WO2015122221A1 - Système d'authentification, dispositif d'acceptation d'authentification et procédé d'authentification - Google Patents

Système d'authentification, dispositif d'acceptation d'authentification et procédé d'authentification Download PDF

Info

Publication number
WO2015122221A1
WO2015122221A1 PCT/JP2015/050506 JP2015050506W WO2015122221A1 WO 2015122221 A1 WO2015122221 A1 WO 2015122221A1 JP 2015050506 W JP2015050506 W JP 2015050506W WO 2015122221 A1 WO2015122221 A1 WO 2015122221A1
Authority
WO
WIPO (PCT)
Prior art keywords
input
authentication
information
unit
receiving unit
Prior art date
Application number
PCT/JP2015/050506
Other languages
English (en)
Japanese (ja)
Inventor
三橋 隆史
Original Assignee
株式会社Lixil
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Lixil filed Critical 株式会社Lixil
Publication of WO2015122221A1 publication Critical patent/WO2015122221A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check

Definitions

  • the present invention relates to authentication technology, and more particularly, to a system and method for authenticating a person to be authenticated, and an apparatus for receiving input of authentication information.
  • authentication using an IC card is conventionally known.
  • the ID stored in the IC card is read by a reader and verified against the ID registered in advance to authenticate the person to be authenticated.
  • This technology has a problem that when an IC card is stolen by a third party, authentication for the third party is established.
  • a countermeasure there has been proposed a system in which a password code input unit is provided on an IC card and an ID is output to a reader only when the correct password is input (see Patent Document 1).
  • the present invention has been made in view of such problems, and an object thereof is to provide an authentication technique capable of improving security.
  • an aspect of the present invention provides an authentication system for authenticating a person to be authenticated who uses equipment, and accepts an operation detected from the person to be authenticated as an input of authentication information.
  • a first input receiving unit a second input receiving unit that receives an input of authentication information different from the authentication information received by the first input receiving unit, first input information input to the first input receiving unit, and Authentication for authenticating the person to be authenticated by comparing the first registration information to be registered and comparing the second input information input to the second input reception unit and the second registration information registered in advance.
  • an input receiving area of the first input receiving unit is provided in such a manner that it cannot be visually recognized in the appearance of the facility.
  • the input reception area of the first input reception unit cannot be visually recognized, and it becomes difficult for a third party to perform an input operation. Further, even if a third party knows the position of the input reception area, authentication is not established unless the specific operation as the authentication means is known and there is no specific authentication information to be input to the second input reception unit. Therefore, security is improved.
  • one of the first input receiving unit or the second input receiving unit starts receiving an input first
  • the authentication processing unit is the first input receiving unit or the second input receiving unit first.
  • the input information entered from the one that started accepting and the registered information are collated, and when the collation using the input information inputted from one of the first input accepting unit and the second input accepting unit is established, the other input You may start accepting.
  • the security since the input order of the first input information and the second input information is also required for the establishment of authentication, the security is further improved.
  • the other input reception area of the first input reception unit and the second input reception unit is provided in an aspect that cannot be visually recognized in the appearance of the facility, and the other of the first input reception unit and the second input reception unit is input.
  • a position notifying unit for notifying the position of the input receiving area may be further provided at any timing after the start of receiving. According to this aspect, if collation using the input information input to one input reception unit is established, the input reception area of the other input reception unit can be recognized by notification of the position notification unit. Therefore, even if the person to be authenticated forgets the position of the other input reception area, the authentication information can be input thereto, which increases convenience for the user.
  • an electric lock device that electrically locks and unlocks the lock may be further provided, and when the authentication by the authentication processing unit is established, the electric lock device may lock and unlock the lock.
  • the electric lock device when the lock is in the unlocked state, the first input receiving unit starts receiving input, and when the first input information and the first registered information are verified, the electric lock device detects the lock. It may be locked.
  • the electric lock device when the electric lock device is locked, the person to be authenticated is authenticated by using only the operation of the person to be authenticated, so that the procedure necessary for locking is reduced and the operability is improved.
  • the authentication processing unit compares the first input information with a plurality of pieces of first registration information each associated with one of a plurality of users, and when authentication by the authentication processing unit is established, Information indicating the user corresponding to the first registration information that has been verified with the input information may be transmitted to a management server that manages information indicating whether the user is in the facility.
  • the user can be identified from the operation of the person to be authenticated, and the existence of the identified user in the facility can be managed by the management server.
  • the authentication processing unit collates the first input information with a plurality of first registration information each associated with one of a plurality of users, and the second input information with each of a plurality of users.
  • the authentication processing unit compares the second input information with the user corresponding to the first registration information that has been verified with the first input information.
  • the person to be authenticated may be authenticated by determining whether or not the user corresponding to the established second registration information matches.
  • the operation as the authentication unit and the information input to the second input receiving unit are stored in association with the user, and authentication is performed only when the user corresponding to both is the same. To establish. Therefore, security is further improved.
  • the first input receiving unit may be installed in a form attached to the facility side.
  • the 1st input reception part may be installed in the portable terminal which a to-be-authenticated person possesses.
  • Another aspect of the present invention is an authentication receiving apparatus used for authenticating a person to be authenticated who uses equipment, and is authenticated by detecting a movement of the person to be authenticated, which is attached to the support and the support.
