KR102346650B1 - Personal recognition using mobile access card and heat measurement method using non-contact infrared thermometer, device and system including the same - Google Patents

Abstract

The present invention relates to a method for recognizing individuals using a mobile access card and measuring heat using a non-contact infrared thermometer, a device thereof, and a system including the same. According to an embodiment of the present invention, the system for measuring the body heat by using a non-contact infrared thermometer and controlling the access comprises: an access control server issuing and managing a mobile access card; a user device encoding and transmitting an access authentication request message including a first access authentication information of the issued mobile access card; and a non-contact body heat detector device receiving and decoding the access authentication request message from the user device, and acquiring the first access authentication information, and determining whether the user device may access or not based on the first access authentication information. The non-contact body heat detector device includes a non-contact infrared temperature detector module, and measures the body heat of a user possessing the user device in a non-contact manner. The non-contact infrared temperature detector module can include a plurality of thermopile sensors configured in a square array method.

Description

Personal recognition using mobile access card and heat measurement method using non-contact infrared thermometer, device and system including the same}

The present specification proposes a non-contact infrared body temperature measurement and access management system.

Due to the recent surge in COVID-19, body temperature measurement has become essential for entering and exiting a building, and as a result, various body temperature measuring devices have been developed and released. Among them, a thermal sensing device using a thermopile sensor has been developed. The thermopile sensor is one of the thermal sensing sensors mainly used to measure the temperature of a stationary object or human body in a non-contact manner. In particular, recently, a thermopile array sensor (TAS), in which a plurality of thermopile sensors are arranged in square (eg, 32 x 32) pixels, and manufactured as a single module (Module) is being developed. .

The thermopile array sensor consists of a module in which a plurality of thermopile sensors are arranged in square (or two-dimensional) pixels, and each thermopile sensor has a temperature for each partial area of a measurement target corresponding to a pixel position. will measure In particular, the thermopile array sensor receives infrared rays generated for each partial region of a measurement target in units of pixels, and generates and outputs an electric signal corresponding thereto.

When measuring body temperature for entering a building, the manager not only has to measure body temperature for each person and at the same time check whether he/she has permission to enter, but also has to write the access list and body temperature by hand, which takes a lot of manpower and time. However, there is still no concrete way to solve this problem. In addition, through this process, there is a problem that a contact situation between the manager and the visitor is inevitable, so that the visitor and the manager are exposed to the risk of corona virus infection.

Accordingly, in the present specification, an integrated user access and body temperature management system is proposed that automatically checks the user's access authority using a proximity communication protocol and automatically measures and records the user's body temperature using a thermopile array sensor. , to solve the above-mentioned various problems at once.

According to an embodiment of the present invention, there is provided a non-contact infrared body temperature measurement and access management system, comprising: an access management server for issuing and managing a mobile access card; a user device that encrypts and transmits an access authentication request message including first access authentication information of the issued mobile access card; a non-contact body temperature sensing device configured to receive and decode the access authentication request message from the user device to obtain the first access authentication information, and to determine whether the user device can enter or not based on the first access authentication information; Including, wherein the non-contact body temperature sensing device includes a non-contact infrared temperature sensing module to measure the body temperature of a user who has the user device in a non-contact manner, wherein the non-contact infrared temperature sensing module is configured in a square array type It may include a plurality of thermopile sensors.

According to an embodiment of the present invention, since the user's access list and body temperature are automatically recorded and managed on the system, there is an effect of reducing human, time and economic costs due to handwriting measurement and writing of the access list and body temperature.

In addition, according to an embodiment of the present invention, since it is possible to manage people in a non-contact manner, there is an effect that it is possible to minimize the risk of corona 19 infection due to contact.

In addition, according to an embodiment of the present invention, since the secret key for encrypting access authentication information is updated based on the body temperature measurement information at the time of entry or every time the body temperature is measured, the security is very excellent and there is little risk of leakage of personal information and access authentication information is effective.

In addition, according to an embodiment of the present invention, since an indicator for each user is generated according to the actual user's body size and used for body temperature measurement, there is an effect that accurate body temperature measurement is possible for each user.

Effects of the present invention are not limited to the above, and various other effects will be described below in detail with reference to each embodiment and drawings.

1 is a block diagram schematically illustrating a non-contact infrared body temperature measurement and access management system according to an embodiment of the present invention.
2 is a block diagram of a non-contact body temperature sensing apparatus according to an embodiment of the present invention.
3 is a diagram illustrating a mobile access card issuance and synchronization process according to an embodiment of the present invention.
4 is a flowchart illustrating a method for determining whether a non-contact body temperature sensing device is allowed to enter or exit according to an embodiment of the present invention.
5 is a diagram illustrating a pixel structure of a non-contact body temperature sensing device according to an embodiment of the present invention.
6 is a diagram illustrating a body temperature measurement method of a non-contact body temperature sensing apparatus according to an embodiment of the present invention.
7 is a diagram illustrating an embodiment of updating a secret key according to an embodiment of the present invention.
8 is a diagram illustrating an example of generating an indicator according to an embodiment of the present invention.
9 is a diagram illustrating an example of using an indicator according to an embodiment of the present invention.
10 is a diagram illustrating an embodiment of selective activation of a thermopile according to an embodiment of the present invention.
11 is a diagram illustrating an embodiment of a security operation using an indicator according to an embodiment of the present invention.

Since the technology to be described below may have various changes and may have various embodiments, specific embodiments will be illustrated in the drawings and described in detail. However, this is not intended to limit the technology described below to specific embodiments, and it should be understood to include all modifications, equivalents, and substitutes included in the spirit and scope of the technology described below.

