WO2009139242A1 - Server, service providing method, and program - Google Patents

Server, service providing method, and program Download PDF

Info

Publication number
WO2009139242A1
WO2009139242A1 PCT/JP2009/057210 JP2009057210W WO2009139242A1 WO 2009139242 A1 WO2009139242 A1 WO 2009139242A1 JP 2009057210 W JP2009057210 W JP 2009057210W WO 2009139242 A1 WO2009139242 A1 WO 2009139242A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
server
identification information
service
information
Prior art date
Application number
PCT/JP2009/057210
Other languages
French (fr)
Japanese (ja)
Inventor
政彰 森島
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Publication of WO2009139242A1 publication Critical patent/WO2009139242A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the present invention relates to a server that provides a service to a communication terminal, a service providing method, and a program.
  • WiMAX Worldwide Interoperability for Microwave Access
  • LTE Long Term Evolution
  • the area for providing services is limited based on the coverage of a specific wireless base station.
  • detection means for detecting the identification number of the portable terminal from the portable terminal is provided at the entrance gate or exit gate for the user carrying the portable terminal to enter and exit from a specific area, and the identification detected by the detection means.
  • detection means for notifying a server of a number and providing a service according to the identification number to a portable terminal by the server see, for example, patent publication 2006-191540.
  • An object of the present invention is to provide a server, a service providing method, and a program that solve the problems described above.
  • the present invention is It is connected to an identification information reader provided at the entrance of a predetermined area, and is used to identify the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user.
  • a server for managing entry / exit of the user based on the identification information of the user When a connection to the server is requested from a terminal operated by the user, a service is provided to the terminal according to whether the user is inside or outside the area.
  • an identification information reader provided at the entrance of a predetermined area, and identifies the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user.
  • the identification information reading device provided at the entrance of the predetermined area is connected, and the identification information reading device reads and transmits from the identification information storage medium possessed by the user.
  • the server that manages the entry / exit of the user based on the user identification information for identifying the user when connection from the terminal operated by the user to the server is requested, the use is made to the terminal Since the service is provided depending on whether the person is in or out of the area, the service can be easily provided according to the position of the user.
  • FIG. 1 It is a figure which shows an example of an internal structure of the service provision server shown in FIG.
  • FIG. 2 is a diagram showing a form in which a base station in a specific area communicates with a terminal existing outside the specific area in the form shown in FIG. 1;
  • FIG. 1 is a diagram showing an embodiment of a service providing system of the present invention.
  • this embodiment comprises a service providing server 101, a gate 102, base stations 103-1 and 103-2, and terminals 104-1 and 104-2.
  • the gate 102 is a general entrance / exit gate which is installed at the entrance of the specific area 105 and reads the user identification information written in the authentication key 106.
  • the specific area 105 is, for example, a predetermined area artificially closed, such as a business office, office, or park of a company.
  • the authentication key 106 is user identification information for identifying a user who holds or passes over the gate 102 when entering or leaving the specific area 105, such as an employee ID card, an admission card, an admission pass, etc. It is written in advance.
  • the terminal 104-1 is present in the specific area 105, and the terminals 104-2 and 104-3 are present outside the specific area 105.
  • Terminal 104-3 exists in a range where radio waves transmitted from base station 105 can reach.
  • the service providing server 101 Based on the user identification information for identifying the user transmitted from the gate 102, the service providing server 101 enters / exits the user, that is, is inside or outside the specific area 105? Is a server that manages Also, services are provided to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
  • the gate 102 is generally a gate provided at the entrance of the specific area 105, and is an identification information reader that reads information written in the authentication key 106 by holding or passing the authentication key 106.
  • Base stations 103-1 and 103-2 are radio base stations that mediate services provided from the service providing server 101 to the terminals 104-1 to 104-3.
  • the base stations 103-1 and 103-2 communicate with the terminals 104-1 to 104-3 using radio.
  • the base station 103-1 is provided in the specific area 105
  • the base station 103-2 is provided outside the specific area 105.
  • the terminals 104-1 to 104-3 are communication terminals equipped with a wireless communication function.
  • the authentication key 106 is identification information such as a general ID card or the like possessed by an employee who works in a business place or office that is the specific area 105 and in which user identification information for identifying the user who is the employee is written. It is a storage medium.
  • FIG. 2 is a diagram showing an example of the internal configuration of the service providing server 101 shown in FIG.
  • the service providing server 101 shown in FIG. 1 is provided with an identification information receiving unit 111, a table managing unit 112, a storage unit 113, an access handling unit 114, and a service providing unit 115. ing. Note that FIG. 2 shows only the components related to the present invention among the components that the service providing server 101 has.
  • the identification information receiving unit 111 receives the user identification information transmitted from the gate 102.
  • the received user identification information is output to the table management unit 112.
  • the table management unit 112 Based on the user identification information output from the identification information reception unit 111, the table management unit 112 causes the storage unit 113 to store the position where the user to which the user identification information is added is present. Also, based on the login ID and password output from the access handling unit 114, the service content provided to the user is read from the storage unit 113. Also, it outputs the read service content to the service providing unit 115.
  • the storage unit 113 stores, as service content information, location information indicating a position for providing a service and service content to be provided in association with each other.
  • location information indicating a position for providing a service and service content to be provided in association with each other.
  • the user identification information, the login ID of the user, the password, and the position information indicating the position where the user is currently stored are associated and stored as the user information.
  • FIG. 3 is a diagram showing an example of service content information stored in the storage unit 113 shown in FIG.
  • the service content information stored in the storage unit 113 shown in FIG. 2 corresponds to position information indicating a position for providing a service and the service content to be provided.
  • position information “within a specific area” is associated with service content “all folder access, e-mail transmission / reception, all intranet web access”. This indicates that the service of “all folder access, email transmission / reception, all intranet web access” is provided in the specific area 105.
  • position information “outside the specific area” is associated with service content “specific folder access, e-mail transmission / reception”. This indicates that outside the specific area 105, a limited service of "specific folder access, e-mail transmission / reception" is provided.
  • the service content information is stored in advance in the storage unit 113.
  • FIG. 4 is a view showing an example of user information stored in the storage unit 113 shown in FIG.
  • the user information stored in the storage unit 113 shown in FIG. 2 is, as shown in FIG. 4, a position indicating the user identification information, the login ID of the user, the password, and the position where the user is at present. Information is associated with it.
  • user identification information “00000001”, login ID “A00010001”, password “aaa”, and position information “within a specific area” are associated with each other. This is because the login ID for authenticating the user whose user identification information is “00000001” is “A00010001”, the password is "aaa”, and the user is in the specific area 105 at present. Show that.
  • user identification information “00000002”, login ID “B00020002”, password “bbb”, and position information “outside the specific area” are associated with each other. This is because the login ID for authenticating the user who is the user identification information “00000002” is “B00020002”, the password is “bbb”, and the user is currently out of the specific area 105. Show that.
  • the user identification information, the login ID of the user, and the password are stored in advance in the storage unit 113. Further, the position information is stored by the table management unit 112 based on the user identification information received by the identification information reception unit 111.
  • the access handling unit 114 receives the login ID and the password transmitted from the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2, and outputs the login ID and the password to the table management unit 112.
  • the service providing unit 115 provides services corresponding to the service content output from the table management unit 112 to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
  • FIG. 5 is a diagram showing an example of the internal configuration of the gate 102 shown in FIG.
  • the gate 102 shown in FIG. 1 is provided with an identification information reading unit 201 and an identification information transmission unit 202.
  • FIG. 5 shows only the components related to the present invention.
  • the identification information reading unit 201 reads user identification information for identifying the user written in the authentication key 106 from the authentication key 106. Also, the read user identification information is output to the identification information transmission unit 202.
  • the identification information transmission unit 202 transmits the user identification information output from the identification information reading unit 201 to the service providing server 101.
  • the signal format of the user identification information transmitted to the service providing server 101 is not particularly defined.
  • the identification information reading unit 201 may be configured to identify entry into and exit from the specific area 105.
  • FIG. 6 is a diagram showing another example of the internal configuration of gate 102 shown in FIG.
  • the gate 102 shown in FIG. 1 is provided with an entrance identification information reading unit 203, an exit identification information reading unit 204, and an identification information transmission unit 202.
  • FIG. 6 shows only the components related to the present invention.
  • the entry identification information reading unit 203 and the exit identification information reading unit 204 read from the authentication key 106 user identification information for identifying the user written in the authentication key 106. Further, the read user identification information is output to the identification information transmission unit 202.
  • the identification information transmission unit 202 is the same as the identification information transmission unit 202 shown in FIG.
  • FIG. 7 is a view showing the appearance of the gate 102 having the configuration shown in FIG.
  • the gate 102 having the configuration shown in FIG. 6 is provided with an entrance identification information reading unit 203 displayed as "entrance” in appearance and an exit identification information reading unit 204 displayed as "exit”. .
  • FIG. 8 is a flowchart for explaining the processing of the gate 102 in the service providing method according to the present embodiment.
  • the identification information reading unit 201 (or the entry identification information reading unit 203 or the exit identification information reading unit 204) writes in the authentication key 106 User identification information is read.
  • the communication method between the gate 102 and the authentication key 106 used for this reading may be a generally used noncontact wireless communication or the like.
  • the read user identification information is output from the identification information reading unit 201 (or the entry identification information reading unit 203 or the exit identification information reading unit 204) to the identification information transmission unit 202.
  • user identification information is transmitted from the identification information transmission unit 202 to the service providing server 101.
  • the entry identification information reading unit 203 or the exit identification information reading unit 204 either the entry identification information reading unit 203 or the exit identification information reading unit 204 is used.
  • Entry / exit information indicating whether the person identification has been read, that is, entry / exit information indicating "entered” or "exited” is also transmitted to the service providing server 101 together with the user identification information.
  • FIG. 9 is a flowchart for explaining the process of updating position information in the service providing server 101 in the service providing method according to the present embodiment.
  • the user identification information transmitted from the gate 102 in step 2 is received when the identification information receiving unit 111 of the service providing server 101 is received in step 11.
  • the user identification information is output to the table management unit 112.
  • the table management unit 112 updates the user information stored in the storage unit 113 based on the user identification information.
  • the user identification information transmitted from the gate 102 is searched from the user information stored in the storage unit 113, and the position information associated with the searched user information is updated.
  • the position information is stored as "within a specific area”, it is updated to "out of the specific area”, and when the position information is stored as "out of a specific area", "within a specific area” May be updated.
  • entry / exit information indicating whether the user identification is read by the entrance identification information reading unit 203 or the exit identification information reading unit 204 from the gate 102 having the configuration shown in FIG. 6 is together with the user identification information.
  • the position information may be updated based on the entry / exit information.
  • FIG. 10 is a flowchart for illustrating the process of service provision in the service provision server 101 in the service provision method according to the present embodiment.
  • the login ID and password are input to the terminals 104-1 to 104-3, and these are input as connection request signals from the terminals 104-1 to 104-3.
  • a connection request signal is received by the access handling unit 114 in step 21.
  • the login ID may be the same as the user identification information.
  • the login ID and password become authentication information for authenticating the user.
  • the login ID and the password are output from the access handling unit 114 to the table management unit 112.
  • the table management unit 112 authenticates the user based on the login ID and the password output from the access handling unit 114.
