WO2004029818A1 - Systeme d'authentification et procede d'authentification associe - Google Patents

Systeme d'authentification et procede d'authentification associe Download PDF

Info

Publication number
WO2004029818A1
WO2004029818A1 PCT/JP2002/009894 JP0209894W WO2004029818A1 WO 2004029818 A1 WO2004029818 A1 WO 2004029818A1 JP 0209894 W JP0209894 W JP 0209894W WO 2004029818 A1 WO2004029818 A1 WO 2004029818A1
Authority
WO
WIPO (PCT)
Prior art keywords
signal
information
identification signal
authentication
unit
Prior art date
Application number
PCT/JP2002/009894
Other languages
English (en)
Japanese (ja)
Inventor
Toyoki Sasakura
Kikukazu Sakurai
Original Assignee
Toyoki Sasakura
Kikukazu Sakurai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toyoki Sasakura, Kikukazu Sakurai filed Critical Toyoki Sasakura
Priority to PCT/JP2002/009894 priority Critical patent/WO2004029818A1/fr
Priority to AU2002332313A priority patent/AU2002332313A1/en
Publication of WO2004029818A1 publication Critical patent/WO2004029818A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder

Definitions

  • the present invention relates to an authentication technology that can securely and easily perform authentication (identification of identity, identification of identity, and confirmation of authority) of parties involved in an electronic window application procedure and terminals of an electronic window application procedure, and mutual authentication between them.
  • authentication identification of identity, identification of identity, and confirmation of authority
  • parties involved in an electronic window application procedure and terminals of an electronic window application procedure and mutual authentication between them.
  • public documents such as resident's cards and transcripts of family register
  • the government offices e-government
  • Juki Net Basic Resident Register Network
  • the window when applying for the window application procedure to the government office such as moving out, moving in, requesting a copy of the resident's card, requesting a copy of the family register, the window according to the contents of the window application procedure Authentication is performed to determine whether the applicant who went to the office is the identity, that is, identity verification, identity confirmation, or authority confirmation whether the applicant who went to the counter is an agent.
  • the personal authentication card (IC card) of another person can be used to easily impersonate the person (spoofing). If the card is an authentication card (IC card), it can be forged, so it cannot be said that the identity of the person has been securely authenticated. Unauthorized acts (spoofing, unauthorized access, unauthorized alteration, data destruction) It is difficult to prevent plagiarism) sufficiently. It is also conceivable to take measures such as attaching a photograph of the person to the personal authentication card (IC card) or requesting a signature written on the personal authentication card (IC card) during the window application procedure. In view of the fact that credit cards are forged, it can be said that such personal authentication cards (IC cards) do not suffice for personal authentication.
  • the above-mentioned authentication using signatures, retinas, voice prints, fingerprints, etc. requires one entry or one data entry to the authentication device.
  • the user once the user breaks through the authentication at the first access to the device and impersonates himself, then the user becomes the identity There is no way to check whether it is present, and it can be said that this is an authentication method that has security vulnerabilities.
  • the person who performs the window application procedure that is, the person in charge of the counter at the office of the government office
  • the identity verification (especially personal identification and authority confirmation) of the person is not normally performed, or IC card authentication and password authentication are performed.
  • the contents of the window application procedure and the use of personal information of the applicant (issuing requester) required for the window application procedure are often left to the implementer, and the applicant side is not sufficient. It can be said that it is not an environment where confirmation can be performed. Also, IC card authentication and password authentication were performed.
  • An object of the present invention is to provide authentication to prevent improper conduct (for example, spoofing, unauthorized access, data tampering, data destruction, plagiarism, etc.) when performing a window application procedure with a government office, and to apply for the window application procedure.
  • the purpose of the present invention is to provide an authentication system and an authentication method that can be performed between the user side and the implementer side to perform the authentication more reliably and easily.
  • an authentication system includes: an operator portable communication device (an identification signal transmitting / receiving unit built-in) carried by an applicant of a window application procedure; It has an information acquisition device (built-in use restriction release unit) for acquiring information necessary for execution, and an information provision device (built-in use restriction release unit) owned by the applicant and providing information to the information acquisition device.
  • An authentication system wherein the portable communication device and the information providing device mutually exchange identification signals by a radio signal (RF signal) to perform identity authentication (in particular, identity confirmation and authority confirmation), and perform the identity authentication.
  • the information acquisition device acquires information from the information providing device when the information acquisition is correctly performed.
  • personal authentication can be reliably performed, so that an unauthorized act such as using information of another person using an information providing device of another person (for example, spoofing, unauthorized access, data tampering, data Evening destruction, plagiarism) can be effectively prevented.
  • an unauthorized act such as using information of another person using an information providing device of another person (for example, spoofing, unauthorized access, data tampering, data Evening destruction, plagiarism) can be effectively prevented.
  • personal authentication is automatically performed using a radio signal (RF signal), the authentication does not require the trouble of the implementer.
  • RF signal radio signal
  • the authentication system further includes a practitioner portable communication device (built-in identification signal transmitting / receiving unit) carried by a practitioner performing the window application procedure, wherein the practitioner portable communication device and the information acquisition device Authentication may be performed by mutually exchanging identification signals by radio signals (RF signals), and the information acquisition device may acquire information from the information providing device when the authentication is also correctly performed.
  • a practitioner portable communication device built-in identification signal transmitting / receiving unit
  • Authentication may be performed by mutually exchanging identification signals by radio signals (RF signals), and the information acquisition device may acquire information from the information providing device when the authentication is also correctly performed.
  • RF signals radio signals
  • an authentication system includes an implementer portable communication device (with a built-in identification signal transmission / reception unit) carried by an applicant for a window application procedure, and executes the window application procedure.
  • the practitioner portable communication device stores a first identification signal that is an identification signal of the practitioner portable communication device and a second identification signal that is an identification signal of the information providing device.
  • a first storage unit that transmits the first identification signal stored as a radio signal (RF signal), and transmits the stored first identification signal as a radio signal (RF signal) from the information providing apparatus.
  • First communication means for receiving the obtained second identification signal; the second identification signal received by the first communication means; and the second communication means stored in the first storage means.
  • a first authentication unit that collates and authenticates the identification signal with the second identification signal
  • the information providing device includes a second storage unit that stores the first identification signal and the second identification signal
  • the second identification signal stored in the second storage means is transmitted by a radio signal (RF signal), and the first identification signal transmitted by the practitioner's portable communication device by a radio signal (RF signal)
  • Second communication means for receiving the Second authentication means for comparing and receiving the received first identification signal with the first identification signal stored in the second storage means, and performing authentication by the second authentication means.
  • a first activating unit that activates the information providing device based on the result of (1).
  • the information acquisition device further includes an implementer portable communication device (with a built-in identification signal transmission / reception unit) carried by an implementer performing the window application procedure.
  • a third identification signal that is an identification signal of the device
  • a third storage unit that stores a fourth identification signal that is an identification signal of the practitioner's portable communication device
  • a third storage unit that stores the third identification signal.
  • a third communication means for transmitting the third identification signal by a radio signal (RF signal) and receiving the fourth identification signal transmitted by a radio signal (RF signal) from the practitioner's portable communication device;
  • Third authentication means for comparing and authenticating the fourth identification signal received by the third communication means with the fourth identification signal stored in the third storage means, The result of the authentication by the third authentication means
  • a second activation unit that activates the information acquisition device based on the third identification signal and the fourth identification signal that stores the third identification signal and the fourth identification signal.
  • Storage means and a fourth identification signal stored in the fourth storage means, transmitted by a radio signal (RF signal); and the third identification signal transmitted by the information acquisition device by a radio signal (RF signal).
  • a fourth communication unit for receiving a signal, collating the third identification signal received by the fourth communication unit with the third identification signal stored in the fourth storage means.
  • a fourth authentication means for authentication.
  • the information acquisition device includes: a permission request information requesting permission to execute the window application procedure or permission to access information on the applicant; A verification unit that transmits the permission request information to the portable communication device and confirms the permission based on response information returned from the performer portable communication device in response to the permission request information.
  • a permission unit is provided for receiving the permission request information and displaying the information to the applicant, receiving the response information input by the applicant with respect to the permission request information, and returning the response information to the information acquisition device.
  • information including at least the applicant's identification signal transmitted by the information acquisition device is received, and an electronic certificate is created based on the received information.
  • E-government e.g., Basic residents
  • the e-government further includes permission request information for requesting permission to execute the window application procedure or permission to access information on the applicant.
  • a confirmation unit for confirming the permission based on response information returned from the performer portable communication device in response to the permission request information, wherein the performer portable communication device includes: Permission means for receiving the information and displaying it to the applicant, accepting the response information input by the applicant with respect to the permission request information, and returning the response information to the e-government.