Terms such as first, second, A, and B may be used to describe various components, but the components are not limited by the above terms, and only for the purpose of distinguishing one component from other components. is used only as For example, a first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component without departing from the scope of the present invention. and/or includes a combination of a plurality of related listed items or any of a plurality of related listed items. For example, 'A and/or B' may be interpreted as meaning 'at least one of A or B'. Also, '/' may be interpreted as 'and' or 'or'.

In terms of terms used herein, the singular expression should be understood to include a plural expression unless the context clearly dictates otherwise, and terms such as "comprises" include the specified feature, number, step, operation, and element. , parts or combinations thereof are to be understood, but not to exclude the possibility of the presence or addition of one or more other features or numbers, step operation components, parts or combinations thereof.

Prior to a detailed description of the drawings, it is intended to clarify that the classification of the constituent parts in the present specification is merely a division according to the main function each constituent unit is responsible for. That is, two or more components to be described below may be combined into one component, or one component may be divided into two or more for each more subdivided function. In addition, each of the constituent units to be described below may additionally perform some or all of the functions of other constituent units in addition to the main function it is responsible for. Of course, it can also be performed by being dedicated to it.

In addition, in performing the method or method of operation, each process constituting the method may occur differently from the specified order unless a specific order is clearly described in context. That is, each process may occur in the same order as specified, may be performed substantially simultaneously, or may be performed in the reverse order.

1 is a block diagram schematically illustrating a non-contact infrared body temperature measurement and access management system according to an embodiment of the present invention.

Referring to FIG. 1 , a non-contact infrared body temperature measurement and access management system 100 (hereinafter referred to as an 'integrated management system') includes an access management server 110 , a user device 120 , a non-contact body temperature sensing device 130 and /or an interlocking system 140 .

The access management server 110 may correspond to a server that issues a mobile access card to a user and records and manages access details for each user. The access management server 110 may communicate with the user device 120 , the non-contact body temperature sensing device 130 , and/or the interworking system 140 to transmit/receive various information/data related to access and body temperature measurement. In particular, the access management server 110 may transmit/receive information/data to and from the user device 120 through a pre-made application to perform the embodiment proposed in this specification as a medium. In this case, the access management server 110 may correspond to an application server that operates and manages the corresponding application.

The access management server 110 may issue a mobile access card including access authentication information directly input by an administrator or received through the user device 120 . The access authentication information may include personal information for identifying a user and information related to access authority. For example, the access authentication information may include a user's ID (Identifier), resident registration number, employee number, name, mobile phone number, regular access target, one-time access target, accessible area, non-accessible area, and/or user device (120) mobile operating system information, and the like.

The access management server 110 synchronizes the mobile access card with other components of the integrated management system 100 (in particular, the user device 120 and the non-contact body temperature sensing device 130 ) when issuing/modifying/collecting/disposing of the mobile access card. You can create and transmit a synchronization message for This will be described in detail below with reference to FIG. 3 .

The user device 120 is an electronic server/device/device in which an application/program/software implemented to perform/execute the non-contact infrared body temperature measurement and access management method/embodiment proposed in this specification is installed and executed in advance. may be applicable. Accordingly, although not described separately below, the operation of the user device 120 may be interpreted as an operation/function of the application/program/software. Hereinafter, for convenience of explanation, the 'user device 120', which is the user's device on which the application/program is installed, will be mainly described, but the 'user device 120' may be replaced with an 'application'.

The user device 120 may receive the user's mobile access card from the access management server 110 and perform a function of requesting access authentication to the non-contact body temperature sensing device.

More specifically, the user device 120 may receive information necessary for issuing a mobile access card from a user according to an embodiment, and may request the access management server 110 to issue a mobile access card based on this input. The access management server 110 performs identification through a user authentication method (eg, issuance of an authentication number through SNS (Social Network Service), etc.), and then, based on the information received from the user device 120 , the user device It is possible to issue a mobile access card for (120).

The user device 120 may extract access authentication information from the issued mobile access card, generate and encrypt an access authentication request message including the access authentication information, and transmit it to the non-contact body temperature sensing device 130 . To this end, the user device 120 may include a short-range communication module. For example, the user device 120 uses Bluetooth Low Energy (BLE) and/or RFID/NFC communication protocols, including Bluetooth and/or Radio-Frequency Identification (RFID)/Near Field Communication (NFC) communication modules. to transmit an access authentication request message. In this case, the type of short-range communication protocol used for transmitting the access authentication message may vary according to the mobile operating system installed in the user device 120 . For example, when the mobile operating system of the user device 120 is the first operating system (eg, Android), the access authentication request message may be transmitted using a BLE or RFID/NFC communication protocol. In contrast, when the mobile operating system of the user device 120 is the second operating system (eg, iOS), the access authentication request message may be transmitted using only the BLE communication protocol.

The access authentication request message may be encrypted by the user device 120 and transmitted to the non-contact body temperature sensing device 130. The encryption algorithm is an Advanced Encryption Standard (AES)-256 algorithm or a Secure Hash Algorithm (SHA) depending on the embodiment. )-256 algorithm may be used. The AES-256 algorithm is an encryption algorithm that has replaced DES and corresponds to a symmetric key algorithm with a secret key length of 256 bits. The symmetric key algorithm refers to an algorithm in which the secret key used for encryption and decryption is the same. The SHA-256 algorithm is a one-way encryption algorithm to which the HASH function is applied. It refers to an algorithm that can only encrypt and cannot decrypt.

