JP7400943B2 - Authentication system, authentication device, authentication method, and authentication program - Google Patents

Description

The present disclosure relates to an authentication system, a central management device, an authentication device, an authentication method, an authentication program, and a data structure.

Patent Document 1 discloses an example of an authentication system. The authentication system includes a reading device and a central management device. The reading device reads the user's identification information. The reading device notifies the central management device of the read identification information. The central management device determines whether the user can be authenticated based on the identification information. The central management device notifies the reading device of the determination result.

Japanese Patent Publication No. 6-185249

However, in the authentication system of Patent Document 1, communication between the reading device and the central management device is performed every time authentication is performed. Therefore, user authentication speed is susceptible to communication delays between the reading device and the central management device.

The present disclosure relates to solving such problems. The present disclosure provides an authentication system, a central management device, an authentication device, an authentication method, an authentication program, and a data structure in which user authentication speed is less susceptible to communication delays.

An authentication system according to the present disclosure includes a central management device and a plurality of authentication devices each reading identification information of a plurality of users, and the central management device is configured to identify one of the plurality of users for each of the plurality of authentication devices. a user information storage unit that stores identification information of an authenticable user for the authentication device; and a filter generation unit that generates a Bloom filter based on the identification information of the authenticable user for each of the plurality of authentication devices. , in response to an inquiry from each of the plurality of authentication devices as to whether the user who has read the identification information is an authenticable user, and delivers the Bloom filter generated by the filter generation unit for each of the plurality of authentication devices to the authentication device. and a communication unit, each of the plurality of authentication devices having a filter storage unit that stores a Bloom filter distributed from the communication unit, and a filter storage unit that stores the distributed Bloom filter, and then the identification information is read. An authentication system comprising: an authentication processing unit that refuses authentication of the user without inquiring a central management device when the user is determined to be an unauthenticated user based on the bloom filter; , the filter storage unit stores the Bloom filter including the validity period, and the authentication processing unit generates the Bloom filter when the current time is not included in the validity period of the Bloom filter. The determination of whether the user is an unauthenticated user based on the Bloom filter is omitted .

An authentication device according to the present disclosure includes a reading unit that reads identification information of each of a plurality of users, and a central management device that registers identification information of an authenticable user among the plurality of users. A filter storage unit stores a Bloom filter generated based on the Bloom filter, and a user whose identification information is read by a reading unit after the filter storage unit stores the distributed Bloom filter is a user who cannot be authenticated based on the Bloom filter. an authentication processing unit that rejects the authentication of the user without inquiring the central management device when it is determined that the user is not authenticated, the filter storage unit stores the bloom filter including the validity period, and the authentication processing unit includes: When the current time is not included in the validity period of the Bloom filter, the determination of whether the user is an unauthenticated user based on the Bloom filter is omitted .

The authentication method according to the present disclosure includes a filter in which a computer stores a Bloom filter generated based on identification information of an authenticable user distributed from a central management device that registers identification information of an authenticable user among a plurality of users. After the storage step and the filter storage step, a reading step of reading the identification information of one of the plurality of users, and the user whose identification information is read in the reading step is stored in the Bloom filter stored in the filter storage step. This is an authentication method that executes an authentication processing step of denying authentication of the user without inquiring the central management device when the user is determined to be an unauthenticated user based on the following information.The Bloom filter is effective in the filter storage step. In the authentication processing step, when the current time is not included in the validity period of the Bloom filter, the determination of whether the user is an unauthenticated user based on the Bloom filter is omitted.

The authentication program according to the present disclosure includes a filter storage step of storing a Bloom filter generated based on identification information of an authenticable user distributed from a central management device that registers identification information of an authenticable user among a plurality of users. , after the filter storage step, a reading step of reading identification information of one of the plurality of users; and a user whose identification information is read in the reading step is authenticated based on the Bloom filter stored in the filter storage step. When it is determined that the user is an unauthorized user, the authentication device executes an authentication processing step of denying the user's authentication without inquiring the central management device, and in the filter storage step, the bloom filter including the validity period is stored. The method is stored in the authentication device, and in the authentication processing step, when the current time is not included in the validity period of the Bloom filter, the authentication device is made to omit the determination of whether the user is an unauthenticated user based on the Bloom filter .

With the authentication system, central management device, authentication device, authentication method, authentication program, or data structure according to the present disclosure, user authentication speed is less susceptible to communication delays.

1 is a configuration diagram of an authentication system according to Embodiment 1. FIG. FIG. 3 is a diagram showing an example of registered data in the authentication system according to the first embodiment. FIG. 3 is a diagram illustrating an example of generation of a Bloom filter according to the first embodiment. FIG. 3 is a diagram illustrating an example of authentication processing using a Bloom filter according to the first embodiment. FIG. 2 is a sequence diagram illustrating an example of user authentication in the authentication system according to the first embodiment. FIG. 2 is a sequence diagram illustrating an example of user authentication in the authentication system according to the first embodiment. 3 is a flowchart illustrating an example of the operation of the authentication system according to the first embodiment. 3 is a flowchart illustrating an example of the operation of the authentication system according to the first embodiment. 1 is a hardware configuration diagram of main parts of an authentication system according to Embodiment 1. FIG.

Modes for carrying out the present disclosure will be described with reference to the accompanying drawings. In each figure, the same or corresponding parts are given the same reference numerals, and overlapping explanations are simplified or omitted as appropriate.

Embodiment 1.
FIG. 1 is a configuration diagram of an authentication system according to Embodiment 1.

Authentication system 1 is a system that authenticates users. In this example, the authentication system 1 is applied to a traffic management system. A traffic management system is a system that manages user traffic in a managed area. The user of the authentication system 1 is, for example, a person passing through an area managed by the traffic management system. The authentication system 1 includes a plurality of user terminals 2, a plurality of controlled devices 3, a plurality of authentication devices 4, a central management device 5, and a management terminal 6.

Each user terminal 2 is a terminal device owned by a user. The user terminal 2 holds the identification information of the user that it has. The user terminal 2 may be, for example, a portable general-purpose information terminal such as a smartphone. The user terminal 2 may be owned by the user. The user terminal 2 may be a device distributed to the user by the administrator of the authentication system 1, such as a wireless tag or an authentication card.

Each controlled device 3 is a device that operates when a user is authenticated, for example. In this example, the controlled device 3 is a gate or door that controls passage of a route in a managed area. A gate, which is an example of the controlled device 3, is normally closed. When a user is authenticated, the gate opens to allow the user to pass through the route.