  • the use restriction release unit stops sending the use restriction release signal to restrict the use. It is also possible for the use restriction release unit to include a signal for instructing use restriction in the use restriction release signal and use the signal to perform the stop control.
  • the sending of the use restriction release signal is stopped to restrict use, and the identification signal transmitting / receiving unit issues an alarm signal.
  • the use restriction release unit includes a signal instructing to issue a warning by restricting use in the use restriction release signal, performs the stop control using the signal, and indicates that the stop control has been performed. It can also be displayed.
  • the radio signal is composed of a binary pseudorandom signal and a unique code signal following the signal.
  • each of the units includes a signal presence / absence determination unit, and obtains a timing signal from a binary pseudo-irregular signal of a code signal received at each unit and sends the timing signal to a signal presence / absence determination unit.
  • the received unique code signal matches the own code signal. Or whether the reception level of the unique code signal is equal to or higher than a predetermined value, and based on the determination, whether the distance between the two units is equal to or higher than a predetermined value is determined. I do.
  • each of the units includes a transmission / reception control timer, and the control timer is set to transmit / receive the radio signal as an intermittent signal.
  • an authentication method includes an operator portable communication device (built-in identification signal transmitting / receiving unit) carried by an applicant for a window application procedure, and executing the window application procedure. And an information providing device (built-in use restriction release unit) owned by the applicant and providing information to the information acquisition device.
  • An authentication method in an authentication system wherein the performer's portable communication device transmits a first identification signal, which is an identification signal of the performer's portable communication device, to the information providing device, and the identification of the information providing device is performed.
  • the performer's portable communication device collates and authenticates the second identification signal stored therein, and the information providing device stores and stores the transmitted first identification signal and the information providing device.
  • the authentication system has an implementer portable communication device (built-in identification signal transmission / reception unit) carried by an implementer who performs the above-mentioned window application procedure, and further includes the information
  • the information acquisition device transmits a third identification signal that is an identification signal of the acquisition device to the practitioner portable communication device, and transmits a fourth identification signal that is an identification signal of the practitioner portable communication device to the practitioner portable communication device.
  • the practitioner portable communication device collates and authenticates the transmitted third identification signal with the third identification signal stored in the practitioner portable communication device. 5 of And a sixth step in which the information acquisition device validates the information acquisition device based on a result of the authentication in the fifth step.
  • the information acquisition device further includes: permission request information for requesting permission of access to information on the applicant with permission to execute the window application procedure; Transmitting the permission request information to the applicant, displaying the response request information to the applicant, and responding to the permission request information by the applicant. Accepting and returning the information to the information acquisition device, and the information acquisition device confirming the permission based on the returned response information.
  • the authentication system has a certificate authority and an electronic government, and the information acquisition device transmits, to the certificate authority, information including at least the identification signal of the applicant. Transmitting, the certificate authority creates an electronic certificate based on the transmitted information; andthe certificate authority transmits the electronic certificate to the electronic government, and the electronic government transmits the electronic certificate. Judging permission or non-permission of a window application procedure for the applicant based on the electronic certificate.
  • the e-government further includes permission request information requesting permission to execute the window application procedure or permission to access information on the applicant. Transmitting to the communication device, the practitioner's portable communication device receives the permission request information and displays it to the applicant, and receives response information input by the applicant with respect to the permission request information, and Replying to the government, wherein the e-government confirms the permission based on the returned response information.
  • the use restriction release unit stops sending the use restriction release signal to restrict the use. It is also possible for the use restriction release unit to include a signal for instructing use restriction in the use restriction release signal and use the signal to perform the stop control.
  • the use restriction release signal is stopped from being sent to restrict use, and the identification signal transmitting / receiving unit issues an alarm signal.
  • the use restriction release unit is It is also possible to include a signal for instructing to issue a warning with use restriction included in the use restriction release signal, to use the signal to perform the stop control, and to indicate that the stop control has been performed.
  • the identification signal is composed of a binary pseudorandom signal and a unique code signal following the signal.
  • each of the units includes a signal presence / absence determination unit, and obtains a timing signal from a binary pseudo-irregular signal of a code signal received in each unit, and sends the timing signal to a signal presence / absence determination unit. It is determined whether the received unique code signal matches its own code signal within a predetermined time from the input of the timing signal, and whether the reception level of the unique code signal is equal to or higher than a certain value. And determining whether or not the distance between the two units is equal to or greater than a certain value based on the determination.
  • each of the units includes a transmission / reception control timer, and the identification signal is transmitted and received as an intermittent signal by setting the control timer.
  • FIG. 1 is an overall schematic diagram of an example in which the use restriction device is applied to a mobile phone.
  • FIG. 2 is a schematic block diagram of the identification signal transmission / reception unit.
  • FIG. 3 is a schematic block diagram of a use restriction release unit.
  • FIG. 4 shows a detailed configuration example of the match / addition circuit.
  • FIG. 5 is an explanatory diagram of the identification signal and the transmission timing.
  • FIG. 6 is an explanatory diagram of the configuration contents of the identification number.
  • FIG. 7 is an explanatory diagram of the pulse compression signal and the pulse compression processing.
  • FIG. 8 is an explanatory diagram of the relationship between the detection waveform of the received signal and the confirmation signal.
  • FIG. 9 is an explanatory diagram of a reception signal level and a signal level determination section.
  • FIG. 10 is a configuration diagram according to a first embodiment of an authentication system to which the present invention is applied.
  • FIG. 11 is a flowchart illustrating an example of an authentication process using the authentication system 1 according to the first embodiment.
  • FIG. 12 is a configuration diagram according to a second embodiment of the authentication system to which the present invention is applied.
  • FIG. 13 is a flowchart illustrating an example of an authentication process using the authentication system 1a according to the second embodiment.
  • FIG. 14 is a diagram showing an example of a digital certificate. BEST MODE FOR CARRYING OUT THE INVENTION
  • Fig. 1 shows a schematic block diagram of an example in which the use restriction device is applied to a mobile phone.
  • 10 is a small identification signal transmitting / receiving unit in the form of a card
  • 20 is a use restriction release unit
  • 30 is a mobile phone.
  • the identification signal transmission / reception unit 10 (hereinafter abbreviated as transmission unit 10) is in the form of an independent card separated from the mobile phone 30 and has a use restriction release unit 20
  • release unit 20 is built in the mobile phone 30.
  • the release unit 20 may be integrally attached to the outside of the mobile phone 30.
  • the identification signal transmission / reception unit has a transmitter and a receiver, and sends out an identification code signal from the transmitter with a certain strength.
  • the usage restriction release unit is attached to the target device, and includes a receiver and a transmitter, sends a signal to release the usage restriction to the target device based on the identification code signal received by the receiver, and confirms the same code signal. Transmit the code signal from the transmitter with a constant strength.c
  • the identification code signal received from the identification signal transmission / reception unit is its own.
  • the confirmation code signal is transmitted from the use restriction release unit based on the signal that has been detected.
  • a use restriction solution signal is sent to the target device, and the distance between the two units is equal to or less than a certain value.
  • the use restriction release unit stops sending the use restriction release signal and uses the identification signal transmission / reception unit. Enforce restrictions. At this time, the identification signal transmitting / receiving unit may emit an alarm signal.
  • the mobile phone 30 is obtained by adding a use-restricted circuit 3OA as a use-restricting means to a conventional general circuit.
  • the transmission unit 10 is used by the owner or the user of the mobile phone 30 placed in a pocket or the like of the mobile phone and placed within a certain distance with the mobile phone 30.
  • the transmission unit 10 may be in any form other than the card form, such as a key, as long as it is convenient to carry. -..
  • the mobile phone 30 includes a transmission system 30 B, a reception system 30 C, a telephone number input system 30 D, and a power supply unit 38.
  • the transmission system 30B the sound is converted to a sound signal by the microphone phone 33a, then amplified by the sound amplifier circuit 33b, modulated by the carrier signal by the modulation circuit 33c, and further modulated by the modulated signal.
  • the transmission amplifier 33d After being amplified by the transmission amplifier 33d, the signal is transmitted from the transmitting / receiving antenna 3Ox to the central office.
  • the transmission amplifier 33d is provided with a call switch 33k, and when the call switch 33k is operated, a transmission mode is set.
  • the incoming call signal is amplified by the receiving amplifier 31a, the number is recognized by the number recognition circuit 32a, and then the ringtone is generated from the ringtone generation circuit 32b to the hook switch 31.
  • the hook switch 31c is switched based on this ring tone, the call enters the voice input mode, and the received signal amplified by the receiving amplifier 31a is transmitted to the voice demodulation circuit 31b.
  • the audio signal is demodulated as an audio signal, and the audio signal is transmitted to the speaker 31 d through the hook switch 31 c and reproduced as audio.
  • the telephone number input from the numeric keypad / function key 37a is sent to the telephone number input circuit 35 through the gate 36a, and is transmitted to the telephone number generation circuit 34, the modulation circuit 33c, the transmission amplifier 33d, and the transmission / reception antenna 3 Ox. Is sent from. ....