In the case of the AES-256 algorithm, since encryption and decryption are performed using a secret key, the secret key can be shared among the components 110 to 130 when the initial integrated management system 110 is built, and each component 110 to 130 ) can be used for encryption and decryption by storing the secret key in a highly secure internal secret storage space. As such, due to the characteristics of the AES-256 algorithm using the secret key, if the secret key is leaked once by an external attack, a problem may occur that all internal information of the integrated management system 100 may be leaked to the outside. In particular, the integrated management system 100, because the user's access authentication information and personal information is transmitted and received, if it is leaked, the damage is very large. Therefore, in this specification, in order to prevent such a problem, an embodiment in which the secret key is updated every time a user enters or exits or when a user's body temperature is measured based on the user's body temperature measurement information is proposed, which will be described in detail below with reference to FIG. 7 . decide to do

The non-contact body temperature sensing device 130 may determine whether the user is allowed to enter or not, and may measure the user's body temperature using a non-contact infrared method. The non-contact body temperature sensing device 130 will be described in detail below with reference to FIG. 2 .

The interworking system 140 is an external system interlocked with the integrated management system 100 , and performs communication with at least one configuration of the integrated management system 100 to receive information on the user's access and body temperature to operate the internal system. can be used for Examples of the interworking system 140 may include a corporate ERP, a school education management system, a transportation system, a barcode/QR code system, and the like.

Although not shown in this figure, the integrated management system 100 may additionally include a manager device (not shown) according to an embodiment. The manager device has communication/access rights with each component 110 to 140 of the integrated management system 100, and performs a function to inquire/manage/operate information stored in each component 110 to 140 can do. The information may be provided through the manager device in the form of a web page or an application execution screen.

2 is a block diagram of a non-contact body temperature sensing apparatus according to an embodiment of the present invention.

Referring to FIG. 2 , the non-contact body temperature sensing device 130 includes a Bluetooth communication module 210 , an RFID/NFC communication module 220 , a non-contact infrared temperature sensing module 230 , other sensor modules 240 , and a display module 260 . ), and/or a control module 250 .

The Bluetooth communication module 210 may correspond to a communication module that performs Bluetooth communication based on the Bluetooth communication protocol. In particular, the Bluetooth communication module 210 may transmit and receive an encrypted Bluetooth message by performing Bluetooth communication with a user device located in a short distance (particularly, located in an access space). The Bluetooth communication module 210 may correspond to a module to which a Bluetooth 5.0 version or higher Bluetooth standard technology is applied, and may use a BLE communication protocol among the operation methods of the controller.

In the case of a general short-distance communication protocol, other wireless communication protocols (eg, WiFi, Zigbee, etc.) using the same bandwidth can be easily interfered by them in many environments, but in the case of Bluetooth communication protocol, adaptive frequency hopping Because the technology is used, data can be transmitted through a channel that does not cause severe channel interference, so a robust communication operation is possible while minimizing the interference effect compared to other short-distance communication protocols.

In the BLE communication protocol, the modulation operation mode of the controller may be changed to improve the transmission speed. In particular, the Bluetooth communication module has a maximum transmission distance of 2M and a maximum transmission rate of 2Mb/s so that BLE communication with a user device is possible only within an ultra-close distance within a specific space (ie, an access space). LE 2M PHY: 2Mb/s It can operate in operation mode. However, the present invention is not limited thereto and may be changed to another operation mode.

The maximum BLE transmission output of the Bluetooth communication module 210 may be set to a different class according to a mobile operating system of the user device for smooth Bluetooth communication with the user device. For example, if the mobile operating system of the user device is the first operating system (eg, iOS), the BLE maximum transmit power may be set to Class 1 (100mW), and the second operating system (eg, Android), the BLE maximum transmission output may be set to Class 2 (2.5mW).

BLE communication protocol supports point-to-point connection, broadcast connection for 1:N transmission, and mesh connection for N:N transmission, considering the connection speed improvement of existing Bluetooth technology (BR/EDR) It is designed to support advertising operation. The advertisement operation may correspond to an operation in which the first Bluetooth module sends a connectable advertisement message, and the second Bluetooth module that has received it responds with a Connection Request to directly establish a link between the two devices. According to this advertisement operation, since the link establishment operation is very simple, the Bluetooth connection time between devices can be reduced by up to 6 ms. In addition, the BLE communication protocol also supports a non-connectable advertisement operation for the purpose of providing information that does not require connection between devices.

The Bluetooth communication module 210 according to an embodiment of the present invention may be configured to use a connectionless advertisement operation for a fast recognition speed. Accordingly, the access authentication request message may be included in the connectionless advertisement message and transmitted to the non-contact body temperature sensing device 130 .

In Bluetooth 5.0 version, an extended advertisement operation that can send long data by dividing it into a plurality of advertisement messages is newly defined. Furthermore, for the efficient operation of only three advertisement channels, various auxiliary advertisement operations that can be divided into two stages, primary advertisement and secondary advertisement, are also available in Bluetooth 5.0 version so that advertisement messages can be sent in the data channel. was added to The Bluetooth communication module 210 according to an embodiment of the present invention may use the extended advertisement transmission method and the data segmentation advertisement transmission method to more quickly process the encrypted access authentication information received from the user device.

Due to the nature of the present invention, the Bluetooth communication module 210 is provided with a chip-shaped directional antenna having a beam width formed in a narrow horizontal range but wide in a vertical range so that a user device can be recognized quickly and accurately in a narrow access space, Bluetooth communication In this case, a beamforming operation may be performed.