  • This authentication method is based on searching whether the combination of the login ID and the password output from the access handling unit 114 exists in the user information stored in advance in the storage unit 113. If the combination of the login ID and the password output from the access handling unit 114 exists in the user information stored in advance in the storage unit 113, it is determined that the authentication is successful.
  • the table management unit 112 reads out the position information stored in the user information of the storage unit 113 in association with the retrieved login ID and password. Based on the read position information, the position where the user holding the authentication key 106 in which the user identification information is written is determined in step S23.
  • the service content provided when the position information is "within the specific area” is from the service content information stored in the storage unit 113. It is read by the table management unit 112. Then, in step 24, a service according to the read service content is provided from the service providing unit 115 to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
  • step 23 if it is determined in step 23 that the position where the user exists is out of the specific area 105, the case where the position information is "out of the specific area" from the service content information stored in the storage unit 113
  • the table management unit 112 reads out the service contents provided to the client. Then, in step 25, a service according to the read service content is provided from the service providing unit 115 to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
  • the authentication key 106 specifies the gate 102 even when the radio wave transmitted from the base station 103-1 providing the service in the specific area 105 is in a receivable position, as in the terminal 104-3. After passing out of the area 105, the service in the specific area 105 can not be received.
  • the above-described process will be specifically described by taking the case where the user having the authentication key 106 enters the specific area 105 as an example.
  • the case where the gate 102 has the internal configuration shown in FIG. 6 will be described as an example.
  • the case where the user identification information is "00000001" will be described as an example.
  • the case where the user information and the service content information stored in the storage unit 113 are respectively shown in FIGS. 3 and 4 will be described as an example.
  • the entrance identification information reading unit 203 reads the user identification information written in the authentication key 106.
  • the read user identification information is transmitted from the identification information transmission unit 202 to the service providing server 101.
  • entry / exit information indicating that the user has “entered” the specific area 105 is transmitted together with the user identification information.
  • the identification information receiving unit 111 of the service providing server 101 receives the user identification information transmitted from the gate 102 and the entrance / exit information indicating that the user has “entered”.
  • the table management unit 112 searches the received user identification information from the user information stored in the storage unit 113.
  • the position information stored in association with the retrieved user identification information "00000001" is updated to "within a specific area”.
  • the input login ID and password are transmitted to the service providing server 101 via the base station 103-1.
  • the login ID and password transmitted from the terminal 104-1 are received by the access handling unit 114 of the service providing server 101.
  • the case where the login ID and the password inputted here are “A00010001” and “aaa” will be described as an example.
  • the table management unit 112 searches whether or not the combination of the login ID and the password received by the access handling unit 114 exists in the user information stored in advance in the storage unit 113.
  • the table management unit 112 reads out position information “within a specific area” associated with a combination of the login ID “A00010001” and the password “aaa”.
  • the service content information stored in the storage unit 113 by the table management unit 112 the service content in which the position information is associated with “within a specific area” “all folder access, e-mail transmission / reception, all intranet Web “Access” is read out, and services according to these are provided from the service providing unit 115 to the terminal 104-1 via the base station 103-1.
  • the above-described process will be specifically described by taking the case where the user who possesses the authentication key 106 has left the specific area 105 as an example.
  • the case where the gate 102 has the internal configuration shown in FIG. 6 will be described as an example.
  • the case where the user identification information is "00000002" will be described as an example.
  • the case where the user information and the service content information stored in the storage unit 113 are respectively shown in FIGS. 3 and 4 will be described as an example.
  • the exit identification information reading unit 204 reads the user identification information written in the authentication key 106.
  • the read user identification information is transmitted from the identification information transmission unit 202 to the service providing server 101.
  • entry / exit information indicating that the user has "exited" in the specific area 105 is transmitted together with the user identification information.
  • the identification information receiving unit 111 of the service providing server 101 receives the user identification information transmitted from the gate 102 and the entry / exit information indicating that the user has exited.
  • the table management unit 112 searches the received user identification information from the user information stored in the storage unit 113.
  • the position information stored in association with the retrieved user identification information "00000002" is updated to "outside the specific area".
  • the input login ID and password are transmitted to the service providing server 101 via the base station 103-2.
  • the login ID and the password transmitted from the terminal 104-2 are received by the access handling unit 114 of the service providing server 101.
  • the case where the login ID and the password inputted here are “B00020002” and “bbb” will be described as an example.
  • the table management unit 112 searches whether or not the combination of the login ID and the password received by the access handling unit 114 exists in the user information stored in advance in the storage unit 113.
  • the table management unit 112 reads out position information “out of the specific area” associated with the combination of the login ID “B0002” and the password “bbb”.
  • the table management unit 112 reads out the service content “specific folder access, e-mail transmission / reception” whose position information is associated with “out of the specific area” in the service content information stored in the storage unit 113.
  • the service corresponding to these is provided from the service providing unit 115 to the terminal 104-2 via the base station 103-2.
  • FIG. 11 is a diagram showing another example of service content information stored in storage unit 113 shown in FIG.
  • the service content information stored in the storage unit 113 shown in FIG. 2 includes position information indicating a position at which the service is provided, time information indicating a time of using the service, and service content to be provided. Are associated with each other.
  • position information “within a specific area”, time information “8:30 to 21:30”, and service content “all folder access, email transmission / reception, all intranet Web access” are associated. This indicates that the service of “all folder access, email transmission / reception, all intranet web access” is provided in the specific area 105 from 8:30 to 21:30. Further, position information “within a specific area”, time information “21:30 to 8:30”, and service content “specific folder access, e-mail transmission / reception” are associated. This indicates that the service of “specific folder access, email transmission / reception” is provided in the specific area 105 from 21:30 to 8:30.
  • position information “outside the specific area”, time information “all day”, and service content “specific folder access, e-mail transmission / reception” are associated with each other. This indicates that, outside the specific area 105, a limited service of "specific folder access, e-mail transmission / reception" is provided regardless of the time of use.
  • connection network information indicating networks to which the terminals 104-1 to 104-3 can be connected is stored in the storage unit 113 based on the position information, and the connectable networks are limited based on the connection network information. It may be
  • FIG. 12 is a diagram showing an example of connection network information stored in the storage unit 113 shown in FIG.
  • connection network information stored in storage unit 113 shown in FIG. 2 is, as shown in FIG. 12, a network showing position information indicating a position for providing a service and a network to which terminals 104-1 to 104-3 can connect.
  • the types are associated with each other.
  • position information “within a specific area” and a network type “network A” are associated with each other. This indicates that the terminals 104-1 to 104-3 can be connected to the network A in the specific area 105. Further, position information “outside the specific area” is associated with the network type “network B”. This indicates that the terminals 104-1 to 104-3 can be connected to the network B outside the specific area 105.
  • Examples of this network type include a WiMAX network, an in-house wireless LAN, and a public network.
  • the connectable networks can be divided into the specific area 105 and the specific area 105.
  • the terminal 104-1 present in the specific area 105 communicates with the service providing server 101 via the base station 103-1 and is outside the specific area 105.
  • the existing terminal 104-2 communicates with the service providing server 101 through the base station 103-2, and the terminal 104-3 existing outside the specific area 105 communicates with the service providing server 101 through the base station 103-2.
  • FIG. 13 is a diagram showing a form in which base station 103-1 and terminal 104-2 perform communication in the form shown in FIG.
  • the terminal 104-2 when the terminal 104-2 exists at a position where it can communicate with the base station 103-1 even outside the specific area 105, the terminal 104-2 is the base station 103-1. It may communicate with the service providing server 101 via In this case, the service providing server 101 provides a service according to the outside of the specific area 105 to the terminal 104-2 via the base station 103-1.
  • FIG. 14 is a diagram showing a first example of the present embodiment.
  • the terminal 104-1 when the user uses the terminal 104-1 in the specific area 105, the terminal 104-1 is provided with a service of intranet full access. After that, when the authentication key 106 passes through the gate 102 and the user uses the terminal 104-1 outside the specific area 105, the terminal 104-1 is provided with a service of intranet limited access. Also in the present embodiment, as in the case shown in FIG. 13, even when the terminal 104-1 exists outside the specific area 105, the terminal 104-1 does not go through the base station 103-1. It may communicate with the service providing server 101. In this case, the service providing server 101 provides a service according to the outside of the specific area 105 to the terminal 104-1 existing outside the specific area 105 via the base station 103-1.
  • FIG. 15 is a diagram showing a second example of the present embodiment.
  • the terminal 104-1 when the user uses the terminal 104-1 in the specific area 105, the terminal 104-1 is provided with a service of intranet full access. In addition, when the user holds the authentication key 106 and leaves the specific area 105 by passing the gate 102 while leaving the terminal 104-1 in the specific area 105, the terminal 104-1 can not access the intranet with limited access. Service is provided. This makes it possible to prevent a third party from stealing the contents of the terminal 104-1 placed in the specific area 105.
  • FIG. 16 is a diagram showing a third example of the present embodiment.
  • the terminal 104-1 when the user uses the terminal 104-1 in the specific area 105, the terminal 104-1 is provided with a full access service over the WLAN network 107. After that, when the authentication key 106 passes through the gate 102 and the user uses the terminal 104-1 outside the specific area 105, the terminal 104-1 is provided with a connection service to the public network 108. . Thereby, it is possible to switch smoothly between the intranet line used in the specific area 105 and the general public network by passing the gate 102 of the authentication key 106.
  • the user identification information may be written to the terminals 104-1 and 104-2 so that the user can read the information from the gate 102. In this case, the authentication by the login ID and password as described above is unnecessary, and a service is provided according to the position where the terminals 104-1 and 104-2 exist.
  • the above-described functions of the service providing server 101 include a general function of managing entry and exit of the user and a feature of the present invention which restricts the service provided based on the entry and exit of the user.
  • the functions may be separately implemented by separate (multiple) servers.
  • networks through which the terminals 104-1 to 104-3 can be connected by passing the gate 102 of the authentication key 106 are wireless broadband such as WiMAX and LTE, WiFi (Wireless Fidelity) which is a type of wireless LAN connection technology, etc. And may be switched to either.
  • WiMAX and LTE wireless broadband
  • WiFi Wireless Fidelity
  • networks through which the terminals 104-1 to 104-3 can be connected by passing the gate 102 of the authentication key 106 are wireless broadband such as WiMAX and LTE, WiFi (Wireless Fidelity) which is a type of wireless LAN connection technology, etc. And may be switched to either.
  • WiFi Wireless Fidelity
  • the base station 103-1 is a base station connectable to a WiFi network
  • the base station 103-2 is a base station connectable to a network such as WiMAX or LTE. It is good.
  • the wireless communication distance is longer than the wireless LAN, and it becomes possible to connect outside the specific area 105 to a network such as WiMAX or LTE that can perform high-speed communication.
  • the terminals 104-1 to 104-3 may be thin clients.
  • the terminals 104-1 to 104-3 are thin clients, by linking with the information passing through the gate 102 of the authentication key 106, it is possible to provide a service considering security while enabling a wide range of access. . This is because outside the specific area 105, even if the thin clients 104-1 to 104-3 try to acquire necessary information, only limited information is provided.
  • the processing of the service providing server 101 described above may be performed by a logic circuit manufactured according to the purpose. Further, even if a program in which the processing content is described as a procedure is recorded in a recording medium readable by the service providing server 101, and the program recorded in the recording medium is read by the service providing server 101 and executed. good.
  • the recording medium readable by the service providing server 101 includes a removable recording medium such as a floppy disk (registered trademark), a magneto-optical disk, a DVD, a CD, etc., a ROM, a RAM, etc. built in the service providing server 101. Point to memory and HDD etc.
  • the program recorded on the recording medium is read by a CPU (not shown) in the service providing server 101, and the same processing as described above is performed under the control of the CPU.
  • the CPU operates as a computer that executes a program read from a recording medium in which the program is recorded.
  • the position of the user is There is no need to add a special means for identification, and services can be provided based on the user's location information.