  • a first input receiving unit that receives input of information for use and a second input receiving unit that is attached to the support and receives input of authentication information, and the support is an exposed surface that is part of the appearance of the facility
  • the input reception area of the first input reception unit is provided in a manner that is not visible in the appearance of the exposed surface. According to this aspect, the input reception area of the first input reception unit cannot be visually recognized, and it becomes difficult for a third party to perform an input operation. Further, even if a third party knows the position of the input reception area, authentication is not established unless the specific operation as the authentication means is known and there is no specific authentication information to be input to the second input reception unit. Therefore, security is improved.
  • Another aspect of the present invention is an authentication method for authenticating a person to be authenticated, which accepts an operation detected from the person to be authenticated as an input of authentication information, and is registered in advance with the input first input information.
  • the first step of collating the first registration information and the input of the authentication information different from the authentication information received in the first step are received, the input second input information and the second registration registered in advance
  • authentication is not established unless there is a specific operation serving as an authentication unit and specific authentication information. Therefore, security is improved.
  • the security of the authentication system can be improved.
  • the reader is exposed to the exterior of the facility, or a mark is displayed at the position of the reading area, so that the reading area can be visually recognized.
  • the person to be authenticated placed the IC card close to the reading area and entered authentication information into the reader.
  • an input reception area for receiving input of authentication information is provided in such a manner that it cannot be seen from the exterior of the facility. Accordingly, authentication information cannot be input unless the position of the input reception area is known in advance, and security is improved.
  • the operation of the person to be authenticated is also used as an authentication means. Therefore, even if the authentication medium is stolen by a third party, authentication is not established unless a specific operation is known, and security is improved.
  • FIG. 1 shows a facility 10 in which the authentication system 100 is used.
  • the authentication system 100 is used for authenticating a person who uses the facility 10.
  • the facility 10 is a door portion 11 provided at the entrance of the building.
  • the door part 11 includes a door 13 and a sleeve part 15 provided on the side part thereof.
  • the door 13 is locked and unlocked by a lock 67 of the electric lock device 60.
  • the authentication system 100 locks or unlocks the lock 67 when the person to be authenticated is a valid user.
  • FIG. 2 is a block diagram of the authentication system 100.
  • Each block can be realized in hardware by elements and circuits such as a computer CPU and memory, and in software by a computer program or the like.
  • functional blocks realized by their cooperation are depicted. These functional blocks can be realized in various modes by a combination of hardware and software. The same applies to the subsequent block diagrams.
  • the authentication system 100 includes an authentication medium 20, an authentication device 30, and an electric lock device 60.
  • the authentication device 30 and the electric lock device 60 are connected via a known communication network such as a LAN or the Internet.
  • the authentication medium 20 is an IC card, and includes an identification information holding unit 21 and an output unit 23.
  • the identification information holding unit 21 stores a key ID that uniquely identifies the authentication medium 20 as identification information.
  • the output unit 23 transmits data to the authentication device 30 by short-range wireless communication.
  • FIG. 3 is a block diagram of the authentication device 30.
  • the authentication device 30 includes an authentication reception device 40, an authentication information holding unit 31, an authentication processing unit 33, and a communication unit 39.
  • the authentication reception device 40 includes a support panel 41, a first input reception unit 43, a second input reception unit 47, a position notification lamp 51, and a result notification lamp 53.
  • the communication unit 39 performs data communication with an external device, in particular, the electric lock device 60.
  • the support panel 41 is installed as the sleeve portion 15 of the door portion 11 (see FIG. 1).
  • the support panel 41 includes a front surface portion 111 and a rear surface portion 113 that face each other in the thickness direction, and side portions 115 provided along the upper, lower, left, and right edge portions of the front surface portion 111 and the rear surface portion 113, and is surrounded by these. It has a hollow structure.
  • the front surface portion 111 and the rear surface portion 113 are made of a polycarbonate plate material having translucency.
  • the outer surface of the front surface portion 111 forms an exposed surface 41a that is a part of the appearance of the door portion 11 when the door portion 11 is viewed from the outside.
  • a light shielding layer 119 is provided on the inner surface of the front surface portion 111 and the rear surface portion 113.
  • the light shielding layer 119 is a black film and is made of a light shielding material having a small visible light transmittance.
  • the light shielding layer 119 has a visible light transmittance adjusted so that the internal structure cannot be seen when the support panel 41 is viewed from the outside.
  • the light shielding layer 119 is provided by vapor deposition or application of a light shielding material.
  • the first input receiving unit 43 is composed of a plurality of proximity sensors 44.
  • Each proximity sensor 44 is a capacitive proximity sensor.
  • Each proximity sensor 44 is attached to the inside of the support panel 41.
  • the proximity sensors 44 are arranged in a matrix of 2 rows ⁇ 4 columns on the top, bottom, left, and right of the support panel 41, but the arrangement mode is not limited to this.
  • each proximity sensor 44 is provided in front of the exposed surface 41a of the support panel 41.
  • the proximity sensor 44 detects the presence or absence of an object present in the detection area 45.
  • Each detection area 45 forms a first input reception area 46.
  • the detection region 45 from the left end to the right end of the first row in FIG. 4B is referred to as A1 to A4, and the detection region 45 from the left end to the right end of the second row is referred to as B1 to B4.
  • the proximity sensor 44 detects that there is an object in the moved order. Is done.
  • the first input reception unit 43 detects the order in which the object moves in each detection area 45 from the detection result of each proximity sensor 44 until the object enters and exits the detection area 45. For example, as shown in FIG. 5A, when the hand is moved into the detection area A4, moved to the detection areas A3, A2, and A1, and then the hand is withdrawn, the first input reception unit 43 causes the detection area A4 to move out. , A3, A2, A1 are detected.
  • a specific part of the body of the person to be authenticated for example, a trajectory of the movement of the hand, arm, or the like, that is, a gesture of the specific part of the person to be authenticated is detected.
  • the first input receiving unit 43 detects the gesture of the specific part of the person to be authenticated based on the approaching state of the object to the plurality of detection regions 45.
  • the first input receiving unit 43 receives an operation detected from the person to be authenticated as an input of authentication information, and passes the operation to the authentication processing unit 33 as first input information.
  • the second input receiving unit 47 is composed of a reader 48 as shown in FIG.
  • the leader 48 is attached to the inside of the support panel 41.
  • the reading area 48 a of the reader 48 is provided in front of the exposed surface 41 a of the support panel 41.
  • a second input receiving area 49 is formed by the reading area 48a.
  • the identification information of the authentication medium 20 is read by short-range wireless communication.
  • the second input receiving unit 47 receives the read identification information as an input of authentication information, and passes this to the authentication processing unit 33 as second input information.
  • the position notification lamp 51 is composed of a plurality of lamps such as LEDs and is installed inside the support panel 41. When the position notification lamp 51 is turned on, the light amount is adjusted so that the light transmission layer 119 is transmitted and the light emission range on the exposed surface 41a can be visually recognized. In FIG.5 (b), the light emission range S1 is shown with a dashed-dotted line.
  • the position notification lamp 51 is disposed at a position corresponding to the second input reception area 49 and notifies the person to be authenticated of the position. The lighting of the position notification lamp 51 is controlled by a control signal sent from the authentication processing unit 33.
  • the result notification lamp 53 includes a plurality of lamps such as LEDs having different emission colors, and is installed inside the support panel 41.
  • the result notification lamp 51 When the result notification lamp 51 is turned on, the amount of light is adjusted so as to pass through the light shielding layer 119 so that the light emission range on the exposed surface 41a can be visually recognized.
  • the light emission range S2 In FIG.5 (c), the light emission range S2 is shown with a dashed-dotted line.
  • the result notification lamp 53 causes a part of the exposed surface 41a to emit light with a different color, and notifies the authentication result to the person to be authenticated. Lighting of the result notification lamp 53 is controlled by a control signal sent from the authentication processing unit 33.
  • the proximity sensor 44 and the reader 48 which are mechanical devices constituting the input receiving units 43 and 47, are not exposed to the exterior of the door unit 11. Moreover, the display of the mark etc. which specify these positions directly does not appear in the external appearance of the door part 11. FIG. As a result, the areas 46 and 49 cannot be visually recognized by the person to be authenticated from the appearance of the door portion 11 from the operation position when performing an input operation on these areas.
  • the authentication information holding unit 31 registers in advance the gesture of the person to be authenticated to be input to the first input receiving unit 43 as the first registration information.
  • the authentication information holding unit 31 registers, as the first registration information, a locking gesture for locking the electric lock device 60 and an unlocking gesture for unlocking.
  • the unlocking gesture is stored as, for example, the order of the detection areas A4, A3, A2, and A1.
  • the gesture for locking is memorize
  • the authentication information holding unit 31 has previously registered a key ID as identification information to be input to the second input receiving unit 47 as second registration information.
  • the authentication processing unit 33 includes a first input information acquisition unit 35, a second input information acquisition unit 36, and an authentication unit 37.
  • the first input information acquisition unit 35 acquires first input information input to the first input reception unit 43.
  • the second input information acquisition unit 36 acquires second input information input to the second input reception unit 47.
  • the authentication unit 37 collates the first input information input to the first input reception unit 43 with the first registration information registered in the authentication information holding unit 31.
  • the authentication unit 37 collates by determining whether or not the gesture input as the first input information matches the gesture registered as the first registration information.
  • the authentication unit 37 collates the second input information input to the second input reception unit 47 with the second registration information registered in the authentication information holding unit 31.
  • the authentication unit 37 collates by determining whether or not the key ID as the identification information input as the second input information matches the key ID as the identification information registered as the second registration information. .
  • FIG. 6 is a block diagram of the electric lock device 60.
  • the electric lock device 60 includes a communication unit 61, a locking / unlocking control unit 63, a locking / unlocking mechanism 65, and a state monitoring unit 69.
  • the communication unit 61 performs data communication between the authentication device 30 and the locking / unlocking control unit 63.
  • the locking / unlocking control unit 63 controls each part of the electric lock device 60 in an integrated manner.
  • the locking / unlocking control unit 63 acquires the locking / unlocking request signal from the authentication device 30, the locking / unlocking control unit 63 outputs a drive control signal corresponding thereto to the locking / unlocking mechanism 65.
  • the locking / unlocking mechanism 65 includes a drive source 66 such as a motor and a solenoid, and a lock 67.
  • the locking / unlocking mechanism 65 drives the drive source 66 so as to lock or unlock the lock 67 by a drive control signal from the locking / unlocking control unit 63.
  • a dead bolt enters or leaves the strike of the door frame and the lock 67 is unlocked.
  • the state monitoring unit 69 includes a detection sensor such as a micro switch or a reed switch.
  • the state monitoring unit 69 detects the advance / retreat state of the dead bolt of the lock 67 and monitors the current lock / unlock state of the lock 67.
  • the state monitoring unit 69 outputs monitoring information indicating this state to the locking / unlocking control unit 63.
  • the operation of the authentication system 100 will be described separately when the electric lock device 60 is unlocked and locked.
  • FIG. 7 shows a process when the electric lock device 60 is unlocked.
  • the authentication processing unit 33 executes the following processing.
  • the locking / unlocking state of the lock 67 is determined from the monitoring signal received from the electric lock device 60.
  • the electric lock device 60 authenticates the person to be authenticated using the authentication medium 20 that holds the identification information as the secondary authentication means and the gesture of the person to be authenticated as the primary authentication means.
  • the first input reception area 46 cannot be visually recognized from the appearance of the door portion 11. Therefore, it is difficult to input an unlocking gesture to the first input reception area 46 unless the person is an authenticated person who knows the first input reception area 46 in advance. Note that the function of the position notification lamp 51 is in the Off state, and the second input reception area 49 cannot be visually recognized.
  • the authentication processing unit 33 sets the functions of the first input receiving unit 43 and the second input receiving unit 47 to the On state and the Off state, and receives a gesture input from the first input receiving unit 43 (S10).
  • the person to be authenticated inputs the unlocking gesture to the first input receiving unit 43.
  • the person to be authenticated enters the detection area A4 in the first input reception area 46, moves in the order of the detection areas A3, A2, and A1, and moves the hand out of the detection area A1.
  • the first input reception unit 43 detects the movement order of the detection areas A4, A3, A2, and A1 as a gesture, and passes this to the authentication processing unit 33 as first input information.
  • the authentication unit 37 of the authentication processing unit 33 collates the first input information passed from the first input receiving unit 43 with the first registration information (S12). When collation fails (N of S12), the authentication process part 33 alert
  • the authentication processing unit 33 starts accepting input by the second input accepting unit 47 (S16). This reception may be started by activating the second input reception unit 47. In addition, the input may be received without passing the input information to the authentication processing unit 33 during the reception period and not during other periods.
  • the second input receiving unit 47 receives an input for a predetermined time, for example, 10 seconds, and stops receiving after the elapse of the time.
  • the authentication processing unit 33 causes the person to be authenticated to recognize the position of the second input reception area 49 by turning on the position notification lamp 51 (S18). This may be performed at any timing from the start to the end of reception by the second input reception unit 47.
  • the person to be authenticated inputs identification information to the second input receiving unit 47 as authentication information.
  • the input is performed by bringing the authentication medium 20 close to the second input reception area 49.
  • the second input receiving unit 47 reads the identification information of the authentication medium 20 and passes it to the authentication processing unit 33 as second input information.
  • the authentication unit 37 of the authentication processing unit 33 collates the second input information passed from the second input receiving unit 47 with the second registration information (S22). When collation fails (N of S22), the authentication process part 33 alert
  • the authentication processing unit 33 determines that the authentication of the person to be authenticated is established, and transmits an unlock request signal to the electric lock device 60 (S26).
  • the locking / unlocking control unit 63 of the electric lock device 60 unlocks the lock 67 of the locking / unlocking mechanism 65 (S28).
  • the locking / unlocking control unit 63 acquires monitoring information indicating the unlocking state of the lock 67 output from the state monitoring unit 69, and transmits the monitoring information to the authentication device 30.
  • the authentication processing unit 33 of the authentication device 30 After acquiring the monitoring information, the authentication processing unit 33 of the authentication device 30 notifies that the lock is unlocked by the result notification lamp 53 (S30).
  • the result notification lamp 53 notifies that a specific color, for example, a blue lamp is lit.
  • FIG. 8 shows processing when the electric lock device 60 is locked.
  • the unlocking uses the gesture and the authentication medium 20 to authenticate the person to be authenticated.
  • locking is an act of increasing security, and only a legitimate user needs to be considered, so only a gesture is used here.
  • the functions of the first input receiving unit 43 and the second input receiving unit 47 are turned on and off, respectively, and a gesture input is received by the first input receiving unit 43 (S10). Also at this time, the first input reception area 46 cannot be visually recognized.
  • the person to be authenticated inputs a locking gesture to the first input receiving unit 43. Specifically, a hand is moved into the detection area A1 of the first input reception area 46, moved in the order of the detection areas A2, A3, and A4, and then exited from the detection area A4.
  • the first input receiving unit 43 detects the movement order of the detection areas A1, A2, A3, and A4 as a gesture, and passes this to the authentication processing unit 33 as first input information.
  • the authentication unit 37 of the authentication processing unit 33 collates the first input information passed from the first input receiving unit 43 with the first registration information (S42). When the collation fails (N in S42), the authentication processing unit 33 notifies the fact by the result notification lamp 53 (S14). The person to be authenticated re-enters the first input receiving unit 43.
  • the authentication processing unit 33 determines that the authentication of the person to be authenticated is established, and transmits a lock request signal to the electric lock device 60 (S46).
  • the locking / unlocking control unit 63 of the electric lock device 60 locks the lock 67 of the locking / unlocking mechanism 65 (S48).
  • the locking / unlocking control unit 63 acquires monitoring information indicating the locking state of the lock 67 output from the state monitoring unit 69, and transmits the monitoring information to the authentication device 30. After acquiring the monitoring information, the authentication processing unit 33 of the authentication device 30 notifies that the lock 67 has been locked by the result notification lamp 53 (S50).
  • a color different from that at the time of unlocking for example, a red lamp is lit to notify this.
  • the result notification lamp 53 notifies the person to be authenticated of the authentication result in a different color according to the locking / unlocking state of the electric lock device 60.
  • the first input reception area 46 and the second input reception area 49 cannot be visually recognized, and it becomes difficult for a third party to perform an input operation. Further, even if the position of the first input reception area 46 or the second input reception area 49 is known, the specific authentication information to be input to the second input reception unit 47 is recorded by knowing the specific operation as the authentication means. If there is no authentication medium 20, authentication is not established. Therefore, security is improved.
  • the input reception areas 46 and 49 of the input reception units 43 and 47 are not exposed to the appearance of the facility 10, and the design of the facility 10 is improved.
  • the 1st input reception part 43 detects a to-be-authenticated person's gesture, it cannot detect only by holding a hand, and can prevent misdetection.
  • the authentication information is an operation, there is no need to previously acquire personal information such as fingerprints, and there is no fear of leaking them.
  • the second input receiving unit 47 starts receiving input. Therefore, since the input order of the first input information and the second input information is also necessary for the establishment of authentication, the security is further improved.