Each authentication device 4 corresponds to one of the controlled devices 3. The authentication device 4 is a device that authenticates a user who uses the corresponding controlled device 3. The authentication device 4 is provided adjacent to the corresponding controlled device 3, for example. The authentication device 4 may be provided in the corresponding controlled device 3 itself. The operation of each authentication device 4 is executed based on, for example, an installed authentication program. Each authentication device 4 includes a reading section 7 , a first communication section 8 , an authentication processing section 9 , a filter storage section 10 , and a cache storage section 11 .

The reading unit 7 is a part that reads user identification information. The identification information is, for example, an ID number (ID: IDentification) given to each user. The reading unit 7 is equipped with a communication function such as short-range wireless communication for reading identification information from the user terminal 2, for example. The reading unit 7 reads identification information from the user terminal 2 when the user holds the user terminal 2 over the user terminal 2, for example. Alternatively, the reading unit 7 may be equipped with a function of reading identification information from the user terminal 2 using a coded image such as a one-dimensional barcode or a two-dimensional code.

The first communication unit 8 is a part that performs communication with the central management device 5. The first communication unit 8 is connected to the central management device 5 through the network 12. Network 12 may be a wide area network such as the Internet, for example. Alternatively, the network 12 may be a local network such as a LAN (Local Area Network).

The authentication processing section 9 is a section that performs authentication processing of the user whose identification information is read by the reading section 7. The authentication process is a process of determining whether the user is an authenticable user or an authenticable user. In this example, a user who is not an authenticable user is a non-authenticable user. Identification information of authenticated users is registered in the central management device 5. The central management device 5 registers, for example, registration data of authenticated users. The registration data is, for example, data that includes identification information. The authentication processing unit 9 performs authentication processing as follows, for example, by making an inquiry to the central management device 5 or the like.

When the reading unit 7 reads the user's identification information, the authentication processing unit 9 inquires of the central management device 5 whether the user is registered as an authenticable user. At this time, the authentication processing section 9 transmits the user's identification information to the central management device 5 through the first communication section 8 . The central management device 5 responds to inquiries from the authentication device 4 based on registered contents. At this time, the authentication processing section 9 receives the response result through the first communication section 8. The authentication processing unit 9 determines whether the user whose identification information has been read is an authenticable user based on the received response result.

The filter storage unit 10 is a part that stores Bloom filters distributed from the central management device 5. A Bloom filter is a probabilistic data structure used to determine whether a given element is an element of a set. The Bloom filter stored in the filter storage unit 10 is used for authentication processing in the authentication processing unit 9. Here, the Bloom filter is used to determine whether given identification information is included in a set whose elements are identification information of authenticated users.

The cache storage unit 11 is a part that stores cache data distributed from the central management device 5. The cache data includes identification information of one or more authenticable users. The cache data stored in the cache storage unit 11 is used for authentication processing in the authentication processing unit 9. The cache data includes information on authenticated users, for example, as registration data.

The central management device 5 is a device that manages user authentication in each authentication device 4. The central management device 5 is, for example, a server computer. The central management device 5 may be configured by, for example, a single piece of hardware. Alternatively, the central management device 5 may be configured by a plurality of pieces of hardware. Part or all of the central management device 5 may be a virtual server configured by a cloud service or the like. The operations of the central management device 5 are executed based on, for example, installed programs. The central management device 5 includes a user information storage section 13 , a second communication section 14 , a learning section 15 , a filter generation section 16 , and a cache generation section 17 .

The user information storage unit 13 is a part that stores identification information of authenticated users for each authentication device 4. One or more authenticable users are registered for each authentication device 4. Authenticable users registered in each authentication device 4 may be different from each other. The user information storage unit 13 stores information on authenticated users as, for example, registered data.

The second communication unit 14 is a part that performs communication with each authentication device 4. The second communication unit 14 is connected to the first communication unit 8 of each authentication device 4 through the network 12. The second communication unit 14 receives identification information when there is an inquiry from each authentication device 4 . The second communication unit 14 transmits a response result when responding to an inquiry from each authentication device 4.

The learning unit 15 is a part that learns the authentication patterns of each user in the plurality of authentication devices 4. The authentication pattern of each user includes, for example, information on the frequency of authentication of the user in each authentication device 4 for each time period. Each user's authentication pattern includes, for example, information on the user's authentication order for each authentication device 4. The learning unit 15 learns an authentication pattern based on the authentication history of each authentication device 4, for example.

The filter generation unit 16 is a part that generates a Bloom filter to be distributed to each authentication device 4. The Bloom filter is generated, for example, based on information stored in the user information storage unit 13.

The cache generation unit 17 is a part that generates cache data to be distributed to each authentication device 4. The cache data is generated, for example, based on information stored in the user information storage unit 13. In this example, the cache data includes identification information of at least some authenticable users for the authentication device 4 being distributed. The cache generation unit 17 generates cache data as follows, for example.

The cache generation unit 17 may generate cache data based on the authentication pattern learned by the learning unit 15. For example, when the learning unit 15 learns the authentication frequency of each user in each authentication device 4 for each time period as an authentication pattern, the cache generation unit 17 stores the identification information of the authenticable user in such a manner that the higher the authentication frequency, the higher the authentication frequency. Generate cache data to include it with priority. At this time, the cache generation unit 17 generates cache data for each time period in the authentication pattern. For example, when the authentication system 1 is applied to a traffic management system for a building such as an office building, the time zone in the authentication pattern is a working time zone, a clocking out time zone, a lunch time zone, or the like. The cache data generated for any time period includes a large amount of identification information of authenticated users who are frequently authenticated during the time period. For example, the cache generation unit 17 generates cache data for the time slot before the start time of the time slot in the authentication pattern. Alternatively, the cache generation unit 17 may generate cache data at a preset period, for example.

For example, when the learning unit 15 has learned the authentication order of each user for each authentication device 4 as an authentication pattern, the cache generation unit 17 generates cache data based on the authentication order. Here, a case where the authentication system 1 is applied to a traffic management system for a building such as an office building will be described as an example. In this example, user A, not shown, works in an office on the fifth floor of a building. When the user A goes to work, the user A has the authentication device 4a provided at the entrance of the building authenticate himself/herself. Thereafter, user A authenticates himself with the authentication device 4b provided at the entrance of the office on the 5th floor. In this case, the learning unit 15 learns, as the user A's authentication pattern, an authentication order in which authentication processing is performed by the authentication device 4b after the authentication device 4a. After the authentication pattern has been learned in this way, when the central management device 5 receives an inquiry from the authentication device 4a as to whether the user A is an authenticated user, the cache generation unit 17 uses the authentication pattern based on the authentication order of the user A. Generate cache data. Since the authentication device 4b is the device that performs the authentication process after the authentication device 4a in the user A's authentication order, the cache generation unit 17 generates cache data for the authentication device 4b including user A's identification information. The cache data generated here is distributed to the authentication device 4b before the authentication process for user A is started in the authentication device 4b. Note that in the authentication order of the authentication pattern, another authentication device 4 that performs authentication processing may be included between the authentication device 4a and the authentication device 4b.