Abstract

Provided is a service providing server (101) which manages entrance and exit of a user according to a user identifier transmitted from a gate (102) which is arranged at an entrance of a particular area (105) and reads a user identifier for identifying a user written in an authentication key (106) owned by the user. When connection to the service providing server (101) is requested from a terminal (104-1) or a terminal (104-2) operated by a user, a service selected depending on whether the user is inside or outside the particular area (105) is provided to the terminal (104-1) or the terminal (104-2).

Description

サーバ、サービス提供方法およびプログラムServer, service providing method and program
 本発明は、通信端末へサービスを提供するサーバ、サービス提供方法およびプログラムに関する。 The present invention relates to a server that provides a service to a communication terminal, a service providing method, and a program.
 近年注目されているWiMAX(Worldwide Interoperability for Microwave Access)やLTE(Long Term Evolution)等の無線ブロードバンドが適用されたシステムにおいて、広いカバレッジで高速サービスを提供することが可能となってきている。このような無線ブロードバンドが適用されたシステムにおいては、様々なサービスを提供することが可能となる。 It has become possible to provide high-speed services with wide coverage in a system to which wireless broadband such as WiMAX (Worldwide Interoperability for Microwave Access) and LTE (Long Term Evolution), etc., which has attracted attention in recent years, has been applied. In a system to which such wireless broadband is applied, various services can be provided.
 これらのサービスを特定の利用者のみに提供(制限)したい場合、特定の無線基地局のカバレッジに基づいてサービスを提供するエリアを限定することが行われている。 When it is desired to provide (limit) only these users to specific users, the area for providing services is limited based on the coverage of a specific wireless base station.
 しかしながら、特定の無線基地局のカバレッジ等のインフラに基づいた提供サービスの制限は、サービスを受ける利用者にとって、サービスを受けることができるエリアを認識することが容易ではない。また、カバレッジの範囲は環境によって多少変動するものであり、サービスを提供する側から見ても、サービス提供可能なエリアを正確に認識することは困難である。 However, the limitation of provided services based on infrastructure such as the coverage of a specific wireless base station is not easy for a user who receives the service to recognize the area where the service can be received. Further, the range of coverage varies somewhat depending on the environment, and it is difficult for the service provider to accurately recognize the serviceable area even from the service provider side.
 そこで、携帯端末を所持する利用者がある特定エリアに出入りするための入口ゲートまたは出口ゲートに、携帯端末から当該携帯端末の識別番号を検出する検出手段を設け、検出手段にて検出された識別番号をサーバへ通知し、サーバにて識別番号に応じたサービスを携帯端末に提供する技術が考えられている(例えば、特許公開2006-191540号公報参照。)。 Therefore, detection means for detecting the identification number of the portable terminal from the portable terminal is provided at the entrance gate or exit gate for the user carrying the portable terminal to enter and exit from a specific area, and the identification detected by the detection means There is considered a technique for notifying a server of a number and providing a service according to the identification number to a portable terminal by the server (see, for example, patent publication 2006-191540).
 しかしながら、特許公開2006-191540号公報に記載された技術においては、携帯端末に提供するサービスのみを制限するものであり、携帯端末が使用するネットワーク(通信回線)を制限するものではない。また、携帯端末の所有者が特定エリアに入るまたは特定エリアから出る際に、通常不要な携帯端末の識別番号を検出するという処理を行う必要があり、その手間がかかってしまうという問題点がある。また、携帯端末の存在位置に応じて提供されるサービスが制限されるため、携帯端末の所有者と当該携帯端末とが当該特定エリアの内側と外側とに存在している場合、所有者以外の者による当該携帯端末を用いた不正アクセスが生じてしまうおそれがある。つまり、所有者が予期するサービスとは異なるサービスが提供されてしまうおそれがある。 However, in the technology described in Patent Publication No. 2006-191540, only the service provided to the mobile terminal is limited, and the network (communication line) used by the mobile terminal is not limited. In addition, when the owner of the portable terminal enters a specific area or leaves a specific area, it is necessary to perform processing for detecting the identification number of the portable terminal that is usually unnecessary, and it takes time and effort. . In addition, since the service provided according to the location of the portable terminal is limited, when the owner of the portable terminal and the portable terminal exist inside and outside the specific area, it is not the owner. There is a possibility that unauthorized access by the person using the portable terminal may occur. That is, there is a risk that a service different from the service expected by the owner may be provided.
 本発明の目的は、上述した課題を解決するサーバ、サービス提供方法およびプログラムを提供することである。 An object of the present invention is to provide a server, a service providing method, and a program that solve the problems described above.
 上記目的を達成するために本発明は、
 所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバであって、
 前記利用者が操作する端末から当該サーバへの接続が要求された場合、前記端末へ前記利用者が前記エリアの中にいるのか外にいるのかに応じたサービスを提供する。 In order to achieve the above object, the present invention is
It is connected to an identification information reader provided at the entrance of a predetermined area, and is used to identify the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user. A server for managing entry / exit of the user based on the identification information of the user,
When a connection to the server is requested from a terminal operated by the user, a service is provided to the terminal according to whether the user is inside or outside the area.
 また、所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバにおけるサービス提供方法であって、
 前記利用者が操作する端末から当該サーバへの接続が要求された場合、前記端末へ前記利用者が前記エリアの中にいるのか外にいるのかに応じたサービスを提供する処理を有する。 Further, it is connected to an identification information reader provided at the entrance of a predetermined area, and identifies the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user. A service providing method in a server that manages entry / exit of the user based on the user identification information of
When a connection to the server is requested from a terminal operated by the user, the terminal has a process of providing a service according to whether the user is inside or outside the area.
 また、所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバに実行させるプログラムであって、
 前記利用者が操作する端末から当該サーバへの接続が要求された場合、前記端末へ前記利用者が前記エリアの中にいるのか外にいるのかに応じたサービスを提供する手順を実行させる。 Further, it is connected to an identification information reader provided at the entrance of a predetermined area, and identifies the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user. A program that causes a server that manages entry / exit of the user based on the user identification information of
When a connection to the server is requested from a terminal operated by the user, the terminal is made to execute a procedure for providing a service according to whether the user is inside or outside the area.
 以上説明したように本発明においては、所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバにおいて、利用者が操作する端末から当該サーバへの接続が要求された場合、端末へ利用者がエリアの中にいるのか外にいるのかに応じたサービスを提供する構成としたため、利用者の位置に応じたサービスを容易に提供することができる。 As described above, in the present invention, the identification information reading device provided at the entrance of the predetermined area is connected, and the identification information reading device reads and transmits from the identification information storage medium possessed by the user. In the server that manages the entry / exit of the user based on the user identification information for identifying the user, when connection from the terminal operated by the user to the server is requested, the use is made to the terminal Since the service is provided depending on whether the person is in or out of the area, the service can be easily provided according to the position of the user.
本発明のサービス提供システムの一形態を示す図である。It is a figure which shows one form of the service provision system of this invention.
図1に示したサービス提供サーバの内部構成の一例を示す図である。It is a figure which shows an example of an internal structure of the service provision server shown in FIG.
図2に示した記憶部に記憶されたサービス内容情報の一例を示す図である。It is a figure which shows an example of the service content information memorize | stored in the memory | storage part shown in FIG.
図2に示した記憶部に記憶された利用者情報の一例を示す図である。It is a figure which shows an example of the user information memorize | stored in the memory | storage part shown in FIG.
図1に示したゲートの内部構成の一例を示す図である。It is a figure which shows an example of an internal structure of the gate shown in FIG.
図1に示したゲートの内部構成の他の例を示す図である。It is a figure which shows the other example of the internal structure of the gate shown in FIG.
図6に示した構成を有するゲートの外観を示す図である。It is a figure which shows the external appearance of the gate which has a structure shown in FIG.
本形態におけるサービス提供方法のうち、ゲートの処理を説明するためのフローチャートである。It is a flowchart for demonstrating the process of a gate among the service provision methods in this form.
本形態におけるサービス提供方法のうち、サービス提供サーバにおける位置情報更新の処理を説明するためのフローチャートである。It is a flowchart for demonstrating the process of the positional information update in a service provision server among the service provision methods in this form.
本形態におけるサービス提供方法のうち、サービス提供サーバにおけるサービス提供の処理を説明するためのフローチャートである。It is a flowchart for demonstrating the process of the service provision in a service provision server among the service provision methods in this form.
図2に示した記憶部に記憶されたサービス内容情報の他の例を示す図である。It is a figure which shows the other example of the service content information memorize | stored in the memory | storage part shown in FIG.
図2に示した記憶部に記憶された接続ネットワーク情報の一例を示す図である。It is a figure which shows an example of the connection network information memorize | stored in the memory | storage part shown in FIG.
図1に示した形態において、特定エリア内の基地局と特定エリア外に存在する端末とが通信を行う形態を示す図である。FIG. 2 is a diagram showing a form in which a base station in a specific area communicates with a terminal existing outside the specific area in the form shown in FIG. 1;
本形態の第1の実施例を示す図である。It is a figure which shows the 1st Example of this form.
本形態の第2の実施例を示す図である。It is a figure which shows the 2nd Example of this form.
本形態の第3の実施例を示す図である。It is a figure which shows the 3rd Example of this form.
 以下に、本発明の実施の形態について図面を参照して説明する。 Hereinafter, embodiments of the present invention will be described with reference to the drawings.
 図1は、本発明のサービス提供システムの一形態を示す図である。 FIG. 1 is a diagram showing an embodiment of a service providing system of the present invention.
 本形態は図1に示すように、サービス提供サーバ101と、ゲート102と、基地局103-1,103-2と、端末104-1,104-2とから構成されている。また、ゲート102は、特定エリア105の出入口に設置されており、認証キー106に書き込まれた利用者識別情報を読み取る一般的な入退場ゲートである。特定エリア105とは、例えば、企業の事業場やオフィス、パーク等といった人為的に閉じられた所定のエリアである。また、認証キー106とは、社員証や入場証、入場パス等といった、特定エリア105への入退場をする際にゲート102にかざす、または通す、利用者を識別するための利用者識別情報があらかじめ書き込まれたものである。また、図1において、端末104-1は、特定エリア105の中に存在し、また端末104-2,104-3は、特定エリア105の外に存在する場面を示している。なお、端末104-3は、基地局105から送信される電波が届く範囲に存在する。 As shown in FIG. 1, this embodiment comprises a service providing server 101, a gate 102, base stations 103-1 and 103-2, and terminals 104-1 and 104-2. The gate 102 is a general entrance / exit gate which is installed at the entrance of the specific area 105 and reads the user identification information written in the authentication key 106. The specific area 105 is, for example, a predetermined area artificially closed, such as a business office, office, or park of a company. The authentication key 106 is user identification information for identifying a user who holds or passes over the gate 102 when entering or leaving the specific area 105, such as an employee ID card, an admission card, an admission pass, etc. It is written in advance. Further, in FIG. 1, the terminal 104-1 is present in the specific area 105, and the terminals 104-2 and 104-3 are present outside the specific area 105. Terminal 104-3 exists in a range where radio waves transmitted from base station 105 can reach.
 サービス提供サーバ101は、ゲート102から送信されてきた、利用者を識別するための利用者識別情報に基づいて、当該利用者の入退場、つまり、特定エリア105の中にいるのか外にいるのかを管理するサーバである。また、基地局103-1,103-2を介して端末104-1~104-3にサービスを提供する。 Based on the user identification information for identifying the user transmitted from the gate 102, the service providing server 101 enters / exits the user, that is, is inside or outside the specific area 105? Is a server that manages Also, services are provided to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
 ゲート102は、一般的に特定エリア105の出入口に設けられたゲートであり、認証キー106をかざす、または通すことにより認証キー106に書き込まれた情報を読み取る識別情報読み取り装置である。 The gate 102 is generally a gate provided at the entrance of the specific area 105, and is an identification information reader that reads information written in the authentication key 106 by holding or passing the authentication key 106.
 基地局103-1,103-2は、サービス提供サーバ101から端末104-1~104-3へ提供されるサービスを仲介する無線基地局である。基地局103-1,103-2は、端末104-1~104-3との間にて、無線を用いて通信を行う。図1に示す本形態においては、基地局103-1は、特定エリア105内に設けられており、また基地局103-2は、特定エリア105の外に設けられている。 Base stations 103-1 and 103-2 are radio base stations that mediate services provided from the service providing server 101 to the terminals 104-1 to 104-3. The base stations 103-1 and 103-2 communicate with the terminals 104-1 to 104-3 using radio. In the present embodiment shown in FIG. 1, the base station 103-1 is provided in the specific area 105, and the base station 103-2 is provided outside the specific area 105.
 端末104-1~104-3は、無線通信機能を搭載した通信端末である。 The terminals 104-1 to 104-3 are communication terminals equipped with a wireless communication function.
 認証キー106は、特定エリア105である事業場やオフィスに勤務する社員が所持し、当該社員である利用者を識別するための利用者識別情報が書き込まれた一般的なIDカード等の識別情報記憶媒体である。 The authentication key 106 is identification information such as a general ID card or the like possessed by an employee who works in a business place or office that is the specific area 105 and in which user identification information for identifying the user who is the employee is written. It is a storage medium.
 図2は、図1に示したサービス提供サーバ101の内部構成の一例を示す図である。 FIG. 2 is a diagram showing an example of the internal configuration of the service providing server 101 shown in FIG.
 図1に示したサービス提供サーバ101には図2に示すように、識別情報受信部111と、テーブル管理部112と、記憶部113と、アクセス対応部114と、サービス提供部115とが設けられている。なお、図2には、サービス提供サーバ101が有する構成要素のうち、本発明に関わる構成要素のみを示した。 As shown in FIG. 2, the service providing server 101 shown in FIG. 1 is provided with an identification information receiving unit 111, a table managing unit 112, a storage unit 113, an access handling unit 114, and a service providing unit 115. ing. Note that FIG. 2 shows only the components related to the present invention among the components that the service providing server 101 has.