  • the position of the second input reception area 49 can be recognized by the notification of the position notification lamp 51. Therefore, even if the person to be authenticated forgets the position, it can be input to the second input receiving unit 47, and convenience for the user is improved. Further, since the position of the second input reception area 49 is notified by the lighting of the position notification lamp 51, it is easy to visually recognize it at night.
  • FIG. 9 is a block diagram of the authentication device 30 according to the second embodiment.
  • the first input receiving unit 43 is configured by the imaging device 70.
  • the same reference numerals are given to the same elements as those described in the first embodiment, and a duplicate description is omitted.
  • the imaging device 70 includes a camera 71 and an image analysis unit 73.
  • the camera 71 is an infrared camera.
  • the camera 71 outputs a moving image acquired by imaging to the image analysis unit 73.
  • 10 (a) and 10 (b) are a side view and a front view of the support panel 41, respectively.
  • the camera 71 is attached to the rear surface 41b of the upper part of the support panel 41.
  • a small-diameter hole 41c is formed in the upper portion of the front surface portion 111 of the support panel 41, and the camera 71 can image a part of the outdoor space of the door portion 11 through the hole 41c.
  • the hole 41c is formed in a size that is inconspicuous when viewed from the outdoor space, for example, several mm or less.
  • the imaging range 72 of the camera 71 is provided in front of the exposed surface 41 a of the support panel 41, and the first input reception area 46 is formed by the imaging range 72.
  • the image analysis unit 73 detects a gesture of a specific part of the person to be authenticated by analyzing a moving image output from the camera 71 as shown in FIG. Examples of this gesture include an operation of shaking the left hand up and down or drawing a circle, and an operation of opening and closing eyes in a specific order.
  • the analysis method of the image analysis unit 73 is not particularly limited, and a known method may be used.
  • the image analysis unit 73 passes the detected gesture of the person to be authenticated to the authentication processing unit 33 as the first input information.
  • the authentication processing unit 33 performs the same processing as in the first embodiment, and performs authentication using the first input information passed to the imaging device 70.
  • the first input reception area 46 is configured such that the imaging device 70 constituting the first input reception unit 43 is not exposed to the exterior of the door portion 11, and the door The person to be authenticated cannot be visually recognized from the appearance of the portion 11.
  • the above authentication system 100 can obtain the same operational effects as the authentication system 100 according to the first embodiment. Further, since an infrared camera is used as the camera 71, the operation of the person to be authenticated can be detected even in an environment where there is no light source at night.
  • the camera 71 may be a visible light camera.
  • FIG. 11 is a block diagram of an authentication system 100 according to the third embodiment.
  • the third embodiment there are a plurality of users A, B, and C as users to be authenticated.
  • the authentication system 100 includes a plurality of authentication media 20, an authentication device 30, an electric lock device 60, and a management server 80.
  • the authentication device 30 and the management server 80 are connected via a known communication network.
  • the identification information holding unit 21 of each authentication medium 20 stores different key IDs as identification information.
  • Each of the users A, B, and C has an authentication medium 20 in which the key IDs-A to C are stored in the identification information holding unit 21.
  • the authentication device 30 is similar in function block to the first embodiment, and will be described with reference to FIG.
  • the authentication information holding unit 31 registers a plurality of gestures A, B, and C in advance as first registration information. Further, the authentication information holding unit 31 registers a plurality of key IDs-A to C as second registration information in advance. Each of the registration gestures A, B, and C and the registration keys ID-A, B, and C are stored in association with the users A, B, and C, respectively.
  • the authentication processing unit 33 When the authentication is established, the authentication processing unit 33 notifies the management server 80 of information indicating the user who is to be authenticated and an entry / exit signal indicating entry / exit from the facility.
  • FIG. 12 is a block diagram of the management server 80.
  • the management server 80 manages whether there is a user in the facility.
  • the management server 80 includes a communication unit 81, a presence / absence information holding unit 83, and a management processing unit 87.
  • the communication unit 81 performs data communication between the authentication device 30 and the management processing unit 87.
  • the existence information holding unit 83 stores an existence confirmation table 85.
  • the presence / absence confirmation table 85 user information for identifying a user and user presence / absence information indicating whether the user is in the facility are stored in association with each other.
  • the management processing unit 87 acquires the update request signal from the authentication device 30, the management processing unit 87 updates the existence confirmation table 85.
  • the management processing unit 87 refers to the presence / absence confirmation table 85 and notifies the external terminal of the presence / absence of the user.
  • FIG. 13 shows a process when the electric lock device 60 is unlocked.
  • a case where user A as an authentication target requests authentication.
  • the processing of the first embodiment is different from S12 and S22.
  • the authentication unit 37 collates the first input information input by the user A into the first input receiving unit 43 and the plurality of first registration information. In this collation, it is determined whether or not the gesture input by the user A as the first input information matches any of the unlocking registration gestures A, B, and C as the first registration information.
  • the authentication unit 37 collates the second input information input by the user A to the second input receiving unit 47 and the plurality of second registration information. In this verification, it is determined whether or not the key ID input by the user A as the second input information matches one of the registration keys ID-A to C as the second registration information.
  • the authentication processing unit 33 determines that the user corresponding to the registration gesture used to establish the first verification and the user corresponding to the registration key ID used to establish the second verification. Is matched (S25). If they match, it is determined that authentication has been established. On the other hand, if they do not match, it is determined that the authentication has failed.
  • the registration gesture A is used to establish the first verification and the registration key ID-A is used to establish the second verification
  • the user associated with these matches the user A. It is determined that it has been established.
  • the registration gesture A is used for establishing the first verification and the registration key ID-B is used for establishing the second verification
  • the user A and the user B associated with these do not match. Therefore, it is determined that the authentication has failed.