  • the power supply of the power supply section 38 is operated by a power switch (not shown) of the mobile phone 30 to supply power to the circuits of the respective systems. This power supply will be described later in a configuration example.
  • the release unit 20 may be commonly used, or the release unit 20 may be provided with another independent power supply. In the case of common use, the power is always supplied to the release unit 20 even if the power switch of the mobile phone 30 is cut off. The reason will be described later.
  • FIG. 2 shows a configuration example of the transmission unit 10.
  • the transmitting unit 10 transmits the identification signal including a preset unique code signal from the transmitting antenna 10 T, and a confirmation signal sent back from the transmitter of the release unit 20 described later. And a receiver 11 1a for receiving via the 1 OR.
  • the transmission system that transmits the identification signal sends out the above identification signal set in the identification code memory 13b by the command of the transmission / reception control timer 13a, and performs FSK modulation (250MHz) with the carrier wave by the FSK modulation circuit 15a before transmission.
  • the transmission signal of the identification signal is sent from the device 15b.
  • Reference numeral 14 denotes a power supply control circuit
  • reference numeral 18 denotes a power supply unit.
  • the switch 18a is closed by a signal from the power supply control circuit 14 to supply power to each unit.
  • the receiving system that receives the above confirmation signal, the following components are connected after the receiver 11a.
  • the received confirmation signal 250 MHz
  • the FSK demodulation circuit 11b is FSK-demodulated by the FSK demodulation circuit 11b and sent to the coincidence adding circuit 11c.
  • the match 'addition circuit 11c reads out the identification signal stored in advance in the identification code memory 13b, and determines each bit of the identification signal in order to judge whether or not the confirmation signal matches this identification signal. Are added.
  • the output signal (pulse compression signal, which will also be described later) after the addition processing is output to the threshold processing unit 1 Id, and the threshold processing unit 1 Id outputs the output signal in advance to the threshold setting unit 1 Id Compares with the threshold value (threshold value) set in ', and sends the evening signal to the signal presence / absence determination unit 12b if the output signal exceeds the threshold value.
  • the acknowledgment signal received by the receiver 11a is also sent to the signal level detection circuit 12a, and a signal representing the signal level detected by this circuit is sent to the signal presence / absence determination section 12b.
  • Sent In addition to the above, the confirmation signal from the FSK demodulation circuit 1 lb and the identification code signal from the identification code memory 13 b are also input to the signal presence / absence determination section 12 b.
  • the signal presence / absence determination unit 12b determines whether the confirmation signal matches the identification code signal and receives the timing signal from the threshold processing unit 1Id within a predetermined time t after receiving the timing signal. It is determined whether the signal level of the confirmation signal is higher than a certain value, and no output signal is emitted as long as both of the above two determinations are satisfied. Outputs an alarm signal to the alarm circuit 16.
  • FIG. 3 shows a configuration example of the release unit 20.
  • the release unit 20 has a basic configuration substantially the same as that of the transmission unit 10 in FIG. 2, but is partially different in some respects.
  • the different parts will be mainly described. ⁇
  • the signal presence / absence determination unit 22b determines the presence or absence of a signal based on the identification signal sent from the transmission unit 10, and as long as the identification signal is received, the signal presence / absence determination unit 22b outputs any signal. This is the same as the transmission unit 10. However, if there is no output signal, the usage restriction release signal generator 26 always generates a usage restriction release signal, and if the identification signal is no longer received, the signal presence / absence determination unit 2 2 b The difference is that transmission of the release signal from the signal generator 26 is stopped by the output signal from the controller.
  • the power of the power supply unit 28 is not controlled by the transmission / reception control unit 23a, and is always sent to each component, so that the power switch is used regardless of whether the power supply of the mobile phone is shared or not. The power supply is not cut off. ....
  • the release unit 20 when the identification signal is transmitted from the transmission unit 10, the release unit 20 always receives the identification signal at any time, and determines whether or not the identification signal is present based on the signal. This is because the power supply of the release unit 20 must always be set to 0 N in order to always return the confirmation signal at a fixed interval from the transmission system of the release unit 20 by the command of the transmission / reception control timer.
  • the other components are basically the same as the transmission unit 10 in FIG.
  • the members are given the same reference numerals in the 20's and their description is omitted. ....
  • the identification signal from the transmission unit 10 is a signal including a preset unique code signal.
  • this identification signal is an M sequence (Maximum length null sequence). ) It consists of a signal followed by a unique code signal of the mobile phone's telephone number (hereinafter simply called the telephone number).
  • the telephone number The reason that the M-sequence signal is included in the identification number in addition to the telephone number is that, as will be described later, when the identification number is received, it is recognized whether the received signal is that of its own mobile phone. This is to make the signal convenient at the time of the circuit processing.
  • the identification signal is transmitted as an intermittent signal that repeats at an arbitrary time interval S seconds (for example, 2000 ms) in units of the M-sequence signal and the telephone number signal. This is to save power, to prevent battery consumption and to enable stable long-term transmission.
  • the M-sequence signal may be a CZA code, a P-code, a linear FM signal, or the like.
  • the telephone number as the unique code signal may be another ID number for devices other than the mobile phone, and a signal indicating information of other owners and managers.
  • a pulse compression signal shown by B in FIG. 7 is obtained. In this pulse compression, the M-sequence signal which is an input signal is subjected to 1/31 signal compression.
  • the unique code signal is a power supply number, but it is needless to say that another ID number may be used. If the M-sequence signal and the unique code signal are stored in advance in the identification code memory as identification signals, unauthorized use in case of misplacement or theft can be effectively prevented. ⁇
  • FIG. 4 shows details of a configuration in which the received signal is subjected to pulse compression processing by the transmission unit 10 match-addition circuit 11c. Confirmation above When the received signal is demodulated by the FSK demodulation circuit 1 lb, the first M-sequence signal of the confirmation signal is temporarily stored in the shift register 11 s not shown in FIG. You.
  • the M-sequence signal written to the shift register 11 s. Is sent to the match / addition circuit 11 c, where the M-sequence signal of the data stored in advance in the identification code memory 13 b is called. Then, the two M-sequence signals are compared for each bit to see if they match, and the number of matching bits is added.
  • the signal subjected to the coincidence and addition processing is output as a pulse compression signal.
  • the shift register 11 s has a storage capacity of 31 bits, but the identification code memory 13 b has both an M-sequence signal (31 bits) and a unique code signal (29 bits). Therefore, it has a storage capacity of 60 bits, so that the data portion of the M-sequence signal is called when processing both M-sequence signals.
  • the transmission of the identification signal is performed by FSK modulation of a 31-bit M-sequence signal followed by a 29-bit unique code signal indicating a unique telephone number.
  • the release signal is transmitted from the release unit 20 to the release unit 20.
  • the transmission and reception timings are as shown in (a) to (c) in Fig. 5.
  • the transmission timing is controlled by the control timer 13a so that the power is turned on at a certain time, for example, 2000 ms from the first power-on. Even if the signal transmitted by the transmission unit 10 is received by the receiver 11a of the transmission unit 10 at the same time, since the subsequent processing described later is not performed, an alarm signal is transmitted to the alarm circuit 16 based on the received signal. It is not used as the original received signal because it is not received and is distinguished from the confirmation signal.
  • the above-mentioned confirmation signal sent back from the release unit 20 at a predetermined timing is received by the receiver 11a, it is demodulated by the FSK demodulation circuit 1lb and then subjected to pulse compression processing by the match 'addition circuit 11c.
  • the M-sequence signal of symbol A shown in (a) of Fig. 7 is pulse-compressed among the confirmation signals, but the signal to be matched and added is shifted by 11 s as shown by symbol B.
  • the data for each bit Before or after the pulse train of the M-sequence signal is completely written, the data for each bit partially matches the value of each corresponding bit of the M-sequence signal storage data in the identification code memory.
  • the value of the pulse compression signal fluctuates constantly.
  • the threshold processing unit 11d determines whether the pulse compression processing signal is equal to or greater than a threshold (threshold value) set in advance by the threshold setting unit 1Id ', for example, 24 (see FIG. 7 (b)). When it is determined that the threshold value is exceeded, a evening signal as shown in FIG. 7 (c) is output to the signal presence / absence determination unit 12b.
  • a threshold threshold value
  • the signal level of the received signal received by the receiver 11a is detected by the signal level detection circuit 12a, and it is determined whether the signal level is a certain value or more. Determined by part 1 2b.
  • a certain voltage threshold is set for the received signal having the detection waveform shown in FIG. 8 (a), and if the signal level is higher than this, it is determined that a signal of a certain level or more has been received.
  • the above determination is made as follows. This is based on the fact that the received signal level decreases in inverse proportion to the power, and one of the determination methods is to set the above-mentioned threshold value corresponding to a predetermined distance (for example, lm) so that the received signal level can be less than the threshold value. For example, it is possible to detect that both are separated by a predetermined distance or more.
  • Figure 9 (a) is shown on a logarithmic scale.
  • the level of the received signal may be known by A / D converting the detection waveform of the received signal and measuring the voltage level of the received signal.
  • the determination of the signal level is performed by a fixed time t (corresponding to the unique code signal received after the timing signal after the threshold processing for the M-sequence signal is transmitted from the threshold processing unit 11d) (in the illustrated example, Only 2.9 ms) is symmetric. The reason for this is that noise is not to detect the signal level from other telephones, and that the judgment can be made accurately by using the certain time specified by the timing signal as the judgment section. is there.
  • the signal presence / absence determination unit 12b determines the unique code signal received after the timing signal is input and FSK-modulated unique code signal stored in the identification code memory. It is also checked whether it matches. Therefore, the signal presence / absence determination unit 12b receives a timing signal, and thereafter receives a reception signal of a predetermined level for a certain period of time, and the received unique code signal matches its own unique code signal. When it is determined that the transmission unit 10 and the release unit 20 are within a certain distance, the signal presence / absence determination unit 12b does not output any signal.