 識別情報受信部111は、ゲート102から送信されてきた利用者識別情報を受信する。受信した利用者識別情報をテーブル管理部112へ出力する。 The identification information receiving unit 111 receives the user identification information transmitted from the gate 102. The received user identification information is output to the table management unit 112.
 テーブル管理部112は、識別情報受信部111から出力された利用者識別情報に基づいて、当該利用者識別情報が付与された利用者がいる位置を記憶部113に記憶させる。また、アクセス対応部114から出力されたログインIDとパスワードとに基づいて、利用者へ提供するサービス内容を記憶部113から読み出す。また、読み出したサービス内容をサービス提供部115へ出力する。 Based on the user identification information output from the identification information reception unit 111, the table management unit 112 causes the storage unit 113 to store the position where the user to which the user identification information is added is present. Also, based on the login ID and password output from the access handling unit 114, the service content provided to the user is read from the storage unit 113. Also, it outputs the read service content to the service providing unit 115.
 記憶部113は、サービスを提供する位置を示す位置情報と、提供するサービス内容とを対応付けてサービス内容情報として記憶する。また、利用者識別情報と、当該利用者のログインIDと、パスワードと、当該利用者が現在いる位置を示す位置情報とを対応付けて利用者情報として記憶する。 The storage unit 113 stores, as service content information, location information indicating a position for providing a service and service content to be provided in association with each other. In addition, the user identification information, the login ID of the user, the password, and the position information indicating the position where the user is currently stored are associated and stored as the user information.
 図3は、図2に示した記憶部113に記憶されたサービス内容情報の一例を示す図である。 FIG. 3 is a diagram showing an example of service content information stored in the storage unit 113 shown in FIG.
 図2に示した記憶部113に記憶されたサービス内容情報は図3に示すように、サービスを提供する位置を示す位置情報と、提供するサービス内容とが対応付けられたものである。 As shown in FIG. 3, the service content information stored in the storage unit 113 shown in FIG. 2 corresponds to position information indicating a position for providing a service and the service content to be provided.
 例えば、位置情報「特定エリア内」と、サービス内容「すべてのフォルダアクセス、電子メール送受信、全イントラネットWebアクセス」とが対応付けられている。これは、特定エリア105内においては、「すべてのフォルダアクセス、電子メール送受信、全イントラネットWebアクセス」のサービスを提供することを示している。また、位置情報「特定エリア外」と、サービス内容「特定フォルダアクセス、電子メール送受信」とが対応付けられている。これは、特定エリア105外においては、「特定フォルダアクセス、電子メール送受信」の限定されたサービスを提供することを示している。 For example, position information “within a specific area” is associated with service content “all folder access, e-mail transmission / reception, all intranet web access”. This indicates that the service of “all folder access, email transmission / reception, all intranet web access” is provided in the specific area 105. Further, position information “outside the specific area” is associated with service content “specific folder access, e-mail transmission / reception”. This indicates that outside the specific area 105, a limited service of "specific folder access, e-mail transmission / reception" is provided.
 なお、このサービス内容情報は、あらかじめ記憶部113に記憶されているものである。 The service content information is stored in advance in the storage unit 113.
 図4は、図2に示した記憶部113に記憶された利用者情報の一例を示す図である。 FIG. 4 is a view showing an example of user information stored in the storage unit 113 shown in FIG.
 図2に示した記憶部113に記憶された利用者情報は図4に示すように、利用者識別情報と、当該利用者のログインIDと、パスワードと、当該利用者が現在いる位置を示す位置情報とが対応付けられたものである。 The user information stored in the storage unit 113 shown in FIG. 2 is, as shown in FIG. 4, a position indicating the user identification information, the login ID of the user, the password, and the position where the user is at present. Information is associated with it.
 例えば、利用者識別情報「00000001」と、ログインID「A00010001」と、パスワード「aaa」と、位置情報「特定エリア内」とが対応付けられている。これは、利用者識別情報「00000001」である利用者を認証するためのログインIDが「A00010001」であり、且つパスワードが「aaa」であり、また、当該利用者が現在特定エリア105の中にいることを示している。また、利用者識別情報「00000002」と、ログインID「B00020002」と、パスワード「bbb」と、位置情報「特定エリア外」とが対応付けられている。これは、利用者識別情報「00000002」である利用者を認証するためのログインIDが「B00020002」であり、且つパスワードが「bbb」であり、また、当該利用者が現在特定エリア105の外にいることを示している。 For example, user identification information “00000001”, login ID “A00010001”, password “aaa”, and position information “within a specific area” are associated with each other. This is because the login ID for authenticating the user whose user identification information is "00000001" is "A00010001", the password is "aaa", and the user is in the specific area 105 at present. Show that. In addition, user identification information “00000002”, login ID “B00020002”, password “bbb”, and position information “outside the specific area” are associated with each other. This is because the login ID for authenticating the user who is the user identification information “00000002” is “B00020002”, the password is “bbb”, and the user is currently out of the specific area 105. Show that.
 なお、利用者識別情報、当該利用者のログインID、およびパスワードは、あらかじめ記憶部113に記憶されているものである。また、位置情報は、識別情報受信部111にて受信された利用者識別情報に基づいてテーブル管理部112によって記憶される。 The user identification information, the login ID of the user, and the password are stored in advance in the storage unit 113. Further, the position information is stored by the table management unit 112 based on the user identification information received by the identification information reception unit 111.
 また、アクセス対応部114は、端末104-1~104-3から基地局103-1,103-2を介して送信されてきたログインIDとパスワードとを受信してテーブル管理部112へ出力する。 Further, the access handling unit 114 receives the login ID and the password transmitted from the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2, and outputs the login ID and the password to the table management unit 112.
 サービス提供部115は、テーブル管理部112から出力されたサービス内容に応じたサービスを基地局103-1,103-2を介して端末104-1~104-3へ提供する。 The service providing unit 115 provides services corresponding to the service content output from the table management unit 112 to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
 図5は、図1に示したゲート102の内部構成の一例を示す図である。 FIG. 5 is a diagram showing an example of the internal configuration of the gate 102 shown in FIG.
 図1に示したゲート102には図5に示すように、識別情報読み取り部201と、識別情報送信部202とが設けられている。なお、図5には、ゲート102が有する構成要素のうち、本発明に関わる構成要素のみを示した。 As shown in FIG. 5, the gate 102 shown in FIG. 1 is provided with an identification information reading unit 201 and an identification information transmission unit 202. Among the components of the gate 102, FIG. 5 shows only the components related to the present invention.
 識別情報読み取り部201は、認証キー106に書き込まれた利用者を識別するための利用者識別情報を認証キー106から読み取る。また、読み取った利用者識別情報を識別情報送信部202へ出力する。 The identification information reading unit 201 reads user identification information for identifying the user written in the authentication key 106 from the authentication key 106. Also, the read user identification information is output to the identification information transmission unit 202.
 識別情報送信部202は、識別情報読み取り部201から出力された利用者識別情報をサービス提供サーバ101へ送信する。ここで、サービス提供サーバ101へ送信される利用者識別情報の信号形式については特に規定しない。 The identification information transmission unit 202 transmits the user identification information output from the identification information reading unit 201 to the service providing server 101. Here, the signal format of the user identification information transmitted to the service providing server 101 is not particularly defined.
 また、識別情報読み取り部201が、特定エリア105への入場と退場とを識別するように構成されているものであっても良い。 In addition, the identification information reading unit 201 may be configured to identify entry into and exit from the specific area 105.
 図6は、図1に示したゲート102の内部構成の他の例を示す図である。 FIG. 6 is a diagram showing another example of the internal configuration of gate 102 shown in FIG.
 図1に示したゲート102には図6に示すように、入場用識別情報読み取り部203と、退場用識別情報読み取り部204と、識別情報送信部202とが設けられている。なお、図6には、ゲート102が有する構成要素のうち、本発明に関わる構成要素のみを示した。 As shown in FIG. 6, the gate 102 shown in FIG. 1 is provided with an entrance identification information reading unit 203, an exit identification information reading unit 204, and an identification information transmission unit 202. Of the components of the gate 102, FIG. 6 shows only the components related to the present invention.
 入場用識別情報読み取り部203および退場用識別情報読み取り部204は、認証キー106に書き込まれた利用者を識別するための利用者識別情報を認証キー106から読み取る。また、読みとった利用者識別情報を識別情報送信部202へ出力する。 The entry identification information reading unit 203 and the exit identification information reading unit 204 read from the authentication key 106 user identification information for identifying the user written in the authentication key 106. Further, the read user identification information is output to the identification information transmission unit 202.
 識別情報送信部202は、図5に示した識別情報送信部202と同じものである。 The identification information transmission unit 202 is the same as the identification information transmission unit 202 shown in FIG.
 図7は、図6に示した構成を有するゲート102の外観を示す図である。 FIG. 7 is a view showing the appearance of the gate 102 having the configuration shown in FIG.
 図6に示した構成を有するゲート102は、外観に「入場」と表示された入場用識別情報読み取り部203と、「退場」と表示された退場用識別情報読み取り部204とが設けられている。 The gate 102 having the configuration shown in FIG. 6 is provided with an entrance identification information reading unit 203 displayed as "entrance" in appearance and an exit identification information reading unit 204 displayed as "exit". .
 「入場」と表示された部分に、利用者が認証キー106をかざすと、当該利用者が入場したこと(特定エリア105内に入ったこと)が認識される。また、「退場」と表示された部分に、利用者が認証キー106をかざすと、当該利用者が退場したこと(特定エリア105外に出たこと)が認識される。 When the user holds up the authentication key 106 in the portion where "admission" is displayed, it is recognized that the user has entered (that the user has entered the specific area 105). In addition, when the user holds the authentication key 106 over the portion displayed as “exit”, it is recognized that the user has exited (outside of the specific area 105).
 以下に、本形態におけるサービス提供方法について説明する。 Below, the service provision method in this form is demonstrated.
 図8は、本形態におけるサービス提供方法のうち、ゲート102の処理を説明するためのフローチャートである。 FIG. 8 is a flowchart for explaining the processing of the gate 102 in the service providing method according to the present embodiment.
 まず、利用者が認証キー106をゲート102にかざすまたは通すと、ステップ1にて識別情報読み取り部201(または入場用識別情報読み取り部203または退場用識別情報読み取り部204)によって認証キー106に書き込まれた利用者識別情報が読み取られる。この読み取りに用いられるゲート102と認証キー106との間の通信方式は、一般的に用いられている非接触型無線通信等で良い。 First, when the user passes or passes the authentication key 106 to the gate 102, in step 1, the identification information reading unit 201 (or the entry identification information reading unit 203 or the exit identification information reading unit 204) writes in the authentication key 106 User identification information is read. The communication method between the gate 102 and the authentication key 106 used for this reading may be a generally used noncontact wireless communication or the like.
 すると、読み取られた利用者識別情報が識別情報読み取り部201(または入場用識別情報読み取り部203または退場用識別情報読み取り部204)から識別情報送信部202へ出力される。そして、ステップ2にて利用者識別情報が識別情報送信部202からサービス提供サーバ101へ送信される。このとき、入場用識別情報読み取り部203または退場用識別情報読み取り部204にて利用者識別情報が読み取られた場合、入場用識別情報読み取り部203と退場用識別情報読み取り部204とのどちらで利用者識別が読み取られたかを示す入退場情報、つまり「入場した」か「退場した」かを示す入退場情報も当該利用者識別情報とともにサービス提供サーバ101へ送信される。 Then, the read user identification information is output from the identification information reading unit 201 (or the entry identification information reading unit 203 or the exit identification information reading unit 204) to the identification information transmission unit 202. Then, in step 2, user identification information is transmitted from the identification information transmission unit 202 to the service providing server 101. At this time, when the user identification information is read by the entry identification information reading unit 203 or the exit identification information reading unit 204, either the entry identification information reading unit 203 or the exit identification information reading unit 204 is used. Entry / exit information indicating whether the person identification has been read, that is, entry / exit information indicating "entered" or "exited" is also transmitted to the service providing server 101 together with the user identification information.
 図9は、本形態におけるサービス提供方法のうち、サービス提供サーバ101における位置情報更新の処理を説明するためのフローチャートである。 FIG. 9 is a flowchart for explaining the process of updating position information in the service providing server 101 in the service providing method according to the present embodiment.
 図8を用いて説明した処理のうち、ステップ2にてゲート102から送信された利用者識別情報が、ステップ11にてサービス提供サーバ101の識別情報受信部111において受信されると、受信された利用者識別情報がテーブル管理部112へ出力される。 Among the processing described with reference to FIG. 8, the user identification information transmitted from the gate 102 in step 2 is received when the identification information receiving unit 111 of the service providing server 101 is received in step 11. The user identification information is output to the table management unit 112.
 すると、ステップ12にてテーブル管理部112によって、利用者識別情報に基づいて記憶部113に記憶された利用者情報が更新される。具体的には、ゲート102から送信されてきた利用者識別情報が記憶部113に記憶されている利用者情報から検索され、検索された利用者情報と対応付けられている位置情報が更新される。このとき、位置情報が「特定エリア内」と記憶されている場合、「特定エリア外」に更新され、また、位置情報が「特定エリア外」と記憶されている場合は、「特定エリア内」に更新されるものであっても良い。また、図6に示した構成を有するゲート102から入場用識別情報読み取り部203と退場用識別情報読み取り部204とのどちらで利用者識別が読み取られたかを示す入退場情報が利用者識別情報とともに送信されてきた場合、当該入退場情報に基づいて位置情報が更新されるものであっても良い。 Then, in step 12, the table management unit 112 updates the user information stored in the storage unit 113 based on the user identification information. Specifically, the user identification information transmitted from the gate 102 is searched from the user information stored in the storage unit 113, and the position information associated with the searched user information is updated. . At this time, when the position information is stored as "within a specific area", it is updated to "out of the specific area", and when the position information is stored as "out of a specific area", "within a specific area" May be updated. In addition, entry / exit information indicating whether the user identification is read by the entrance identification information reading unit 203 or the exit identification information reading unit 204 from the gate 102 having the configuration shown in FIG. 6 is together with the user identification information. When transmitted, the position information may be updated based on the entry / exit information.