  • the authentication process part 33 alert
  • the authentication processing unit 33 includes information indicating the user A corresponding to the registration gesture used for the verification, and a signal indicating that the user A has entered the facility. Then, an update request signal is transmitted to the management server 80.
  • the management processing unit 87 of the management server 80 acquires these pieces of information, the user presence / absence information in the presence / absence confirmation table 85 is updated as “user A is in the facility” (S34).
  • FIG. 14 shows a process when the electric lock device 60 is locked.
  • the processing of the first embodiment is different from S42.
  • the authentication processing unit 33 collates the first input information input by the user A into the first input receiving unit 43 and the plurality of first registration information. The conditions for this verification are the same as those for unlocking.
  • the authentication processing unit 33 updates the information indicating the user A corresponding to the registered gesture used for the collation, the signal indicating that the user A has left the facility, and the update.
  • a request signal is transmitted to the management server 80.
  • the management processing unit 87 of the management server 80 acquires these information, it updates the user presence / absence information in the presence / absence confirmation table 85 as “user A is not in the facility” (S54).
  • the same operation and effect as the authentication system 100 according to the first embodiment can be obtained.
  • the user can be specified from the operation of the person to be authenticated, and the management server 80 can manage whether the specified user exists in the facility. Therefore, the presence or absence of the user in the facility can be confirmed using the external terminal even from a location away from the facility. For example, in the case of a family structure with double-working parents and elementary school children, it is difficult to check the status of the child's return home from school during the parent's work. If the management server 80 can manage the presence / absence of the family in the residence, there is an advantage that the parent can check the child's return home situation from the workplace and can work with peace of mind.
  • each of the operation as the authentication means and the key ID as the identification information is stored in association with the user, and authentication is established only when the user corresponding to both is the same. Therefore, even if a third party who knows the registration gesture B of the user B has an authentication medium holding the key ID-A of the user A, the authentication is not established, and the security is further improved.
  • FIG. 15 is a block diagram of the authentication system 100 according to the fourth embodiment.
  • 1st Embodiment demonstrated the example in which the 1st input reception part 43 was installed in the form incidental to the installation 10 side.
  • the first input receiving unit 43 is installed in the authentication medium 20.
  • the authentication medium 20 is a mobile terminal 25 such as a smartphone or a tablet PC.
  • the authentication medium 20 includes a first input receiving unit 43 in addition to the identification information holding unit 21 and the output unit 23.
  • the first input receiving unit 43 is configured by a touch panel 27 provided in the mobile terminal 25.
  • a first input receiving area 46 (not shown) is formed by the contact surface of the touch panel 27.
  • the control unit of the portable terminal 25 activates dedicated application software, a browser, etc., displays the authentication screen on the touch panel 27, and inputs the authentication information. Accept.
  • FIG. 16 shows an authentication screen 90.
  • the authentication screen 90 includes a plurality of detection areas 45.
  • detection areas 45 from the left end to the right end of the first, second, and third rows are referred to as C1 to C3, D1 to D3, and E1 to E3, respectively.
  • the first input receiving unit 43 detects the order in which the object moves in each detection area 45 from the detection result of the touch panel 27. For example, as shown in FIG. 16B, when the finger is brought into contact with the detection area C3, moved to the areas C2, C1, and D1, and then released, the first input receiving unit 43 causes the areas C3, C2, and The order of C1, D1 is detected. Thereby, the finger gesture of the person to be authenticated is detected. The first input reception unit 43 generates the detected gesture of the person to be authenticated as first input information.
  • FIG. 17 is a block diagram showing the configuration of the authentication device 30. As shown in FIG. The authentication device 30 does not include the first input receiving unit 43 or the position notification lamp 51 as in the first embodiment.
  • the identification information of the authentication medium 20 and the gesture as the first input information are read by short-range wireless communication.
  • FIG. 18 shows a process when the electric lock device 60 is unlocked.
  • the person to be authenticated activates the application software by operating the portable terminal 25, displays the authentication screen 90 on the touch panel 27, and accepts an input of a gesture through the touch panel 27 (S60).
  • the person to be authenticated inputs an unlocking gesture to the touch panel 27.
  • the first input receiving unit 43 detects the authentication subject's gesture and generates it as first input information.
  • the portable terminal 25 outputs the identification information and the gesture as the first input information to the second input receiving unit 47 (S62).
  • the output to the second input receiving unit 47 is performed by bringing the mobile terminal 25 close to the second input receiving area 49.
  • the second input reception unit 47 passes the first input information received from the portable terminal 25 to the first input information acquisition unit 35 of the authentication processing unit 33, and uses the identification information as the second input information, the second input information of the authentication processing unit 33.
  • the data is passed to the acquisition unit 36.
  • the authentication unit 37 of the authentication processing unit 33 collates the first input information passed from the second input receiving unit 47 with the first registration information, and the second input information passed from the second input receiving unit 47 and the first input information. 2
  • the registered information is collated (S64). The conditions for this verification are the same as in the first embodiment.
  • the authentication processing unit 33 If any collation fails (N in S64), the authentication processing unit 33 notifies the fact by the result notification lamp 53 (S14). On the other hand, if both verifications are established (Y in S64), the authentication processing unit 33 determines that the authentication of the person to be authenticated is established, and transmits an unlock request signal to the electric lock device 60 (S26). The subsequent steps are the same as in the first embodiment. Since the same processing is performed when the electric lock device 60 is locked, the description thereof is omitted.