  • an output signal is output to activate the alarm circuit 16.
  • the alarm circuit 16 for example, when a voice message (not shown) is generated by a voice message (not shown) to give a warning, if the transmitting unit 10 is put in a pocket, A warning sound warns that the release unit 20 has been left behind due to misplacement or theft.
  • the warning by the warning circuit 16 may be given by any means other than the above-mentioned method of giving a voice message, such as a beeping sound or a display of "Do not leave” on the display. Any method can be used as long as the method is used. Further, even if a signal other than the confirmation signal of the own identification code signal is received, any or some of the above three conditions are not satisfied. It goes without saying that it does not output and has no effect on the receiving operation of the transmitting unit.
  • the operation of the release unit 20 is as follows. As described above, in the unit 20, power is always supplied from the power supply unit 28 to each component regardless of whether the power switch of the mobile phone 30 is ON or OFF. Almost simultaneously with the transmission of the identification signal from the unit 10, the reception signal is received by the receiver 21a of the release unit 20.
  • the received identification signal is demodulated by the FSK demodulation circuit 21b, sent to the match / addition circuit 21c, and the timing signal based on the M-sequence signal is sent from the threshold processing unit 21d to the signal presence / absence determination unit 22b. The same goes for the point sent to. Further, the signal level of the received signal is detected by a signal level detection circuit 22a, and when the signal level exceeds a predetermined level within a predetermined determination time t when the timing signal is sent to the signal presence / absence determination section 22b. It is the same to determine whether there is.
  • the signal presence / absence determination unit 22b during the determination time determines whether the transmitted signal matches its own unique code signal stored in advance in the identification code memory 23b. This is the same as the case of the transmission unit 10. However, the signal presence / absence determination section 2 2b of the release unit 20 has no condition when the above-mentioned timing signal and the three conditions that the signal level is equal to or more than a certain value and the unique code signal match in both determinations are satisfied. No output signal is output.
  • release unit 20 and therefore mobile phone 30 The use restriction release signal is always output from the use restriction release signal generation unit 26 as it is at the owner's or user's hand without leaving the computer. Therefore, the mobile phone 30 is always ready for use.
  • the signal presence / absence determination section 22b After a certain period of time (2 ms in this example) elapses in the signal presence / absence determination section 22b after the identification signal is received, the signal presence / absence determination section 22b transmits and receives the signal from the signal presence / absence determination section 22b immediately
  • the control signal 23a is set, and the same signal as the received identification signal is read out from the identification code memory 23b and transmitted via the FSK modulation circuit 25a and the transmitter 25b. This signal is received by the transmission unit 10 as a confirmation signal as described above.
  • the signal level will be below a certain level in the above signal level detection, and the signal presence / absence determination unit 2 2 b Determines that no identification signal has been received.
  • an output signal is output from the signal presence / absence determination section 22b, and the output of the use release signal from the release signal generation section 26 is stopped, so that the mobile phone 30 cannot be used.
  • the use limiting device of this embodiment is used as an integral unit by putting the transmission unit 10 into the pocket or the like by the owner or user, incorporating the release unit 20 into the mobile phone 30 at hand.
  • the mobile phone 30 is separated from the sending unit 10 by more than a certain distance together with the transmission unit 10, the use of the mobile phone 30 is restricted to prevent accidental unauthorized use, etc.
  • the user is given a warning by voice or the like so that the user can immediately recognize that the mobile phone 30 has left his hand.
  • the use restriction device of the present invention includes an identification signal transmission / reception unit and a use restriction release unit provided in a device subject to use restriction, and a transmission unit is provided. Wear it in your pocket, etc.
  • FIG. 10 is a configuration diagram according to a first embodiment of an authentication system to which the present invention has been applied.
  • the authentication system 1 shown in Fig. 10 is the authentication system according to the present embodiment, and the applicant 6 who visited the office of the government office to apply for the window application procedure and received an application corresponding to the application.
  • This is a system for performing authentication on both sides of the practitioner 7 performing the processing.
  • the government office is a city hall, a ward office, etc.
  • the applicant 6 is a resident, etc.
  • the implementer 7 is a public office having authority to execute the window application procedure applied by the applicant 6. Assume the person in charge.
  • the authentication system 1 has a mobile phone 2 (personal communication device (built-in identification signal transmission / reception unit)), personal authentication card 3 (built-in identification signal transmission / reception unit) (information providing device (built-in use restriction release unit) ), Card reader 4 (Built-in use restriction removal unit) (Information acquisition device (Built-in use restriction release unit built-in)), and Name tag 5 (Built-in identification signal transmission / reception unit) (Personal communication device (Identification signal transmission / reception unit built-in) )).
  • the mobile phone 2 is a mobile phone owned and carried by the applicant 6, and has a function for performing personal authentication (in particular, identity verification and authority confirmation) in addition to a general mobile phone function.
  • an authentication unit 21 identity signal transmission / reception unit, specifically, a match / addition circuit 11c, 21c, a signal level detection circuit 1 1d, 2 1d, threshold processing section 1 2a, 2 2a, signal presence / absence judgment section 1 2b, 2 2b, transmission / reception control timer 13a, 23a, identification code memory 13b, 2 3b etc.
  • an authentication unit 21 identification signal transmission / reception unit, specifically, a match / addition circuit 11c, 21c, a signal level detection circuit 1 1d, 2 1d, threshold processing section 1 2a, 2 2a, signal presence / absence judgment section 1 2b, 2 2b, transmission / reception control timer 13a, 23a, identification code memory 13b, 2 3b etc.
  • the authentication unit 21 is composed of an IC chip (RFIC chip) or a circuit module including an IC chip (RFIC chip) and its peripheral circuits (mainly, C, R components, crystal oscillators, etc.).
  • Wireless authentication is performed by exchanging mutual identification signals with the authentication unit 31 (microprocessor 1) of the card 3 using a radio signal (RF signal) (a in Fig. 10).
  • RF signal radio signal
  • the applicant 6 who owns the mobile phone 2 Is authenticated as a valid owner of the personal authentication card 3, and the personal authentication method 3 is also authenticated.
  • the use restriction release unit stops sending the use restriction release signal and restricts the use of the identification signal transmission / reception unit. At this time, the identification signal transmission / reception unit may emit an alarm signal.
  • the authentication unit 21 of the mobile phone 2 includes a transmitter / receiver for transmitting / receiving data by radio signal, a processing device for processing the transmitted / received data, an internal memory (specifically, a flash memory) (specifically, (Preferably a flash memory for ease of updating the authentication data) (both not shown).
  • the internal memory of the authentication unit 21 stores M-sequence (Maximum length null sequence) data transmitted as a preamble signal (calling signal), the identification signal ID 2 of the mobile phone 2, and the identification signal ID 3 of the personal authentication card 3. Are stored.
  • the authentication unit 21 is connected to an input device (such as a button) and a display device (such as a liquid crystal display) of the mobile phone 2, and can use these hardware resources. Then, as described later, the information transmitted from the card reader 4 is displayed on the display device of the mobile phone 2, and the data inputted by the applicant 6 via the input device of the mobile phone 2 is transmitted by a radio signal. Can be transmitted. Specifically, the card reader 4 sends information to confirm whether the window application procedure can be performed using the personal information of the applicant 6, as shown in Figure 10c. Then, such information is displayed on the display device of the mobile phone 2. When the response (Y / N) of the applicant 6 is input, the information is transmitted to the card reader 14.
  • an input device such as a button
  • a display device such as a liquid crystal display
  • the portable telephone device 2 (built-in identification signal transmitting / receiving unit) carried by the applicant 6 is the portable telephone 2, but other than the wrist-type information terminal, etc., which the applicant 6 possesses almost always. May be your personal belongings. Also in this case, the personal belongings are provided with the authentication unit 21, and have the same functions as the mobile phone 2, such as the mutual authentication function with the personal authentication card 3 and the communication function with the force reader 4. Be provided.
  • the personal authentication card 3 stores information required for performing the window application procedure for the applicant 6, such as the identification signal of the applicant 6, and the like.
  • the personal authentication card 3 includes an authentication unit 31 (microprocessor), similar to the mobile phone 2.
  • the authentication unit 31 is also a circuit module including an IC chip (RFIC chip) or an IC chip (RFIC chip) and its peripheral circuits (mainly, C, R components, crystal oscillators, etc.), similarly to the authentication unit 21.
  • the authentication unit 21 and the authentication unit 21 exchange identification signals by radio signals to perform wireless authentication (wireless authentication). Therefore, the authentication unit 31 also includes a transmitter / receiver for transmitting / receiving data via a wireless signal, a processing device for processing data to be transmitted / received, and an internal memory (specifically, a flash memory) (all illustrated). Omitted).
  • the internal memory of the authentication unit 31 stores data such as an M-sequence signal transmitted as a response signal, the identification signal ID2 of the mobile phone 2, the identification signal ID3 of the personal authentication code 3, and the like. Further, the authentication unit 31 has a function of validating the personal authentication power code 3 only when the wireless authentication (wireless authentication) is correctly performed.
  • the use restriction release unit stops sending the use restriction release signal and restricts the use of the identification signal transmission / reception unit. At this time, the identification signal transmitting / receiving unit may emit an alarm signal.
  • Such personal authentication ability 3 will be handed over to the implementer 7 when the applicant 6 visits the office of the government office for the application procedure, and will be described later by the implementer 7 or by the applicant 6 itself. Inserted into card reader 4. Then, by reading the identification signal and the like of the applicant 6 into the card reader 4, the information required for the window application procedure is provided, but as described above, the authentication with the mobile phone 2 was not performed correctly. In this case, the personal authentication card 3 becomes invalid (use prohibited), and information cannot be read by the card reader 14. If the wireless authentication has not been correctly performed, the use restriction release unit stops sending the use restriction release signal and restricts the use of the identification signal transmitting / receiving unit to the personal authentication force. At this time, the identification signal transmission / reception unit May issue an alarm signal.