 図10は、本形態におけるサービス提供方法のうち、サービス提供サーバ101におけるサービス提供の処理を説明するためのフローチャートである。 FIG. 10 is a flowchart for illustrating the process of service provision in the service provision server 101 in the service provision method according to the present embodiment.
 まず、利用者によってサービス提供サーバ101への接続を要求するためにログインIDとパスワードとが端末104-1~104-3に入力され、それらが接続要求信号として端末104-1~104-3から送信されると、ステップ21にて接続要求信号がアクセス対応部114において受信される。ここで、ログインIDは、利用者識別情報と同じものであっても良い。このログインIDとパスワードとが、利用者を認証するための認証情報となる。すると、受信された接続要求信号のうち、ログインIDとパスワードとがアクセス対応部114からテーブル管理部112へ出力される。 First, in order to request a connection to the service providing server 101 by the user, the login ID and password are input to the terminals 104-1 to 104-3, and these are input as connection request signals from the terminals 104-1 to 104-3. When transmitted, a connection request signal is received by the access handling unit 114 in step 21. Here, the login ID may be the same as the user identification information. The login ID and password become authentication information for authenticating the user. Then, of the received connection request signal, the login ID and the password are output from the access handling unit 114 to the table management unit 112.
 すると、ステップ22にてテーブル管理部112によって、アクセス対応部114から出力されたログインIDとパスワードとに基づいて利用者の認証が行われる。この認証方法は、アクセス対応部114から出力されたログインIDとパスワードとの組が、記憶部113にあらかじめ記憶されている利用者情報に存在するかどうかを検索することによるものである。アクセス対応部114から出力されたログインIDとパスワードとの組が、記憶部113にあらかじめ記憶されている利用者情報に存在する場合、認証が成功したと判断される。 Then, in step 22, the table management unit 112 authenticates the user based on the login ID and the password output from the access handling unit 114. This authentication method is based on searching whether the combination of the login ID and the password output from the access handling unit 114 exists in the user information stored in advance in the storage unit 113. If the combination of the login ID and the password output from the access handling unit 114 exists in the user information stored in advance in the storage unit 113, it is determined that the authentication is successful.
 続いて、検索されたログインIDとパスワードとに対応付けられて記憶部113の利用者情報に記憶されている位置情報がテーブル管理部112によって読み出される。読み出された位置情報に基づいて、当該利用者識別情報が書き込まれた認証キー106を所持する利用者が存在する位置が、ステップ23にて判断される。 Subsequently, the table management unit 112 reads out the position information stored in the user information of the storage unit 113 in association with the retrieved login ID and password. Based on the read position information, the position where the user holding the authentication key 106 in which the user identification information is written is determined in step S23.
 利用者の存在する位置が特定エリア105内であると判断された場合、記憶部113に記憶されているサービス内容情報から、位置情報が「特定エリア内」である場合に提供されるサービス内容がテーブル管理部112によって読み出される。そして、読み出されたサービス内容に応じたサービスが、ステップ24にてサービス提供部115から基地局103-1,103-2を介して端末104-1~104-3へ提供される。 If it is determined that the position where the user exists is within the specific area 105, the service content provided when the position information is "within the specific area" is from the service content information stored in the storage unit 113. It is read by the table management unit 112. Then, in step 24, a service according to the read service content is provided from the service providing unit 115 to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
 一方、ステップ23にて、利用者の存在する位置が特定エリア105外であると判断された場合、記憶部113に記憶されているサービス内容情報から、位置情報が「特定エリア外」である場合に提供されるサービス内容がテーブル管理部112によって読み出される。そして、読み出されたサービス内容に応じたサービスが、ステップ25にてサービス提供部115から基地局103-1,103-2を介して端末104-1~104-3へ提供される。 On the other hand, if it is determined in step 23 that the position where the user exists is out of the specific area 105, the case where the position information is "out of the specific area" from the service content information stored in the storage unit 113 The table management unit 112 reads out the service contents provided to the client. Then, in step 25, a service according to the read service content is provided from the service providing unit 115 to the terminals 104-1 to 104-3 via the base stations 103-1 and 103-2.
 したがって、端末104-3のように特定エリア105内のサービスを提供する基地局103-1から送信される電波が受信可能な位置に存在する場合であっても、認証キー106がゲート102を特定エリア105の外へ通過した後は、特定エリア105内のサービスを受けることができない。 Therefore, the authentication key 106 specifies the gate 102 even when the radio wave transmitted from the base station 103-1 providing the service in the specific area 105 is in a receivable position, as in the terminal 104-3. After passing out of the area 105, the service in the specific area 105 can not be received.
 上述した処理を、認証キー106を所持した利用者が、特定エリア105に入場した場合を例に挙げて具体的に説明する。ここで、ゲート102は、図6に示した内部構成を有するものである場合を例に挙げて説明する。また、利用者識別情報が「00000001」である場合を例に挙げて説明する。また、記憶部113に記憶されている利用者情報およびサービス内容情報がそれぞれ図3および図4である場合を例に挙げて説明する。 The above-described process will be specifically described by taking the case where the user having the authentication key 106 enters the specific area 105 as an example. Here, the case where the gate 102 has the internal configuration shown in FIG. 6 will be described as an example. Further, the case where the user identification information is "00000001" will be described as an example. The case where the user information and the service content information stored in the storage unit 113 are respectively shown in FIGS. 3 and 4 will be described as an example.
 利用者が特定エリア105に入場するために認証キー106をゲート102の入場用識別情報読み取り部203にかざすと、認証キー106に書き込まれた利用者識別情報が入場用識別情報読み取り部203によって読み取られる。読み取られた利用者識別情報は、識別情報送信部202からサービス提供サーバ101へ送信される。このとき、利用者が特定エリア105に「入場した」ことを示す入退場情報が利用者識別情報とともに送信される。 When the user holds the authentication key 106 over the entrance identification information reading unit 203 of the gate 102 to enter the specific area 105, the entrance identification information reading unit 203 reads the user identification information written in the authentication key 106. Be The read user identification information is transmitted from the identification information transmission unit 202 to the service providing server 101. At this time, entry / exit information indicating that the user has “entered” the specific area 105 is transmitted together with the user identification information.
 すると、サービス提供サーバ101の識別情報受信部111にて、ゲート102から送信された利用者識別情報と「入場した」ことを示す入退場情報とが受信される。 Then, the identification information receiving unit 111 of the service providing server 101 receives the user identification information transmitted from the gate 102 and the entrance / exit information indicating that the user has “entered”.
 そして、受信された利用者識別情報が記憶部113に記憶されている利用者情報からテーブル管理部112によって検索される。検索された利用者識別情報「00000001」と対応付けられて記憶されている位置情報が「特定エリア内」に更新される。 Then, the table management unit 112 searches the received user identification information from the user information stored in the storage unit 113. The position information stored in association with the retrieved user identification information "00000001" is updated to "within a specific area".
 その後、当該利用者が端末104-1にログインIDとパスワードとを入力すると、入力されたログインIDとパスワードとが基地局103-1を介してサービス提供サーバ101へ送信される。端末104-1から送信されたログインIDとパスワードとがサービス提供サーバ101のアクセス対応部114にて受信される。ここで入力されたログインIDとパスワードとがそれぞれ「A00010001」、「aaa」である場合を例に挙げて説明する。 Thereafter, when the user inputs the login ID and password to the terminal 104-1, the input login ID and password are transmitted to the service providing server 101 via the base station 103-1. The login ID and password transmitted from the terminal 104-1 are received by the access handling unit 114 of the service providing server 101. The case where the login ID and the password inputted here are “A00010001” and “aaa” will be described as an example.
 続いて、テーブル管理部112によって、アクセス対応部114にて受信されたログインIDとパスワードとの組が、記憶部113にあらかじめ記憶されている利用者情報に存在するかどうかが検索される。 Subsequently, the table management unit 112 searches whether or not the combination of the login ID and the password received by the access handling unit 114 exists in the user information stored in advance in the storage unit 113.
 記憶部113に記憶されている利用者情報には、ログインID「A00010001」と、パスワード「aaa」との組が存在するため、認証は成功したと判断される。そして、ログインID「A00010001」と、パスワード「aaa」との組に対応付けられた位置情報「特定エリア内」がテーブル管理部112によって読み出される。 In the user information stored in the storage unit 113, since there is a pair of the login ID "A00010001" and the password "aaa", it is determined that the authentication is successful. Then, the table management unit 112 reads out position information “within a specific area” associated with a combination of the login ID “A00010001” and the password “aaa”.
 すると、テーブル管理部112によって、記憶部113に記憶されているサービス内容情報にて位置情報が「特定エリア内」と対応付けられているサービス内容「すべてのフォルダアクセス、電子メール送受信、全イントラネットWebアクセス」が読み出され、これらに応じたサービスがサービス提供部115から基地局103-1を介して端末104-1へ提供される。 Then, in the service content information stored in the storage unit 113 by the table management unit 112, the service content in which the position information is associated with “within a specific area” “all folder access, e-mail transmission / reception, all intranet Web “Access” is read out, and services according to these are provided from the service providing unit 115 to the terminal 104-1 via the base station 103-1.
 また、上述した処理を、認証キー106を所持した利用者が、特定エリア105から退場した場合を例に挙げて具体的に説明する。ここで、ゲート102は、図6に示した内部構成を有するものである場合を例に挙げて説明する。また、利用者識別情報が「00000002」である場合を例に挙げて説明する。また、記憶部113に記憶されている利用者情報およびサービス内容情報がそれぞれ図3および図4である場合を例に挙げて説明する。 Further, the above-described process will be specifically described by taking the case where the user who possesses the authentication key 106 has left the specific area 105 as an example. Here, the case where the gate 102 has the internal configuration shown in FIG. 6 will be described as an example. Further, the case where the user identification information is "00000002" will be described as an example. The case where the user information and the service content information stored in the storage unit 113 are respectively shown in FIGS. 3 and 4 will be described as an example.
 利用者が特定エリア105から退場するために認証キー106をゲート102の退場用識別情報読み取り部204にかざすと、認証キー106に書き込まれた利用者識別情報が退場用識別情報読み取り部204によって読み取られる。読み取られた利用者識別情報は、識別情報送信部202からサービス提供サーバ101へ送信される。このとき、利用者が特定エリア105に「退場した」ことを示す入退場情報が利用者識別情報とともに送信される。 When the user holds the authentication key 106 over the exit identification information reading unit 204 of the gate 102 to exit the specific area 105, the exit identification information reading unit 204 reads the user identification information written in the authentication key 106. Be The read user identification information is transmitted from the identification information transmission unit 202 to the service providing server 101. At this time, entry / exit information indicating that the user has "exited" in the specific area 105 is transmitted together with the user identification information.
 すると、サービス提供サーバ101の識別情報受信部111にて、ゲート102から送信された利用者識別情報と「退場した」ことを示す入退場情報とが受信される。 Then, the identification information receiving unit 111 of the service providing server 101 receives the user identification information transmitted from the gate 102 and the entry / exit information indicating that the user has exited.
 そして、受信された利用者識別情報が記憶部113に記憶されている利用者情報からテーブル管理部112によって検索される。検索された利用者識別情報「00000002」と対応付けられて記憶されている位置情報が「特定エリア外」に更新される。 Then, the table management unit 112 searches the received user identification information from the user information stored in the storage unit 113. The position information stored in association with the retrieved user identification information "00000002" is updated to "outside the specific area".
 その後、当該利用者が端末104-2にログインIDとパスワードとを入力すると、入力されたログインIDとパスワードとが基地局103-2を介してサービス提供サーバ101へ送信される。端末104-2から送信されたログインIDとパスワードとがサービス提供サーバ101のアクセス対応部114にて受信される。ここで入力されたログインIDとパスワードとがそれぞれ「B00020002」、「bbb」である場合を例に挙げて説明する。 Thereafter, when the user inputs the login ID and password to the terminal 104-2, the input login ID and password are transmitted to the service providing server 101 via the base station 103-2. The login ID and the password transmitted from the terminal 104-2 are received by the access handling unit 114 of the service providing server 101. The case where the login ID and the password inputted here are “B00020002” and “bbb” will be described as an example.
 続いて、テーブル管理部112によって、アクセス対応部114にて受信されたログインIDとパスワードとの組が、記憶部113にあらかじめ記憶されている利用者情報に存在するかどうかが検索される。 Subsequently, the table management unit 112 searches whether or not the combination of the login ID and the password received by the access handling unit 114 exists in the user information stored in advance in the storage unit 113.
 記憶部113に記憶されている利用者情報には、ログインID「B00020002」と、パスワード「bbb」との組が存在するため、認証は成功したと判断される。そして、ログインID「B00020002」と、パスワード「bbb」との組に対応付けられた位置情報「特定エリア外」がテーブル管理部112によって読み出される。 In the user information stored in the storage unit 113, since there is a pair of the login ID "B00020002" and the password "bbb", it is determined that the authentication is successful. Then, the table management unit 112 reads out position information “out of the specific area” associated with the combination of the login ID “B0002” and the password “bbb”.
 すると、テーブル管理部112によって、記憶部113に記憶されているサービス内容情報にて位置情報が「特定エリア外」と対応付けられているサービス内容「特定フォルダアクセス、電子メール送受信」が読み出され、これらに応じたサービスがサービス提供部115から基地局103-2を介して端末104-2へ提供される。 Then, the table management unit 112 reads out the service content “specific folder access, e-mail transmission / reception” whose position information is associated with “out of the specific area” in the service content information stored in the storage unit 113. The service corresponding to these is provided from the service providing unit 115 to the terminal 104-2 via the base station 103-2.
 また、端末104-1,104-2へ提供するサービスを利用する時刻に基づいて制限するものであっても良い。 In addition, it may be limited based on the time of using the service provided to the terminals 104-1 and 104-2.
 図11は、図2に示した記憶部113に記憶されたサービス内容情報の他の例を示す図である。 FIG. 11 is a diagram showing another example of service content information stored in storage unit 113 shown in FIG.
 図2に示した記憶部113に記憶されたサービス内容情報は図11に示すように、サービスを提供する位置を示す位置情報と、サービスを利用する時刻を示す時刻情報と、提供するサービス内容とが対応付けられたものである。 As shown in FIG. 11, the service content information stored in the storage unit 113 shown in FIG. 2 includes position information indicating a position at which the service is provided, time information indicating a time of using the service, and service content to be provided. Are associated with each other.
 例えば、位置情報「特定エリア内」と、時刻情報「8:30~21:30」と、サービス内容「すべてのフォルダアクセス、電子メール送受信、全イントラネットWebアクセス」とが対応付けられている。これは、特定エリア105内において、8:30から21:30までの間は、「すべてのフォルダアクセス、電子メール送受信、全イントラネットWebアクセス」のサービスを提供することを示している。また、位置情報「特定エリア内」と、時刻情報「21:30~8:30」と、サービス内容「特定フォルダアクセス、電子メール送受信」とが対応付けられている。これは、特定エリア105内において、21:30から8:30までの間は、「特定フォルダアクセス、電子メール送受信」のサービスを提供することを示している。また、位置情報「特定エリア外」と、時刻情報「終日」と、サービス内容「特定フォルダアクセス、電子メール送受信」とが対応付けられている。これは、特定エリア105外においては、利用する時刻に関わらず「特定フォルダアクセス、電子メール送受信」の限定されたサービスを提供することを示している。 For example, position information “within a specific area”, time information “8:30 to 21:30”, and service content “all folder access, email transmission / reception, all intranet Web access” are associated. This indicates that the service of “all folder access, email transmission / reception, all intranet web access” is provided in the specific area 105 from 8:30 to 21:30. Further, position information “within a specific area”, time information “21:30 to 8:30”, and service content “specific folder access, e-mail transmission / reception” are associated. This indicates that the service of “specific folder access, email transmission / reception” is provided in the specific area 105 from 21:30 to 8:30. Further, position information “outside the specific area”, time information “all day”, and service content “specific folder access, e-mail transmission / reception” are associated with each other. This indicates that, outside the specific area 105, a limited service of "specific folder access, e-mail transmission / reception" is provided regardless of the time of use.
 また、位置情報に基づいて端末104-1~104-3が接続可能なネットワークを示す接続ネットワーク情報を記憶部113に記憶しておき、当該接続ネットワーク情報に基づいて接続可能なネットワークを制限するものであっても良い。 Further, connection network information indicating networks to which the terminals 104-1 to 104-3 can be connected is stored in the storage unit 113 based on the position information, and the connectable networks are limited based on the connection network information. It may be
 図12は、図2に示した記憶部113に記憶された接続ネットワーク情報の一例を示す図である。 FIG. 12 is a diagram showing an example of connection network information stored in the storage unit 113 shown in FIG.
 図2に示した記憶部113に記憶された接続ネットワーク情報は図12に示すように、サービスを提供する位置を示す位置情報と、端末104-1~104-3が接続可能なネットワークを示すネットワーク種別とが対応付けられたものである。 The connection network information stored in storage unit 113 shown in FIG. 2 is, as shown in FIG. 12, a network showing position information indicating a position for providing a service and a network to which terminals 104-1 to 104-3 can connect. The types are associated with each other.
 例えば、位置情報「特定エリア内」と、ネットワーク種別「ネットワークA」とが対応付けられている。これは、特定エリア105内においては、端末104-1~104-3はネットワークAと接続可能であることを示している。また、位置情報「特定エリア外」と、ネットワーク種別「ネットワークB」とが対応付けられている。これは、特定エリア105外においては、端末104-1~104-3はネットワークBと接続可能であることを示している。 For example, position information “within a specific area” and a network type “network A” are associated with each other. This indicates that the terminals 104-1 to 104-3 can be connected to the network A in the specific area 105. Further, position information “outside the specific area” is associated with the network type “network B”. This indicates that the terminals 104-1 to 104-3 can be connected to the network B outside the specific area 105.
 このネットワーク種別として、例えば、WiMAX網、社内無線LAN、公衆網等が挙げられる。これにより、特定エリア105内と特定エリア105外とで、接続できるネットワークを分けることができる。 Examples of this network type include a WiMAX network, an in-house wireless LAN, and a public network. As a result, the connectable networks can be divided into the specific area 105 and the specific area 105.
 なお、上述した例では、図1に示したように、特定エリア105内に存在する端末104-1は、基地局103-1を介してサービス提供サーバ101と通信を行い、特定エリア105外に存在する端末104-2は、基地局103-2を介してサービス提供サーバ101と通信を行い、特定エリア105外に存在する端末104-3は、基地局103-2を介してサービス提供サーバ101と通信を行う。 In the example described above, as shown in FIG. 1, the terminal 104-1 present in the specific area 105 communicates with the service providing server 101 via the base station 103-1 and is outside the specific area 105. The existing terminal 104-2 communicates with the service providing server 101 through the base station 103-2, and the terminal 104-3 existing outside the specific area 105 communicates with the service providing server 101 through the base station 103-2. Communicate with
 図13は、図1に示した形態において、基地局103-1と端末104-2とが通信を行う形態を示す図である。 FIG. 13 is a diagram showing a form in which base station 103-1 and terminal 104-2 perform communication in the form shown in FIG.
 図13に示すように、特定エリア105の外であっても基地局103-1と通信を行うことができる位置に端末104-2が存在する場合は、端末104-2は基地局103-1を介してサービス提供サーバ101と通信を行うものであっても良い。この場合、サービス提供サーバ101は、基地局103-1を介して端末104-2へ、特定エリア105の外に応じたサービスを提供する。 As shown in FIG. 13, when the terminal 104-2 exists at a position where it can communicate with the base station 103-1 even outside the specific area 105, the terminal 104-2 is the base station 103-1. It may communicate with the service providing server 101 via In this case, the service providing server 101 provides a service according to the outside of the specific area 105 to the terminal 104-2 via the base station 103-1.
 以下に、本形態の実施例を説明する。 Below, the Example of this form is demonstrated.
 図14は、本形態の第1の実施例を示す図である。 FIG. 14 is a diagram showing a first example of the present embodiment.
 図14に示すように、特定エリア105内にて利用者が端末104-1を使用する場合、端末104-1にはイントラネットフルアクセスのサービスが提供される。また、その後、認証キー106がゲート102を通過し、特定エリア105外にて利用者が端末104-1を使用する場合、端末104-1にはイントラネット限定アクセスのサービスが提供される。なお、本実施例においても、図13に示したものと同様に、端末104-1が特定エリア105の外に存在する場合であっても、端末104-1は基地局103-1を介してサービス提供サーバ101と通信を行うものであっても良い。この場合、サービス提供サーバ101は、基地局103-1を介して特定エリア105の外に存在する端末104-1へ、特定エリア105の外に応じたサービスを提供する。 As shown in FIG. 14, when the user uses the terminal 104-1 in the specific area 105, the terminal 104-1 is provided with a service of intranet full access. After that, when the authentication key 106 passes through the gate 102 and the user uses the terminal 104-1 outside the specific area 105, the terminal 104-1 is provided with a service of intranet limited access. Also in the present embodiment, as in the case shown in FIG. 13, even when the terminal 104-1 exists outside the specific area 105, the terminal 104-1 does not go through the base station 103-1. It may communicate with the service providing server 101. In this case, the service providing server 101 provides a service according to the outside of the specific area 105 to the terminal 104-1 existing outside the specific area 105 via the base station 103-1.
 図15は、本形態の第2の実施例を示す図である。 FIG. 15 is a diagram showing a second example of the present embodiment.
 図15に示すように、特定エリア105内にて利用者が端末104-1を使用する場合、端末104-1にはイントラネットフルアクセスのサービスが提供される。また、利用者が端末104-1を特定エリア105内に置いたまま、認証キー106を所持してゲート102を通過して特定エリア105から退場した場合、端末104-1にはイントラネット限定アクセスのサービスが提供される。これにより、特定エリア105内に置いてある端末104-1の内容を第三者が盗み見することを避けることができる。 As shown in FIG. 15, when the user uses the terminal 104-1 in the specific area 105, the terminal 104-1 is provided with a service of intranet full access. In addition, when the user holds the authentication key 106 and leaves the specific area 105 by passing the gate 102 while leaving the terminal 104-1 in the specific area 105, the terminal 104-1 can not access the intranet with limited access. Service is provided. This makes it possible to prevent a third party from stealing the contents of the terminal 104-1 placed in the specific area 105.
 図16は、本形態の第3の実施例を示す図である。 FIG. 16 is a diagram showing a third example of the present embodiment.
 図16に示すように、特定エリア105内にて利用者が端末104-1を使用する場合、端末104-1はWLAN網107でフルアクセスのサービスが提供される。また、その後、認証キー106がゲート102を通過し、特定エリア105外にて利用者が端末104-1を使用する場合、端末104-1は一般の公衆網108への接続サービスが提供される。これにより、特定エリア105内で使用しているイントラネット回線と一般公衆網とを認証キー106のゲート102通過により円滑に切り替えることができる。 As shown in FIG. 16, when the user uses the terminal 104-1 in the specific area 105, the terminal 104-1 is provided with a full access service over the WLAN network 107. After that, when the authentication key 106 passes through the gate 102 and the user uses the terminal 104-1 outside the specific area 105, the terminal 104-1 is provided with a connection service to the public network 108. . Thereby, it is possible to switch smoothly between the intranet line used in the specific area 105 and the general public network by passing the gate 102 of the authentication key 106.
 なお、端末104-1,104-2に、ゲート102から読み取り可能に利用者識別情報を書き込んでおくものであっても良い。この場合、上述したようなログインIDおよびパスワードによる認証は不要となり、端末104-1,104-2が存在する位置に応じたサービスが提供される。 The user identification information may be written to the terminals 104-1 and 104-2 so that the user can read the information from the gate 102. In this case, the authentication by the login ID and password as described above is unnecessary, and a service is provided according to the position where the terminals 104-1 and 104-2 exist.
 また、上述したサービス提供サーバ101が有する機能を、利用者の入退場を管理する一般的な機能と、利用者の入退場に基づいて提供するサービスを制限する本発明の特徴となる機能とを分け、それぞれの機能を別個(複数)のサーバにて実現するものであっても良い。 In addition, the above-described functions of the service providing server 101 include a general function of managing entry and exit of the user and a feature of the present invention which restricts the service provided based on the entry and exit of the user. The functions may be separately implemented by separate (multiple) servers.
 また、認証キー106のゲート102の通過により、端末104-1~104-3が接続可能なネットワークを、WiMAXやLTE等の無線ブロードバンドと、無線LAN接続技術の一種であるWiFi(Wireless Fidelity)等とのどちらかに切り替えるものであっても良い。例えば、認証キー106を所持した利用者が特定エリア105内に存在すると判断されている場合、WiFiにて社内イントラネットへ接続可能(フルアクセス)とし、認証キー106を所持した利用者が特定エリア105外に存在すると判断されている場合は、WiMAXやLTE等のネットワークに接続可能とするものであっても良い。つまり、図1に示した例では、基地局103-1がWiFiのネットワークへ接続可能な基地局であり、また、基地局103-2がWiMAXやLTE等のネットワークへ接続可能な基地局であっても良い。この場合、無線通信距離が無線LANよりも長く、高速通信を行うことができるWiMAXやLTE等のネットワークに特定エリア105外で接続することが可能となる。 In addition, networks through which the terminals 104-1 to 104-3 can be connected by passing the gate 102 of the authentication key 106 are wireless broadband such as WiMAX and LTE, WiFi (Wireless Fidelity) which is a type of wireless LAN connection technology, etc. And may be switched to either. For example, when it is determined that the user who possesses the authentication key 106 is present in the specific area 105, it is possible to connect to the company intranet via WiFi (full access), and the user who possesses the authentication key 106 determines the specific area 105. If it is determined to be outside, it may be connectable to a network such as WiMAX or LTE. That is, in the example shown in FIG. 1, the base station 103-1 is a base station connectable to a WiFi network, and the base station 103-2 is a base station connectable to a network such as WiMAX or LTE. It is good. In this case, the wireless communication distance is longer than the wireless LAN, and it becomes possible to connect outside the specific area 105 to a network such as WiMAX or LTE that can perform high-speed communication.
 また、端末104-1~104-3が、シンクライアントであっても良い。端末104-1~104-3がシンクライアントである場合、認証キー106のゲート102通過の情報とリンクさせることにより、広範囲でのアクセスを可能にしながら、セキュリティを考慮したサービスを提供することができる。これは、特定エリア105外では、必要な情報をシンクライアントである端末104-1~104-3が取得しようとしても、制限された情報しか提供されないことによる。 Also, the terminals 104-1 to 104-3 may be thin clients. When the terminals 104-1 to 104-3 are thin clients, by linking with the information passing through the gate 102 of the authentication key 106, it is possible to provide a service considering security while enabling a wide range of access. . This is because outside the specific area 105, even if the thin clients 104-1 to 104-3 try to acquire necessary information, only limited information is provided.
 なお、上述したサービス提供サーバ101の処理は、目的に応じて作製された論理回路で行うようにしても良い。また、処理内容を手順として記述したプログラムをサービス提供サーバ101にて読取可能な記録媒体に記録し、この記録媒体に記録されたプログラムをサービス提供サーバ101に読み込ませ、実行するものであっても良い。サービス提供サーバ101にて読取可能な記録媒体とは、フロッピーディスク(登録商標)、光磁気ディスク、DVD、CDなどの移設可能な記録媒体の他、サービス提供サーバ101に内蔵されたROM、RAM等のメモリやHDD等を指す。この記録媒体に記録されたプログラムは、サービス提供サーバ101内のCPU(不図示)にて読み込まれ、CPUの制御によって、上述したものと同様の処理が行われる。ここで、CPUは、プログラムが記録された記録媒体から読み込まれたプログラムを実行するコンピュータとして動作するものである。 The processing of the service providing server 101 described above may be performed by a logic circuit manufactured according to the purpose. Further, even if a program in which the processing content is described as a procedure is recorded in a recording medium readable by the service providing server 101, and the program recorded in the recording medium is read by the service providing server 101 and executed. good. The recording medium readable by the service providing server 101 includes a removable recording medium such as a floppy disk (registered trademark), a magneto-optical disk, a DVD, a CD, etc., a ROM, a RAM, etc. built in the service providing server 101. Point to memory and HDD etc. The program recorded on the recording medium is read by a CPU (not shown) in the service providing server 101, and the same processing as described above is performed under the control of the CPU. Here, the CPU operates as a computer that executes a program read from a recording medium in which the program is recorded.
 以上説明したように、一般的に特定エリアである事業場やオフィスやパーク等の入退場を行うために読み取った利用者識別情報を用いて利用者の位置を判断するため、利用者の位置を識別する特別な手段を追加する必要がなく、また、利用者の位置情報に基づいたサービスを提供することができる。 As described above, in order to judge the position of the user using the user identification information read in order to enter and leave the business area, office, park, etc. which is a specific area in general, the position of the user is There is no need to add a special means for identification, and services can be provided based on the user's location information.
 以上、実施の形態を参照して本願発明を説明したが、本願発明は上記実施の形態に限定されるものではない。本願発明の構成や詳細には、本願発明のスコープ内で当業者が理解し得る様々な変更をすることができる。 Although the present invention has been described above with reference to the embodiment, the present invention is not limited to the above embodiment. The configurations and details of the present invention can be modified in various ways that can be understood by those skilled in the art within the scope of the present invention.
 この出願は、2008年5月15日に出願された日本出願特願2008-128424を基礎とする優先権を主張し、その開示の全てをここに取り込む。 This application claims priority based on Japanese Patent Application No. 2008-128424 filed on May 15, 2008, the entire disclosure of which is incorporated herein.

Claims (11)

  1.  所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバであって、
     前記利用者が操作する端末から当該サーバへの接続が要求された場合、前記端末へ前記利用者が前記エリアの中にいるのか外にいるのかに応じたサービスを提供するサーバ。     It is connected to an identification information reader provided at the entrance of a predetermined area, and is used to identify the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user. A server for managing entry / exit of the user based on the identification information of the user,
    A server that provides a service according to whether the user is inside or outside the area when a connection to the server is requested from a terminal operated by the user.
  2.  請求項1に記載のサーバにおいて、
     前記利用者識別情報と、前記利用者が前記エリアの中にいるのか外にいるのかを示す位置情報と、前記位置情報に応じたサービス内容とを対応付けて記憶する記憶部と、
     前記端末から当該サーバへの接続を要求する接続要求信号が送信されてきた場合、前記接続要求信号に含まれる利用者識別情報に基づいて前記サービス内容を前記記憶部から読み出すテーブル管理部と、
     前記テーブル管理部が読み出したサービス内容に応じたサービスを前記端末へ提供するサービス提供部とを有することを特徴とするサーバ。     In the server according to claim 1,
    A storage unit that stores the user identification information, position information indicating whether the user is inside or outside the area, and service content corresponding to the position information;
    A table management unit that reads out the service content from the storage unit based on user identification information included in the connection request signal when a connection request signal for requesting a connection to the server is transmitted from the terminal;
    A server providing a service according to the service content read out by the table management unit to the terminal.
  3.  請求項1に記載のサーバにおいて、
     前記利用者識別情報と、当該サーバが前記利用者を認証するために用いられる認証情報と、前記利用者が前記エリアの中にいるのか外にいるのかを示す位置情報と、前記位置情報に応じたサービス内容とを対応付けて記憶する記憶部と、
     前記端末から当該サーバへ前記認証情報が送信されてきた場合、前記認証情報に基づいて前記サービス内容を前記記憶部から読み出すテーブル管理部と、
     前記テーブル管理部が読み出したサービス内容に応じたサービスを前記端末へ提供するサービス提供部とを有することを特徴とするサーバ。     In the server according to claim 1,
    According to the user identification information, authentication information used to authenticate the user by the server, position information indicating whether the user is inside or outside the area, and the position information A storage unit that stores the associated service content in association with each other;
    A table management unit that reads out the service content from the storage unit based on the authentication information when the authentication information is transmitted from the terminal to the server;
    A server providing a service according to the service content read out by the table management unit to the terminal.
  4.  請求項2に記載のサーバにおいて、
     前記記憶部は、前記利用者識別情報と前記位置情報とを対応付けた利用者情報と、前記位置情報と前記サービス内容とを対応付けたサービス内容情報とを記憶し、
     前記テーブル管理部は、前記利用者識別情報に基づいて前記利用者情報から前記位置情報を読み出し、該読み出された位置情報に基づいて前記サービス内容情報から前記サービス内容を読み出すことを特徴とするサーバ。     In the server according to claim 2,
    The storage unit stores user information in which the user identification information and the position information are associated, and service content information in which the position information and the service content are associated.
    The table management unit reads the position information from the user information based on the user identification information, and reads the service content from the service content information based on the read position information. server.
  5.  請求項3に記載のサーバにおいて、
     前記記憶部は、前記利用者識別情報と前記認証情報と前記位置情報とを対応付けた利用者情報と、前記位置情報と前記サービス内容とを対応付けたサービス内容情報とを記憶し、
     前記テーブル管理部は、前記認証情報に基づいて前記利用者情報から前記位置情報を読み出し、該読み出された位置情報に基づいて前記サービス内容情報から前記サービス内容を読み出すことを特徴とするサーバ。     In the server according to claim 3,
    The storage unit stores user information in which the user identification information, the authentication information, and the position information are associated, and service content information in which the position information and the service content are associated.
    The server, wherein the table management unit reads the position information from the user information based on the authentication information, and reads the service content from the service content information based on the read position information.
  6.  所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバにおけるサービス提供方法であって、
     前記利用者が操作する端末から当該サーバへの接続が要求された場合、前記端末へ前記利用者が前記エリアの中にいるのか外にいるのかに応じたサービスを提供する処理を有するサービス提供方法。     It is connected to an identification information reader provided at the entrance of a predetermined area, and is used to identify the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user. A service providing method in a server that manages entry / exit of the user based on the identification information of the user,
    A service providing method comprising processing for providing a service to the terminal according to whether the user is inside or outside the area when a connection to the server is requested from the terminal operated by the user .
  7.  請求項6に記載のサービス提供方法において、
     前記利用者識別情報と、前記利用者が前記エリアの中にいるのか外にいるのかを示す位置情報と、前記位置情報に応じたサービス内容とを対応付けて当該サーバが具備する記憶部に記憶する処理と、
     前記端末から当該サーバへの接続を要求する接続要求信号が送信されてきた場合、前記接続要求信号に含まれる利用者識別情報に基づいて前記サービス内容を前記記憶部から読み出す処理と、
     前記サービス内容に応じたサービスを前記端末へ提供する処理とを有することを特徴とするサービス提供方法。     In the service providing method according to claim 6,
    The user identification information, position information indicating whether the user is in or out of the area, and service content according to the position information are stored in a storage unit provided in the server in association with each other. And the process to
    A process of reading the service content from the storage unit based on user identification information included in the connection request signal when a connection request signal for requesting a connection to the server is transmitted from the terminal;
    Providing a service according to the service content to the terminal.
  8.  請求項6に記載のサービス提供方法において、
     前記利用者識別情報と、当該サーバが前記利用者を認証するために用いられる認証情報と、前記利用者が前記エリアの中にいるのか外にいるのかを示す位置情報と、前記位置情報に応じたサービス内容とを対応付けて当該サーバが具備する記憶部に記憶する処理と、
     前記端末から当該サーバへ前記認証情報が送信されてきた場合、前記認証情報に基づいて前記サービス内容を前記記憶部から読み出す処理と、
     前記サービス内容に応じたサービスを前記端末へ提供する処理とを有することを特徴とするサービス提供方法。     In the service providing method according to claim 6,
    According to the user identification information, authentication information used to authenticate the user by the server, position information indicating whether the user is inside or outside the area, and the position information Processing for correlating the stored service content and storing it in a storage unit of the server;
    A process of reading the service content from the storage unit based on the authentication information when the authentication information is transmitted from the terminal to the server;
    Providing a service according to the service content to the terminal.
  9.  所定のエリアの出入口に設けられた識別情報読み取り装置と接続され、利用者が所持する識別情報記憶媒体から前記識別情報読み取り装置にて読み取られて送信されてきた前記利用者を識別するための利用者識別情報に基づいて、前記利用者の入退場を管理するサーバに、
     前記利用者が操作する端末から当該サーバへの接続が要求された場合、前記端末へ前記利用者が前記エリアの中にいるのか外にいるのかに応じたサービスを提供する手順を実行させるプログラム。     It is connected to an identification information reader provided at the entrance of a predetermined area, and is used to identify the user who has been read and transmitted by the identification information reader from an identification information storage medium possessed by the user. A server that manages entry and exit of the user based on the identification information of the user;
    A program that, when a terminal operated by a user requests connection to the server, executes a procedure for providing a service according to whether the user is inside or outside the area.
  10.  請求項9に記載のプログラムにおいて、
     前記利用者識別情報と、前記利用者が前記エリアの中にいるのか外にいるのかを示す位置情報と、前記位置情報に応じたサービス内容とを対応付けて当該サーバが具備する記憶部に記憶する手順と、
     前記端末から当該サーバへの接続を要求する接続要求信号が送信されてきた場合、前記接続要求信号に含まれる利用者識別情報に基づいて前記サービス内容を前記記憶部から読み出す手順と、
     前記サービス内容に応じたサービスを前記端末へ提供する手順とを当該サーバに実行させることを特徴とするプログラム。     In the program according to claim 9,
    The user identification information, position information indicating whether the user is in or out of the area, and service content according to the position information are stored in a storage unit provided in the server in association with each other. And the steps to
    A procedure for reading out the service content from the storage unit based on user identification information included in the connection request signal when a connection request signal for requesting a connection to the server is transmitted from the terminal;
    A program for causing the server to execute a procedure of providing a service according to the service content to the terminal.
  11.  請求項9に記載のプログラムにおいて、
     前記利用者識別情報と、当該サーバが前記利用者を認証するために用いられる認証情報と、前記利用者が前記エリアの中にいるのか外にいるのかを示す位置情報と、前記位置情報に応じたサービス内容とを対応付けて当該サーバが具備する記憶部に記憶する手順と、
     前記端末から当該サーバへ前記認証情報が送信されてきた場合、前記認証情報に基づいて前記サービス内容を前記記憶部から読み出す手順と、
     前記サービス内容に応じたサービスを前記端末へ提供する手順とを当該サーバに実行させることを特徴とするプログラム。     In the program according to claim 9,
    According to the user identification information, authentication information used to authenticate the user by the server, position information indicating whether the user is inside or outside the area, and the position information A procedure for storing the associated service content in the storage unit of the server in association with each other;
    A procedure for reading out the service content from the storage unit based on the authentication information when the authentication information is transmitted from the terminal to the server;
    A program for causing the server to execute a procedure of providing a service according to the service content to the terminal.
PCT/JP2009/057210 2008-05-15 2009-04-08 Server, service providing method, and program WO2009139242A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2008-128424 2008-05-15
JP2008128424A JP2009277064A (en) 2008-05-15 2008-05-15 Server, service providing method and program

Publications (1)

Publication Number Publication Date
WO2009139242A1 true WO2009139242A1 (en) 2009-11-19

Family

ID=41318615

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2009/057210 WO2009139242A1 (en) 2008-05-15 2009-04-08 Server, service providing method, and program

Country Status (3)

Country Link
JP (1) JP2009277064A (en)
TW (1) TW201001341A (en)
WO (1) WO2009139242A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6261407B2 (en) * 2014-03-24 2018-01-17 株式会社Nttドコモ Server apparatus, information processing system, and information processing method
KR101698136B1 (en) * 2015-07-07 2017-01-19 주식회사 케이티 A Method and System for setting Private LTE APN synchronized with the external system of entering control
KR101696788B1 (en) * 2015-07-08 2017-01-23 주식회사 케이티 Method and system for providing private network service by near field communication and apparatus therefor

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004088361A (en) * 2002-08-26 2004-03-18 Toshiba Eng Co Ltd Observation information providing system
JP2004320275A (en) * 2003-04-15 2004-11-11 Casio Comput Co Ltd Wireless communication system and program
JP2006191540A (en) * 2004-12-09 2006-07-20 Ntt Docomo Inc Service providing system, and portable terminal and control program of same
JP2008009545A (en) * 2006-06-27 2008-01-17 Matsushita Electric Works Ltd File creation program, and linked authentication system
JP2008035210A (en) * 2006-07-28 2008-02-14 Matsushita Electric Ind Co Ltd Call control system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004088361A (en) * 2002-08-26 2004-03-18 Toshiba Eng Co Ltd Observation information providing system
JP2004320275A (en) * 2003-04-15 2004-11-11 Casio Comput Co Ltd Wireless communication system and program
JP2006191540A (en) * 2004-12-09 2006-07-20 Ntt Docomo Inc Service providing system, and portable terminal and control program of same
JP2008009545A (en) * 2006-06-27 2008-01-17 Matsushita Electric Works Ltd File creation program, and linked authentication system
JP2008035210A (en) * 2006-07-28 2008-02-14 Matsushita Electric Ind Co Ltd Call control system

Also Published As

Publication number Publication date
TW201001341A (en) 2010-01-01
JP2009277064A (en) 2009-11-26

Similar Documents

Publication Publication Date Title
US7874007B2 (en) Providing guest users access to network resources through an enterprise network
CN101102188B (en) A method and system for mobile access to VLAN
CN102100111B (en) Methods and apparatuses for providing temporal information
JP4817814B2 (en) Application state information transfer system
US8188857B2 (en) Authentication system and method thereof for wireless networks
CN104143056A (en) Identity authentication method and system
CN102859935A (en) System And Methods For Remote Maintenance Of Multiple Clients In An Electronic Network Using Virtual Machines
CN104081799A (en) Social hotspot
CN104871203A (en) Network access based on social-networking information
CN105812482B (en) The sharing method and server platform of communication information
CN107454046B (en) Cross-device authentication method and device
US8913959B1 (en) Method and apparatus for facilitating wireless access point registration
KR20130064373A (en) System for entering and location authentication of smart device using sequential wireless authentication and method for entering and location authentication using the same
WO2009139242A1 (en) Server, service providing method, and program
US20160295411A1 (en) Method and apparatus for providing radio communication with an object in a local environment
US20090037979A1 (en) Method and System for Recovering Authentication in a Network
KR20140103579A (en) System and method for authentication of wiress network using near field communication
EP3403370B1 (en) Device communication management in a communication system
KR101131185B1 (en) mobile and service method thereof
CN105359168A (en) Mobile terminal and control method for access control system
KR20080109470A (en) Terminal dependent service providing and charging method using terminal certificates
US11601422B2 (en) Communication node, multi-hop network, equipment validity check method, and program
JP2018136743A (en) Information processing device, information processing method, and program
WO2011047587A1 (en) Method and device for managing closed subscriber group members
CN116436667A (en) Authority authentication method, system, device, terminal and computer readable storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09746449

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09746449

Country of ref document: EP

Kind code of ref document: A1