  • the first input reception area 46 cannot be visually recognized in the appearance of the facility 10, and authentication information cannot be input unless the portable terminal 25 is possessed. Moreover, since the 2nd input reception area 49 cannot also be visually recognized, it becomes difficult for a third party to perform input operation to this. Even if a third party possesses the portable terminal 25 and knows the position of the second input reception area 49, authentication is not established unless a specific operation as an authentication means is known. Therefore, security is improved.
  • the building door 11 has been described as the facility 10 in which the authentication system 100 is used.
  • the facility 10 is not limited to this, and may be, for example, an electrical facility such as a power generation facility or a power facility, or a security facility such as a mechanical security device.
  • the authentication system 100 controls the mechanical device so that the equipment 10 can be used when authentication is established.
  • the power source of the electrical facility is turned on.
  • security equipment when authentication is established, acceptance of an input operation of the security equipment is started.
  • the authentication medium 20 is not limited to an IC card or a mobile phone, and may be configured by a remote control or the like. Further, the identification information held by the authentication medium 20 only needs to be able to identify the user, and may be information unique to the user such as the user's address, telephone number, and the MAC address of the mobile terminal in addition to the key ID.
  • the first input receiving unit 43 and the second input receiving unit 47 are attached to the support panel 41 according to the first embodiment, and the support panel 41 has been described as a support body that supports these.
  • a support body is not limited to a panel, You may form in various shapes, such as a block.
  • this support body may be comprised with the door 13 of the door part 11 which concerns on 1st Embodiment, and the surrounding outer wall.
  • each component such as the 1st input reception part 43 and the 2nd input reception part 47, may be incorporated in the door 13 or an outer wall.
  • the front surface portion 111 and the rear surface portion 113 of the support panel 41 may be a plate material made of a material having translucency, and may be made of acrylic, glass or the like in addition to polycarbonate. Further, the support panel 41 may not have a hollow structure, and may have a structure in which the rear surface portion 113 and the side portion 115 are omitted. Further, the front surface portion 111 and the rear surface portion 113 of the support panel 41 may be made of a non-translucent material such as wood, a resin material, or a steel material.
  • the second input reception unit 47 is configured by the reader 48 as a wireless module that reads the identification information of the authentication medium 20 by short-range wireless communication, but the wireless method is not limited thereto.
  • the second input receiving unit 47 may be configured by a touch panel or the like in which a numeric keypad is displayed on the exposed surface 41a of the support panel 41 only when it is activated.
  • the 2nd input reception area 49 may be provided in the aspect which can be visually recognized.
  • the second input receiving unit 47 may be a known input receiving device such as a fingerprint sensor or a numeric keypad unit.
  • the position notification lamp 51 has been described as a position notification unit that notifies the position of the second input reception area 49. Further, the result notification lamp 53 has been described as a result notification unit that notifies the authentication target of the authentication result. In addition to the lamp, these may be constituted by a speaker or the like for notifying the position and result by outputting sound.
  • the second input receiving unit 47 when collation using the first input information is established, the second input receiving unit 47 starts receiving input. Instead, when the second input accepting unit 47 starts accepting input first and collation using the input information input to the second input accepting unit 47 is established, the first input accepting unit 43 receives the input. You may start accepting. In this case, after the 1st input reception part 43 starts reception of an input, you may provide the position alerting
  • the touch panel 27 serving as the first input receiving unit 43 is installed in the mobile terminal 25.
  • an authentication medium separate from the mobile terminal 25 in which the first input receiving unit 43 is installed may be used, and the identification information may be held only in the authentication medium.
  • the identification information input to the second input receiving unit 47 using the authentication medium 20 after collation using the gesture input to the first input receiving unit 43 of the mobile terminal 25. You may collate using. In this case, even if the portable terminal 25 is stolen by a third party, authentication is not established unless there is a separate authentication medium, and security is improved.
  • the first input receiving unit 43 installed in the mobile terminal 25 is the touch panel 27, but the first input receiving unit 43 may be configured by an acceleration sensor, a gyro sensor, or the like. When configured by a gyro sensor or the like, the first input receiving unit 43 detects the authentication subject's gesture by detecting the movement trajectory of the authentication medium 20.
  • each embodiment may be combined. For example, after providing the 1st input reception part 43 in the support panel 41 like 1st Embodiment, you may provide the 1st input reception part 43 also in the portable terminal 25 like 4th Embodiment. In this case, you may collate using the input information input into any of the 1st input reception part 43 of the support panel 41, and the 1st input reception part 43 of the portable terminal 25.
  • FIG. 1st input reception part 43 in the support panel 41 like 1st Embodiment
  • you may provide the 1st input reception part 43 also in the portable terminal 25 like 4th Embodiment. In this case, you may collate using the input information input into any of the 1st input reception part 43 of the support panel 41, and the 1st input reception part 43 of the portable terminal 25.
  • the present invention can be used for authentication technology.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un système d'authentification pour authentifier un sujet d'authentification qui utilisera un élément d'équipement, ledit système comprenant : une première unité d'acceptation d'entrée (43) qui accepte une action détectée à partir d'un sujet d'authentification comme entrée d'informations pour une authentification ; une seconde unité d'acceptation d'entrée (47) qui accepte une entrée d'informations pour une authentification qui sont différentes des informations pour une authentification acceptées par la première unité d'acceptation d'entrée (43) ; et une unité de traitement d'authentification qui authentifie le sujet d'authentification en comparant les premières informations d'entrée qui sont entrées dans la première unité d'acceptation d'entrée (43) à des premières informations d'enregistrement pré-enregistrées et en comparant les secondes informations d'entrée entrées dans la seconde unité d'acceptation d'entrée à des secondes informations d'enregistrement pré-enregistrées. Une zone d'acceptation d'entrée (46) de la première unité d'acceptation d'entrée (43) est disposée de façon à ne pas être visible sur la partie extérieure de l'élément d'équipement.
PCT/JP2015/050506 2014-02-17 2015-01-09 Système d'authentification, dispositif d'acceptation d'authentification et procédé d'authentification WO2015122221A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2014027792A JP6150739B2 (ja) 2014-02-17 2014-02-17 認証システム、認証受付装置及び認証方法
JP2014-027792 2014-02-17

Publications (1)

Publication Number Publication Date
WO2015122221A1 true WO2015122221A1 (fr) 2015-08-20

Family

ID=53799969

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/050506 WO2015122221A1 (fr) 2014-02-17 2015-01-09 Système d'authentification, dispositif d'acceptation d'authentification et procédé d'authentification

Country Status (2)

Country Link
JP (1) JP6150739B2 (fr)
WO (1) WO2015122221A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7341447B2 (ja) * 2017-05-19 2023-09-11 株式会社 エヌティーアイ 実行装置、指示装置、それらで実行される方法、コンピュータプログラム
JP6927600B2 (ja) * 2019-10-11 2021-09-01 mui Lab株式会社 操作表示パネル組込ドア装置及びシステム

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5899808A (ja) * 1981-12-08 1983-06-14 Horiba Ltd 非接触式制御装置
JP2004068483A (ja) * 2002-08-08 2004-03-04 Misawa Homes Co Ltd カードキーシステム
JP2008027014A (ja) * 2006-07-19 2008-02-07 Dainippon Printing Co Ltd 部屋予約管理システム
JP2010090582A (ja) * 2008-10-07 2010-04-22 Denso Wave Inc 認証装置
JP2011047149A (ja) * 2009-08-26 2011-03-10 Panasonic Electric Works Co Ltd 入退室管理システム及び環境制御システム
JP2012216128A (ja) * 2011-04-01 2012-11-08 Ntt Docomo Inc 認証装置、認証方法及びプログラム

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5899808A (ja) * 1981-12-08 1983-06-14 Horiba Ltd 非接触式制御装置
JP2004068483A (ja) * 2002-08-08 2004-03-04 Misawa Homes Co Ltd カードキーシステム
JP2008027014A (ja) * 2006-07-19 2008-02-07 Dainippon Printing Co Ltd 部屋予約管理システム
JP2010090582A (ja) * 2008-10-07 2010-04-22 Denso Wave Inc 認証装置
JP2011047149A (ja) * 2009-08-26 2011-03-10 Panasonic Electric Works Co Ltd 入退室管理システム及び環境制御システム
JP2012216128A (ja) * 2011-04-01 2012-11-08 Ntt Docomo Inc 認証装置、認証方法及びプログラム

Also Published As

Publication number Publication date
JP2015153254A (ja) 2015-08-24
JP6150739B2 (ja) 2017-06-21

Similar Documents

Publication Publication Date Title
US20220198855A1 (en) Systems and methods for controlling access to physical space
US7689834B2 (en) Personal authentication apparatus
US7818583B2 (en) Personal authentication apparatus
KR20120006805A (ko) 보안 강화를 위한 전자식 잠금장치의 해정방법
US20210390810A1 (en) Biometric enabled access control
WO2014157770A1 (fr) Procédé d'authentification d'entrée et de sortie par utilisation d'une serrure de porte numérique et d'un terminal de communication sans fil, et appareil correspondant
US10438463B2 (en) Access control system and method
JP6150739B2 (ja) 認証システム、認証受付装置及び認証方法
CN118119986A (zh) 在电子锁处的安全访客注册
US9390570B1 (en) Virtual touch-control lock
KR20090041619A (ko) 출입 통제 시스템
JP4749916B2 (ja) 生体情報利用電気錠システム
JP5411776B2 (ja) 出入管理システム
KR20230100067A (ko) 비밀번호와 리듬 입력에 기초하는 사용자 인증장치 및 그 방법
US11132854B2 (en) Inconspicuous access control device
US20070290875A1 (en) Interactive wireless interface
JP6796804B2 (ja) 電気錠システム及び電気錠装置
KR20040098725A (ko) 복수의 인증수단을 이용한 도어락 장치의 개폐 방법
KR20140089773A (ko) 회전 인증부를 구비한 디지털 도어락 및 디지털 도어락 출입인증방법
JP2009035866A (ja) 電気錠施解錠システム
JP5520660B2 (ja) 出入管理システム
US20210279308A1 (en) Security system and method randomly omitting key
JP2020060091A (ja) 施錠システム
KR20220156312A (ko) 비콘 기반 동적 인증정보를 이용한 전자출입명부시스템
KR20230063076A (ko) 스마트 시큐리티 도어락

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15748730

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15748730

Country of ref document: EP

Kind code of ref document: A1