The RFID/NFC communication module 220 supports RFID and NFC communication, uses a high frequency radio band of 13.56Mhz, supports a communication speed of 106/212/424 kbps, and ISO 14443A, ISO 14443B, ISO 18092, FELICA It supports device-to-device communication (Peer-to-peer mode) and reader/tag (Read/Write mode) based on technology.

The RFID/NFC communication module 220 uses a peer-to-peer mode for NFC communication with the RFID/NFC communication module of the user device. Confirm), an additional touch input operation was required for data transmission after the procedure. However, the RFID/NFC communication module 220 according to an embodiment of the present invention processes access authentication information with only one tagging operation by borrowing SMART NFC technology (Emulated P2P) for user inconvenience and faster operation. can do.

The non-contact infrared temperature sensing module 230 may correspond to a temperature sensing module that measures a user's body temperature in a non-contact infrared method. In particular, in the present specification, the non-contact infrared temperature sensing module 230 uses a plurality of thermopile sensors (that is, a thermopile array sensor (TAS)) configured in a forward (or two-dimensional) array method to obtain the user's body temperature. can be measured.

Thermopile array sensors enable fast and accurate temperature measurement even at relatively long distances, such as 20 cm to 50 cm, and each thermopile sensor is a micro thermopile sensor using compound thin film technology. Compared to conventional silicon thermopile sensors, It has the advantage of being superior to 5 times or more in contrast sensitivity (SNR) and detection area.

By using the thermopile array sensor, the non-contact body temperature sensing apparatus 130 may measure the temperature of each of a plurality of pixels, which is a body temperature measurement area of each of the plurality of thermopile sensors, in an infrared non-contact method. In this specification, a pixel may mean a specific temperature measurement area/compartment/part in which each thermopile sensor measures temperature, and may have a one-to-one correspondence with each other. A detailed description of a method for measuring body temperature using a thermopile array sensor will be described below with reference to FIGS. 5 and 6 .

The other sensor module 240 may include at least one sensor for sensing/measurement operation according to the embodiment proposed in this specification.

As an embodiment, the other sensor module 240 may include an infrared human body detection sensor (PIR, Passive Infrared Sensor). The infrared human body detection sensor refers to a passive infrared sensor, and is a sensor that detects movement of the human body in a certain section at an acute angle of 9 to 12 degrees through a Fresnel lens. The non-contact body temperature sensing device may detect a movement of a user using an infrared human body sensor, thereby triggering an access authentication and body temperature measurement operation for the user.

And/or, as another embodiment, the other sensor module 240 may include a Time of Flight (ToF) sensor. The ToF sensor is a three-dimensional sensor that calculates/recognizes the distance to an object, the three-dimensional effect of the object, spatial information, and movement by using the time when light emitted from an object through infrared wavelengths is reflected and returned. The non-contact body temperature sensing device 130 may measure the distance between the non-contact infrared temperature sensing module 230 and the user by using this ToF sensor, and guide the user to be located within a desired measurement distance/range for accurate body temperature measurement ( For example, a guide message output, etc.) can be performed.

The control module 250 may control other components included in the non-contact body temperature sensing device 130 to independently perform/execute the function of the non-contact body temperature sensing device 130 proposed in this specification. Therefore, in this specification, the control module 250 may be described as being replaced with the non-contact body temperature sensing device 130 .

The control module 250 is a CPU (Central Processing Unit), MPU (Micro Processor Unit), MCU (Micro Controller Unit), AP (Application Processor), AP (Application Processor), or any form well known in the art. It may be configured to include at least one processor. Embedded Linux or Android may be mounted as an operating system of the control module 250 .

Software driven by the control module 250 includes Web Server, Database, Main Process, and various modules that provide Web UI (Bluetooth communication module, RFID/NFC communication module and/or non-contact infrared temperature sensing module, other sensor modules) It may be configured as a communication interface with

The main process may receive user's access authentication information by using/controlling the Bluetooth communication module 210 and receiving body temperature information of the user by using/controlling the non-contact infrared temperature sensing module 230 . Furthermore, the Main Process can combine the received information to create data, store it in the database, and manage it.

In particular, the Main Process may perform operations of decrypting the received information/message and encrypting the information/message to be transmitted. In addition, the Main Process can encrypt data to be recorded/stored and recorded/stored in the database. As described above, the encryption/decryption method may be performed by the AES-256 or SHA-256 algorithm.

Web Server (not shown) can be built as a responsive web so that users can access and check external computer PCs and mobile phones, 1) a function to register and manage user access information, 2) to view and download access and body temperature information Functions, 3) management functions such as administrator addition/modification/deletion 4) whether to use the function of personal recognition non-contact heat detection equipment, setting various standard values, and uploading programs can be performed/included.

The administrator can upload/download/manage visitor information by accessing the web page in the manager device (file upload by saving the information to be used as a mobile access card among the currently managed visitor information in Excel).

The Main Process can also perform a function of interworking with an external system (sharing information to be measured, such as employees/students) using at least one communication protocol.

In addition, the control module 250 may include communication software/hardware for processing various types of communication, a GUI program for showing specific information to a user, and external system interworking software.

The display module 260 may output various images/images based on the control of the control module 250 . For example, the display module 260 may display various image information such as a current time, a guide message, a version of the Main Process, and/or a currently allocated network. In addition, the display module 260 may output access authentication information collected in the main process, the user's body temperature, the user's fever, and/or the user's fever alarm information. In particular, the display module 260 may output an indicator generated/set for each user under the control of the control module 250 , which will be described later with reference to FIGS. 8 to 11 .

3 is a diagram illustrating a mobile access card issuance and synchronization process according to an embodiment of the present invention.