  • the card reader 14 is installed at a counter of a government office or the like, reads the identification signal of the applicant 6 stored in the personal authentication card 3 described above, and executes a window application procedure (not shown). )
  • the read information is provided to the practitioner 7 and the execution of the window application procedure applied by the applicant 6 is instructed.
  • a function to obtain the contents of the window application procedure to be executed from the implementer 7 and permission from the applicant 6 to perform the window application procedure are also granted. It has a receiving function.
  • the card reader 4 also has an authentication unit 4 1 (use restriction release unit, specifically, a match / addition circuit 11 c, 21 c, a signal level detection circuit 1), similarly to the mobile phone 2 and the personal authentication card 3. 1 d, 21 d, threshold processing section 12 a, 22 a, signal presence / absence determination section 12 b, 22 b, transmission / reception control timer 13 a, 23 a, identification code memory 13 b, 2 3b etc.).
  • the authentication unit 41 also consists of a circuit module that includes an IC chip (RFIC chip) or an IC chip (RFIC chip) and its peripheral circuits (mainly C, R components, crystal oscillators, etc.).
  • Part 5 1 (Identification signal transmission / reception unit, more specifically, match, adder circuit 11c, 21c, signal level detector 11d, 21d, threshold processing section 12a, 22a, signal presence / absence It is composed mainly of the decision unit 1 2b, 2 2b, transmission / reception control timer 13a, 23a, identification code memory 13b, 23b, etc.)
  • the wireless authentication is performed by exchanging the identification signal (Fig. 10b). This certifies that the implementer 7 with the name tag 5 is a person who has the legitimate authority to perform the window application procedure at the counter, and that the card reader 4 is also legitimate. Is done.
  • the usage restriction release unit for the card reader 14 is released. Stop sending signals and restrict the use of card reader 14. At this time, the identification signal transmitting / receiving unit may emit an alarm signal.
  • the force one drill - sending a stop of use restriction release Yunitto the use restriction release signal Zehnder 4 Let's enforce the use restriction of the leader-4.
  • the identification signal transmitting / receiving unit may emit an alarm signal.
  • both the card reader 14 and the authentication unit 41 have a transceiver for transmitting and receiving data by wireless signal, a processing device for processing the transmitted and received data, and an internal memory (specifically, a flash memory) ( Both are not shown).
  • the internal memory of the authentication unit 41 stores data such as an M-sequence signal transmitted as a response signal, the identification signal ID 4 of the card reader 4, the identification signal ID 5 of the name tag 5, and the like. Further, the authentication unit 41 has a function of validating the force reader 14 only when the wireless authentication is correctly performed.
  • the use restriction release unit of the card reader 14 stops sending the use restriction release signal and restricts the use of the force reader 4. At this time, the identification signal transmitting / receiving unit may emit an alarm signal.
  • the card reader 4 has an input device (such as a keyboard) and a display device (such as a display) (both not shown), and the authentication unit 41 is connected to these devices, and Resources can be used.
  • the card reader 4 When the valid personal authentication card 3 is inserted into the card reader 4 and the authentication with the name tag 5 is correctly performed, the card reader 4 reads the information stored in the personal authentication card 3 and A message is displayed on the display device, and a message prompting input of the contents of the window application procedure to be executed is displayed on the display device. In response to this, when the contents of the window application procedure to be performed are input from the practitioner 7 via the input device, the operator 7 confirms whether the window application procedure described above may be performed. Is transmitted from the authentication unit 41 to the mobile phone 2. The response to the confirmation is received by the authentication unit 41, and when the execution of the window application procedure is permitted by the applicant 6, the card reader 4 instructs the execution of the window application procedure.
  • the use restriction release unit of the force reader 4 stops sending the use restriction release signal and the use of the force reader 4 is stopped. Enforce restrictions. At this time, the card reader 4 does not read the information stored in the personal authentication card 3, and therefore does not display the information on the display device. At this time, the identification signal transmitting / receiving unit may emit an alarm signal.
  • the name tag 5 is worn by the practitioner 7 at all times and displays the name and status of the practitioner 7, but unlike a normal name tag, as shown in FIG.
  • Authentication unit 5 1 Identity signal transmission / reception unit, more specifically, match 'addition circuit 11 c, 21 c, signal level detection circuit 11 d, 21 d, threshold processing unit 12 a, 22 a, signal Presence / absence determination units 12b and 22b, transmission / reception control timers 13a and 23a, identification code memories 13b and 23b, etc.).
  • the authentication unit 51 also includes an IC chip (RFIC chip) or a circuit module including an IC chip (RFIC chip) and its peripheral circuits (mainly, C, R components, crystal oscillators, etc.), As described above, the authentication unit 41 and the identification signal are mutually exchanged by wireless signals to perform wireless authentication.
  • IC chip RFIC chip
  • RFIC chip a circuit module including an IC chip (RFIC chip) and its peripheral circuits (mainly, C, R components, crystal oscillators, etc.), As described above, the authentication unit 41 and the identification signal are mutually exchanged by wireless signals to perform wireless authentication.
  • the RFIC chip includes an RF unit and a baseband processing unit.
  • the RF unit performs predetermined modulation (digital modulation) on the baseband signal, transmits it as a radio signal (RF signal), receives the modulated radio signal (RF signal), and converts it to a baseband signal .
  • digital modulation CD MA (Code Division Multiple Access) modulation, FDMA (Frequency Division Multiple Access) modulation, TDMA (Time Division Multiple Access) modulation and the like can be executed.
  • CDMA modulation which is excellent in noise resistance and coding (confidentiality).
  • analog modulation such as AM modulation, PM modulation, and FM modulation can also be used.
  • the paceband processing unit is a wireless signal (RF signal) that has been subjected to encryption / decryption processing, compression / decompression processing, and predetermined modulation (digital modulation) processing for the paceband signal. It also has a transceiver that transmits and receives data by wireless signals, a processing device that processes data that is transmitted and received, and an internal memory (specifically, a flash memory) (all not shown).
  • the internal memory of the authentication unit 51 stores data such as an M-sequence signal transmitted as an interrogation signal, the identification signal ID 5 of the name tag 5, the identification signal ID 4 of the card reader 14, and the like.
  • the name tag 5 is the implementer's portable communication device (with a built-in identification signal transmitting / receiving unit) that the implementer 7 always wears, but the wristwatch-type portable terminal type that the implementer 7 almost always carries.
  • Other belongings such as an information terminal may be used. Also in this case, such belongings are provided with the authentication unit 51, and are provided with a mutual authentication function with the card reader 4 described above.
  • the authentication system 1 is such that the mobile phone 2 carried by the applicant 6 and the personal authentication card 3 authenticate each other (by exchanging identification signals with each other).
  • the other party authenticates the other party
  • the name tag 5 and the force reader 4 worn by the implementer 7 mutually authenticate (by mutually exchanging identification signals to authenticate the other party).
  • the aim is to realize the certification of both the side 6 and the implementer 7 and to make the certification more secure during the application process for the counter to the government.
  • FIG. 11 is a flowchart illustrating an example of an authentication process using the authentication system 1 according to the first embodiment.
  • the authentication process when the applicant 6 applies for the window application procedure at the office of the government office will be sequentially described with reference to FIG.
  • the applicant 6 who has visited the office of the office gives his personal identification card 3 to the implementer 7 of the office which is responsible for handling at the office (step S l in FIG. 11).
  • the implementer 7 inserts the personal authentication card 3 of the applicant 6 into a force reader 4 described later, but the applicant 6 may insert the personal authentication card 3 into the card reader 14 itself. In this case, the personal authentication card 3 does not need to be given to the implementer 7.
  • the authentication unit 21 of the mobile phone 2 carried by the applicant 6 transmits the interrogation signal stored in the above-mentioned internal memory to the surroundings as a radio signal (RF signal) (Step S in FIG. 11). 2).
  • the transmitted interrogation signal is received by the authentication unit 31 of the personal authentication unit 3 (step S3 in FIG. 11), and the authentication unit 31 receiving the interrogation signal transmits the interrogation signal. If it is legitimate, the response signal stored in the internal memory and the identification signal ID 3 of the personal authentication method 3 are transmitted as a radio signal (RF signal) (step S 4 in FIG. 11). .
  • the transmitted response signal and the identification signal ID3 of the personal authentication card 3 are received by the authentication unit 21 of the mobile phone 2 (step S5 in FIG. 11).
  • the authentication unit 21 compares the received identification signal ID 3 of the personal authentication card 3 with the identification signal ID 3 stored in its own internal memory, and the content is If the authentication has been completed, it is determined that the authentication of the personal authentication card 3 has been correctly performed (step S6 in FIG. 11), and the identification signal ID 2 of the mobile phone 2 stored in the internal memory and the above-mentioned call are determined.
  • the device sends the shift signal as a wireless signal (step S7 in Fig. 11).
  • the transmitted interrogation signal and identification signal ID 2 are received by the personal identification card 3 (step S 8 in FIG. 11), and the authentication unit 31 of the personal identification card 3 identifies the received mobile phone 2
  • the signal ID 2 is compared with the identification signal ID 2 stored in its own internal memory, and if the contents match, it is determined that the authentication of the applicant 6 has been performed correctly (step in Fig. 11). S9).
  • the authentication unit 31 determines that the authentication has been correctly performed, the personal authentication method 3 does not execute the use restriction by continuing to send the use restriction release signal. At this time, the identification signal transmitting / receiving unit does not emit an alarm signal.
  • the authentication unit 31 determines that the authentication has been correctly performed, the authentication unit 31 validates the personal authentication card 3 (step S10 in FIG. 11).
  • validating the personal authentication card 3 means that the identification signal and the like of the applicant 6 stored in the personal authentication card 3 can be read by the force reader 4.
  • step S 6 in FIG. 11 If the identification signal ID 2 does not match (step S 9 in FIG. 11), the activation process is not performed, and the personal authentication card 3 remains disabled (use prohibited). It becomes. Therefore, information cannot be read from the personal authentication card 3.
  • the reception level (radio wave intensity) does not reach a predetermined value when the interrogation signal and the response signal are received, it is not determined that the signal has been received.
