.

(Embodiment)
FIG. 1 is an explanatory diagram showing an embodiment of a management method according to an embodiment. In FIG. 1, the management device 101 is a computer that manages users who have the authority to enter and exit the facility to be managed. Facilities to be managed are facilities that are required to control and monitor the entry and exit of people to ensure security. For example, facilities to be managed include buildings, rooms, areas such as offices, factories, hospitals, and schools.

Here, as a condition for selecting users who have the authority to enter and leave the facility, various conditions are set by combining attributes included in personnel information, etc., and it is desired to manage users who have the authority to enter and leave the facility. There is. However, it takes a huge amount of time and effort to manually set all users who have the authority to enter and exit the facility for each facility to be managed. For this reason, a mechanism that can automatically generate data that can be used for entry / exit management by converting customer personnel information and the like is desired.

However, when a customer-specific data conversion system was constructed in order to convert the customer's personnel information and generate data that can be used for entry / exit management, the development cost increased and the personnel information was used. It becomes a barrier to realize entry / exit management. On the other hand, the scale of customer management is changing from a single company to unified security management for the entire group company, and it is required to realize entry / exit management based on the huge amount of personnel information of the entire group company. There is.

Therefore, in the present embodiment, a standardized database (storage unit 110) is defined, the data format of personnel information peculiar to the customer is converted into the data format of the standardized database (storage unit 110), and entry / exit management is performed. A management method that enables generation of data to be used will be described. Hereinafter, a processing example of the management device 101 will be described.

(1) The management device 101 acquires the personnel information of each user to be managed. Here, the personnel information is information representing the values of a plurality of attributes that characterize the user in association with the identification information of the user to be managed. The users to be managed are, for example, employees of organizations such as companies, government offices, and hospitals.

In the example of FIG. 1, personnel information 102 representing the values of attribute 1, attribute 2, and attribute 3 that characterize each user is acquired in association with the ID (identification) of each user to be managed. Here, personnel information will be described as an example, but other information may be used as long as it is information that characterizes an individual by a plurality of attributes.

(2) The management device 101 associates the identification information of each user to be managed with the value of each attribute of a plurality of attributes associated with the identification information of each user, and is a user having a plurality of items. It is stored in the storage unit 110 in association with each item of information. The number of items of a plurality of items possessed by the user information can be arbitrarily set, and is set to, for example, about 20 items.

Specifically, for example, the management device 101 assigns each of the plurality of attributes of the acquired personnel information to each of the plurality of predetermined items. Next, the management device 101 associates the acquired personnel information with the ID of each user, and assigns the value of each attribute of the plurality of attributes associated with the ID of each user to each attribute. Convert to user information expressed as the value of. Then, the management device 101 stores the user information obtained by conversion in the storage unit 110.

In the example of FIG. 1, as a result of the attributes 1 to 3 of the personnel information 102 being assigned to the items 1 to 3 provided in advance in the storage unit 110, the user information 103 is stored in the storage unit 110. .. In the user information 103, the values of the attributes 1 to 3 associated with the ID of each user are set as the values of the items 1 to 3 assigned to the attributes 1 to 3 in association with the ID of each user. Information to represent. As a result, the data format of the customer-specific personnel information 102 can be converted into the data format of the storage unit 110 and held.

(3) The management device 101 stores in the condition item storage unit 111 a predetermined number of items to be used as a condition for selecting a user who has the authority to enter and exit the facility from a plurality of items for each facility to be managed. A predetermined number of items to be used as a condition are selected, for example, on an operation screen in which a predetermined number of items can be selected from a plurality of items possessed by user information. This operation screen may be, for example, an operation screen 120 described later, or may be another operation screen different from the operation screen 120.

(4) The management device 101 controls to display the operation screen 120 in which the value of each item stored in the condition item storage unit 111 can be set for each facility to be managed. On the operation screen 120, for example, a predetermined number of items may be selectable from a plurality of items possessed by the user information.

According to the operation screen 120, various conditions can be set by combining a plurality of items as conditions for selecting users who have the authority to enter and exit the facility (for example, entry conditions). In other words, it is possible to set various conditions for selecting users who have the authority to enter and exit the facility by combining the attributes included in the personnel information.

In the example of FIG. 1, on the operation screen 120, items 1 and 2 are selected from items 1 to 3 for the facility 1 to be managed, "value 1" is set as the value of item 1, and the value of item 2 is set. "Value 2" is set (dotted frame 130 in FIG. 1). In this case, as a condition for selecting users who have the authority to enter and exit the facility 1, a condition that the value of item 1 is "value 1" and the value of item 2 is "value 2" is set. ..

The display for displaying the operation screen 120 may be possessed by the management device 101, or may be possessed by another computer connected to the management device 101.

(5) Among the users represented by the user information stored in the storage unit 110, the management device 101 describes each item stored in the condition item storage unit 111 and each set item for the facility on the operation screen 120. The value of the item and the value of the item are stored in the condition storage unit 112.

(6) The management device 101 generates qualified person information indicating a user who satisfies the condition specified from each item and the value stored in the condition storage unit 112.

In the example of FIG. 1, among the users represented by the user information 103, the users who satisfy the condition for selecting the users who have the authority to enter and exit the facility 1, that is, the value of the item 1 is the "value 1". In addition, qualified person information 140 indicating a user whose value of item 2 is "value 2" is generated.

In this way, according to the management device 101, a standardized database (storage unit 110) can be defined, and the data format of the customer-specific personnel information can be converted into the data format of the storage unit 110. Therefore, it is possible to convert the customer's personnel information into data that can be used for entry / exit management without constructing a customer-specific data conversion system.

Further, according to the management device 101, various conditions can be easily set by combining a plurality of items as conditions for selecting users who have the authority to enter and exit the facility on the operation screen 120. This makes it possible to easily set various conditions for selecting users who have the authority to enter and exit the facility by combining the attributes contained in the personnel information, and by extension, efficiently set the users who have the authority to enter and exit the facility. It will be possible.

Further, according to the management device 101, among the users represented by the user information stored in the storage unit 110, the qualified person information indicating the user who satisfies the condition for selecting the user who has the authority to enter and exit the facility is automatically performed. Can be generated. As a result, it is possible to define entry / exit authority for each facility corresponding to the standardized database (storage unit 110), and it is possible to enable efficient entry / exit management in a large-scale organization.

(System configuration example of entry / exit management system 200)
Next, a system configuration example of the entry / exit management system 200 according to the embodiment will be described. Here, a case where the entry / exit management system 200 is applied to a system for managing entry / exit to / from the room RM of an office will be described as an example. The room RM is an example of a facility to be managed, and is, for example, a conference room, a reception room, an office, a project room, a server room, a meeting room, and the like.

FIG. 2 is an explanatory diagram showing a system configuration example of the entry / exit management system 200. In FIG. 2, the entry / exit management system 200 includes a management device 101, an entry / exit management terminal 201, a personnel system 202, and a plurality of authentication control devices GC (for example, authentication control devices GC1 and GC2). In the entry / exit management system 200, the management device 101, the entry / exit management terminal 201, the personnel system 202, and the authentication control device GC are connected via a wired or wireless network 210. The network 210 is, for example, a LAN (Local Area Network), a WAN (Wide Area Network), the Internet, or the like.

Here, the management device 101 manages entry / exit to / from the room RM to be managed. The management device 101 has a user information DB (Database) 220, a room information DB 230, a room-specific distribution condition DB 240, a room-specific qualified person DB 250, and an authentication device information DB 260. The stored contents of the various DBs 220, 230, 240, 250, and 260 will be described later with reference to FIGS. 6 to 10. The storage unit 110 shown in FIG. 1 corresponds to, for example, the user information DB 220. Further, the condition item storage unit 111 and the condition storage unit 112 shown in FIG. 1 correspond to, for example, the room-specific distribution condition DB 240.

The entry / exit management terminal 201 is a computer used by an administrator who manages entry / exit to / from the room RM. The entry / exit management terminal 201 is, for example, a PC (Personal Computer). The personnel system 202 is a system that has a personnel information DB 270 and manages the personnel information of users (employees). The personnel system 202 is, for example, a server. The stored contents of the personnel information DB 270 will be described later with reference to FIG.

The authentication control device GC is a computer that authenticates a user who is permitted to enter and leave the room RM, that is, a user who has the authority to enter and exit the room RM. The authentication device CR (for example, the authentication devices CR1 and CR2) and the electronic lock EL (for example, the electronic lock EL1 and EL2) corresponding to the authentication device CR are connected to the authentication control device GC.

The authentication device CR is a computer provided corresponding to the door of the room RM and acquires identification information for identifying a user who intends to enter (or leave) the room RM. The authentication device CR may be, for example, a card reader device that reads a user ID from a user's ID card, or may be a reader device that reads biological information such as a user's fingerprint and veins. The electronic lock EL is a lock for the door of the room RM, and is a lock that can be unlocked / locked electronically.

In the following description, the case where the authentication device CR is a card reader device that reads the user ID from the user's ID card will be described as an example.

Specifically, for example, the authentication device CR reads the user ID from the ID card of the user who intends to enter the room RM and outputs the user ID to the authentication control device GC. In the authentication control device GC, for example, when the user ID output from the authentication device CR is registered in the personal qualification information as shown in FIG. 14A or the like described later in association with the authentication device ID of the authentication device CR. To authenticate the user with the user ID. Then, the authentication control device GC outputs an unlocking instruction to the electronic lock EL. As a result, the electronic lock EL is unlocked, and the user can enter the room RM.

(Hardware configuration example of management device 101)
FIG. 3 is a block diagram showing a hardware configuration example of the management device 101. In FIG. 3, the management device 101 includes a CPU (Central Processing Unit) 301, a memory 302, an I / F (Interface) 303, a disk drive 304, and a disk 305. Further, each component is connected by a bus 300.

Here, the CPU 301 controls the entire management device 101. The memory 302 includes, for example, a ROM (Read Only Memory), a RAM (Random Access Memory), a flash ROM, and the like. Specifically, for example, a flash ROM or ROM stores various programs, and RAM is used as a work area of CPU 301. The program stored in the memory 302 is loaded into the CPU 301 to cause the CPU 301 to execute the coded process.

The I / F 303 is connected to the network 210 through a communication line, and is connected to an external computer (for example, the entry / exit management terminal 201 shown in FIG. 2, the personnel system 202, and the authentication control devices GC1 and GC2) via the network 210. To. The I / F 303 controls the interface between the network 210 and the inside of the device, and controls the input / output of data from an external computer. For the I / F 303, for example, a modem, a LAN adapter, or the like can be adopted.

The disk drive 304 controls data read / write to the disk 305 according to the control of the CPU 301. The disk 305 stores the data written under the control of the disk drive 304. Examples of the disk 305 include a magnetic disk and an optical disk.

In addition to the above-described components, the management device 101 may include, for example, an SSD (Solid State Drive), a keyboard, a mouse, a display, and the like. Further, the personnel system 202 shown in FIG. 2 can also be realized by the same hardware configuration as the management device 101.

(Example of hardware configuration of entry / exit management terminal 201)
FIG. 4 is a block diagram showing a hardware configuration example of the entry / exit management terminal 201. In FIG. 4, the entry / exit management terminal 201 has a CPU 401, a memory 402, a disk drive 403, a disk 404, an I / F 405, a display 406, and an input device 407. Further, each component is connected by a bus 400.

Here, the CPU 401 controls the entire entry / exit management terminal 201. The memory 402 includes, for example, a ROM, a RAM, a flash ROM, and the like. Specifically, for example, a flash ROM or ROM stores various programs, and the RAM is used as a work area of the CPU 401. The program stored in the memory 402 is loaded into the CPU 401 to cause the CPU 401 to execute the coded process.

The disk drive 403 controls data read / write to the disk 404 according to the control of the CPU 401. The disk 404 stores the data written under the control of the disk drive 403. Examples of the disk 404 include a magnetic disk and an optical disk.

The I / F 405 is connected to the network 210 through a communication line, and is connected to another device via the network 210. Then, the I / F 405 controls the interface between the network 210 and the inside of the own device, and controls the input / output of data from another device.

The display 406 displays data such as documents, images, and functional information, as well as cursors, icons, and toolboxes. As the display 406, for example, a liquid crystal display, a CRT (Cathode Ray Tube), or the like can be adopted.

The input device 407 has keys for inputting characters, numbers, various instructions, and the like, and inputs data. The input device 407 may be a keyboard, a mouse, or the like, or may be a touch panel type input pad, a numeric keypad, or the like.

(Memory contents of personnel information DB270)
Next, the stored contents of the personnel information DB 270 possessed by the personnel system 202 will be described with reference to FIG. The personnel information DB 270 is stored in, for example, a storage device such as a memory or a disk (not shown) of the personnel system 202.

FIG. 5 is an explanatory diagram showing an example of the stored contents of the personnel information DB 270. In FIG. 5, the personnel information DB 270 has fields such as a user ID, a user name, a furigana, a company name, an affiliation name, a business establishment name, a project name, and an employee flag. By setting information in each field, personnel information (for example, personnel information 500-1 to 500-3) is stored as a record.

Here, the user ID is an identifier that uniquely identifies the user. The user name, furigana, company name, affiliation name, business establishment name, project name, and employee flag are examples of attributes that characterize the user of the user ID. Specifically, the user name is the name of the user. Furigana is how to read the user name.

The company name is the name of the company to which the user belongs. The affiliation name is the name of the station, department, section, etc. to which the user belongs. The business establishment name is the name of the business establishment to which the user belongs. The project name is the name of the project to which the user belongs. The employee flag is a flag indicating an employment form. Examples of employment forms include full-time employees, temporary staffing, contracts, and part-time jobs.

Although not shown, other attributes that characterize the user include, for example, gender, age, occupation, building code, department code, and the like. Examples of occupations include sales positions, research positions, managerial positions, and SE positions. The building code is an identifier that uniquely identifies the building to which the user belongs. The department code is an identifier that uniquely identifies the department to which the user belongs.

(Memory contents of various DBs 220, 230, 240, 250, 260)
Next, the stored contents of various DBs 220, 230, 240, 250, and 260 included in the management device 101 will be described with reference to FIGS. 6 to 10. The various DBs 220, 230, 240, 250, and 260 are stored in, for example, a storage device such as a memory 302 or a disk 305 of the management device 101 shown in FIG.

FIG. 6 is an explanatory diagram showing an example of the stored contents of the user information DB 220. In FIG. 6, the user information DB 220 includes a user ID, a user name, a flag, a company name (arbitrary item 1), an affiliation name (arbitrary item 2), a business establishment name (arbitrary item 3), and a project name (arbitrary item 3). It has fields such as 4) and employee flag (optional item 5). By setting information in each field, user information (for example, user information 600-1 to 600-8) is stored as a record.

Here, the user ID is an identifier that uniquely identifies the user. The user name is the name of the user. Furigana is how to read the user name. The company name (arbitrary item 1), affiliation name (arbitrary item 2), business establishment name (arbitrary item 3), project name (arbitrary item 4), and employee flag (arbitrary item 5) are a plurality of optional items provided in advance. (For example, among optional items 1 to 20), it is an optional item assigned to an attribute that characterizes the user.

Specifically, the company name (optional item 1) is the name of the company to which the user belongs. The affiliation name (arbitrary item 2) is the name of the station, department, section, etc. to which the user belongs. The business establishment name (optional item 3) is the name of the business establishment to which the user belongs. The project name (optional item 4) is the name of the project to which the user belongs. The employee flag (optional item 5) is a flag indicating an employment form.

Here, "user name" and "furigana" are treated as different from optional items, but the present invention is not limited to this. For example, arbitrary items may be assigned to "user name" and "furigana".

FIG. 7 is an explanatory diagram showing an example of the stored contents of the room information DB 230. In FIG. 7, the room information DB 230 has fields for a room ID and a room name, and by setting information in each field, room information (for example, room information 700-1 to 700-5) is stored as a record. ..

Here, the room ID is an identifier that uniquely identifies the room RM. The room name is the name of the room RM. Although not shown, the room information may include, for example, the company name of the company in which the room RM exists or the business establishment name of the business establishment. Further, the room information may include information on the building name and floor of the building (building) in which the room RM exists.

FIG. 8 is an explanatory diagram showing an example of the stored contents of the room-specific distribution condition DB 240. In FIG. 8, the room-specific distribution condition DB 240 includes a room ID, a distribution condition number (for example, distribution condition number 1, distribution condition number 2), and a distribution condition key character string (for example, a distribution condition key character string). 1. It has fields for distribution condition key character string 2), start date and end date. By setting information in each field, room-specific distribution condition information (for example, room-specific distribution condition information 800-1 to 800-6) is stored as a record.

Here, the room ID is an identifier that uniquely identifies the room RM. The distribution condition number is an optional item (for example, shown in FIG. 6) that is a room-specific distribution condition for selecting users who are permitted to enter and leave the room RM, that is, users who have the authority to enter and exit the room RM. It is a number for identifying optional items 1 to 5). The distribution condition key character string is a value of an arbitrary item of the distribution condition number. The start date and end date are the start date and end date of the valid period of the room-specific distribution condition. If the validity period is not set in the room distribution conditions, the start date and end date will be "blank".

For example, the room-specific distribution condition information 800-1 indicates a room-specific distribution condition for selecting users who are allowed to enter and leave the room RM1 and a valid period “2016/11/11 / 1-2016 / 11/30”. .. The distribution condition number 1 "4" indicates the project name (arbitrary item 4), and the distribution condition key character string 1 "A1 project" indicates the value of the project name (arbitrary item 4). Further, the distribution condition number 2 "5" indicates the employee flag (arbitrary item 5), and the distribution condition key character string 2 "regular employee" indicates the value of the employee flag (arbitrary item 5).

FIG. 9 is an explanatory diagram showing an example of the stored contents of the qualified person DB 250 for each room. In FIG. 9, the room-specific qualified person DB 250 has fields for room ID, user ID, automatic / manual flag, start date, and end date. By setting information in each field, room-specific qualified person information (for example, room-specific qualified person information 900-1 to 900-15) is stored as a record.

Here, the room ID is an identifier that uniquely identifies the room RM. The user ID is a user ID of a user who allows the room ID to enter and leave the room RM. The automatic / manual flag is a flag for determining whether the qualified person information for each room is automatically generated or manually registered. Here, the automatic / manual flag "automatic" indicates that it is automatically generated. The automatic / manual flag "manual" indicates that the flag has been manually registered. The start date and end date are the start date and end date of the validity period of the qualified person information for each room. If the valid period is not set in the qualified person information for each room, the start date and end date will be "blank".

For example, the qualified person information 900-1 for each room includes the user ID "P1" of the user who permits entry and exit to the room RM1, the automatic / manual flag "automatic", and the validity period "2016/11/1 to 2016 /". 11/30 "is shown.

FIG. 10 is an explanatory diagram showing an example of the stored contents of the authentication device information DB 260. In FIG. 10, the authentication device information DB 260 has fields for an authentication control device ID, an authentication device ID, a room ID, and an authentication device name. By setting information in each field, authentication device information (for example, authentication device information 1000-1 to 1000-7) is stored as a record.

Here, the authentication control device ID is an identifier that uniquely identifies the authentication control device GC. The authentication device ID is an identifier that uniquely identifies the authentication device CR connected to the authentication control device GC of the authentication control device ID. The room ID is the room ID of the room RM provided with the authentication device CR of the authentication device ID. The authentication device name is the name of the authentication device CR of the authentication device ID.

For example, the authentication device information 1000-1 indicates the authentication device CR1 connected to the authentication control device GC1, the room RM1 provided with the authentication device CR1, and the authentication device name “authentication device 1” of the authentication device CR1.

(Example of functional configuration of management device 101)
FIG. 11 is a block diagram showing a functional configuration example of the management device 101. In FIG. 11, the management device 101 includes an acquisition unit 1101, a conversion unit 1102, a display control unit 1103, a generation unit 1104, a registration unit 1105, and an output processing unit 1106. The acquisition unit 1101 to the output processing unit 1106 are functions that serve as control units. Specifically, for example, by causing the CPU 301 to execute a program stored in a storage device such as the memory 302 and the disk 305 shown in FIG. , Or, the function is realized by I / F 303. The processing result of each functional unit is stored in a storage device such as a memory 302 or a disk 305, for example.

The acquisition unit 1101 acquires the personnel information of the user. Here, the personnel information is information representing the values of a plurality of attributes that characterize the user in association with the user ID of the user. Specifically, for example, the acquisition unit 1101 acquires the user's personnel information by receiving the personnel information in the personnel information DB 270 (for example, see FIG. 5) from the personnel system 202.

The process of acquiring personnel information is performed regularly (for example, at midnight every day) or irregularly. At this time, the acquisition unit 1101 may acquire all the personnel information in the personnel information DB 270 from the personnel system 202, for example, or acquire the personnel information representing the difference from the previously acquired personnel information. It may be.

The conversion unit 1102 converts the acquired personnel information of the user into user information and stores it in the user information DB 220. Specifically, for example, the conversion unit 1102 assigns each of the plurality of attributes of the acquired personnel information to each of the plurality of arbitrary items provided in advance in the user information DB 220. At this time, which attribute is assigned to which arbitrary item can be arbitrarily set.

More specifically, for example, the conversion unit 1102 may sequentially assign each arbitrary item to each attribute according to the order of arrangement of each attribute in the personnel information. Further, among the plurality of attributes of the personnel information, "user name" and "furigana" may be treated in the same manner as "user ID" and excluded from the allocation target.

Taking the personnel information shown in FIG. 5 as an example, the conversion unit 1102 has, for example, the first attribute "company name" from the left other than "user name" and "furigana" among a plurality of attributes of the personnel information. May be assigned to the optional item 1 in the user information DB 220. Further, the conversion unit 1102 sets the attribute "affiliation name" that appears second from the left other than "user name" and "furigana" among the plurality of attributes of the personnel information to the optional item 2 in the user information DB 220. It may be assigned to.

Next, the conversion unit 1102 associates the acquired personnel information of each user with the user ID of each user, and sets the value of each attribute of a plurality of attributes associated with the user ID of each user. , Convert to user information represented as the value of each arbitrary item assigned to each attribute. Then, the conversion unit 1102 stores the user information obtained by conversion in the user information DB 220. At this time, if the user information of the same user is already stored (for example, the same user ID), the conversion unit 1102 updates the user information of the user with new user information.

Taking the personnel information 500-1 shown in FIG. 5 as an example, the conversion unit 1102 associates the personnel information 500-1 with the user ID “P1” and sets the value of each attribute of the plurality of attributes. It is converted into user information 600-1 represented as the value of each arbitrary item assigned to the attribute. Although it is decided not to assign arbitrary items to "user name" and "furigana" here, arbitrary items may be assigned to "user name" and "furigana" as well.

The display control unit 1103 controls to display the room-specific distribution setting screen S1. Here, on the room-specific distribution setting screen S1, a predetermined number N of arbitrary items can be selected from a plurality of arbitrary items as the room-specific distribution conditions for each room RM to be managed, and the selected items are selected. This is an operation screen on which the value of each arbitrary item can be set.

The predetermined number N represents the upper limit of the number of selectable items, and can be arbitrarily set. For example, the predetermined number N is set to about five. The room-specific distribution condition is a condition for selecting users who have the authority to enter and exit the room RM. The operation screen 120 shown in FIG. 1 corresponds to, for example, the room-specific distribution setting screen S1.

Specifically, for example, first, the display control unit 1103 identifies the room RM to be managed by referring to the room information DB 230 shown in FIG. 7. Next, the display control unit 1103 acquires the room-specific distribution condition information for each specified room RM with reference to the room-specific distribution condition DB 240 shown in FIG. However, for room RMs for which room-specific distribution conditions have not been set, room-specific distribution condition information is not acquired.

Next, the display control unit 1103 generates the screen information of the room-specific distribution setting screen S1 based on the acquired room-specific distribution condition information for each room RM. At this time, the display control unit 1103 can select and set the value of the selected arbitrary item from the list of the values of the optional item represented by the user information in the user information DB 220, for example. The screen information of the minute setting screen S1 may be generated. The value of the optional item may be directly input.

Further, the display control unit 1103 may generate screen information of the room-specific distribution setting screen S1 in which the valid period of the room-specific distribution condition can be set, for example. The validity period of the room-specific distribution condition is set by, for example, specifying the start date and the end date of the period that becomes the validity period. Further, on the room-specific distribution setting screen S1, for example, the registered room-specific distribution conditions may be deleted or modified.

Then, the display control unit 1103 transmits the generated screen information of the room-specific distribution setting screen S1 to the entry / exit management terminal 201. As a result, on the entry / exit management terminal 201, for example, the room-specific distribution setting screen S1 is displayed on the display 406 shown in FIG. A screen example of the room-specific distribution setting screen S1 will be described later with reference to FIG.

The screen information of the room-specific distribution setting screen S1 may be generated by the entry / exit management terminal 201. Specifically, for example, the display control unit 1103 transmits various information used for generating screen information of the room-specific distribution setting screen S1 to the entry / exit management terminal 201. The various information used to generate the screen information of the room-specific distribution setting screen S1 is, for example, the room information in the room information DB 230, the room-specific distribution condition information in the room-specific distribution condition DB 240, and the user information DB 220. User information, etc. Then, the room entry / exit management terminal 201 generates screen information of the room-specific distribution setting screen S1 based on various information received from the management device 101. As a result, it is possible to control the entry / exit management terminal 201 so that the room-specific distribution setting screen S1 is displayed.

In addition, the acquisition unit 1101 acquires the room-specific distribution condition information of the room RM. Here, the room-specific distribution condition information is specified by the room RM on the room-specific distribution setting screen S1 from the selected arbitrary items and the set values (set values) of the optional items. This is information indicating the separate distribution conditions.

More specifically, for example, the room-specific distribution condition is a combination of values set for each selected arbitrary item on the room-specific distribution setting screen S1 as an AND condition. Specifically, for example, the acquisition unit 1101 acquires the room-specific distribution condition information by receiving the room-specific distribution condition information from the room entry / exit management terminal 201. If the valid period is set in the room-specific distribution condition, the room-specific distribution condition information includes information that specifies the valid period of the room-specific distribution condition, for example, the start date and end date of the valid period. Contains information to indicate.

Further, the management device 101 receives the operation input of the administrator performed on the room-specific distribution setting screen S1 from the entry / exit management terminal 201, and generates room-specific distribution condition information based on the received operation input. You may decide to do so. In this case, the acquisition unit 1101 acquires the room-specific distribution condition information generated in the own device.

The acquired room-specific distribution condition information is stored in, for example, the room-specific distribution condition DB 240.

Further, the acquisition unit 1101 may acquire the room-specific distribution condition deletion request. Here, the room-specific distribution condition deletion request requests the deletion of the registered room-specific distribution conditions. The room-specific distribution condition deletion request includes information for specifying the room-specific distribution condition to be deleted (for example, room-specific distribution condition information to be deleted).

The room-specific distribution condition deletion request is made, for example, on the room-specific distribution setting screen S1. Specifically, for example, the acquisition unit 1101 acquires the room-specific distribution condition deletion request by receiving the room-specific distribution condition deletion request from the room entry / exit management terminal 201. In this case, the acquisition unit 1101 deletes the room-specific distribution condition information specified from the room-specific distribution condition deletion request from the room-specific distribution condition DB 240.

The generation unit 1104 generates room-specific qualified person information indicating a user who satisfies the room-specific distribution condition of the room RM based on the acquired room-specific distribution condition information. Specifically, for example, the generation unit 1104 refers to the room-specific distribution condition DB 240, and searches the user information DB 220 for user information satisfying the room-specific distribution condition of the room RM.

Then, the generation unit 1104 generates the qualified person information for each room, which represents the room ID of the room RM and the user ID of the searched user information in association with each other. At this time, the generation unit 1104 sets the automatic / manual flag "automatic" indicating that the room-specific qualified person information is automatically generated in the generated room-specific qualified person information. Further, when the valid period (for example, the start date and the end date) is set in the room-specific distribution conditions, the generation unit 1104 sets the valid period as the valid period of the qualified person information for each room.

Here, a case where the user information satisfying the room-specific distribution condition of the room RM1 is searched by taking the room-specific distribution condition information 800-1 as an example will be described. In this case, the generation unit 1104 is a user who has a project name (arbitrary item 4) value of "A1 project" and an employee flag (arbitrary item 5) value of "regular employee" from the user information DB 220. Information (for example, user information 600-1) is searched. However, the description of the conditions after the distribution condition number 3 will be omitted. Here, it is assumed that the user information 600-1 is searched. In this case, the generation unit 1104 generates room-specific qualified person information 900-1 representing the room ID "RM1" of the room RM1 and the user ID "P1" of the user information 600-1 in association with each other. In addition, the generation unit 1104 sets the start date "2016/11/1" and the end date "2016/11/30" of the room-specific distribution condition information 800-1 to the start date and the start date of the room-specific qualified person information 900-1. Set as the end date.

The registration unit 1105 registers the generated room-specific qualified person information. Specifically, for example, the registration unit 1105 sets the automatic / manual flag "automatic" in the generated room-specific qualified person information. Then, the registration unit 1105 stores the room-specific qualified person information for which the automatic / manual flag "automatic" is set in the room-specific qualified person DB 250 shown in FIG.

Further, the display control unit 1103 controls to display the qualified person setting screen S2 for each room. Here, the room-specific qualified person setting screen S2 is an operation screen on which a user who has the authority to enter and exit the room RM can be registered for each room RM to be managed. On the room-specific qualified person setting screen S2, for example, a user who has the authority to enter and exit the room RM may be deleted.

Specifically, for example, first, the display control unit 1103 refers to the room information DB 230 and identifies the room RM to be managed. Next, the display control unit 1103 refers to the room-specific qualified person DB 250 shown in FIG. 9 and acquires the room-specific qualified person information for each specified room RM. However, for room RMs for which room-specific qualification information has not been registered, room-specific qualification information will not be acquired.

Next, the display control unit 1103 generates screen information of the room-specific qualified person setting screen S2 based on the acquired room-specific qualified person information for each room RM. At this time, the display control unit 1103 may generate, for example, the screen information of the room-specific qualified person setting screen S2 in which the valid period of the room-specific qualified person information can be set. The valid period of the qualified person information for each room is set by, for example, specifying the start date and the end date of the valid period.

Further, on the room-specific qualified person setting screen S2, for example, user information of a user who is a qualified person candidate may be displayed. Users who are candidates for qualified persons can be narrowed down by specifying attributes or the like. In this case, on the room-specific qualified person setting screen S2, for example, a user who has the authority to enter and exit the room RM can be selected from the users who are candidates for qualified persons.

Then, the display control unit 1103 transmits the generated screen information of the qualified person setting screen S2 for each room to the entry / exit management terminal 201. As a result, on the entry / exit management terminal 201, for example, the room-specific qualified person setting screen S2 is displayed on the display 406. A screen example of the qualified person setting screen S2 for each room will be described later with reference to FIG.

The screen information of the qualified person setting screen S2 for each room may be generated by the entry / exit management terminal 201. Specifically, for example, the display control unit 1103 transmits various information used for generating screen information of the room-specific qualified person setting screen S2 to the entry / exit management terminal 201. The various information used to generate the screen information of the room-specific qualified person setting screen S2 is, for example, the room information in the room information DB 230, the room-specific distribution condition information in the room-specific distribution condition DB 240, and the user information DB 220. User information, etc. Then, the room entry / exit management terminal 201 generates screen information of the room-specific qualified person setting screen S2 based on various information received from the management device 101. As a result, it is possible to control the entry / exit management terminal 201 so that the room-specific qualified person setting screen S2 is displayed.

In addition, the acquisition unit 1101 acquires the qualification person information for each room of the room RM. The room-specific qualified person information acquired here is information indicating a user who has the authority to enter and exit the room RM registered on the room-specific qualified person setting screen S2. The room-specific qualified person information includes, for example, a room ID and a user ID.

Specifically, for example, the acquisition unit 1101 acquires the room-specific qualified person information by receiving the room-specific qualified person information from the room entry / exit management terminal 201. When the valid period is set in the qualified person information for each room, the qualified person information for each room includes information for specifying the valid period, for example, information indicating the start date and the end date of the valid period.

In addition, the registration unit 1105 registers the acquired qualification person information for each room. Specifically, for example, the registration unit 1105 sets an automatic / manual flag "manual" indicating that the room-specific qualified person information is manually registered in the acquired room-specific qualified person information. Then, the registration unit 1105 stores the room-specific qualified person information for which the automatic / manual flag "manual" is set in the room-specific qualified person DB 250.

In addition, the acquisition unit 1101 acquires a request for deleting a qualified person for each room in the room RM. Here, the room-specific qualified person deletion request requests the deletion of a user who has the authority to enter and exit the room RM. The room-specific qualified person deletion request includes, for example, a room ID and a user ID of the user to be deleted.

The request to delete the qualified person for each room is made, for example, by the operation input of the administrator on the qualified person setting screen S2 for each room. Specifically, for example, the acquisition unit 1101 acquires the room-specific qualified person deletion request by receiving the room-specific qualified person deletion request from the room entry / exit management terminal 201.

In addition, the registration unit 1105 deletes the room-specific qualified person information specified from the acquired room-specific qualified person deletion request. Specifically, for example, the registration unit 1105 deletes the room-specific qualified person information corresponding to the combination of the room ID and the user ID included in the room-specific qualified person deletion request from the room-specific qualified person DB 250.

The customer's personnel information may be updated, and the stored contents of the user information DB 220 are updated accordingly. Further, when the stored content of the user information DB 220 is updated, the room-specific qualified person information generated based on the room-specific distribution condition information may change. Therefore, for example, the room-specific qualified person information in the room-specific qualified person DB 250 is updated in accordance with the update of the user information DB 220.

At this time, if the room-specific qualification information in the room-specific qualification DB 250 is replaced with the newly generated room-specific qualification information, the manually registered room-specific qualification information will be deleted. Therefore, the registration unit 1105 has set the automatic / manual flag "automatic" among the room-specific qualification information stored in the room-specific qualification DB 250 based on the newly generated room-specific qualification information. Update qualified person information by room. As a result, it is possible to prevent the room-specific qualified person information for which the automatic / manual flag "manual" is set from being deleted when the stored contents of the room-specific qualified person DB 250 are updated.

The output processing unit 1106 performs a process of transmitting the registered room RM qualified person information for each room to the authentication control device GC that authenticates the user who has the authority to enter and exit the room RM. Specifically, for example, the output processing unit 1106 identifies the authentication control device GC corresponding to the room RM with reference to the authentication device information DB 260 shown in FIG. Taking the room RM1 as an example, the authentication control device GC1 corresponding to the room RM1 is specified.

Next, the output processing unit 1106 searches the room-specific qualified person DB 250 for the room-specific qualified person information corresponding to the room RM. At this time, the output processing unit 1106 may exclude the room-specific qualified person information whose current date is outside the valid period from the search target. Taking room RM1 as an example, "RM1" is set in the room ID field from the room-specific qualified person DB250, and the room-specific qualified person information within the valid period of the current date is searched. The room-specific qualified person information for which the current date is within the valid period also includes room-specific qualified person information for which the valid period has not been set.

Next, the output processing unit 1106 generates personal credential information for each authentication device CR connected to the specified authentication control device GC based on the searched room-specific qualification person information. The authentication device CR connected to the authentication control device GC is specified from the authentication device information DB 260. The personal qualification information is information indicating a user who has the authority to enter and exit the room RM provided with the authentication device CR connected to the authentication control device GC.

Then, the output processing unit 1106 transmits the generated personal qualification information to the specified authentication control device GC. As a result, the authentication control device GC authenticates the user who enters and exits the room RM by using the personal qualification information from the management device 101. Specific examples of personal qualification information will be described later with reference to FIGS. 14A, 14B and 14C.

Further, the output processing unit 1106 performs a process of transmitting the personal qualification deletion request to the authentication control device GC. Here, the personal qualification deletion request requests the deletion of the personal qualification information whose validity period has expired. Specifically, for example, the output processing unit 1106 searches the room-specific qualified person DB 250 for the room-specific qualified person information corresponding to the room RM and outside the valid period.

Next, the output processing unit 1106 generates a personal qualification deletion request requesting deletion of the personal qualification information corresponding to the searched room-specific qualified person information. The personal qualification deletion request includes a combination of an authentication device ID and a user ID that identifies the personal qualification information to be deleted. Then, the output processing unit 1106 transmits the generated personal qualification deletion request to the authentication control device GC. As a result, in the authentication control device GC, the personal qualification information specified from the personal qualification deletion request from the management device 101 is deleted.

Each functional unit (acquisition unit 1101 to output processing unit 1106) of the management device 101 described above may be realized by, for example, the entry / exit management terminal 201.

(Screen example of distribution setting screen S1 by room)
Next, a screen example of the room-specific distribution setting screen S1 displayed on the display 406 of the room entry / exit management terminal 201 will be described with reference to FIG.

FIG. 12 is an explanatory diagram showing a screen example of the room-specific distribution setting screen S1. In FIG. 12, the room-specific distribution setting screen S1 is an operation screen for setting the room-specific distribution conditions for each room RM to be managed. In the following description, a "click operation" will be described as an example of an operation for selecting a button or the like on the operation screen.

On the room-specific distribution setting screen S1, for example, management is performed by clicking one of the room bars (for example, room bars b1 to b5) by the operation input of the administrator using the input device 407 shown in FIG. The target room RM can be selected. In the example of FIG. 12, the room bar b1 is clicked and the room RM1 (room name: A project room) with the room ID “RM1” is selected.

The room-specific distribution setting screen S1 displays a list of registered room-specific distribution conditions for the selected room RM. In the example of FIG. 12, the registered room-specific distribution conditions a1 and a2 are displayed for the room RM1 (room name: A project room) with the room ID “RM1”. The room-specific distribution conditions a1 and a2 correspond to the room-specific distribution condition information 800-1 and 800-2 shown in FIG.

Further, on the room-specific distribution setting screen S1, for example, by clicking the buttons 1201 to 1205 by the operation input of the administrator, a plurality of room-specific distribution conditions in the user information DB 220 can be set as the room-specific distribution conditions of the selected room RM. 5 (predetermined number N: N = 5) optional items can be selected from the optional items (for example, optional items 1 to 20).

In the example of FIG. 12, the button 1201 is clicked and the project name (arbitrary item 4) is selected. In addition, the button 1202 is clicked and the employee flag (arbitrary item 5) is selected. In FIG. 12, “*” indicates an unselected or unset state. That is, in the example of FIG. 12, two arbitrary items are selected out of the five selectable arbitrary items.

Further, on the room-specific distribution setting screen S1, the value of the selected arbitrary item can be selected by clicking the buttons 1206 to 1210, for example, by the operation input of the administrator. For example, by clicking the button 1206, the value of the project name (arbitrary item 4) can be set.

More specifically, for example, when the button 1206 is clicked, the value of the project name (arbitrary item 4) represented by the user information in the user information DB 220 (for example, A1 project, A2 project, B project, etc.) is listed. The list (not shown) is displayed. The administrator can select and set the value of the project name (arbitrary item 4) from the list of the values of the project name (arbitrary item 4). However, the values of arbitrary items may be directly input and set by the operation input of the administrator.

In the example of FIG. 12, the button 1206 is clicked, and the value "A2 project" of the selected project name (arbitrary item 4) is set. Further, the button 1207 is clicked, and the value "dispatch" of the employee flag (arbitrary item 5) is set.

Further, on the room-specific distribution setting screen S1, for example, the valid period of the room-specific distribution condition can be set by clicking the buttons 1211 and 1212 by the operation input of the administrator. Specifically, for example, by clicking the button 1211, the start date of the valid period can be set. Also, by clicking the button 1212, the end date of the valid period can be set.

In the example of FIG. 12, the button 1211 is clicked and the start date "2016/12/1" of the valid period is set. In addition, the button 1212 is clicked, and the end date "2016/12/31" of the valid period is set.

Further, on the room-specific distribution setting screen S1, for example, by clicking the button 1213 by the operation input of the administrator, the room is specified from each optional item selected and the value of each optional item set. Separate distribution conditions can be registered. Specifically, for example, room-specific distribution condition information indicating newly registered room-specific distribution conditions is transmitted from the entry / exit management terminal 201 to the management device 101.

In the example of FIG. 12, when the button 1213 is clicked, a new room-specific distribution condition is registered, displayed in the dotted line frame 1230, and the room-specific distribution condition information is transmitted to the management device 101. .. Here, the new room-specific distribution condition is that the value "A2 project" of the project name (arbitrary item 4) and the value "dispatch" of the employee flag (arbitrary item 5) are connected as an AND condition.

Further, on the room-specific distribution setting screen S1, for example, by clicking the button 1214 by the operation input of the administrator, the selected arbitrary items and the values of the set arbitrary items can be cleared. ..

Further, on the room-specific distribution setting screen S1, for example, by clicking the button 1217 in the state where the check box (for example, the check box 1215, 1216) is selected by the operation input of the administrator, the selected check box is displayed. The corresponding registered room distribution conditions can be deleted. For example, when the button 1217 is clicked with the check box 1215 selected, a room-specific distribution condition deletion request for the registered room-specific distribution condition a1 is transmitted from the entry / exit management terminal 201 to the management device 101. ..

(Screen example of qualified person setting screen S2 for each room)
Next, a screen example of the room-specific qualified person setting screen S2 displayed on the display 406 of the room entry / exit management terminal 201 will be described with reference to FIG.

FIG. 13 is an explanatory diagram showing a screen example of the qualified person setting screen S2 for each room. In FIG. 13, the room-specific qualified person setting screen S2 is an operation screen for registering a user who has the authority to enter and exit the room RM for each room RM to be managed.

On the room-specific qualified person setting screen S2, for example, by clicking one of the room bars (for example, room bars b1 to b5) by the operation input of the administrator using the input device 407, the room RM to be managed is managed. Can be selected. Further, when the room RM to be managed is selected on the room-specific qualified person setting screen S2, the registered room-specific qualified persons are displayed in a list for the selected room RM. At this time, when the check box 1301 is selected, the qualified persons for each room whose automatic / manual flag is "automatic" are displayed in a list. If the check box 1302 is selected, the qualified persons for each room whose automatic / manual flag is "manual" are displayed in a list. Therefore, when the check boxes 1301 and 1302 are selected, the qualified persons for each room whose automatic / manual flags are "automatic" and "manual" are listed.

In the example of FIG. 13, the room bar b1 is clicked and the room RM1 (room name: A project room) with the room ID “RM1” is selected. In addition, a list of qualified persons including users with user IDs "P1", "P4", and "P6" as registered qualified persons for each room of the selected room RM1 is displayed.

As a result, the manager can confirm the registered qualified persons for each room for the room RM1. In addition, "distribution" in the qualified person list 1310 indicates an automatic / manual flag. Specifically, "Distribution: Yes" indicates the automatic / manual flag "automatic". Further, "Distribution: None" indicates an automatic / manual flag "manual". Therefore, the administrator can determine whether or not the registered room-specific qualified person is a manually registered user.

Further, on the room-specific qualified person setting screen S2, for example, when the button 1303 is clicked by the operation input of the administrator, a list of qualified person candidates (not shown) listing the users who are qualified person candidates can be displayed. it can. Then, by selecting one of the users from the list of qualified person candidates by the operation input of the administrator, it is possible to select the qualified person for each room to be newly registered.

Specifically, for example, when the button 1303 is clicked, a condition input screen (not shown) is displayed, and search conditions for narrowing down qualified person candidates can be input. As the search condition, the value of the attribute such as the user ID, the user name, the company name, and the affiliation name can be specified. When the search condition is input on the condition input screen, the user information acquisition request is transmitted from the entry / exit management terminal 201 to the management device 101.

The user information acquisition request requests user information of a user who satisfies the input search condition. As a result, when the user information of the user satisfying the search condition is received from the management device 101, the received user information is displayed in the qualified person candidate list as the user information of the user who is the qualified person candidate. To.

When any user is selected from the qualified person candidate list, the selected user is displayed in the qualified person list 1310 as a qualified person for each room. In the example of FIG. 13, the user with the user ID "P1" is selected, and the user ID "P1" and the user name of the newly registered qualified person for each room are displayed in the dotted line frame 1320 part of the qualified person list 1310. "Taro Yamada" is displayed. For manual registration, "None" is set for "Distribution".

Further, if the button 1307 is clicked with the check box 1314 selected on the room-specific qualified person setting screen S2, the valid period of the room-specific qualified person with the user ID "P1" can be set. Then, when the button 1308 is clicked, the set validity period of the qualified person for each room is reflected in the qualified person list 1310. In the example of FIG. 13, the start date “2016/12/16” of the valid period and the end date “2016/12/16” of the valid period are set.

Further, by clicking the button 1304 in the state where the check box (for example, check boxes 1311-1314) of the qualified person list 1310 is selected on the qualified person setting screen S2 for each room, the room corresponding to the selected check box is selected. Qualified persons can be deleted from the qualified person list 1310.

Further, by clicking the button 1305 on the qualified person setting screen S2 for each room, all the check boxes can be selected. Further, by clicking the button 1306 on the room-specific qualified person setting screen S2, all the selected check boxes can be cleared.

Further, when the button 1309 is clicked on the room-specific qualified person setting screen S2, the room-specific qualified person information of the newly registered room-specific qualified person is transmitted from the room entry / exit management terminal 201 to the management device 101. As a result, in the management device 101, the room-specific qualified person information of the newly registered room-specific qualified person is stored in the room-specific qualified person DB 250 with the automatic / manual flag "manual" set.

Further, on the room-specific qualified person setting screen S2, if the registered room-specific qualified person is deleted from the qualified person list 1310, clicking the button 1309 deletes the room-specific qualified person for the deleted room-specific qualified person. The request is transmitted from the entry / exit management terminal 201 to the management device 101. As a result, in the management device 101, the room-specific qualified person information specified from the room-specific qualified person deletion request is deleted from the room-specific qualified person DB 250.

(Specific example of personal qualification information)
Next, a specific example of the personal qualification information possessed by the authentication control device GC will be described with reference to FIGS. 14A, 14B and 14C. Here, a specific example of the personal qualification information possessed by the authentication control devices GC1 and GC2 will be described by taking the authentication control devices GC1 and GC2 as an example.

14A, 14B and 14C are explanatory views showing a specific example of personal qualification information possessed by the authentication control device GC. In FIG. 14A, the personal qualification information 1410-1 to 1410-11 is the personal qualification information used by the authentication control device GC1 during the period X (2016/11/1 to 2016/11/30). Further, the personal qualification information 1420-1 and 1420-2 are personal qualification information used by the authentication control device GC2 during the period X.

In FIG. 14B, the personal qualification information 1410-4 to 1410-17 is used by the authentication control device GC1 during the period Y (2016/12 / 1 to 2016/12/15, 2016/12/17 to 2016/12/31). It is personal credential information to be given. Further, the personal qualification information 1420-1 and 1420-2 are personal qualification information used by the authentication control device GC2 during the period Y.

Comparing the personal qualification information of the authentication control device GC1 between FIGS. 14A and 14B, the personal qualification information 1410-1 to 1410-3 is deleted, and the personal qualification information 1410-12 to 1410-17 is added. The personal qualification information of the authentication control device GC2 has not changed between FIGS. 14A and 14B.

In FIG. 14C, the personal qualification information 1410-4 to 1410-20 is the personal qualification information used by the authentication control device GC1 during the period Z (2016/12/16). Further, the personal qualification information 1420-1 to 1420-3 are personal qualification information used by the authentication control device GC2 during the period Z.

Comparing the personal qualification information of the authentication control device GC1 between FIGS. 14B and 14C, personal qualification information 1410-18 to 1410-20 is added. Comparing the personal qualification information of the authentication control device GC2 between FIGS. 14B and 14C, personal qualification information 1420-3 is added.

In this way, the personal qualification information possessed by each authentication control device GC1 and GC2 is updated according to the addition / deletion of the qualification person for each room and the elapse of the validity period of the qualification person for each room.

(Various processing procedures of the entry / exit management system 200)
Next, various processing procedures of the entry / exit management system 200 will be described with reference to FIGS. 15 to 20. First, the personnel information linkage processing procedure of the management device 101 will be described.

FIG. 15 is a flowchart showing an example of the personnel information linkage processing procedure of the management device 101. In the flowchart of FIG. 15, first, the management device 101 determines whether or not the personnel information in the personnel information DB 270 has been received from the personnel system 202 (step S1501). Here, the management device 101 waits for receiving the personnel information from the personnel system 202 (step S1501: No).

When the management device 101 receives the personnel information from the personnel system 202 (step S1501: Yes), the management device 101 converts the received personnel information into user information (step S1502). Then, the management device 101 stores each user information obtained by conversion in the user information DB 220 (step S1503), and ends a series of processes according to this flowchart.

As a result, the personnel information of each user acquired from the personnel system 202 can be converted into user information according to the data format of the standardized user information DB 220 and registered in the user information DB 220.

Next, the distribution condition registration processing procedure of the management device 101 will be described.

FIG. 16 is a flowchart showing an example of the distribution condition registration processing procedure of the management device 101. In the flowchart of FIG. 16, first, the management device 101 refers to the room information DB 230 and identifies the room RM to be managed (step S1601). Next, the management device 101 refers to the room-specific distribution condition DB 240, and acquires the room-specific distribution condition information for each specified room RM (step S1602).

Then, the management device 101 controls to display the room-specific distribution setting screen S1 on the entry / exit management terminal 201 based on the acquired room-specific distribution condition information for each room RM (step S1603). Next, the management device 101 determines whether or not the room-specific distribution condition information has been received from the room entry / exit management terminal 201 (step S1604).

Here, when the room-specific distribution condition information is received (step S1604: Yes), the management device 101 stores the received room-specific distribution condition information in the room-specific distribution condition DB 240 (step S1605), and steps. Move to S1608.

On the other hand, when the room-specific distribution condition information has not been received (step S1604: No), the management device 101 determines whether or not the room-specific distribution condition deletion request has been received from the entry / exit management terminal 201 (step). S1606). Here, when the room-specific distribution condition deletion request has not been received (step S1606: No), the management device 101 shifts to step S1608.

On the other hand, when the room-specific distribution condition deletion request is received (step S1606: Yes), the management device 101 receives the room-specific distribution condition deletion request from the room-specific distribution condition DB 240. The condition information is deleted (step S1607). Then, the management device 101 determines whether or not the display of the room-specific distribution setting screen S1 is completed (step S1608).

Here, if the display of the room-specific distribution setting screen S1 is not completed (step S1608: No), the management device 101 returns to step S1604. On the other hand, when the display of the room-specific distribution setting screen S1 is completed (step S1608: Yes), the management device 101 ends a series of processes according to this flowchart.

As a result, it is possible to select a predetermined number N of arbitrary items from a plurality of arbitrary items as the room-specific distribution conditions for each room RM to be managed, and it is possible to set the value of each selected arbitrary item. The room-specific distribution setting screen S1 (see, for example, FIG. 12) can be displayed on the entry / exit management terminal 201. In addition, the room-specific distribution conditions newly registered on the room-specific distribution setting screen S1 and the room-specific distribution conditions deleted on the room-specific distribution setting screen S1 can be reflected in the room-specific distribution condition DB 240. it can.

Next, the procedure for manually registering the qualified person of the management device 101 will be described.

FIG. 17 is a flowchart showing an example of the manual registration processing procedure for qualified persons of the management device 101. In the flowchart of FIG. 17, first, the management device 101 refers to the room information DB 230 and identifies the room RM to be managed (step S1701). Next, the management device 101 refers to the room-specific qualified person DB 250 and acquires the room-specific qualified person information for each specified room RM (step S1702).

Then, the management device 101 controls to display the room-specific qualified person setting screen S2 on the room entry / exit management terminal 201 based on the acquired room-specific qualified person information for each room RM (step S1703). Next, the management device 101 determines whether or not the user information acquisition request has been received from the entry / exit management terminal 201 (step S1704).

Here, when the user information acquisition request is received (step S1704: Yes), the management device 101 acquires the user information specified from the received user information acquisition request from the user information DB 220 and enters / exits the room. It is transmitted to the management terminal 201 (step S1705). Next, the management device 101 determines whether or not the room-specific qualified person information has been received from the room entry / exit management terminal 201 (step S1706).

Here, the management device 101 waits for receiving the qualified person information for each room (step S1706: No). When the management device 101 receives the room-specific qualified person information (step S1706: Yes), the management device 101 sets the automatic / manual flag "manual" in the received room-specific qualified person information (step S1707). Then, the management device 101 stores the room-specific qualified person information for which the automatic / manual flag "manual" is set in the room-specific qualified person DB 250 (step S1708), and proceeds to step S1711.

Further, in step S1704, when the user information acquisition request has not been received (step S1704: No), the management device 101 determines whether or not the room-specific qualified person deletion request has been received from the room entry / exit management terminal 201. (Step S1709). Here, if the room-specific qualified person deletion request has not been received (step S1709: No), the management device 101 proceeds to step S1711.

On the other hand, when the room-specific qualified person deletion request is received (step S1709: Yes), the management device 101 deletes the room-specific qualified person information specified from the received room-specific qualified person deletion request from the room-specific qualified person DB 250. (Step S1710). Then, the management device 101 determines whether or not the display of the qualified person setting screen S2 for each room has been completed (step S1711).

Here, if the display of the room-specific qualified person setting screen S2 is not completed (step S1711: No), the management device 101 returns to step S1704. On the other hand, when the display of the qualified person setting screen S2 for each room is completed (step S1711: Yes), the management device 101 ends a series of processes according to this flowchart.

As a result, for each room RM to be managed, the room-specific qualified person setting screen S2 (see, for example, FIG. 13) that can manually register / delete users who have the authority to enter / exit the room RM is displayed on the room entry / exit management terminal 201. Can be displayed on. Further, the room-specific qualified person newly registered on the room-specific qualified person setting screen S2 and the room-specific qualified person deleted on the room-specific qualified person setting screen S2 can be reflected in the room-specific qualified person DB 250.

Next, the automatic qualification distribution processing procedure of the management device 101 will be described. The automatic qualification distribution processing procedure is a batch processing that is executed periodically, for example, on a daily basis.

18 and 19 are flowcharts showing an example of the automatic qualification distribution processing procedure of the management device 101. In the flowchart of FIG. 18, first, the management device 101 deletes the room-specific qualified person information for which the automatic / manual flag “automatic” is set from the room-specific qualified person DB 250 (step S1801).

Next, the management device 101 refers to the room information DB 230 and selects an unselected room RM (step S1802). Then, the management device 101 acquires the room-specific distribution condition information of the selected room RM from the room-specific distribution condition DB 240 (step S1803).

Next, the management device 101 searches the user information DB 220 for user information satisfying the room-specific distribution conditions of the room RM based on the acquired room-specific distribution condition information of the room RM (step S1804). Then, the management device 101 generates room-specific qualified person information representing the room ID of the selected room RM and the user ID of the searched user information in association with each other (step S1805).

When the valid period is set in the searched room-specific distribution condition information, the management device 101 sets the valid period as the valid period of the generated room-specific qualified person information.

Next, the management device 101 sets the automatic / manual flag "automatic" in the generated room-specific qualified person information (step S1806). Then, the management device 101 stores the room-specific qualified person information for which the automatic / manual flag "automatic" is set in the room-specific qualified person DB 250 (step S1807), and proceeds to step S1901 shown in FIG.

If the user information satisfying the room-specific distribution condition is not searched in step S1804, the management device 101 may move to step S1901 shown in FIG.

In the flowchart of FIG. 19, first, the management device 101 refers to the authentication device information DB 260 and identifies the authentication control device GC corresponding to the selected room RM (step S1901). Then, the management device 101 searches the room-specific qualified person DB 250 for the room-specific qualified person information within the valid period corresponding to the selected room RM (step S1902).

Next, the management device 101 generates personal credential information for each authentication device CR connected to the specified authentication control device GC based on the searched room-specific qualification person information (step S1903). Then, the management device 101 transmits the generated personal qualification information to the specified authentication control device GC (step S1904).

Next, the management device 101 searches the room-specific qualified person DB 250 for the room-specific qualified person information corresponding to the selected room RM and outside the valid period (step S1905). Next, the management device 101 generates a personal qualification deletion request requesting deletion of the personal qualification information corresponding to the searched room-specific qualified person information (step S1906).

Then, the management device 101 transmits the generated personal qualification deletion request to the specified authentication control device GC (step S1907). Next, the management device 101 refers to the room information DB 230 and determines whether or not there is an unselected room RM that has not been selected (step S1908).

Here, if there is an unselected room RM (step S1908: Yes), the management device 101 shifts to step S1802 shown in FIG. On the other hand, when there is no unselected room RM (step S1908: No), the management device 101 ends a series of processes according to this flowchart.

As a result, users who satisfy the room-specific distribution settings set on the room-specific distribution setting screen S1 and users registered on the room-specific qualified person setting screen S2 are allowed to enter and leave the room RM. The management system 200 can be realized.

If the qualified person information for each room is not searched in step S1902, the management device 101 may move to step S1905. Further, if the qualified person information for each room is not searched in step S1905, the management device 101 may move to step S1908.

Next, the procedure for updating the personal qualification information of the authentication control device GC will be described.

FIG. 20 is a flowchart showing an example of the personal qualification information update processing procedure of the authentication control device GC. In the flowchart of FIG. 20, first, the authentication control device GC determines whether or not the personal qualification information has been received from the management device 101 (step S2001). Here, when the personal qualification information is received (step S2001: Yes), the authentication control device GC registers the received personal qualification information in its own device (step S2002), and ends a series of processes according to this flowchart.

On the other hand, if the personal qualification information has not been received in step S2001 (step S2001: No), the authentication control device GC determines whether or not the personal qualification deletion request has been received from the management device 101 (step S2003). Here, if the personal qualification deletion request has not been received (step S2003: No), the authentication control device GC returns to step S2001.

On the other hand, when the personal qualification deletion request is received (step S2003: Yes), the authentication control device GC deletes the personal qualification information specified from the personal qualification deletion request among the personal qualification information registered in the own device. (Step S2004), a series of processes according to this flowchart is completed.

As a result, the personal credential information used for authenticating the user who has the authority to enter and exit the room RM can be updated.

As described above, according to the management device 101 according to the embodiment, a plurality of personnel information of each user is associated with the user ID of each user and associated with the user ID of each user. The value of each attribute of the attribute can be converted into user information represented as the value of each optional item provided in advance. Then, according to the management device 101, the user information obtained by conversion can be stored in the user information DB 220.

Thereby, the standardized user information DB 220 can be defined, and the data format of the customer-specific personnel information can be converted into the data format of the user information DB 220. Therefore, it is possible to convert the customer's personnel information into data that can be used by the entry / exit management system 200 without constructing a customer-specific data conversion system.

Further, according to the management device 101, a predetermined number N of arbitrary items can be selected from a plurality of arbitrary items as the room-specific distribution conditions for each room RM to be managed, and each selected optional item. It is possible to control the display of the room-specific distribution setting screen S1 in which the value of can be set. The room-specific distribution condition is a condition for selecting users who have the authority to enter and exit the room RM.

As a result, various conditions can be easily set as the distribution conditions for each room by combining a plurality of arbitrary items. In other words, it is possible to easily set various conditions for selecting users who have the authority to enter and exit the room RM by combining the attributes included in the personnel information, and it is possible to improve the convenience at the time of setting the conditions.

Further, according to the management device 101, among the users represented by the user information stored in the user information DB 220, each optional item selected for the room RM is set on the room-specific distribution setting screen S1. It is possible to generate room-specific qualified person information indicating a user who satisfies the room-specific distribution condition specified from the value of each arbitrary item.

As a result, it is possible to automatically generate qualified person information for each room indicating users who satisfy the conditions for selecting users who have the authority to enter and exit the room RM.

Further, according to the management device 101, the generated room-specific qualified person information can be transmitted to the authentication control device GC that authenticates the user who has the authority to enter and exit the room RM. As a result, it is possible to realize an entry / exit management system 200 that allows users who satisfy the room-specific distribution setting screen S1 to enter / exit the room RM.

Further, according to the management device 101, it is possible to control the display of the room-specific qualified person setting screen S2 in which a user who has the authority to enter and exit the room RM can be registered for each room RM to be managed. As a result, it is possible to manually register qualified persons for each room corresponding to exceptional operations such as temporarily permitting entry and exit to the room RM for visitors.

Further, according to the management device 101, the room-specific qualified person information indicating the registered user on the room-specific qualified person setting screen S2 is transmitted to the authentication control device GC that authenticates the user who has the authority to enter and exit the room RM. can do. As a result, it is possible to realize an entry / exit management system 200 that allows a user registered on the room-specific qualified person setting screen S2 to enter / exit the room RM.

Further, according to the management device 101, the room-specific qualified person information generated based on the room-based distribution setting set on the room-specific distribution setting screen S1 and the use registered on the room-specific qualified person setting screen S2. It can be stored in the room-specific qualified person DB 250 so that it can be discriminated from the room-specific qualified person information indicating the person.

As a result, when updating the room-specific qualification information generated based on the room-specific distribution conditions, among the room-specific qualification information in the room-specific qualification DB250, the room-specific qualification setting screen S2 is registered. Qualified person information for each room indicating the user can be excluded from the update target. Therefore, it is possible to prevent the manually registered room-specific qualified person from being accidentally deleted when the room-specific qualified person information is updated with the update of the user information DB 220.

Further, according to the management device 101, it is possible to control the display of the room-specific distribution setting screen S1 in which the valid period of the room-specific distribution condition can be set. Then, according to the management device 101, when the valid period of the room-specific distribution condition set on the room-specific distribution setting screen S1 has elapsed, the qualified person information indicating the user who satisfies the room-specific distribution condition is deleted. A request (individual qualification deletion request) can be sent to the authentication control device GC. As a result, it is possible to avoid a situation in which a user who satisfies the room-specific distribution condition is permitted to enter or leave the room RM even though the validity period of the room-specific distribution condition has elapsed.

Based on these facts, according to the entry / exit management system 200 according to the embodiment, by using a standardized database (user information DB 220), the introduction barrier associated with the conversion of personnel information whose data format differs for each customer is lowered. can do. Further, by making it possible to define the entry / exit authority for each room RM corresponding to the standardized database (user information DB 220), it is possible to enable efficient entry / exit management in a large-scale organization. In addition, even when the organization is changed, if the distribution conditions for each room related to the change of organization are changed, it will be reflected in the qualified person information for each room, so the workload required for updating the information at the time of organizational change will be reduced. be able to.

The management method described in the present embodiment can be realized by executing a program prepared in advance on a computer such as a personal computer or a workstation. This management program is recorded on a computer-readable recording medium such as a hard disk, flexible disk, CD-ROM, MO (Magnet-Optical disk), DVD (Digital Versail Disc), USB (Universal Social Bus) memory, and is recorded on a computer. It is executed by reading from the recording medium by. In addition, this management program may be distributed via a network such as the Internet.

The following additional notes are further disclosed with respect to the above-described embodiment.

(Appendix 1) In association with the identification information of each user to be managed, the value of each attribute of the plurality of attributes associated with the identification information of each user is set to each of the user information having a plurality of items. Store in the storage unit in association with the item,
For each facility to be managed, a predetermined number of items to be used as a condition for selecting a user who has the authority to enter and exit the facility from the plurality of items are stored in the condition item storage unit.
For each facility, control is performed to display an operation screen in which the value of each item stored in the condition item storage unit can be set.
Among the users represented by the user information stored in the storage unit, on the operation screen, each item stored in the condition item storage unit and the set value of each item are conditional on the facility. Store in storage
Generates qualified person information indicating a user who satisfies the condition specified from each item and value stored in the condition storage unit.
A management program characterized by having a computer perform processing.

(Appendix 2) The management according to Appendix 1, wherein the generated qualified person information is transmitted to an authentication control device that authenticates a user who has the authority to enter and exit the facility, and a process is executed by the computer. program.

(Appendix 3) For each facility, control is performed to display a second operation screen on which a user who has the authority to enter and exit the facility can be registered.
The generated qualified person information is stored in the second storage unit, and the qualified person information indicating the user registered on the second operation screen can be discriminated from the generated qualified person information. Let the computer execute the processing stored in the unit,
The process of transmitting is
The management program according to Appendix 2, wherein the qualified person information stored in the second storage unit is transmitted to the authentication control device.

(Appendix 4) On the operation screen, the validity period of the above conditions can be set.
On the computer
When the valid period of the condition set on the operation screen has elapsed, a request for deleting the qualified person information indicating the user who satisfies the condition is transmitted to the authentication control device, and a process is executed. The management program described in 2 or 3.

(Appendix 5) When the qualified person information indicating the user satisfying the above conditions is newly generated as a result of updating the stored contents of the storage unit, the first item is based on the newly generated qualified person information. Among the qualified person information stored in the storage unit of 2, the qualified person information other than the qualified person information indicating the user registered in the second operation screen is updated, and the computer is made to execute the process. The management program described in Appendix 3.

(Appendix 6) In association with the identification information of each user to be managed, the value of each attribute of the plurality of attributes associated with the identification information of each user is set to each of the user information having a plurality of items. Store in the storage unit in association with the item,
For each facility to be managed, a predetermined number of items to be used as a condition for selecting a user who has the authority to enter and exit the facility from the plurality of items are stored in the condition item storage unit.
For each facility, control is performed to display an operation screen in which the value of each item stored in the condition item storage unit can be set.
Among the users represented by the user information stored in the storage unit, on the operation screen, each item stored in the condition item storage unit and the set value of each item are conditional on the facility. Store in storage
Generates qualified person information indicating a user who satisfies the condition specified from each item and value stored in the condition storage unit.
A management method characterized by a computer performing processing.

(Appendix 7) An authentication control device that authenticates users who have the authority to enter and exit managed facilities, and
Corresponds to the identification information of each user to be managed, and associates the value of each attribute of the plurality of attributes associated with the identification information of each user with each item of the user information having a plurality of items. A predetermined number of items to be used as a condition for selecting a user who has the authority to enter and exit the facility from the plurality of items are stored in the condition item storage unit for each facility to be managed. For each facility, control is performed to display an operation screen in which the value of each item stored in the condition item storage unit can be set, and among the users represented by the user information stored in the storage unit, the operation is performed. On the screen, for the facility, each item stored in the condition item storage unit and the set value of each item are stored in the condition storage unit, and each item and the value stored in the condition storage unit are used. A management device that generates qualified person information indicating a user who satisfies the conditions specified from the above and transmits the qualified person information to the authentication control device.
A management system characterized by including.

101 Management device 102 Personnel information 103 User information 110 Storage unit 111 Condition item storage unit 112 Condition storage unit 120 Operation screen 140 Qualified person information 200 Entrance / exit management system 201 Entrance / exit management terminal 202 Personnel system 210 Network 220 User information DB
230 Room information DB
240 Sorting condition DB by room
250 Qualified person DB by room
260 authentication device information DB
270 Personnel Information DB
1101 Acquisition unit 1102 Conversion unit 1103 Display control unit 1104 Generation unit 1105 Registration unit 1106 Output processing unit GC authentication control device CR authentication device EL electronic lock RM room S1 Room-specific distribution setting screen S2 Room-specific qualified person setting screen

Claims (6)

The first information representing the values of the plurality of attributes that characterize each user is acquired in association with the identification information of each user to be managed.
Each attribute of the plurality of attributes of the acquired first information of each user is assigned to any of the plurality of items provided in advance in the user information storage unit so that the allocation destination is different.
The first information of each user is associated with the identification information of each user, and the value of each attribute of the plurality of attributes is converted into the second information represented as the value of each item assigned to each attribute. And
The second information of each user obtained by conversion is stored in the user information storage unit, and the second information is stored in the user information storage unit.
As a condition for selecting users who have the authority to enter and exit the facility for each facility to be managed , a predetermined number of items can be selected from the plurality of items, and the value of each selected item is set. Control to display possible operation screens
Prior Symbol operation screen for the facility, and stores each item selected, and the values of the items set in the condition storage unit,
Among the users represented by the second information stored in the user information storage unit, a qualified person indicating a user who satisfies the conditions specified from each item and value stored in the condition storage unit for the facility. Generate information,
A management program characterized by having a computer perform processing. The management program according to claim 1, wherein the generated computer is made to execute a process of transmitting the generated qualified person information to an authentication control device that authenticates a user who has an authority to enter and exit the facility. For each facility, control is performed to display a second operation screen on which a user who has the authority to enter and exit the facility can be registered.
The generated qualified person information is stored in the second storage unit, and the qualified person information indicating the user registered on the second operation screen can be discriminated from the generated qualified person information. Let the computer execute the processing stored in the unit,
The process of transmitting is
The management program according to claim 2, wherein the qualified person information stored in the second storage unit is transmitted to the authentication control device. On the operation screen, the validity period of the conditions can be set.
On the computer
When the validity period of the condition set on the operation screen has elapsed, a request for deleting the qualified person information indicating a user who satisfies the condition is transmitted to the authentication control device, and a process is executed. The management program according to item 2 or 3. The first information representing the values of the plurality of attributes that characterize each user is acquired in association with the identification information of each user to be managed.
Each attribute of the plurality of attributes of the acquired first information of each user is assigned to any of the plurality of items provided in advance in the user information storage unit so that the allocation destination is different.
The first information of each user is associated with the identification information of each user, and the value of each attribute of the plurality of attributes is converted into the second information represented as the value of each item assigned to each attribute. And
The second information of each user obtained by conversion is stored in the user information storage unit, and the second information is stored in the user information storage unit.
As a condition for selecting users who have the authority to enter and exit the facility for each facility to be managed , a predetermined number of items can be selected from the plurality of items, and the value of each selected item is set. Control to display possible operation screens
Prior Symbol operation screen for the facility, and stores each item selected, and the values of the items set in the condition storage unit,
Among the users represented by the second information stored in the user information storage unit, a qualified person indicating a user who satisfies the conditions specified from each item and value stored in the condition storage unit for the facility. Generate information,
A management method characterized by a computer performing processing. An authentication control device that authenticates users who have the authority to enter and exit managed facilities,
In association with the identification information of each user to be managed, the first information representing the values of the plurality of attributes that characterize each user is acquired, and the acquired first information of each user of the plurality of attributes Each attribute is assigned to any of a plurality of items provided in advance in the user information storage unit so that the allocation destination is different, and the first information of each user is used as the identification information of each user. In association with each other, the value of each attribute of the plurality of attributes is converted into the second information represented as the value of each item assigned to each attribute, and the second information of each user obtained by the conversion is described. A predetermined number of items can be selected from the plurality of items as a condition for selecting a user who has the authority to enter and exit the facility for each facility stored in the user information storage unit and to be managed. performs control to display the selected operation screen capable of setting a value of each item was, before Symbol operation screen, the facilities, and each item selected, the condition storage unit and the value of each item set Among the users represented by the second information stored in the user information storage unit, the users who satisfy the conditions specified from each item and the value stored in the condition storage unit for the facility. A management device that generates qualified person information indicating the above and transmits the qualified person information to the authentication control device.
A management system characterized by including.

Images