Referring to FIG. 3 , first, the user device 120 may request the access management server 110 to issue a mobile access card according to a user request ( S301 ). The user device 120 may receive access request information required for issuance of the mobile access card from the user, and transmit an issuance request message including the received access request information. In this case, the issuance request message may also be encrypted and transmitted to the access management server 110 . The access request information may include personal information and/or identification information of the user who requested issuance and/or the user device 120 .

The access management server 110 decrypts the issuance request message to obtain access request information, generates access authentication information based on the obtained access request information, and provides access authentication information to the user device 120 (or the user). The included mobile access card can be issued. The mobile access card issued at this time can be largely divided into two types. One may correspond to a regular access card issued for a regular access target, and the other may correspond to a one-time access card issued to a one-time access target. . In the former case, it may correspond to an access card issued to users who are permitted to access regularly, such as employees of a specific company, members who have canceled their commuter pass, teachers and students of schools, and the like. In the latter case, it may correspond to an access card issued to a user who is allowed to enter a movie theater, an amusement park, public transportation, an art museum, a performance, etc. only once. The type information of the mobile access card may be included in the access authentication information later to be used for the user's access authentication.

In order to synchronize the issued mobile access card, the access management server 110 may encrypt a synchronization message including access authentication information and transmit it to the user device 120 and the non-contact body temperature sensing device 130 (S301, S302). . The user device 120 may decrypt the synchronization message to obtain access authentication information, and store the mobile access card including the access authentication information. The stored mobile access card may be automatically executed/loaded when the user device 120 establishes a Bluetooth (or RFID/NFC) link with the non-contact body temperature sensing device 130 . The non-contact body temperature sensing device 130 also decrypts the synchronization message to obtain access authentication information, and stores the access authentication information as second access authentication information for determining whether access to the user device 120 is possible in a database. .

In the present embodiment, the user device 120 has been mainly described, but the present invention is not limited thereto, and the function of the user device 120 may be performed through an administrator device (not shown). Accordingly, in the present embodiment, the user device 120 may be replaced by an administrator device.

4 is a flowchart illustrating a method for determining whether a non-contact body temperature sensing device is allowed to enter or exit according to an embodiment of the present invention.

This embodiment assumes that a Bluetooth or RFID/NFC link between the non-contact body temperature sensing device and the user device has been created in advance.

Referring to FIG. 4 , first, the non-contact body temperature sensing device may receive an encrypted access authentication request message ( S401 ). The non-contact body temperature sensing device may obtain the first access authentication information by decoding the access authentication request message.

Next, the non-contact body temperature sensing device may determine whether the user device requesting access authentication is allowed/permitted based on the first access authentication information (S402). More specifically, the non-contact body temperature sensing device may load the first access authentication information with the second access authentication information stored for the user device in the database and compare it with the first access authentication information. If the two access authentication information match each other, the non-contact body temperature sensing device may allow the user device (or user) to enter. If they do not match, the non-contact body temperature sensing device disallows the user device (or user) from entering. can do.

Next, the non-contact body temperature sensing apparatus may measure the user's body temperature in a non-contact/infrared method using the non-contact infrared temperature sensing module ( S403 ). A specific body temperature measurement method using the non-contact infrared temperature sensing module will be described below with reference to FIGS. 5 and 6 .

5 is a diagram illustrating a pixel structure of a non-contact body temperature sensing device according to an embodiment of the present invention, and FIG. 6 is a diagram illustrating a body temperature measuring method of the non-contact body temperature sensing device according to an embodiment of the present invention.

Referring to FIG. 5 , the non-contact body temperature sensing device measures a user's body temperature using a plurality of thermopile sensors 510 (ie, thermopile sensor array (TAS)) provided in a square array (or two-dimensional array) method. can do. A measurement area/division/part measured by one thermopile sensor may be defined as one pixel p, and a one-to-one relationship is established between the plurality of thermopile sensors 510 and the plurality of pixels p0 to p15. can be This figure exemplifies 16 thermopile sensors 510 provided in a 4X4 array in a non-contact body temperature sensing device and 16 pixels (p0 to p15) corresponding to them one-to-one.

The non-contact body temperature sensing device may generate thermal image images 520 and 530 as shown in FIG. 6 based on the body temperature information for each pixel (p0 to p15) obtained using a plurality of thermopile sensors 510 . have. In particular, the non-contact body temperature sensing apparatus may generate thermal images 520 and 530 by determining a color based on the measured body temperature of each pixel p0 to p15 and displaying each pixel with the determined color. For example, the non-contact body temperature sensing device may display pixels (p0 to p15) having a high measured body temperature in red, and pixels having a low body temperature (p0 to p15) in blue.

If more than a preset number (for example, 8) of pixels with a preset temperature (for example, 36 degrees) or more are detected among the plurality of pixels (p0 to p15), the non-contact body temperature sensing device determines the location of the body temperature measurement by the user It may be recognized as being located within the /range (eg, within a distance of 20 to 50 cm in the front direction from the non-contact body temperature sensing device). In addition, the non-contact body temperature sensing device may use Bluetooth or RFID/NFC link formation and/or other sensor modules as auxiliary means to more accurately recognize/determine whether the user is located in the body temperature measurement position/range.