Note that the learning unit 15 may learn the authentication order as graph-structured data. A node in the graph structure represents each authentication device 4, for example. The graph structure may be, for example, an effective graph having edges weighted by the probability that authentication processing will be performed in the authentication device 4 of the node at the start point and then in the authentication device 4 of the node at the end point. The probability is learned based on the authentication history, for example.

In this way, the cache generation unit 17 generates cache data for the authentication device 4 regardless of whether or not there is an inquiry from the authentication device 4 to the central management device 5 .

The management terminal 6 is an information terminal that performs management operations for the authentication system 1. Management of the authentication device 4 includes, for example, registration of users who can be authenticated. The management terminal 6 is, for example, a personal computer, a tablet computer, or a smartphone. The management terminal 6 is connected to the central management device 5 through the network 12, for example. Alternatively, the management terminal 6 may be directly connected to the central management device 5.

Next, an example of registered data in the authentication system 1 will be explained using FIG. 2.
FIG. 2 is a diagram showing an example of registration data in the authentication system according to the first embodiment.
In FIG. 2, an example of registered data in JSON (JavaScript Object Notation) format is shown.

Registration of authenticated users is performed, for example, through the management terminal 6. When registering an authenticable user, registration data is transmitted from the management terminal 6 to the central management device 5. The registration data includes, for example, identification information, unique information, signature information, and registration contents. The registration data may also include other information.

The identification information is identification information of a user who is registered as an authenticable user. In this example, the identification information is included in the registration data as the value of the key "user_id". The unique information is information unique to the authentication device 4 that is the target of registering the user as an authenticable user. The unique information is, for example, an identification number of each authentication device 4 given in the authentication system 1. In this example, the unique information is included in the registration data as the value of the key "target". The signature information is, for example, an electronic signature of the management terminal 6 for indicating the validity of registered data. In this example, the signature information is included in the registration data as the value of the key "certification." The registered contents include, for example, permission matters and a permission period.

The permission items are items that are permitted to the registered user. For example, when the authentication device 4 corresponds to a gate as a control device provided on the route, the permission item is information as to whether or not passage on the route is permitted. The permission period is a period during which permission items are permitted for the registered user. The permission period is represented by, for example, a start time and an end time. In this example, the registration content is included in the registration data as an object with the value of the key "actions." The permission items related to the passage of the route are included in the registered content object as the value of the key "Pass". Here, "Allow", which is the value of the permission item related to passage of the route, indicates that authentication is possible. Note that the value of the permission item may be “Deny” or the like indicating that authentication is not possible. The start time of the permission period is included in the registered content object as the value of the key "start". The end time of the permission period is included in the registered content object as the value of the key "end".

When the registration data is transmitted from the management terminal 6, the user information storage unit 13 of the central management device 5 updates the stored information of the authenticable user based on the contents of the registration data. Furthermore, the filter generation unit 16 starts generating a Bloom filter based on the updated information on the authenticated user. For example, the filter generation unit 16 starts generating a Bloom filter every time a new authenticable user is registered. The generated Bloom filter is distributed to the authentication device 4 by the second communication unit 14.

Next, an example of a Bloom filter in the authentication system 1 will be described using FIGS. 3 and 4.
FIG. 3 is a diagram illustrating an example of generating a Bloom filter according to the first embodiment.
FIG. 4 is a diagram illustrating an example of authentication processing by the Bloom filter according to the first embodiment.

FIG. 3 shows an example of Bloom filter generation for the authentication device 4 in which user A, user B, and user C are registered as authenticable users.

In this example, the filter generator 16 includes a hash generator 18 . The hash generator 18 inputs the identification information and outputs a bit string using a hash function. The hash generator 18 outputs, for example, a bit string of m bits. In the output bit string, the value of any k bits is "1". In the output bit string, the values of other bits are "0". In FIG. 3, an example where m=10 and k=2 is shown.

The filter generation unit 16 inputs into the hash generator 18 the identification information of all users who are registered as authenticable users for the authentication device 4 that generates Bloom filters. In this example, identification information for User A, User B, and User C are each input to hash generator 18. In this example, the output for user A's identification information is a bit string in which the 0th bit and the 7th bit are “1”. The output for user B's identification information is a bit string in which the second and third bits are "1". The output for the identification information of user C is a bit string in which the third bit and the eighth bit are "1".

The filter generation unit 16 integrates all the bit strings output by the hash generator 18 into one bit string by performing an OR operation on each bit. The filter generation unit 16 uses the integrated bit string as a Bloom filter bit string. In this example, the first bit of the output bit strings of all users is "0", so the first bit of the Bloom filter is "0". Since the second bit in the bit string of user B's output is "1", the second bit of the Bloom filter is "1". Since the third bit in the output bit strings of users B and C is "1", the third bit of the Bloom filter is "1".

The Bloom filter generated in this manner is distributed by the second communication unit 14 to the corresponding authentication device 4. The Bloom filter distributed to the authentication device 4 is stored in the filter storage unit 10 of the authentication device 4.

Here, if a permission period is set in the registration of the authenticable user, the filter generation unit 16 sets the validity period of the Bloom filter. In this example, the validity period of the Bloom filter includes one or both of the start time and end time. The validity period of the Bloom filter is set based on the permission period of the registered authenticated user.

When the validity period is set for the Bloom filter, the second communication unit 14 distributes the Bloom filter including the validity period to the authentication device 4. The Bloom filter delivered to the authentication device 4 is stored in the filter storage unit 10 of the authentication device 4 along with its validity period.

In FIG. 4, an example of authentication processing using a Bloom filter for user D or user E, who is an unauthenticated user, is shown.

In this example, the authentication processing section 9 includes a hash generator 18 . The hash generator 18 of the authentication processing section 9 is configured similarly to the hash generator 18 of the filter generation section 16. That is, for the same identification information, the hash generator 18 of the authentication processing section 9 and the hash generator 18 of the filter generation section 16 output the same bit string.

The authentication processing unit 9 inputs the identification information of the user who performs the authentication process to the hash generator 18 . That is, when the authentication process for user D is performed, the identification information of user D is input to the hash generator 18. Alternatively, when authentication processing for user E is performed, user E's identification information is input to the hash generator 18. In this example, the output for user D's identification information is a bit string in which the third and fifth bits are "1". The output for the identification information of user E is a bit string in which the seventh bit and the eighth bit are "1".