  • the personal authentication card 3 is not validated because the conditions for validity described above are not met.
  • the mobile phone 2 and the personal identification card 3 are separated by a predetermined distance (for example, for example, when a person is more than a distance that can be monitored by the naked eye, that is, several meters or more, the reception level does not reach a predetermined value, and it is difficult to use the personal authentication card 3.
  • the personal authentication card 3 is enabled by such an authentication window application procedure, so that the personal authentication card 3 must be possessed in order to use the personal authentication card 3.
  • the mobile phone 2 of the applicant 6 who is the applicant and the personal authentication card 3 must be in the vicinity, and illegal use (for example, knocking) using only the personal authentication card 3 of another person is required. It can be effectively prevented.
  • the identification signal ID3 is transmitted.
  • the identification signal ID3 may be transmitted after the identification signal ID2 is transmitted from the mobile phone 2 in response to the response signal.
  • the risk of interception of the identification signal can be reduced.
  • the personal authentication card 3 passed to the implementer 7 is inserted into the card reader 4 (steps in FIG.
  • the authentication unit 51 of the name tag 5 transmits the interrogation signal stored in the internal memory to the surroundings as a wireless signal (step in FIG. 11).
  • the transmitted calling signal is The authentication unit 41 received by the authentication unit 41 of the header 4 (step S13 in FIG.
  • step S 14 in FIG. 11 The response signal stored in the internal memory and the identification signal ID 4 of the force reader 14 are transmitted as a wireless signal (step S 14 in FIG. 11). 4 is received by the authentication unit 5 1 of the name tag 5 (Step S15 in FIG. 11). If the response signal is legitimate, the authentication unit 51 checks the received identification signal ID 4 against the identification signal ID 4 stored in its own internal memory, and if the contents match. In step S16, it is determined that the card reader 4 (with built-in restriction release unit) has been correctly authenticated (step S16 in Fig.
  • the signal is transmitted as a wireless signal (step S17 in Fig. 11). If the owner is not authenticated, the leader 4 stops sending the use restriction release signal and restricts the use of the name tag 5. At this time, the name tag 5 may emit an alarm signal.
  • the transmitted interrogation signal and identification signal ID 5 are received by the force reader 14 (step S 18 in FIG. 11), and the authentication section 41 stores the received identification signal ID 5 and its own internal memory.
  • the stored identification signal ID5 is collated, and if the contents match, it is determined that the authentication of the implementer 7 has been correctly performed (step S19 in FIG. 11).
  • the authentication unit 41 validates the card reader 14 (step S20 in FIG. 11).
  • to enable the card reader 4 means to enable the use of the card reader 14.
  • the information stored therein is read. be able to.
  • the card reader 4 stops sending the use restriction release signal and executes the personal authentication card 3 use restriction. At this time, the personal authentication card 3 may emit a warning signal.
  • the call signal and the response signal are not regular, if they do not match in the identification signal collation, the name tag 5 and the card reader 4 If the card reader 4 is not within the distance, the activation processing is not performed, and the card reader 4 remains disabled (use prohibited). Therefore, the card reader 4 cannot be used.
  • both the personal authentication card 3 and the card reader 14 When the card becomes valid, the card reader 4 reads the identification signal and the like of the applicant 6 stored in the inserted personal authentication card 3 from the personal authentication card 3 (built-in identification signal transmitting / receiving unit) ( Step S21 in FIG. 11). Next, the card reader 4 displays on the display device that the applicant 6 should input the contents of the window application procedure to be executed (step S22 in FIG. 11). In response to this display, the implementer 7 uses the input device of the card reader 14 to input the contents of the window application procedure to be performed, such as issuing a copy of a resident's card, to the card reader 14 (see FIG. Step 1 1 S 2 3).
  • the card reader 14 uses the personal information of the applicant 6 to execute the next window application procedure, or to execute the next window application procedure.
  • the authentication unit 41 transmits permission request information to that effect to the mobile phone 2 of the applicant 6 (step S24 in FIG. 11).
  • the transmitted permission request information is received by the authentication unit 21 of the mobile phone 2 and displayed on the display device of the mobile phone 2 as shown in c of FIG. 10 (step S 25 of FIG. 11). ).
  • the display in FIG. 10 is a simplified expression, the contents of the window application procedure to be executed, the personal information items to be used, and the like may be displayed.
  • the applicant 6 responds by inputting whether or not to permit (Y / N) via the input device (specifically, a push button) of the mobile phone 2 ( Step S26 in FIG. 11).
  • the authentication unit 21 of the mobile phone 2 transmits the result of the permission confirmation by the applicant 6 to the card reader 14 (step S27 in FIG. 11).
  • the operator 4 instructs execution of the input window application procedure (step S28 in FIG. 11). Specifically, this is indicated on the display device to inform the implementer 7 that the window application procedure should be performed, or if the system that performs the window application procedure can communicate with the card reader 14 In this case, information to that effect is transmitted to the system.
  • the mutual authentication between the mobile phone 2 and the personal identification card 3 and between the name tag 5 and the card reader 14 are not only performed once at the beginning as shown in FIG. More specifically, full-time authentication may be performed for a few seconds or less, for example, once a second. That is, the mutual authentication (steps S2 to S9 and S12 to 19 in FIG. 11) may be performed at a predetermined timing as needed from the time the applicant 6 visits the office of the government office and returns after completing the business. If the authentication is not performed correctly, the personal authentication card 3 or force reader 4 may be invalidated (use prohibited) at that time.
  • Such a method of repeatedly performing authentication at predetermined time intervals or for each event is referred to as a full-time authentication method corresponding to the one-time authentication method described above.
  • Such a full-time authentication method is used at a government office window. By applying it to authentication, it is possible to achieve more reliable authentication (especially identity verification and authority verification).
  • the authentication system 1 As described above, by using the authentication system 1 according to the first embodiment, it is possible to perform personal authentication (in particular, personal identification and authority confirmation) with the mobile phone 2 that the applicant 6 almost always carries. Therefore, more reliable authentication can be performed than before. In addition, since such authentication is automatically and quickly performed using a wireless signal, no trouble is required. In addition, authentication of the implementer 7 (especially identity verification and authority confirmation) is also performed, and fraud on the implementer 7 side can be prevented.
  • personal authentication in particular, personal identification and authority confirmation
  • the authentication system does not include the name tag 5, and the steps S12 to S20 in FIG. 11 are not performed in the authentication process.
  • the above-described effects can be obtained in the authentication of the applicant 6.
  • the personal authentication card 3 and the mobile phone 2 which is one portable communication device carried by the individual, are used for the personal authentication of the applicant 6, but the same authentication is performed.
  • Another mobile communication device having a function, for example, a wristwatch-type mobile terminal that the applicant 6 always carries, including the authentication unit described above may be added.
  • the personal identification card 3, the mobile phone 2, and the other The above mentioned identification signals are exchanged and collated between the three mobile communication devices, and personal authentication (especially personal identification and authority confirmation) is performed (N-to-N mutual authentication method).
  • N-to-N mutual authentication method personal authentication (especially personal identification and authority confirmation) is performed.
  • FIG. 12 is a configuration diagram according to the second embodiment.
  • the authentication system la shown in FIG. 12 is the authentication system according to the present embodiment, and a certificate authority 8 and an e-government 9 are added to the authentication system 1 according to the first embodiment shown in FIG. Configuration.
  • the authentication system 1a according to the present embodiment is similar to the authentication system 1 according to the first embodiment, in that the applicant 6 who visits the office of the government office to apply for the window application procedure, This is a system to authenticate both sides of the practitioner 7 who responds to the application and carries out the application processing, but it is an organization that centrally manages information related to the authentication performed at the contact points of each government office (certification Bureau8, e-government9) to further apply for a certification window, and to conduct more reliable certification than in the first embodiment.o
  • the mobile phone 2, personal authentication card 3, and name tag 5 shown in FIG. 12 have the same configuration and functions as those in the first embodiment, and a description thereof will be omitted.
  • the force feeder 4a (with built-in use restriction release unit) also has substantially the same configuration and function as in the first embodiment, but has the same functions as the certificate authority 8 and e-government 9 described later. Communication is possible by wire or wireless (f, h in Fig. 12), and the difference is that the authentication process is performed in cooperation with the certification authority 8 and the e-government 9.
  • the certification authority 8 centrally manages the identification signal of the applicant 6, the identification signal of the implementer 7, and the identification signal of the government office (in addition to encryption key management, digital certificate issuance management, (Authority check, certificate registration, etc.), and properly performs authentication at the office of the government office based on the information (including the electronic certificate issuance request) sent from the card reader 4a.
  • Creates a digital certificate that indicates that the The data is transmitted to the e-government 9 via a communication line such as a network using an encryption method such as PKI.
  • the certificate authority 8 is configured to be able to communicate with a plurality of card readers 4a and e-government 9 at each government office by wire or wirelessly using an encryption method such as PKI (see f and f in FIG. 12).
  • the certificate authority 8 can be constituted by a computer system such as a server system connected to a communication line such as a network, and is desirably operated by a trusted third party. .
  • the e-government 9 is a device operated by the public office that finally determines the authentication performed at the window of each government office, and the e-government transmitted from the certification authority 8 by an encryption method such as PKI. Based on the written agreement, it is decided whether or not to allow the application procedure for the applicant 6 who has visited the window of each government office.
  • the e-government 9 is configured to be able to communicate with a plurality of force readers 14a and certificate authorities 8 located in each government office by wire or wireless using an encryption method such as PKI (see FIG. 12)!
  • the e-government 9 also establishes the final list, including the list of persons who should not be allowed to perform the contact application procedure, the so-called blacklist, and the authority (especially the level that can be authenticated) that each implementer 7 has. It stores the information necessary for proper judgment.