When it is recognized/determined that the user is located in the body temperature measurement location/range, the non-contact body temperature sensing device processes the temperature of pixels (that is, effective pixels) that are above a preset temperature as an effective body temperature value, and the remaining pixels (that is, the The temperature of pixels below the set temperature) can be treated as an ambient temperature value. The non-contact body temperature sensing device may predict the body temperature of a measurement target user based on an effective body temperature value and an ambient temperature value. For example, the non-contact body temperature sensing apparatus may predict/extract an average value of effective body temperature values, an effective body temperature value of a pixel at a specific location among valid body temperature values, or a highest effective body temperature value among valid body temperature values as the user's body temperature. The specific location pixel may mean a pixel included in the upper section when effective pixels are divided into upper/middle/lower sections, for example. This is to extract the body temperature from predicting the pixel measuring the forehead having the highest body temperature measurement accuracy, assuming that the part measured by the plurality of thermopile sensors is the face.

The non-contact body temperature sensing device may predict a user's body temperature based on effective body temperature values, and may improve body temperature prediction accuracy by compensating for a value predicted based on an ambient temperature value. For example, the lower the ambient temperature value, the higher the user's body temperature may be, and the higher the ambient temperature value, the lower the user's body temperature may be compensated. Through this compensating operation, the user's body temperature can be predicted more accurately.

7 is a diagram illustrating an embodiment of updating a secret key according to an embodiment of the present invention.

When encryption and decryption of messages/information is performed by borrowing the AES-256 algorithm, the risk of leakage is very high when the same secret key is continuously used. In particular, when access authentication information is leaked, an outsider can easily access the control area, which can be a very big threat to security. Therefore, in the present specification, in order to solve such a security risk, a secret key may be set for each user 710 and may be updated based on the user's body temperature measurement information 720 when entering or exiting the user or whenever the body temperature is measured.

For example, as illustrated in this figure, when the user 710 measures body temperature at XX/XX/XX date, YY:YY time, and the measured body temperature is measured at ZZ.Z℃, the non-contact body temperature sensing device can derive the code XXXXXXYYYYZZZ from this. By converting the derived code into 256 bits, it can be updated with the secret key.

The secret key update operation may be performed based on the body temperature measurement information 720 in each of the user device, the access management server, and the non-contact body temperature sensing device. More specifically, the non-contact body temperature sensing device may generate body temperature measurement information 720, encrypt it with an existing secret key, and transmit it to the user device and the access management server. The user device and the access management server obtain the body temperature measurement information 720 using the existing secret key, extract a code from the body temperature measurement information 720, and generate a new secret key as described above to obtain the secret key. can be updated.

According to the present embodiment, since the secret key is updated using the essential information transmitted and received between the user device, the access control server, and the non-contact body temperature sensing device, there is no need for a separate signaling and message transmission/reception process for generating/updating a new secret key. Signaling overhead is minimized, and since the secret key is periodically updated when the user 710 enters or exits or when the body temperature is measured, there is also an effect that the security risk due to leakage of the secret key is eliminated.

This embodiment may be performed only for regular access targets.

The user's body temperature measurement information 720 may include at least one of the user's 710 body temperature, the user's body temperature measurement date and time, and the user's entry/exit date and time.

8 is a diagram illustrating an example of generating an indicator according to an embodiment of the present invention.

For accurate body temperature measurement, it is preferable that the angle and distance between the non-contact body temperature sensing device (precisely, a plurality of thermopile sensors) and the user be within the measurable angle and distance range of the non-contact body temperature sensing device. Therefore, in the case of the conventional body temperature measurement system, the user's measurement position is displayed as a sticker on the floor in order to guide the user's measurement angle and distance to the user, or the user uses a sensor to measure the distance and angle with the user. A direct guide message was output to move to the measurement location. However, in the prior art, in the former case, there is a problem in that it does not reflect the fact that the size of the body parts for each user is different, and it always guides only the same position, so that it is not possible to guide the accurate measurement position for each user, and in the latter case, additional Since the sensor is essential, there is a problem that the initial construction, manufacturing, and maintenance of the system is expensive. Accordingly, in order to solve this problem, the present specification proposes an embodiment in which an indicator for each user is generated and provided to indicate an accurate body temperature measurement angle and distance.

In more detail, referring to FIG. 8 , the non-contact body temperature sensing device is located in a boundary region among pixels that measure the temperature processed as an effective processing value in the thermal image 810 acquired/generated using a plurality of thermopile sensors. The positioned pixels p1, p2, p4, p7, p8, p11, p13, and p14 may be selected/selected. Furthermore, the non-contact body temperature sensing device connects the centers of the pixels (p1, p2, p4, p7, p8, p11, p13, p14) selected/selected in the thermal image to generate an indicator 820 forming a closed space. can The non-contact body temperature sensing device may store the generated indicator 820 in a database in response to the second access authentication information, and may later be utilized as an indicator 820 for guiding/instructing the user of the body temperature measurement distance and angle. An embodiment of using the indicator 820 will be described in detail below with reference to FIG. 9 .

9 is a diagram illustrating an example of using an indicator according to an embodiment of the present invention.

When acquiring/receiving first access authentication information matching the second access authentication information, the non-contact body temperature sensing device may output an indicator 820 corresponding to the second access authentication information to the display module. The user 920 indicates a body part (especially, a part where body temperature was measured when generating the indicator (eg, face) at a preset ratio (eg, 80 to 90%) or more inside the indicator 820 output to the display module. ) may be located at overlapping measurement distances and angles. As a result, the measurement distance and angle between the user 920 and the non-contact body temperature sensing device are automatically adjusted within the measurable distance and angle range, thereby improving body temperature measurement accuracy.

The indicator 820 is generated and output only when the user is a regular access target according to the first and second access authentication information (that is, the indicator 820 is not generated and output for a one-time access target), so signaling overhead and internal process costs.

10 is a diagram illustrating an embodiment of selective activation of a thermopile according to an embodiment of the present invention.

When the indicator 820 is output, since the user directly adjusts the distance and angle so that the measurement site is located inside the indicator 820, the temperature of the pixels p0, p3, p12, p15 outside the indicator 820 is It is very likely the temperature. Nevertheless, the operation of measuring the temperature by activating the thermopile sensor corresponding to the external pixels (p0, p3, p12, p15) is equivalent to consuming power unnecessarily. In order to prevent such unnecessary power consumption, the non-contact body temperature sensing device selectively activates only the thermopile sensors of the pixels (p0, p3, p12, p15) located at the positions corresponding to the indicator 820 when the indicator 820 is output. A temperature measurement can be performed.

More specifically, when the non-contact body temperature sensing device outputs the indicator 820 , the pixels p1 , p2 , p4 , p7 , p8 , p11 , p13 corresponding to the position of the indicator 820 (ie, the boundary line of the indicator 820 ). , p14) and the thermopile sensor of the pixels p5, p6, p9, and p10 positioned inside the indicator 820 may be selectively activated to measure the user's body temperature in a non-contact/infrared manner.

In this case, since the indicator 820 serves to guide the user's measurement distance, there is no need to measure the distance to the user, so the ToF sensor of other sensor modules may also be selectively deactivated.

11 is a diagram illustrating an embodiment of a security operation using an indicator according to an embodiment of the present invention.

This embodiment will be mainly described with respect to an integrated management system to which the embodiment of FIG. 10 is not applied (ie, an integrated management system in which all thermopile sensors are activated to measure body temperature).

The indicator 820 is eventually generated based on the user's individual body size. Since the body size of each user is different, the security level may be improved by using the indicator 820 for user authentication.

For example, when the face of the second user 1130 having a long face shape is overlapped by a ratio greater than a preset ratio in the inner region of the indicator 820 pre-created with respect to the first user having a flat face shape, this figure As shown in , the forehead and/or chin of the second user 1130 protrude out of the indicator 820 . Taking this into consideration, the non-contact body temperature sensing device detects a preset number of pixels (p1, p2, p21, p22) in which a preset temperature or more is measured among the external pixels of the indicator 820 when the body temperature is measured. It is possible to output (or send to the administrator device) a warning of the user's authentication request for the display module. When a corresponding message is output, the administrator can directly authenticate the user.

If the second user 1130 adjusts the measurement distance and angle so that all faces enter the inside of the indicator 820, body parts do not overlap by more than a preset ratio inside the indicator 820, so body temperature measurement error is handled Thus, even in this case, access of the second user 1130 is not permitted.

According to the present embodiment, there is an effect that the access security level can be further strengthened by preventing the unauthorized access of others who have stolen the user device in advance.

Embodiments according to the present invention may be implemented by various means, for example, hardware, firmware, software, or a combination thereof. In the case of implementation by hardware, an embodiment of the present invention provides one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), FPGAs ( field programmable gate arrays), a control module, a controller, a microcontroller, a microcontroller module, and the like.

In addition, in the case of implementation by firmware or software, an embodiment of the present invention is implemented in the form of a module, procedure, function, etc. that performs the functions or operations described above, and is stored in a recording medium readable through various computer means. can be recorded. Here, the recording medium may include a program command, a data file, a data structure, etc. alone or in combination. The program instructions recorded on the recording medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the art of computer software. For example, the recording medium includes a magnetic medium such as a hard disk, a floppy disk, and a magnetic tape, an optical recording medium such as a compact disk read only memory (CD-ROM), a digital video disk (DVD), and a floppy disk. magneto-optical media, such as a disk, and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions may include high-level language codes that can be executed by a computer using an interpreter or the like as well as machine language codes such as those generated by a compiler. Such hardware devices may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

In addition, the device or terminal according to the present invention may be driven by a command to cause one or more control modules to perform the functions and processes described above. For example, such instructions may include interpreted instructions, such as script instructions, such as JavaScript or ECMAScript instructions, or executable code or other instructions stored on a computer-readable medium. Furthermore, the device according to the present invention may be implemented in a distributed manner across a network, such as a server farm, or may be implemented in a single computer device.

Further, a computer program (also known as a program, software, software application, script or code) mounted on the device according to the invention and executing the method according to the invention includes compiled or interpreted language or a priori or procedural language. It can be written in any form of programming language, and can be deployed in any form, including stand-alone programs, modules, components, subroutines, or other units suitable for use in a computer environment. A computer program does not necessarily correspond to a file in a file system. A program may be in a single file provided to the requested program, or in multiple interacting files (eg, files that store one or more modules, subprograms, or portions of code), or portions of files that hold other programs or data. (eg, one or more scripts stored within a markup language document). The computer program may be deployed to be executed on a single computer or multiple computers located at one site or distributed over a plurality of sites and interconnected by a communication network.

Although each drawing is described separately for convenience of description, it is also possible to design to implement a new embodiment by merging the embodiments described in each drawing. In addition, the present invention is not limited to the configuration and method of the described embodiments as described above, but the above-described embodiments are configured by selectively combining all or part of each embodiment so that various modifications can be made. it might be

In addition, although preferred embodiments have been illustrated and described above, the present specification is not limited to the specific embodiments described above, and those of ordinary skill in the art to which the specification belongs without departing from the gist of the claims Various modifications are possible by a person, of course, and these modifications should not be individually understood from the technical spirit or perspective of the present specification.

Claims (22)

In the non-contact infrared body temperature measurement and access management system,
an access management server that issues and manages a mobile access card;
a user device that encrypts and transmits an access authentication request message including first access authentication information of the issued mobile access card;
a non-contact body temperature sensing device configured to receive and decode the access authentication request message from the user device to obtain the first access authentication information, and to determine whether the user device can enter or not based on the first access authentication information; including,
The non-contact body temperature sensing device includes a non-contact infrared temperature sensing module to measure the body temperature of a user who has the user device in a non-contact manner,
The non-contact infrared temperature sensing module includes a plurality of thermopile sensors configured in a square array method,
The non-contact body temperature sensing device comprises:
By activating all of the plurality of thermopile sensors, the temperature of each of a plurality of pixels, which is a body temperature measurement area of each of the plurality of thermopile sensors, is measured in an infrared non-contact method,
When more than a preset number of pixels of the plurality of pixels having a temperature higher than a preset temperature are detected, the user recognizes that the user is located at a body temperature measurement location, and processes the temperature of the pixel equal to or higher than the preset temperature as an effective body temperature value, The temperature of the pixel that is less than the set temperature is treated as the ambient temperature value,
A non-contact infrared body temperature measurement and access management system for predicting the user's body temperature based on an average of the effective body temperature values or an effective body temperature value of a specific pixel, and compensating for the user's body temperature based on the ambient temperature value. The method of claim 1,
The access management server encrypts the synchronization message including the access authentication information to synchronize the issued mobile access card and transmits it to the non-contact body temperature sensing device;
The non-contact body temperature sensing device receives and decodes the synchronization message to obtain and store second access authentication information, and compares the second access authentication information with the first access authentication information to determine whether the user device can enter or not. Judging, non-contact infrared temperature measurement and access control system. 3. The method of claim 2,
The first and second access authentication information is,
At least one of the user's ID (Identifier), resident registration number, employee number, name, mobile phone number, regular access target, one-time access target, accessible area, non-accessible area, and mobile operating system information of the user device Including, non-contact infrared body temperature measurement and access control system. The method of claim 1,
The user device and the non-contact body temperature sensing device include at least one of a Bluetooth (Bluetooth) and a Radio-Frequency Identification (RFID)/Near Field Communication (NFC) communication module,
The access authentication request message is a non-contact infrared body temperature measurement and access management system that is transmitted and received based on BLE (Bluetooth Low Energy) or NFC communication protocol. 5. The method of claim 4,
When the access authentication request message is transmitted/received based on the BLE communication protocol, the BLE operation mode is set to a maximum transmission distance of 2M and a maximum transmission speed of 2Mb/s operation mode, a non-contact infrared body temperature measurement and access management system. 6. The method of claim 5,
The BLE maximum transmission output is,
If the mobile operating system of the user device is the first operating system, it is set to Class 1,
When the mobile operating system of the user device is the second operating system, the non-contact infrared body temperature measurement and access management system is set to Class 2. 7. The method of claim 6,
The first operating system is iOS, the second operating system is Android,
A non-contact infrared body temperature measurement and access management system, which corresponds to 100mW for Class 1 and 2.5mW for Class 2, respectively. 5. The method of claim 4,
When the access authentication request message is transmitted and received based on the BLE communication protocol, the access authentication request message corresponds to a connectionless advertising message. The method of claim 1,
The non-contact infrared body temperature measurement and access management system, wherein the access authentication request message is encrypted and decrypted based on an AES (Advanced Encryption Standard)-256 or SHA (Secure Hash Algorithm)-256 encryption algorithm. 10. The method of claim 9,
When the access authentication request message is encrypted and decrypted based on the AES-256 encryption algorithm,
The secret key used for the encryption and decryption, based on the user's body temperature measurement information performed by the non-contact body temperature sensing device, is updated when the user enters or exits or whenever the body temperature is measured, a non-contact infrared body temperature measurement and access management system . 11. The method of claim 10,
The user's body temperature measurement information,
A non-contact infrared body temperature measurement and access management system comprising at least one of the user's body temperature, the user's body temperature measurement date and time, and the user's entry and exit date and time. delete delete delete delete The method of claim 1,
The non-contact body temperature sensing device comprises:
Further comprising a display module for outputting an image,
A non-contact infrared body temperature measurement and access management system for outputting the user's body temperature through the display module. 17. The method of claim 16,
The non-contact body temperature sensing device comprises:
generating a thermal image divided into the plurality of pixels based on the temperature of each of the plurality of pixels;
Selecting pixels located in the boundary region from among the pixels for which the temperature processed as the effective processing value in the thermal image is measured,
generating an indicator forming a closed space by connecting the centers of selected pixels in the thermal image;
A non-contact infrared body temperature measurement and access management system for storing the indicator in response to the second access authentication information. 18. The method of claim 17,
The non-contact body temperature sensing device comprises:
and outputting the indicator to the display module when the first access authentication information matching the second access authentication information is obtained. 19. The method of claim 18,
When the non-contact body temperature sensing device outputs the indicator,
A non-contact infrared body temperature measurement and access management system for measuring the body temperature of the user in the non-contact manner by selectively activating only a thermopile sensor of a pixel corresponding to the position of the indicator and a pixel located inside the indicator. 20. The method of claim 19,
The indicator is a non-contact infrared body temperature measurement and access management system that is generated only when the user is a regular access target according to the first and second access authentication information. 20. The method of claim 19,
The non-contact body temperature sensing device comprises:
The non-contact infrared body temperature measurement and access management system further comprising a Time of Flight (ToF) sensor for measuring a distance from the non-contact infrared temperature sensing module to the user. 22. The method of claim 21,
When the non-contact body temperature sensing device outputs the indicator,
A non-contact infrared body temperature measurement and access management system that deactivates the ToF sensor.

Images