The authentication processing unit 9 compares the bit string output by the hash generator 18 and the bit string of the Bloom filter. The authentication processing unit 9 determines whether there is a bit whose value is "0" in the Bloom filter bit string among the bits whose value is "1" in the output bit string. If there is a bit whose value is "0", the authentication processing unit 9 determines that the user is a user who cannot be authenticated. Since a bit whose value is "1" in the output of the identification information of any authenticable user is also "1" in the bit string of the Bloom filter, the authenticable user is not determined to be an unauthenticable user. That is, in the authentication process using the Bloom filter, a false positive error in which it is determined that the identification information of the authenticable user is not included in the set whose elements are the identification information of the authenticable user does not occur.

For example, when authentication processing for user D is performed, the authentication processing unit 9 determines whether there is a bit among the third bit and the fifth bit whose value is "0" in the bit string of the Bloom filter. Since the fifth bit is 0, the authentication processing unit 9 determines that the user D is an unauthenticated user.

On the other hand, when the authentication process for user E is performed, the authentication processing unit 9 determines whether there is a bit among the seventh bit and the eighth bit whose value is "0" in the bit string of the Bloom filter. Here, since both the seventh bit and the eighth bit are "1", the authentication processing unit 9 cannot determine that the user E is an unauthenticated user.

Here, the seventh bit of the bit string output for user E coincidentally coincides with the seventh bit of the bit string output for user A. Further, the 8th bit of the bit string output for user E coincidentally coincides with the 8th bit of the bit string output for user C. In this way, depending on the combination of authenticated users, the bit string output from the identification information of the unauthenticated user may coincidentally match the bit string of the Bloom filter, which is a probabilistic data structure. That is, in the authentication process using the Bloom filter, a false positive error may occur in which it is determined that the identification information of the unauthenticated user is included in the set of elements of the identification information of the authenticated user. For this reason, the authentication processing unit 9 performs authentication processing using cache data or authentication processing using an inquiry to the central management device 5, etc., after the authentication processing using the Bloom filter.

Next, an example of user authentication in the authentication system 1 will be described using FIGS. 5 and 6.
5 and 6 are sequence diagrams showing an example of user authentication in the authentication system according to the first embodiment.

In FIG. 5, an example of the entire sequence of user authentication in the authentication system 1 is shown.

The filter generation unit 16 of the central management device 5 generates a Bloom filter for each authentication device 4. The second communication unit 14 distributes the Bloom filter to the first communication unit 8 of each authentication device 4 . In each authentication device 4, the filter storage unit 10 stores the distributed Bloom filter.

The cache generation unit 17 of the central management device 5 generates cache data for each authentication device 4. The second communication unit 14 distributes the cache data to the first communication unit 8 of each authentication device 4 . In each authentication device 4, the cache storage unit 11 stores the distributed cache data.

Thereafter, the reading unit 7 of one of the authentication devices 4 reads the user's identification information from the user terminal 2. The authentication processing unit 9 uses the Bloom filter and cache data distributed from the central management device 5 to perform authentication processing on the user whose identification information has been read.

The authentication processing unit 9 approves the user's authentication when determining that the user is an authenticable user in the authentication process. At this time, the authentication processing unit 9 outputs a signal indicating approval to the corresponding controlled device 3. The controlled device 3 operates based on the input signal. For example, when the controlled device 3 is a gate, the gate to which a signal indicating approval is input is opened. Further, the authentication processing unit 9 notifies the user terminal 2 of an authentication response signal indicating approval.

On the other hand, when the authentication processing unit 9 determines that the user is an unauthenticated user in the authentication process, it denies the user's authentication. At this time, the authentication processing unit 9 outputs a signal indicating denial to the corresponding controlled device 3. The controlled device 3 operates based on the input signal. For example, when the controlled device 3 is a gate, the gate to which a signal indicating denial is input maintains a closed state. Further, the authentication processing unit 9 notifies the user terminal 2 of an authentication response signal indicating denial.

Thereafter, the authentication processing unit 9 transmits the authentication history to the central management device 5 through the first communication unit 8. The authentication history includes, for example, unique information of the authentication device 4, the time when the authentication process was performed, identification information of the user who performed the authentication process, and a determination result in the authentication process. Note that the authentication history does not have to be sent immediately after the authentication process is performed. For example, when communication between the authentication device 4 and the central management device 5 is congested, the authentication processing unit 9 may suspend transmission of the authentication history until the congestion is resolved. Further, the authentication processing unit 9 may send a plurality of authentication histories together to the central management device 5.

Thereafter, the learning unit 15 of the central management device 5 acquires the authentication history through the second communication unit 14. The learning unit 15 learns an authentication pattern based on the acquired authentication history.

When the registration data is transmitted from the management terminal 6, the user information storage unit 13 of the central management device 5 updates the information of the authenticable user based on the contents of the registration data. The filter generation unit 16 generates a Bloom filter for each authentication device 4 based on the updated information on the authenticated users. The Bloom filter generated for each authentication device 4 is distributed to the authentication device 4 by the second communication unit 14.

Thereafter, the reading unit 7 of one of the authentication devices 4 reads the user's identification information from the user terminal 2. The authentication processing unit 9 uses a bloom filter newly distributed from the central management device 5 to perform authentication processing on the user whose identification information has been read.

In FIG. 6, an example of a detailed sequence of user authentication processing in the authentication processing unit 9 is shown.

The reading unit 7 reads user identification information from the user terminal 2. At this time, the authentication processing unit 9 starts authentication processing.

The authentication processing unit 9 performs authentication processing using a Bloom filter. The authentication processing unit 9 determines whether the identification information read by the reading unit 7 is included in a set whose elements are identification information of authenticated users based on a Bloom filter. Note that the authentication processing unit 9 may omit the authentication process using the Bloom filter when the current time is not included in the validity period of the Bloom filter.

When determining that the user is not included in the set of authenticated users, false negative errors do not occur in the authentication processing using the Bloom filter, so the authentication processing unit 9 classifies the user whose identification information is read by the reading unit 7 as an unauthenticated user. Therefore, the authentication is denied. At this time, the authentication processing unit 9 does not make an inquiry to the central management device 5.

On the other hand, when it is determined that the user is included in the set of authenticated users, a false positive error may occur in the authentication processing using the Bloom filter, so the authentication processing unit 9 performs authentication using cache data. The authentication processing unit 9 determines whether the identification information read by the reading unit 7 is included in the cache data stored in the cache storage unit 11.

When the identification information is included in the cache data, the authentication processing unit 9 performs authentication processing based on the cache data. At this time, the authentication processing unit 9 does not make an inquiry to the central management device 5. For example, when the cache data includes identification information as identification information of an authenticable user, the authentication processing unit 9 approves the authentication of the user whose identification information is read by the reading unit 7. Note that the cache data may include identification information of a user who cannot be authenticated. When the cache data includes identification information as identification information of a user who cannot be authenticated, the authentication processing unit 9 denies authentication of the user whose identification information is read by the reading unit 7.

On the other hand, when the identification information is not included in the cache data, the authentication processing unit 9 performs authentication processing by making an inquiry to the central management device 5. The authentication processing unit 9 transmits the read identification information to the central management device 5 through the first communication unit 8.

The second communication unit 14 of the central management device 5 receives identification information from the authentication device 4. The central management device 5 refers to the information of the user identified by the identification information from the user information storage unit 13. The second communication unit 14 responds to the inquiry by returning the referenced information to the authentication device 4, for example, as registration data.

The authentication processing section 9 of the authentication device 4 acquires the registration data returned from the central management device 5 through the first communication section 8 . The authentication processing unit 9 performs authentication processing based on the acquired registration data. At this time, the authentication device 4 may store the registration data in the cache storage section 11. The cache storage unit 11 may store the registered data together with the distributed cache data. Alternatively, the cache storage unit 11 may store the registered data separately from the distributed cache data. For example, when the registration data indicates that authentication is possible, the authentication processing section 9 approves the authentication of the user whose identification information is read by the reading section 7. On the other hand, when the registration data indicates that authentication is not possible, the authentication processing unit 9 denies authentication of the user whose identification information is read by the reading unit 7.

Next, an example of the operation of the authentication system 1 will be described using FIGS. 7 and 8.
7 and 8 are flowcharts illustrating an example of the operation of the authentication system according to the first embodiment.

In FIG. 7, an example of the operation of the central management device 5 related to user registration is shown.

In step S11, the central management device 5 determines whether user registration has been accepted from the management terminal 6. If the determination result is Yes, the operation of the authentication system 1 related to user registration proceeds to step S12. On the other hand, if the determination result is No, the operation of the central management device 5 related to user registration ends.

In step S12, the filter generation unit 16 generates a Bloom filter. Thereafter, the operation of the central management device 5 related to user registration proceeds to step S13.

In step S13, the second communication unit 14 distributes the Bloom filter to the authentication device 4. Thereafter, the operation of the central management device 5 related to user registration ends.

In FIG. 8, an example of the operation of the authentication device 4 related to user authentication processing is shown.

In step S21, the authentication device 4 determines whether the reading unit 7 has read the user's identification information. If the determination result is Yes, the operation of the authentication device 4 related to user authentication processing proceeds to step S22. On the other hand, if the determination result is No, the operation of the authentication device 4 related to the user authentication process ends.

In step S22, the authentication processing unit 9 determines whether the user whose identification information has been read is a user who cannot be authenticated, based on the Bloom filter stored in the filter storage unit 10. If the determination result is Yes, the operation of the authentication device 4 related to user authentication processing proceeds to step S23. On the other hand, if the determination result is No, the operation of the authentication device 4 related to the user authentication process proceeds to step S24.

In step S23, the authentication processing unit 9 denies authentication of the user whose identification information has been read. After that, the operation of the authentication device 4 related to the user authentication process ends.

In step S24, the authentication processing unit 9 determines whether the read identification information is included in the cache data stored in the cache storage unit 11. If the determination result is Yes, the operation of the authentication device 4 related to user authentication processing proceeds to step S25. On the other hand, if the determination result is No, the operation of the authentication device 4 related to the user authentication process proceeds to step S26.

In step S25, the authentication processing unit 9 determines whether the user whose identification information has been read is an authenticable user based on the cache data stored in the cache storage unit 11. If the determination result is No, the operation of the authentication device 4 related to user authentication processing proceeds to step S23. On the other hand, if the determination result is Yes, the operation of the authentication device 4 related to the user authentication process proceeds to step S28.

In step S26, the authentication processing unit 9 inquires of the central management device 5 through the first communication unit 8 whether the user whose identification information has been read is an authenticable user. Thereafter, the operation of the authentication device 4 related to user authentication processing proceeds to step S27.

In step S27, the authentication processing unit 9 determines whether the user whose identification information has been read is an authenticable user based on the response from the central management device 5. If the determination result is No, the operation of the authentication device 4 related to user authentication processing proceeds to step S23. On the other hand, if the determination result is Yes, the operation of the authentication device 4 related to the user authentication process proceeds to step S28.

In step S28, the authentication processing unit 9 approves the authentication of the user whose identification information has been read. After that, the operation of the authentication device 4 related to the user authentication process ends.

As described above, the authentication system 1 according to the first embodiment includes the central management device 5 and the authentication device 4. The central management device 5 includes a user information storage section 13 and a second communication section 14. The user information storage unit 13 stores identification information of authenticated users among the plurality of users. The second communication unit 14 responds to an inquiry from each authentication device 4 as to whether the user whose identification information has been read is an authenticable user. The second communication unit 14 distributes data generated for each authentication device 4 based on the information registered in the user information storage unit 13 to the authentication device 4 concerned. Each authentication device 4 stores data distributed from the central management device 5. Each authentication device 4 includes a reading section 7 and an authentication processing section 9. The reading unit 7 reads each user's identification information. The authentication processing section 9 performs authentication processing on the identification information read by the reading section 7 after the data is distributed from the central management device 5, before inquiring the central management device 5 based on the data.

In the authentication system 1, authentication processing based on data stored in each authentication device 4 is performed before making an inquiry to the central management device 5. When determining whether or not a user can be authenticated in such authentication processing, communication between the authentication device 4 and the central management device 5 is omitted. Since communication for inquiries is less required in user authentication processing, user authentication speed is less susceptible to communication delays.

The central management device 5 also includes a filter generation section 16 . The filter generation unit 16 generates a Bloom filter for each authentication device 4 based on the identification information of the authenticable user. The second communication unit 14 distributes the Bloom filter generated by the filter generation unit 16 for each authentication device 4 to the authentication device 4 concerned. Each authentication device 4 includes a filter storage section 10. The filter storage unit 10 stores Bloom filters distributed from the second communication unit 14 of the central management device 5. In each authentication device 4, the authentication processing unit 9 determines whether the user whose identification information is read after the distributed Bloom filter is stored in the filter storage unit 10 is a user who cannot be authenticated based on the Bloom filter concerned. . When determining that the user is an unauthenticated user, the authentication processing unit 9 rejects the authentication of the user without inquiring the central management device 5.
Further, the authentication method according to the first embodiment includes a filter storage step, a reading step, and an authentication processing step. The filter storage step is a step of storing the Bloom filter distributed from the central management device 5. The reading step is a step of reading identification information of one of the plurality of users after the filter storage step. The authentication processing step is a step in which, when it is determined that the user whose identification information is read in the reading step is a user who cannot be authenticated, the authentication of the user is refused without inquiring the central management device 5. The determination at this time is made based on the Bloom filter stored in the filter storage step.
Further, the authentication program according to the first embodiment causes the authentication device 4 to execute a filter storage step, a reading step, and an authentication processing step.
Further, the data structure according to the first embodiment includes a Bloom filter generated by the central management device 5. The Bloom filter is generated for the authentication device 4 based on the identification information of the user who can be authenticated among the plurality of users. This data structure is used for authentication processing by the authentication device 4. In this authentication process, when the user whose identification information is read by the authentication device 4 is determined to be an unauthenticated user based on the Bloom filter, the authentication of the user is rejected without inquiring the central management device 5. This is the process of

In the authentication system 1, determination processing using a Bloom filter is performed in each authentication device 4 before making an inquiry to the central management device 5. Since a false negative error does not occur in the determination process using the Bloom filter, authentication by an unauthenticated user can be immediately denied. At this time, since no inquiry to the central management device 5 is required, the user authentication speed is less susceptible to communication delays. Further, since the authentication device 4 only needs to store a Bloom filter, it is not necessary to store information on all authenticated users. Therefore, the authentication device 4 can be configured with simple hardware. Further, since the number of inquiries for confirming that an unauthenticated user is an unauthenticated user is reduced, communication capacity is prevented from being wasted due to such inquiries. Note that some or all of the plurality of authentication devices 4 do not need to include the cache storage section 11. At this time, in the authentication device 4, the authentication processing unit 9 does not need to perform authentication processing using cache data. Further, the central management device 5 does not need to include the cache generation unit 17.

The central management device 5 also includes a cache generation section 17 . The cache generation unit 17 generates cache data including identification information of at least some authenticable users for each authentication device 4 . The second communication unit 14 distributes the cache data generated by the cache generation unit 17 for each authentication device 4 to the corresponding authentication device 4. The cache data distributed to each authentication device 4 is distributed regardless of whether there is an inquiry from the authentication device 4. Each authentication device 4 includes a cache storage section 11 . The cache storage unit 11 stores cache data distributed from the second communication unit 14. In each authentication device 4, the authentication processing unit 9 determines whether the cache data includes identification information read after the cache data is stored in the cache storage unit 11. When the cache data includes the identification information, the authentication processing unit 9 determines whether or not the user whose identification information has been read can be authenticated based on the cache data without inquiring the central management device 5. If the cache data does not include the user's identification information, the authentication processing unit 9 determines whether the user is an authenticable user by inquiring the central management device 5.
Further, the authentication method according to the first embodiment includes a cache storage step, a reading step, and an authentication processing step. The cache storage step is a step in which the central management device 5 stores cache data to be distributed to the authentication device 4 regardless of whether or not it has received an inquiry from the authentication device 4. The reading step is a step in which the authentication device 4 reads the identification information of one of the plurality of users after the cache storage step. In the authentication processing step, it is determined whether the cache data stored in the cache storage step includes the identification information read in the reading step. In the authentication processing step, when the cache data includes the identification information, the determination of whether or not the user whose identification information has been read can be authenticated is performed based on the cache data without inquiring the central management device 5. In the authentication processing step, if the cache data does not include the identification information of the user, it is determined by inquiring the central management device 5 whether the user is an authenticable user.
Further, the authentication program according to the first embodiment causes the authentication device 4 to execute a cache storage step, a reading step, and an authentication processing step.

In the authentication system 1, each authentication device 4 performs determination processing using cache data before making an inquiry to the central management device 5. The cache data distributed to the authentication device 4 is generated in the central management device 5 regardless of whether there is an inquiry from the authentication device 4. When the cache data distributed in advance includes the identification information read by the authentication device 4, the authentication device 4 does not need to make an inquiry to the central management device 5, so that the user authentication speed is not affected by the communication delay. It becomes difficult to receive. Note that some or all of the plurality of authentication devices 4 do not need to include the filter storage section 10. At this time, in the authentication device 4, the authentication processing unit 9 does not need to perform authentication processing using a Bloom filter. Further, the central management device 5 does not need to include the filter generation section 16.

Furthermore, some or all of the plurality of authentication devices 4 may include both the filter storage section 10 and the cache storage section 11. At this time, in the authentication device 4, the authentication processing unit 9 may perform both authentication processing using a Bloom filter and authentication processing using cache data. Further, the central management device 5 may include both the filter generation section 16 and the cache generation section 17.

The authentication processing unit 9 also determines whether the cache data stored in the cache storage unit 11 includes identification information of a user who is not determined to be an unauthenticated user in the determination based on the Bloom filter. When the cache data includes identification information of the user, the authentication processing unit 9 determines whether the user can be authenticated based on the cache data without inquiring the central management device 5. If the cache data does not include the user's identification information, the authentication processing unit 9 determines whether the user is an authenticable user by inquiring the central management device 5.

As a result, in the authentication system 1, an inquiry is made to the central management device 5 when it is not determined whether or not authentication is possible in both the authentication processing using the Bloom filter and the authentication processing using cache data. Therefore, the user authentication speed becomes less susceptible to communication delays.

Furthermore, the filter generation unit 16 generates a Bloom filter including the validity period. The filter storage unit 10 stores Bloom filters including their validity periods. When the current time is not included in the validity period of the Bloom filter, the authentication processing unit 9 omits the determination of whether the user is an unauthenticated user based on the Bloom filter.
Furthermore, the data structure used by the authentication device 4 for authentication processing includes the validity period of the Bloom filter. This data structure is used in the process of the authentication device 4 that omits the determination of whether or not the user is an unauthenticated user based on the Bloom filter when the current time is not included in the validity period.

The validity period reduces the number of inquiries to confirm that an unregistered unauthenticated user is an unauthenticated user, thereby suppressing communication capacity wasted due to such inquiries. Furthermore, by including the validity period, the degree of freedom in the timing of Bloom filter distribution can be increased. For example, if the permission period set for the user starts or ends at the same time in a plurality of authentication devices 4, the second communication unit 14 can distribute the information to each authentication device 4 at different timings. The second communication unit 14 may distribute the Bloom filter while avoiding times when communication is busy. This makes it possible to avoid communication congestion caused by Bloom filter distribution. Furthermore, even if there is a guest user for whom permission has been temporarily set, appropriate authentication processing is performed according to the permission period of the guest user.

The central management device 5 also includes a learning section 15 . The learning unit 15 learns authentication patterns for authentication of a plurality of users in a plurality of authentication devices 4. The cache generation unit 17 generates cache data based on the authentication pattern learned by the learning unit 15.

The cache generation unit 17 can generate efficient cache data with a high hit rate based on the authentication pattern. This makes user authentication speed less susceptible to communication delays. The learning unit 15 may learn the authentication pattern using a method such as machine learning, for example. At this time, the learning unit 15 may use, for example, the authentication history as the teacher information. The learning unit 15 may learn authentication patterns based on user attributes. The user's attribute may be, for example, the organization to which the user belongs.

Further, the learning unit 15 learns the authentication frequency for each time period of each user in each authentication device 4 as an authentication pattern. The cache generation unit 17 generates cache data for each time period so that identification information of authenticated users is preferentially included as the authentication frequency increases.

As a result, efficient cache data is generated depending on the time zone. Generally, in a LRU (Least Recently Used) cache, when a large number of users authenticate only once in a short period of time, the cache may be filled with information that will not be reused immediately. For example, in the authentication device 4 provided at the entrance gate, a large number of users are authenticated only once during the work time period or the work leave time period. Even in such a case, the identification information of frequently used users is distributed in advance as cache data, so the hit rate of cache data is improved. This makes user authentication speed less susceptible to communication delays.

The learning unit 15 also learns the authentication order of each authentication device 4 for each user as an authentication pattern. When the second communication unit 14 receives an inquiry from the first authentication device as to whether the user whose identification information is read is an authenticated user, the cache generation unit 17 generates the cache data for the second authentication device to identify the user. Generate to include information. The first authentication device and the second authentication device are included in the plurality of authentication devices 4. The second authentication device is the authentication device 4 that performs authentication processing after the first authentication device in the authentication pattern of the user. The second communication unit 14 delivers the cache data to the second authentication device before the second authentication device reads the identification information of the user.

As a result, efficient cache data is generated according to the authentication order. For example, in a traffic management system, when a plurality of authentication devices 4 are provided on a traffic route, the authentication order may be predictable. In such a case, the predicted user identification information is distributed in advance as cache data to the predicted authentication device 4 based on the learned authentication order, so that the hit rate of the cache data is improved. This makes user authentication speed less susceptible to communication delays.

Note that the user terminal 2 may be, for example, a mobility vehicle in which a human user rides. Further, the user of the authentication system 1 may be, for example, an autonomous mobile body. At this time, the authentication device 4 may read identification information from the autonomous mobile body itself that is the user.

Further, the authentication system 1 may be applied to, for example, an entrance/exit management system. The entry/exit management system is a system that manages entry/exit of users in a managed area. At this time, the controlled device 3 and the authentication device 4 are provided, for example, at the boundary of the area to be managed. The controlled device 3 may be, for example, an electric lock provided on a door.

Further, the authentication system 1 may be applied to, for example, an elevator system. An elevator system is a system that transports users between multiple floors of a building by a car that travels vertically in response to a registered call. For example, in an elevator system, when a user is authenticated, the user's call is registered.

Further, the authentication system 1 may be applied to, for example, a usage management system. The usage management system is a system that manages the usage of managed devices by users. For example, in a usage management system, when a user is authenticated, the user is permitted to use a managed device. The device to be managed may be, for example, a fixed device, a movable device, a car, or a mobility device.

Furthermore, multiple types of identification information may be set for one user. Different types of identification information may be used for authentication in the plurality of authentication devices 4. The identification information may be, for example, the user's biometric information. The user's biometric information may be, for example, information such as a fingerprint, face, iris, or vein of the user. Further, the identification information may be a voice print of a person who is a user. Further, the identification information may be the handwriting of the person who is the user. Further, the identification information may be information that identifies attributes of the user. The identification information may be, for example, information specific to the organization to which the user belongs. The identification information may be password information.

Further, the authentication system 1 may include a plurality of management terminals 6. Further, when the central management device 5 has a function of accepting operations for managing the authentication system 1, the authentication system 1 does not need to include a management terminal.

Furthermore, the filter generation unit 16 may start generating the Bloom filter at the start time or end time of the permission period of the authenticable user, for example. For example, when the permission period is set for one or a small number of authenable users, or when the permission period is common to multiple authentiable users, the validity period set for the bloom filter is It may be a period.

Alternatively, the validity period of the Bloom filter may be a preset period. For example, the filter generation unit 16 selects an authenticated user whose bit string output from the identification information is to be integrated into the Bloom filter based on the registration permission time according to the preset validity period of the Bloom filter. Good too. For example, if at least a part of the permission period set for the registration of an authenticable user overlaps with the validity period of the Bloom filter, the filter generation unit 16 generates a bit string output from the identification information of all the applicable authenticable users. Integrate into bloom filter bit string.

Alternatively, the validity period of the Bloom filter may be set based on the permission time set for the registration of a plurality of different authenticated users. For example, the filter generation unit 16 may set the earliest time among the start times of the permission periods set in the registration of the authenticated user as the start time of the valid period. Further, the filter generation unit 16 may set the latest time among the end times of the permission periods set in the registration of the authenticated user as the end time of the valid period. Note that, for example, if the time difference between the start time or end time of the permission period and the current time is larger than a preset time difference, the filter generation unit 16 does not need to consider the permission period in setting the validity period. . In this example, the identification information with which the output bit string is integrated into the Bloom filter may include a small number of identification information outside the permitted period.

Furthermore, the Bloom filter in the authentication system 1 is not limited to the data structure exemplified above. Bloom filters are probabilistic data structures used to determine whether a given element is an element of a set, such as Counting Bloom Filter, Compressed Bloom Filter, Deletable Bloom Filter, Hierarchical Bloom Filter, Stable Bloom Filter , Adaptive Bloom Filter, Scalable Bloom Filter, Generalized Bloom Filter, or Dynamic Bloom Filter.

Next, an example of the hardware configuration of the main parts of the authentication system 1 will be described using FIG. 9.
FIG. 9 is a hardware configuration diagram of the main parts of the authentication system according to the first embodiment.

Each function of the authentication system 1 can be realized by a processing circuit. The processing circuit includes at least one processor 200a and at least one memory 200b. The processing circuitry may include at least one dedicated hardware 100 along with or in place of a processor 200a and memory 200b.

When the processing circuit includes a processor 200a and a memory 200b, each function of the authentication system 1 is realized by software, firmware, or a combination of software and firmware. At least one of the software and firmware is written as a program. The program is stored in memory 200b. The processor 200a implements each function of the authentication system 1 by reading and executing programs stored in the memory 200b.

The processor 200a is also referred to as a CPU (Central Processing Unit), a processing device, an arithmetic device, a microprocessor, a microcomputer, or a DSP. The memory 200b is configured with a nonvolatile or volatile semiconductor memory such as RAM, ROM, flash memory, EPROM, and EEPROM.

When the processing circuit comprises dedicated hardware 100, the processing circuit is implemented, for example, in a single circuit, a composite circuit, a programmed processor, a parallel programmed processor, an ASIC, an FPGA, or a combination thereof.

Each function of the authentication system 1 can be realized by a processing circuit. Alternatively, each function of the authentication system 1 can be realized all together by a processing circuit. Regarding each function of the authentication system 1, a part may be realized by dedicated hardware 100, and other parts may be realized by software or firmware. In this way, the processing circuit realizes each function of the authentication system 1 using dedicated hardware 100, software, firmware, or a combination thereof.

The authentication system according to the present disclosure can be applied to a system that authenticates users, such as a traffic management system, an entrance/exit management system, an elevator system, or a usage management system. The central management device and authentication device according to the present disclosure can be applied to the authentication system. The authentication method according to the present disclosure can be applied to the authentication system. The authentication program and data structure according to the present disclosure can be applied to the authentication system.

1 authentication system, 2 user terminal, 3 controlled device, 4, 4a, 4b authentication device, 5 central management device, 6 management terminal, 7 reading unit, 8 first communication unit, 9 authentication processing unit, 10 filter storage unit, 11 cache storage unit, 12 network, 13 user information storage unit, 14 second communication unit, 15 learning unit, 16 filter generation unit, 17 cache generation unit, 18 hash generator, 100 dedicated hardware, 200a processor, 200b memory

Claims (11)

a central management device;
a plurality of authentication devices each reading identification information of a plurality of users;
Equipped with
The central management device includes:
For each of the plurality of authentication devices, a user information storage unit that stores identification information of a user who can be authenticated for the authentication device among the plurality of users;
a filter generation unit that generates, for each of the plurality of authentication devices, a Bloom filter based on identification information of an authenticable user for the authentication device;
In response to an inquiry from each of the plurality of authentication devices as to whether the user who has read the identification information is an authenticable user, the Bloom filter generated by the filter generation unit for each of the plurality of authentication devices is transmitted to the authentication device. A communications department that distributes information to
Equipped with
Each of the plurality of authentication devices includes:
a filter storage unit that stores the Bloom filter distributed from the communication unit;
When it is determined that a user whose identification information has been read after the distributed Bloom filter is stored in the filter storage unit is a user who cannot be authenticated based on the Bloom filter, the user can receive the information without inquiring the central management device. an authentication processing unit that rejects user authentication;
It is an authentication system equipped with
The filter generation unit generates the Bloom filter including a validity period,
The filter storage unit stores the Bloom filter including the validity period,
The authentication processing unit omits the determination of whether the user is an unauthenticated user based on the Bloom filter when the current time is not included in the validity period of the Bloom filter. The central management device includes:
For each of the plurality of authentication devices, a cache generation unit that generates cache data including identification information of at least some authenticable users for the authentication device;
Each of the plurality of authentication devices includes:
comprising a cache storage unit that stores the cache data;
The authentication system according to claim 1, wherein the communication unit distributes the cache data generated by the cache generation unit for each of the plurality of authentication devices to the authentication device regardless of whether there is an inquiry from the authentication device. . When the cache data stored in the cache storage unit includes identification information of a user who is not determined to be an unauthenticated user in the determination based on the Bloom filter, the authentication processing unit performs authentication based on the cache data. determining whether or not the user can be authenticated without inquiring the central management device, and inquiring the central management device whether the user is an authenticable user when the cache data does not include identification information of the user; The authentication system according to claim 2. The central management device includes:
a learning unit that learns authentication patterns for authentication of the plurality of users in the plurality of authentication devices;
The authentication system according to claim 2 or 3, wherein the cache generation unit generates the cache data based on the authentication pattern learned by the learning unit. The learning unit learns an authentication frequency for each time period of each of the plurality of users in each of the plurality of authentication devices as the authentication pattern,
The authentication system according to claim 4, wherein the cache generation unit generates the cache data for each time period so that the higher the authentication frequency, the higher the authentication frequency, the higher the authentication frequency, the more preferentially the cache data is generated. The learning unit learns the authentication order of each of the plurality of authentication devices for each of the plurality of users as the authentication pattern,
The cache generation unit is configured to generate the first information in the authentication pattern when the communication unit receives an inquiry from a first authentication device of the plurality of authentication devices as to whether a user who has read the identification information is an authenticable user. Generating cache data for a second authentication device that performs authentication processing for the user after the authentication device so as to include identification information of the user;
The authentication system according to claim 4 or 5, wherein the communication unit distributes the cache data to the second authentication device before the second authentication device reads the identification information of the user. a reading unit that reads identification information of each of the plurality of users;
a filter storage unit that stores a Bloom filter generated based on identification information of an authenticable user distributed from a central management device that registers identification information of an authenticable user among the plurality of users;
When the user whose identification information is read by the reading unit after the distributed Bloom filter is stored in the filter storage unit is determined to be a user who cannot be authenticated based on the Bloom filter, the central management device an authentication processing unit that refuses authentication of the user without asking;
Equipped with
The filter storage unit stores the Bloom filter including its validity period,
The authentication processing unit omits determination of whether or not the user is an unauthenticated user based on the Bloom filter when the current time is not included in the validity period of the Bloom filter. a cache storage unit that stores cache data that includes identification information of at least some authenticated users and is distributed from the central management device regardless of whether there is an inquiry from the authentication processing unit.
The authentication device according to claim 7 . When the cache data stored in the cache storage unit includes identification information of a user who is not determined to be an unauthenticated user in the determination based on the Bloom filter, the authentication processing unit performs authentication based on the cache data. determining whether or not the user can be authenticated without inquiring the central management device, and inquiring the central management device whether the user is an authenticable user when the cache data does not include identification information of the user; judge by
The authentication device according to claim 8 . The computer is
a filter storage step of storing a Bloom filter generated based on identification information of an authenticable user distributed from a central management device that registers identification information of an authenticable user among a plurality of users;
After the filter storage step, a reading step of reading identification information of one of the plurality of users;
When the user whose identification information is read in the reading step is determined to be an unauthenticated user based on the Bloom filter stored in the filter storage step, the user is authenticated without inquiring the central management device. an authentication processing step to reject;
It is an authentication method that performs
In the filter storage step, the Bloom filter is stored including its validity period;
In the authentication processing step, when the current time is not included in the validity period of the Bloom filter, the determination of whether the user is an unauthenticated user based on the Bloom filter is omitted. a filter storage step of storing a Bloom filter generated based on identification information of an authenticable user distributed from a central management device that registers identification information of an authenticable user among a plurality of users;
After the filter storage step, a reading step of reading identification information of one of the plurality of users;
When the user whose identification information is read in the reading step is determined to be an unauthenticated user based on the Bloom filter stored in the filter storage step, the user is authenticated without inquiring the central management device. an authentication processing step to reject;
Have the authentication device execute
In the filter storage step, the Bloom filter including the validity period is stored in the authentication device,
In the authentication processing step, when the current time is not included in the validity period of the Bloom filter, the authentication program causes the authentication device to omit determining whether or not the user is an unauthenticated user based on the Bloom filter.

Images