  • the e-government 9 can be configured by a computer system such as a server system, and may have a function of executing the window application procedure applied at the window of each government office.
  • FIG. 13 is a flowchart illustrating an example of an authentication process using the authentication system 1a according to the second embodiment.
  • the personal authentication card 3 and the card reader 4a are activated, and the force reader 4 & reads the information of the personal authentication card 3.
  • the processes up to are the same as steps S1 to S21 in FIG. 11 in the first embodiment, and are not shown in FIG. Therefore, the processing contents after the card reader 14a has read the information on the personal authentication power 3 will be described below with reference to FIG.
  • the card reader 4a When reading the information of the personal authentication card 3, the card reader 4a reads the identification signal of the applicant 6 read from the personal authentication card 3, the identification signal of the government office where the power reader 4a is installed, The identification signal of the implementer 7 who is currently responding, the identification signal of the card reader 4a, the date information of the day, etc. are transmitted to the certificate authority 8 with the digital certificate issuance request using an encryption method such as PKI. (Step S31 in FIG. 13). In addition, The identification signal of the government office is stored in the card reader 4a in advance, and the identification signal of the practitioner 7 is stored in the card reader 4a in advance corresponding to the identification signal ID 5 of the name tag 5. May be transmitted from the name tag 5.
  • the certificate authority 8 is based on the information (address, name, telephone number, age, gender, basic resident register number, etc.) identifying each individual such as the identification signal transmitted from the reader 4a.
  • the information address, name, telephone number, age, gender, basic resident register number, etc.
  • identifying each individual such as the identification signal transmitted from the reader 4a.
  • PKI issuing the electronic certificate
  • FIG. 14 is a diagram showing an example of such a digital certificate. As shown in the figure, the digital certificate is composed of information on applicant 6 ((A) in FIG. 14) and information on implementer 7 ((B) in FIG. 14).
  • the certification authority In the method 8 only the process of creating an electronic certificate based on the transmitted information may be performed, or a formal identification signal may be stored in advance and stored together with the transmitted information. After valid information is collated, the process of creating a digital certificate (issuing a digital certificate) may be performed only when the information matches.
  • PKI electronic certificate issuance request
  • the e-government 9 receives the transmitted electronic certificate using an encryption method such as PKI, and compares the information included in the e-certificate with the various information stored in the e-government 9. (Step S33 in FIG. 13). For example, the identification signal of the applicant 6 of the digital certificate is compared with the identification signal of the applicant in the blacklist, or the identification signal of the government office of the digital certificate is compared with the identification signal of the official office list. I do.
  • the applicant 6 is not a malicious applicant, the implementer 7 is not a retired person or a person who does not have the authority to execute the window application procedure, and the official office is improper (certification qualification If the conditions for permitting the window application procedure are confirmed, such as not being (ineligible), the e-Government 9 will apply to the applicant 6 for whom the electronic certificate has been sent using an encryption method such as PKI. A decision is made to permit the execution of the procedure. On the other hand, if the conditions of the permission are not confirmed, it is determined that the applicant 6 who has sent the digital certificate in an encryption method such as PKI, is not permitted to perform the window application procedure (Step S in Fig. 13). 3 4).
  • the e-government 9 notifies the decision result of permission / non-permission to the force reader 14a using an encryption method such as PKI (step S35 in FIG. 13).
  • the leader who received the notification will display on the display device that the applicant 6 should input the details of the window application procedure to be performed, if the notification is for permission.
  • the implementer 7 uses the input device of the card reader 14a to input the contents of the window application procedure to be executed, such as issuing a copy of a resident's card, to the card reader 14a. (Step S37 in FIG. 13).
  • the leader 4a Upon receipt of the window application procedure contents, the leader 4a transmits the information of the window application procedure contents to the e-government 9 using an encryption method such as PKI. On the other hand, when the notification of the non-permission is received, the card reader 4a displays the fact on the display device. In this case, the window application procedure cannot be performed.
  • the e-government 9 will again ask whether or not to execute the window application procedure. After confirming, it is determined that permission or non-permission is given to the applicant 6 for performing the contents of the window application procedure (step S39 in FIG. 13). For example, even if the practitioner 7 is a legitimate practitioner, if he / she does not have the authority to carry out the contents of the notified contact application procedure, it is determined to be unlicensed.
  • the e-government 9 will determine whether or not the window application procedure can be performed, or the e-government of the applicant 6 in order to perform the window application procedure. In order to request the applicant 6 to confirm whether the personal information can be used, the permission request information to that effect is transmitted to the mobile phone 2 of the applicant 6 (step S40 in FIG. 13). If it is determined that the application for the window is not permitted, the card reader 4a will be notified to that effect using an encryption method such as PKI, and the card reader 4a will indicate this to the display device. indicate.
  • the mobile phone 2 receives the information and displays the information on the display device as shown by i in FIG. 12 (step S41 in FIG. 13).
  • the transmission of the permission request information to the mobile phone 2 may be performed via the authentication unit 8 and the force reader 4a (g and f in FIG. 12), or only the card reader 14a may be transmitted. Through ( Figure 12) h) or may go directly to the mobile phone 2.
  • the display of i in FIG. 12 is a simplified expression, the content of the window application procedure to be performed, the personal information items to be used, and the like may be displayed.
  • the applicant 6 responds by inputting whether or not to permit (Y / N) through the input device of the mobile phone 2 (step S42 in FIG.
  • the mobile phone 2 transmits the result of the permission confirmation by the applicant 6 to the e-government 9 using an encryption method such as PKI (step S43 in FIG. 13). Then, when the e-government 9 receives the information to the effect that the permission has been granted by the applicant 6 using an encryption method such as PKI, the e-government 9 executes the window application procedure (step S in FIG. 13). 4 4). Specifically, the e-government 9 itself may execute the window application procedure, or the information to be executed is transmitted to the card reader 14a using an encryption method such as PKI to apply for the window application procedure. It may be performed by a certain government office. Also, data necessary for the window application procedure may be transmitted to the card reader 14a by an encryption method such as PKI. If the permission is not granted by the applicant 6, the e-government 9 transmits the fact to the force reader 14a using an encryption method such as PKI.
  • the authentication system 1a in addition to the authentication performed at the counter of each government office, the authentication by the e-government 9 is further performed. It is possible to achieve more reliable authentication than in the case of the embodiment.
  • the instruction of the contents of the window application procedure (step S37 in Fig. 13) is transmitted by the force reader 14a to the certificate authority 8 using an encryption method such as PKI (Fig. 13
  • the instruction of the contents of the window application procedure is sent before the transmission (step S31 of Fig. 13), that is, after the step S21 of Fig. 13
  • the level of security may be lower depending on the security level of the personal information used for the designated window application procedure. In this case, only certification at the office of the government office will be performed, and if the level is high, certification by the e-government 9 will be performed.
  • the procedure of permission (steps S40 to S43 in FIG. 13) is finally performed by the applicant 6 before the window application procedure is executed, but this procedure is omitted. It can also be.
  • the certificate authority 8 in the above-described embodiment may have a two-stage configuration. Specifically, a plurality of certificate authorities that directly communicate with each government office, for example, for each government office, and one bridge that is communicably connected to those certificate authorities and the e-government 9 using an encryption method such as PKI It may be configured by a certificate authority.
  • each certificate authority creates the digital certificate in its own format based on the above-mentioned information transmitted from each office in an encryption method such as PKI
  • the bridge certificate authority Converts digital certificates in different formats, which are transmitted from a certificate authority using an encryption method such as PKI, into one prescribed format, and then converts the unified format digital certificates to the electronic government 9 for PKI, etc.
  • the present invention can be used to authenticate the applicant of the window application procedure and the implementer of the window application procedure when performing various window application procedures with the government office at the office of the government office. Specifically, when applying for the issuance of various certificates, submitting and registering personal information, or applying for browsing personal information, etc., the identity of the applicant (especially identification and authority confirmation) and the application receiving party Authentication is also implemented, and it is possible to effectively prevent fraudulent activities on both sides (spoofing, unauthorized access, falsification of data overnight, destruction of data overnight, plagiarism).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un système d'authentification permettant d'empêcher un acte non autorisé lorsqu'une procédure comprenant une application de fenêtre est exécutée dans un bureau d'abonnés, cette procédure étant facile à appliquer à la fois par le demandeur exécutant la procédure d'application de fenêtre et par le responsable de la mise en application. Ce système d'authentification comprend un dispositif de communication mobile détenu par le demandeur exécutant une procédure d'application de fenêtre, un dispositif d'acquisition d'information permettant d'acquérir l'information nécessaire pour l'exécution de la procédure d'application de fenêtre, et un dispositif d'informations détenu par le demandeur et permettant de transmettre des informations au dispositif d'acquisition d'informations. Ce système d'authentification est caractérisé en ce que le dispositif de communication mobile et le dispositif d'information échangent mutuellement des signaux d'identification par l'intermédiaire signaux radio, afin d'authentifier le demandeur, et le dispositif d'acquisition d'informations acquiert des informations auprès du dispositif d'informations une fois que le demandeur est authentifié.
PCT/JP2002/009894 2002-09-25 2002-09-25 Systeme d'authentification et procede d'authentification associe WO2004029818A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2002/009894 WO2004029818A1 (fr) 2002-09-25 2002-09-25 Systeme d'authentification et procede d'authentification associe
AU2002332313A AU2002332313A1 (en) 2002-09-25 2002-09-25 Authentication system and authentication method therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2002/009894 WO2004029818A1 (fr) 2002-09-25 2002-09-25 Systeme d'authentification et procede d'authentification associe

Publications (1)

Publication Number Publication Date
WO2004029818A1 true WO2004029818A1 (fr) 2004-04-08

Family

ID=32040304

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2002/009894 WO2004029818A1 (fr) 2002-09-25 2002-09-25 Systeme d'authentification et procede d'authentification associe

Country Status (2)

Country Link
AU (1) AU2002332313A1 (fr)
WO (1) WO2004029818A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04306760A (ja) * 1991-04-03 1992-10-29 Nippon Telegr & Teleph Corp <Ntt> カード類の所有者確認方法
JPH10326349A (ja) * 1997-05-27 1998-12-08 M Tec:Kk 本人確認用電子印鑑照合システム
JPH1188499A (ja) * 1997-09-04 1999-03-30 Toyoki Sasakura 機器の使用制限装置
WO2001071516A1 (fr) * 2000-03-23 2001-09-27 Tietech Co., Ltd. Procede et dispositif d'identification personnelle
JP2002109436A (ja) * 2000-09-29 2002-04-12 Casio Comput Co Ltd カード認証方法、カード認証装置及びカード認証プログラムを記録した記録媒体
JP2002222315A (ja) * 2001-01-25 2002-08-09 Super Wave Corp カード決済システム

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04306760A (ja) * 1991-04-03 1992-10-29 Nippon Telegr & Teleph Corp <Ntt> カード類の所有者確認方法
JPH10326349A (ja) * 1997-05-27 1998-12-08 M Tec:Kk 本人確認用電子印鑑照合システム
JPH1188499A (ja) * 1997-09-04 1999-03-30 Toyoki Sasakura 機器の使用制限装置
WO2001071516A1 (fr) * 2000-03-23 2001-09-27 Tietech Co., Ltd. Procede et dispositif d'identification personnelle
JP2002109436A (ja) * 2000-09-29 2002-04-12 Casio Comput Co Ltd カード認証方法、カード認証装置及びカード認証プログラムを記録した記録媒体
JP2002222315A (ja) * 2001-01-25 2002-08-09 Super Wave Corp カード決済システム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
TEZUKA SATORU: "Supper denshi seifu tettei kenkyu denshi ninsho kiban wa do kochiku sareruka", COMPUTER & NETWORK LAN, vol. 19, no. 6, 1 June 2001 (2001-06-01), pages 10 - 14, XP002977403 *

Also Published As

Publication number Publication date
AU2002332313A1 (en) 2004-04-19

Similar Documents

Publication Publication Date Title
JP4848360B2 (ja) ワイヤレス認証方法及びワイヤレス認証システム
ES2534047T3 (es) Tarjeta inteligente con micrófono
JP4524306B2 (ja) 許可方法
US20080148059A1 (en) Universal, Biometric, Self-Authenticating Identity Computer Having Multiple Communication Ports
US9246903B2 (en) Authentication method
KR101202580B1 (ko) 전자 거래에서 사용자를 확인하기 위한 시스템
EP1488653B1 (fr) Appareil, procede et systeme d&#39;authentification
US7284125B2 (en) Method and apparatus for personal identification
US7882541B2 (en) Authentication system in information processing terminal using mobile information processing device
ES2257781T3 (es) Metodo y sistema para asegurar la seguridad del suministro a distancia de servicios de instituciones financieras.
US8839380B2 (en) Method for the temporary personalization of a communication device
CA2647713A1 (fr) Systeme et procede pour affecter et revoquer a distance des references d&#39;acces a l&#39;aide d&#39;un telephone mobile equipe d&#39;une communication de champ proche
CN101467430A (zh) 便携式电信装置
ES2205256T3 (es) Procedimiento y sistema para garantizar las prestaciones de servicio difundidas por una red informatica de tipo internet.
US9294921B2 (en) Device for mobile communication
JP2010128600A (ja) 指紋認証機能搭載携帯型装置
KR20090002074A (ko) 보안성이 향상된 일회용 비밀번호에 기반한 사용자 인증장치 및 방법
WO2006038290A1 (fr) Méthode d’authentification sans fil et système d’authentification sans fil
JP2003188982A (ja) 移動体通信システム及び移動体無線端末
JP2007265321A (ja) 個人認証システム及び個人認証方法
KR101985280B1 (ko) 웹사이트 접속 허용 여부를 인증하기 위한 보안 인증 솔루션 제공 시스템 및 그 구동방법
MXPA05013336A (es) Dispositivo de comunicacion de credencial.
NO20160057A1 (en) Device for verifying the identity of a person
CN101296080B (zh) 授权使用者确认方法及其相关装置
JP2002074365A (ja) 本人認証システム

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP