WO2016190355A1 - Authentication system - Google Patents

Authentication system Download PDF

Info

Publication number
WO2016190355A1
WO2016190355A1 PCT/JP2016/065458 JP2016065458W WO2016190355A1 WO 2016190355 A1 WO2016190355 A1 WO 2016190355A1 JP 2016065458 W JP2016065458 W JP 2016065458W WO 2016190355 A1 WO2016190355 A1 WO 2016190355A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
registration information
terminal device
target
unit
Prior art date
Application number
PCT/JP2016/065458
Other languages
French (fr)
Japanese (ja)
Inventor
藤原 健吾
Original Assignee
藤原 健吾
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 藤原 健吾 filed Critical 藤原 健吾
Priority to JP2017520779A priority Critical patent/JPWO2016190355A1/en
Publication of WO2016190355A1 publication Critical patent/WO2016190355A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T19/00Manipulating 3D models or images for computer graphics

Definitions

  • the present invention relates to an authentication system including a terminal device and an authentication server capable of communicating with the terminal device.
  • AR Augmented Reality
  • a technology called AR is known as a technology for projecting a virtual image or character information created by a computer to a real space. For example, when a still image or moving image representing a real space is displayed on the display screen of a smartphone, additional information is projected onto the real space if a virtual image or character information is displayed in a part of the real space. Thus, an extended real space can be provided to the user.
  • application of AR technology to smart glasses (head-mounted display devices) or the like has also attracted attention (see, for example, Patent Document 1 below).
  • the projection of additional information onto the real space using the AR technology may be applied not only to the projection on the object but also to the projection on the person.
  • face recognition technology implemented in a smart glass or a communication robot (a robot that provides added value and happiness through dialogue with humans).
  • criminals who attempt wire fraud use the AR technology to impersonate police officers or bank employees, and so on.
  • the present invention has been made in view of the above circumstances, and an authentication system capable of specifying an authentication target from a real space in a terminal device and reflecting the intentions of the parties related to the authentication target to the terminal device.
  • the purpose is to provide.
  • An authentication system is an authentication system including a terminal device and an authentication server capable of communicating with the terminal device.
  • the terminal device executes an application including a target specifying information acquisition unit and an inquiry request unit.
  • the target specifying information acquisition unit acquires target specifying information for specifying an authentication target.
  • the inquiry request unit requests the authentication server to inquire about authentication registration information related to an authentication target specified based on the acquired target specifying information.
  • the authentication server includes an authentication registration information storage unit, an application identification information storage unit, a transmission necessity storage unit, and an authentication registration information transmission unit.
  • the authentication registration information storage unit stores authentication registration information related to an authentication target in advance.
  • the application identification information storage unit stores in advance identification information assigned to each application executed by the terminal device.
  • the transmission necessity storage unit stores in advance whether authentication registration information is transmitted for each authentication target.
  • the authentication registration information transmitting unit receives a request for an authentication registration information query from the query request unit of the terminal device, the identification information of the application executed by the terminal device is stored in the application identification information storage unit. And when the authentication registration information is transmitted and stored in the transmission necessity storage unit for the authentication object for which the request for inquiring the authentication registration information is received, the authentication registration information related to the authentication object is stored in the terminal device. Send to.
  • the authentication target is specified from the real space, and the authentication registration information related to the specified authentication target is inquired. Requested by the authentication server.
  • the authentication server that has received the request for the inquiry, whether or not the identification information of the application executed by the terminal device is stored in advance, and the authentication registration information stored in advance for the specified authentication target is stored in the terminal device It is confirmed whether or not to transmit to. If the identification information of the application executed by the terminal device is stored in advance and is stored in advance when the authentication registration information is transmitted, the authentication registration information related to the authentication target is transmitted to the terminal device.
  • the parties related to the authentication target store in the authentication server in advance whether or not to transmit the identification information of the application and the authentication registration information related to the authentication target, the authentication registration information can be stored using the application. Only when an inquiry request is made, the authentication registration information can be transmitted according to the intention of the concerned party. As a result, it is possible to prevent the authentication registration information from being transmitted to a terminal device that executes an application that is not intended by a party related to the authentication target, and to reflect the intention of the party concerned on the terminal device.
  • the terminal device may include a display unit and a display control unit that reflects the authentication registration information transmitted from the authentication registration information transmission unit on the display of the display unit.
  • the authentication registration information related to the authentication target specified from the real space is transmitted from the authentication server to the terminal device and reflected on the display of the display unit of the terminal device.
  • the intention of the person concerned about authentication object can be reflected in the display of the display part of a terminal device.
  • the display control unit can also display authentication registration information transmitted to a smartphone or PC connected to the terminal device via a network.
  • the display control unit may cause the display unit to display an image corresponding to an authentication target based on the authentication registration information transmitted from the authentication registration information transmission unit.
  • the image corresponding to the authentication target can be displayed on the display unit in accordance with the intention of the person concerned with the authentication target. This makes it possible to project additional information on the real space and prevent impersonation and the like, thereby preventing the parties in the real space from suffering disadvantages.
  • the image may be a still image or a moving image.
  • the display control unit may display another image in a portion corresponding to the authentication target in the display of the display unit based on the authentication registration information transmitted from the authentication registration information transmission unit.
  • the another image may be a still image or a moving image.
  • the authentication registration information may be stored in the authentication registration information storage unit based on an examination performed in advance.
  • the authentication server may further include an arbitrary registration information storage unit that stores arbitrary registration information that can be arbitrarily changed for each authentication target.
  • the authentication registration information transmission unit may transmit the arbitrary registration information to the terminal device together with the authentication registration information.
  • the authentication server stores arbitrary registration information that can be arbitrarily changed by the parties related to the authentication target.
  • the arbitrary registration information can be transmitted to the terminal device together with the authentication registration information. Accordingly, it is possible to more effectively reflect the intentions of the parties related to the authentication target to the terminal device. It is also possible to transmit only the arbitrary registration information to the terminal device without transmitting the authentication registration information.
  • the terminal device may further include a camera that captures an image.
  • the target identification information acquisition unit may acquire the target identification information from a captured image captured by the camera.
  • the target specifying information is acquired from the captured image captured by the camera of the terminal device, and the authentication target is specified from the real space based on the target specifying information. If the authentication registration information is transmitted from the authentication server to the terminal device, the intention of the person concerned with the authentication target can be reflected on the captured image captured by the camera.
  • the target specifying information may be a marker included in a captured image captured by the camera.
  • a marker included in a captured image captured by a camera can be acquired as target specifying information, and an authentication target can be reliably specified from the real space based on the target specifying information.
  • the present invention by acquiring target specifying information in a terminal device, it is possible to specify an authentication target from the real space, and a person related to the authentication target relates to the application identification information and the authentication target. If the authentication server stores in advance whether or not to transmit the authentication registration information, the intention of the concerned person can be reflected on the terminal device.
  • FIG. 1 is a block diagram showing a configuration example of an authentication system according to an embodiment of the present invention.
  • the authentication system according to the present embodiment includes a plurality of terminal devices 1 and an authentication server 2 that can communicate with these terminal devices 1.
  • the terminal device 1 and the authentication server 2 can communicate with each other by wire or wireless via a network N such as the Internet.
  • the terminal device 1 includes a control unit 11, a communication unit 12, an operation unit 13, a display unit 14, a camera 15, and a microphone 16.
  • the terminal device 1 is configured by a personal computer, a smartphone, a tablet computer, a robot, a smart glass, or the like, and is used by a user of the authentication system.
  • the control unit 11 can be connected to the network N via the communication unit 12, and can transmit and receive data to and from the authentication server 2 via the network N.
  • the operation unit 13 is configured by, for example, a touch key or a pointing device.
  • the display unit 14 is configured by a liquid crystal display, for example. However, the operation unit 13 and the display unit 14 may be integrally configured as a touch panel.
  • the camera 15 is a device for capturing an image, and can capture a still image or a moving image as a captured image.
  • the microphone 16 is a device for acquiring sound. In the present embodiment, the configuration in which the microphone 16 is provided in the terminal device 1 is shown. However, the present invention is not limited to this. For example, a microphone as an external device that is not incorporated in the terminal device 1 can be used for voice communication by wired communication or wireless communication. The configuration may be such that can be acquired.
  • the authentication server 2 includes a control unit 21, a communication unit 22, and a storage unit 23.
  • the control unit 21 can be connected to the network N via the communication unit 22 and can transmit and receive data to and from each terminal device 1 via the network N.
  • the storage unit 23 includes, for example, a hard disk and a RAM (Random Access Memory). The control unit 21 inputs / outputs data to / from the storage unit 23.
  • information related to an authentication target is registered in the authentication server 2 in advance with an object, person, or space in the real space as the authentication target.
  • the information related to the authentication target include temporary status or stamp in addition to authentication registration information including personal information such as name, address, blood type, workplace, home school or qualification / license.
  • the temporary status is a temporary state of the user such as “I am in a hurry”, “I have paid”, “I want to know product information”, or the like.
  • the authentication registration information is registered in the storage unit 23 of the authentication server 2 based on, for example, a notification from a related party (individual, corporation, organization, or the like) regarding an authentication target in the real space.
  • a related party individual, corporation, organization, or the like
  • an examination is performed in advance, and only the authentication registration information evaluated as having high reliability by the examination is registered in the authentication server 2.
  • the authentication registration information registered in the authentication server 2 can be inquired from the terminal device 1 to the authentication server 2. For example, by requesting the authentication server 2 to inquire about the authentication registration information regarding the authentication target for the authentication target included in the captured image captured by the camera 15 of the terminal device 1, the authentication registration information is transferred from the authentication server 2 to the terminal. Sent to the device 1.
  • the identification information (application ID) of the application executed by the terminal device 1 that transmits the authentication registration information from the authentication server 2 is registered in advance based on the notification from the parties about the authentication target. Authentication registration information is transmitted to each terminal device 1 according to the application ID.
  • FIG. 2 is a block diagram illustrating a specific configuration of the control unit 11 of the terminal device 1.
  • the control unit 11 includes, for example, a CPU (Central Processing Unit), and functions as the target specifying information acquisition unit 111, the inquiry request unit 112, the display control unit 113, and the like when the CPU executes an application.
  • the application can be installed in the terminal device 1 based on the operation of the operation unit 13 by the user of the terminal device 1.
  • the target specifying information acquisition unit 111 acquires target specifying information for specifying an authentication target.
  • the target specifying information may be information obtained from what the authentication target itself has, or information obtained from what the authentication target is generated.
  • the authentication target is an object
  • information obtained from a code such as a two-dimensional code provided on the object, a wireless signal transmitted from the object, or infrared light constitutes the target specifying information. May be.
  • biometric authentication information obtained from the person's face, fingerprint, ear hole shape, voiceprint, or the like may constitute the target specifying information.
  • the target identification information acquisition unit 111 acquires target identification information from a captured image captured by the camera 15 or a voiceprint acquired by the microphone 16.
  • the target identification information acquisition unit 111 receives, for example, a code reading unit that reads a code provided on the object, or a wireless signal or infrared ray transmitted from the object A radio signal receiving unit or an infrared receiving unit.
  • the target specifying information acquisition unit 111 for example, a face authentication processing unit, fingerprint authentication processing unit, or voice print authentication for authenticating the face, fingerprint, or voice print of the person. Consists of a processing unit.
  • the target identification information acquisition unit 111 is not limited to the above-described configuration, and may be configured by another mechanism such as a GPS reception unit that receives a GPS signal.
  • the authentication target can be specified. That is, even if a captured image captured by the camera 15 includes a plurality of objects, persons, or spaces, the object, person, or space from which the target specifying information has been acquired can be specified as an authentication target. It is also possible to recognize the boundary line of the object, person or space specified as the authentication target.
  • the inquiry request unit 112 requests the authentication server 2 to inquire about authentication registration information related to the authentication target specified based on the acquired target specifying information. Specifically, authentication target identification information obtained from the acquired target identification information is transmitted from the inquiry request unit 112 to the authentication server 2 via the communication unit 12, thereby making a request for the authentication target query. Is called.
  • the display control unit 113 controls display on the display unit 14.
  • the authentication registration information is reflected on the display of the display unit 14. Processing is performed by the display control unit 113. Therefore, for example, if the additional information based on the authentication registration information is projected onto the captured image of the real space photographed by the camera 15 using the AR technology, the expanded real space can be provided.
  • FIG. 3 is a block diagram showing a specific configuration of the control unit 21 of the authentication server 2.
  • the control unit 21 includes, for example, a CPU, and functions as an inquiry request reception unit 211, an authentication registration information transmission unit 212, and the like when the CPU executes a program.
  • the inquiry request reception unit 211 receives an inquiry for authentication registration information from the terminal device 1. Specifically, by receiving identification information of the authentication target obtained from the target specifying information from the terminal device 1 via the communication unit 22, an inquiry for authentication registration information related to the authentication target is received by the query request receiving unit 211. Accepted.
  • the authentication registration information transmitting unit 212 transmits authentication registration information related to the authentication target to the terminal device 1 for the authentication target for which the request for authentication registration information has been received by the query request receiving unit 211. Specifically, the authentication registration information stored in the storage unit 23 is transmitted from the authentication registration information transmission unit 212 to the terminal device 1 via the communication unit 22.
  • the storage unit 23 in addition to the authentication registration information, information such as arbitrary registration information, application ID, and transmission necessity is stored in association with each authentication target.
  • the optional registration information is information related to an authentication target that can be arbitrarily changed by the user without prior examination, and includes information that is updated more frequently than the authentication registration information, such as the temporary status described above.
  • the application ID is identification information assigned to each application executed by the terminal device 1.
  • the information on necessity of transmission is information on whether or not to transmit preset authentication registration information.
  • the storage unit 23 stores the authentication registration information related to the authentication target in advance, and the authentication registration information storage unit stores in advance whether the authentication registration information is transmitted for each authentication target. And an application identification information storage unit that stores application IDs in advance.
  • the authentication registration information storage unit, the transmission necessity storage unit, and the application information storage unit are not limited to the configuration assigned to the storage area of one storage unit 23, and for example, at least one is configured by another storage unit. Also good.
  • FIG. 4 is a flowchart illustrating an example of processing by the control unit 21 of the authentication server 2 when transmitting authentication registration information.
  • step S101 When the inquiry request reception unit 211 of the authentication server 2 receives a request for inquiry of authentication registration information from the inquiry request unit 112 of the terminal device 1 (Yes in step S101), the application of the application executed by the terminal device 1 It is confirmed whether or not the ID is stored in the storage unit 23 (step S102). Specifically, when authentication target inquiry request is made, the authentication target identification information and the application ID transmitted from the inquiry request unit 112 of the terminal device 1 are associated with the authentication registration information related to the authentication target. Whether or not the application ID is stored in the storage unit 23 is confirmed.
  • step S102 when application ID of the application which the terminal device 1 performs is registered into the memory
  • the authentication registration information is transmitted from the authentication registration information transmission unit 212 of the authentication server 2 to the terminal device 1 (Ste S104). Specifically, the authentication registration information related to the authentication target is read from the storage unit 23 based on the authentication target identification information transmitted from the inquiry request unit 112 of the terminal device 1 when a request for the authentication target inquiry is made. And transmitted to the terminal device 1.
  • the arbitrary registration information is stored in the storage unit 23 in association with the authentication registration information, the arbitrary registration information is transmitted to the terminal device 1 together with the authentication registration information.
  • the authentication registration information is not transmitted to the terminal device 1 that has received the inquiry request.
  • the structure which can set individually whether to transmit to the terminal device 1 for every various information contained in authentication registration information may be sufficient.
  • FIG. 5A is a schematic diagram showing an example of image display on the display unit 14 of the terminal device 1 when the authentication target is a person.
  • a person 31 as an authentication target is included in the photographed image 3 in the real space photographed by the camera 15 of the terminal device 1.
  • the target specifying information acquisition unit 111 of the terminal device 1 specifies the person 31 included in the captured image 3 in the real space as an authentication target based on, for example, a function as a face authentication processing unit. At this time, the face of the person 31 is target specifying information for specifying the authentication target, and constitutes the marker 32 included in the captured image 3 captured by the camera 15.
  • the inquiry request unit 112 of the terminal device 1 requests the authentication server 2 to inquire about the authentication registration information regarding the person 31 specified based on the marker 32, and the authentication registration information transmission unit 212 of the authentication server 2 performs the predetermined registration described above. If the condition is satisfied, authentication registration information related to the person 31 is transmitted to the terminal device 1.
  • the authentication target may be a contact lens mounted on the cornea, or the authentication target such as tattooing on the body surface, saliification, branding, or freezing thumbprint. It may be fixed to the surface.
  • the image 33 corresponding to the authentication target is displayed on the display unit 14 based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1.
  • Examples of the image 33 include information registered on the basis of a preliminarily conducted examination such as the name, address, blood type, workplace, home school, or qualification / license of the person 31. Further, information that can be arbitrarily changed by the user, such as a temporary status, based on the arbitrary registration information transmitted from the authentication server 2 to the terminal device 1 together with the authentication registration information may be displayed on the display unit 14 as the image 33. . In this way, by displaying the image 33 in association with the person 31 included in the captured image 3, it is possible to project additional information on the real space using the AR technology.
  • FIG. 5B is a schematic diagram illustrating another display example of an image on the display unit 14 of the terminal device 1 when the authentication target is a person.
  • the photographed image 3 in the real space photographed by the camera 15 of the terminal device 1 includes a person 31 as an authentication target.
  • another image 34 is displayed at a portion corresponding to the authentication target in the display of the display unit 14.
  • This image 34 is an image for hiding the face of the person 31 included in the captured image 3, for example. In this way, it is possible to protect the person 31 in the real space by displaying the image 34 on the real space using the AR technology.
  • the change of the image of the person 31 in the captured image 3 displayed on the display unit 14 may be prohibited. Specifically, when the terminal device 1 tries to change the image of the captured image 3, the change of the image of the person 31 is not accepted and the person 31 in the real space is protected. Good.
  • FIG. 6 is a schematic diagram illustrating a display example of an image on the display unit 14 of the terminal device 1 when the authentication target is an object.
  • an object 41 as an authentication target is included in the captured image 4 in the real space captured by the camera 15 of the terminal device 1.
  • the object 41 may be a building as shown in FIG. 6 or various objects other than a building.
  • the target specifying information acquisition unit 111 of the terminal device 1 specifies the object 41 included in the captured image 4 in the real space as an authentication target based on, for example, a function as an image processing unit.
  • the marker 42 provided in advance on the object 41 in the real space constitutes the target specifying information for specifying the authentication target, and the image of the marker 42 included in the captured image 4 captured by the camera 15. Is identified as an authentication target.
  • the inquiry request unit 112 of the terminal device 1 requests the authentication server 2 to inquire about authentication registration information regarding the object 41 specified based on the marker 42, and the authentication registration information transmission unit 212 of the authentication server 2 performs the predetermined registration described above. If the condition is satisfied, authentication registration information regarding the object 41 is transmitted to the terminal device 1.
  • the image 43 corresponding to the authentication target is displayed on the display unit 14 based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1.
  • this image 43 an advertisement, a notice, a decoration image, etc. can be illustrated, for example.
  • by displaying the image 43 in association with the object 41 included in the captured image 4 it is possible to project additional information on the real space using the AR technique.
  • the change of the image of the object 41 in the captured image 4 displayed on the display unit 14 may be prohibited. Specifically, when the terminal device 1 tries to change the image with respect to the captured image 4, the change to the image of the object 41 is not accepted and the object 41 in the real space is protected. Good.
  • Effect (1) by executing an application in the terminal device 1 and acquiring the target specifying information, the authentication target is specified from the real space, and the authentication registration information related to the specified authentication target is inquired.
  • the authentication server 2 is requested from the terminal device 1.
  • the authentication server 2 that has received the request for inquiry, whether or not the application ID of the application executed by the terminal device 1 is stored in advance, and the authentication registration information stored in advance for the specified authentication target is stored. Whether or not to transmit to the terminal device 1 is confirmed.
  • the application ID of the application executed by the terminal device 1 is stored in advance and is stored in advance when the authentication registration information is transmitted, the authentication registration information related to the authentication target is transmitted to the terminal device 1. .
  • the parties related to the authentication object store in advance in the authentication server 2 whether or not the application ID and authentication registration information related to the authentication object are to be transmitted, the authentication registration information is inquired using the application. Only when the request is made, the authentication registration information can be transmitted according to the intention of the concerned party. As a result, it is possible to prevent the authentication registration information from being transmitted to the terminal device 1 that executes an application that is not intended by the parties related to the authentication target, and to reflect the intentions of the parties concerned on the terminal device 1.
  • authentication registration information related to the authentication target specified from the real space is transmitted from the authentication server 2 to the terminal device 1 and reflected on the display of the display unit 14 of the terminal device 1. Thereby, the intention of the person concerned about authentication object can be reflected in the display of the display part 14 of the terminal device 1.
  • FIG. As described above, when the authentication registration information is transmitted, only the authentication registration information related to the authentication target stored in advance is transmitted to the terminal device 1 and the authentication registration information is reflected on the display of the display unit 14, so that It is possible to prevent the parties concerned from suffering disadvantages.
  • images 33 and 43 corresponding to the authentication target are displayed on the display unit 14 in accordance with the intentions of the parties related to the authentication target. Can be displayed. This makes it possible to project additional information on the real space and prevent impersonation and the like, thereby preventing the parties in the real space from suffering disadvantages.
  • the authentication registration information with high reliability can be stored in the authentication server 2 by performing the examination in advance, the authentication registration information can be transmitted in response to a request from the terminal device 1. And spoofing can be effectively prevented.
  • target specifying information is acquired from the captured images 3 and 4 captured by the camera 15 of the terminal device 1, and the target specifying information is acquired.
  • the authentication object is specified from the real space based on the above. If the authentication registration information is transmitted from the authentication server 2 to the terminal device 1, the intentions of the parties related to the authentication target can be reflected in the captured images 3 and 4 captured by the camera 15.
  • the markers 32 and 42 included in the captured images 3 and 4 captured by the camera 15 are acquired as target specifying information, and the authentication target is reliably specified from the real space based on the target specifying information. can do.
  • the terminal device 1 includes the operation unit 13 and the display, such as a personal computer, a smartphone, a tablet computer, or a communication robot (a robot that provides added value and happiness through dialogue with humans).
  • the configuration is not limited to such a configuration, and the terminal device 1 may have a configuration including only the display unit 14 such as a smart glass.
  • the operation instruction to the terminal device 1 may be performed by inputting a signal other than the operation signal, such as an audio signal, to the terminal device 1.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Human Computer Interaction (AREA)
  • Computer Graphics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Provided is an authentication system that enables an object to be authenticated to be specified from within a real space at a terminal device, and a concerned party's intention about the object to be authenticated to be reflected on the terminal device. An object to be authenticated is specified from within a real space using object specification information that is acquired by executing an application at a terminal device 1, and the terminal device 1 requests an authentication server 2 to perform a query of authentication registration information pertaining to the specified object to be authenticated. Upon receipt of this query request, the authentication server 2 confirms whether or not an application ID for the application executed by the terminal device 1 is pre-stored, and whether or not pre-stored authentication registration information pertaining to the specified object to be authenticated should be transmitted to the terminal device 1. Next, when the application ID for the application executed by the terminal device 1 is pre-stored, and an instruction indicating the transmission of the authentication registration information is pre-stored, the authentication server transmits the authentication registration information pertaining to the specified object to be authenticated to the terminal device 1.

Description

認証システムAuthentication system
 本発明は、端末装置及び当該端末装置との間で通信可能な認証サーバを含む認証システムに関するものである。 The present invention relates to an authentication system including a terminal device and an authentication server capable of communicating with the terminal device.
 コンピュータが作り出す仮想画像や文字情報などを現実空間に投影する技術として、AR(Augmented Reality:拡張現実)と呼ばれる技術が知られている。例えば、スマートフォンの表示画面に現実空間を表す静止画又は動画が表示されているときに、その現実空間の一部に仮想画像や文字情報を表示させれば、現実空間に付加情報が投影されることにより、拡張された現実空間をユーザに提供することができる。近年では、スマートグラス(頭部装着型表示装置)などへのAR技術の応用も注目されている(例えば、下記特許文献1参照)。 A technology called AR (Augmented Reality) is known as a technology for projecting a virtual image or character information created by a computer to a real space. For example, when a still image or moving image representing a real space is displayed on the display screen of a smartphone, additional information is projected onto the real space if a virtual image or character information is displayed in a part of the real space. Thus, an extended real space can be provided to the user. In recent years, application of AR technology to smart glasses (head-mounted display devices) or the like has also attracted attention (see, for example, Patent Document 1 below).
特開2014-186434号公報JP 2014-186434 A
 AR技術を用いた現実空間に対する付加情報の投影は、現状、特段の制限なく行われている。そのため、現実空間における物体の所有者の了解を得ることなく、その物体に対応付けて付加情報が勝手に投影されるといったケースが頻繁に生じており、現実空間における関係者(個人、法人又は団体など)が不利益を被る場合があった。例えば、現実空間において特定の企業が所有する看板上に、競合他社の看板の画像が付加情報として投影された場合には、その看板を所有する企業の利益が損なわれるだけでなく、誤認によって看板を見た一般生活者の不利益にもなり得る。 The projection of additional information to the real space using AR technology is currently performed without any particular limitation. Therefore, there are frequent cases in which additional information is arbitrarily projected in association with an object without obtaining the consent of the owner of the object in the real space. Etc.) suffered disadvantages. For example, when an image of a competitor's signboard is projected as additional information on a signboard owned by a specific company in real space, not only will the profit of the company owning the signboard be impaired, but the signboard may be misidentified. It can also be a disadvantage for the general public who saw.
 また、AR技術を用いた現実空間への付加情報の投影は、物体に対する投影だけでなく、人物に対する投影に応用される可能性がある。例えば、スマートグラスや、コミュニケーションロボット(人間との対話を通じて付加価値や多幸感を提供するロボット)に実装された顔認識技術によって顔認識対象者のプライバシーが侵害されるといったことも想定される。また、振り込め詐欺を図る犯罪者が、AR技術を悪用して警察官や銀行員などになりすますことにより、巧妙に犯罪を働くといったことも想定される。 Further, the projection of additional information onto the real space using the AR technology may be applied not only to the projection on the object but also to the projection on the person. For example, it is assumed that the privacy of a face recognition target person is infringed by face recognition technology implemented in a smart glass or a communication robot (a robot that provides added value and happiness through dialogue with humans). In addition, it is also assumed that criminals who attempt wire fraud use the AR technology to impersonate police officers or bank employees, and so on.
 本発明は、上記実情に鑑みてなされたものであり、端末装置において現実空間から認証対象を特定し、その認証対象についての関係者の意思を端末装置に対して反映させることができる認証システムを提供することを目的とする。 The present invention has been made in view of the above circumstances, and an authentication system capable of specifying an authentication target from a real space in a terminal device and reflecting the intentions of the parties related to the authentication target to the terminal device. The purpose is to provide.
(1)本発明に係る認証システムは、端末装置及び当該端末装置との間で通信可能な認証サーバを含む認証システムである。前記端末装置は、対象特定情報取得部と、照会要求部とを含むアプリケーションを実行する。前記対象特定情報取得部は、認証対象を特定するための対象特定情報を取得する。前記照会要求部は、取得した前記対象特定情報に基づいて特定される認証対象に関する認証登録情報の照会を前記認証サーバに要求する。前記認証サーバは、認証登録情報記憶部と、アプリケーション識別情報記憶部と、送信要否記憶部と、認証登録情報送信部とを備える。前記認証登録情報記憶部は、認証対象に関する認証登録情報を予め記憶している。前記アプリケーション識別情報記憶部は、前記端末装置が実行するアプリケーションごとに割り当てられた識別情報を予め記憶している。前記送信要否記憶部は、認証対象ごとに認証登録情報を送信するか否かを予め記憶している。前記認証登録情報送信部は、前記端末装置の前記照会要求部から認証登録情報の照会の要求を受け付けたときに、当該端末装置が実行するアプリケーションの識別情報が前記アプリケーション識別情報記憶部に記憶されており、かつ、認証登録情報の照会の要求を受け付けた認証対象について、認証登録情報を送信すると前記送信要否記憶部に記憶されている場合に、当該認証対象に関する認証登録情報を前記端末装置に送信する。 (1) An authentication system according to the present invention is an authentication system including a terminal device and an authentication server capable of communicating with the terminal device. The terminal device executes an application including a target specifying information acquisition unit and an inquiry request unit. The target specifying information acquisition unit acquires target specifying information for specifying an authentication target. The inquiry request unit requests the authentication server to inquire about authentication registration information related to an authentication target specified based on the acquired target specifying information. The authentication server includes an authentication registration information storage unit, an application identification information storage unit, a transmission necessity storage unit, and an authentication registration information transmission unit. The authentication registration information storage unit stores authentication registration information related to an authentication target in advance. The application identification information storage unit stores in advance identification information assigned to each application executed by the terminal device. The transmission necessity storage unit stores in advance whether authentication registration information is transmitted for each authentication target. When the authentication registration information transmitting unit receives a request for an authentication registration information query from the query request unit of the terminal device, the identification information of the application executed by the terminal device is stored in the application identification information storage unit. And when the authentication registration information is transmitted and stored in the transmission necessity storage unit for the authentication object for which the request for inquiring the authentication registration information is received, the authentication registration information related to the authentication object is stored in the terminal device. Send to.
 このような構成によれば、端末装置においてアプリケーションを実行し、対象特定情報を取得することにより、現実空間から認証対象が特定され、その特定された認証対象に関する認証登録情報の照会が、端末装置から認証サーバに要求される。この照会の要求を受け付けた認証サーバにおいては、端末装置が実行するアプリケーションの識別情報が予め記憶されているか否か、及び、特定された認証対象について、予め記憶されている認証登録情報を端末装置に送信するか否かが確認される。そして、端末装置が実行するアプリケーションの識別情報が予め記憶されており、かつ、認証登録情報を送信すると予め記憶されている場合には、当該認証対象に関する認証登録情報を端末装置に送信する。したがって、認証対象についての関係者が、アプリケーションの識別情報、及び、その認証対象に関する認証登録情報を送信するか否かを認証サーバに予め記憶しておけば、そのアプリケーションを用いて認証登録情報の照会の要求が行われた場合にのみ、当該関係者の意思に応じて認証登録情報を送信することができる。これにより、認証対象についての関係者が意図しないアプリケーションを実行する端末装置に認証登録情報が送信されるのを防止し、当該関係者の意思を端末装置に対して反映させることができる。 According to such a configuration, by executing the application in the terminal device and acquiring the target specifying information, the authentication target is specified from the real space, and the authentication registration information related to the specified authentication target is inquired. Requested by the authentication server. In the authentication server that has received the request for the inquiry, whether or not the identification information of the application executed by the terminal device is stored in advance, and the authentication registration information stored in advance for the specified authentication target is stored in the terminal device It is confirmed whether or not to transmit to. If the identification information of the application executed by the terminal device is stored in advance and is stored in advance when the authentication registration information is transmitted, the authentication registration information related to the authentication target is transmitted to the terminal device. Therefore, if the parties related to the authentication target store in the authentication server in advance whether or not to transmit the identification information of the application and the authentication registration information related to the authentication target, the authentication registration information can be stored using the application. Only when an inquiry request is made, the authentication registration information can be transmitted according to the intention of the concerned party. As a result, it is possible to prevent the authentication registration information from being transmitted to a terminal device that executes an application that is not intended by a party related to the authentication target, and to reflect the intention of the party concerned on the terminal device.
(2)前記端末装置は、表示部と、前記認証登録情報送信部から送信された認証登録情報を前記表示部の表示に反映させる表示制御部とを備えていてもよい。 (2) The terminal device may include a display unit and a display control unit that reflects the authentication registration information transmitted from the authentication registration information transmission unit on the display of the display unit.
 このような構成によれば、現実空間から特定された認証対象に関する認証登録情報が、認証サーバから端末装置に送信され、当該端末装置の表示部の表示に反映される。これにより、認証対象についての関係者の意思を端末装置の表示部の表示に反映させることができる。このように、認証登録情報を送信すると予め記憶されている認証対象に関する認証登録情報のみを端末装置に送信して、その認証登録情報を表示部の表示に反映させることにより、現実空間における関係者が不利益を被るのを防止することができる。また、表示制御部は端末装置とネットワークを介して接続するスマートフォンやPCに送信された認証登録情報を表示することもできる。 According to such a configuration, the authentication registration information related to the authentication target specified from the real space is transmitted from the authentication server to the terminal device and reflected on the display of the display unit of the terminal device. Thereby, the intention of the person concerned about authentication object can be reflected in the display of the display part of a terminal device. In this way, when the authentication registration information is transmitted, only the authentication registration information related to the authentication target stored in advance is transmitted to the terminal device, and the authentication registration information is reflected on the display of the display unit, thereby allowing the parties in the real space to Can be prevented from suffering disadvantages. The display control unit can also display authentication registration information transmitted to a smartphone or PC connected to the terminal device via a network.
(3)前記表示制御部は、前記認証登録情報送信部から送信された認証登録情報に基づいて、認証対象に対応する画像を前記表示部に表示させてもよい。 (3) The display control unit may cause the display unit to display an image corresponding to an authentication target based on the authentication registration information transmitted from the authentication registration information transmission unit.
 このような構成によれば、認証対象についての関係者の意思に沿って、当該認証対象に対応する画像を表示部に表示させることができる。これにより、現実空間に対して付加情報を投影し、なりすましなどを防止することができるため、現実空間における関係者が不利益を被るのを防止することができる。前記画像は、静止画でもよいし、動画でもよい。 According to such a configuration, the image corresponding to the authentication target can be displayed on the display unit in accordance with the intention of the person concerned with the authentication target. This makes it possible to project additional information on the real space and prevent impersonation and the like, thereby preventing the parties in the real space from suffering disadvantages. The image may be a still image or a moving image.
(4)前記表示制御部は、前記認証登録情報送信部から送信された認証登録情報に基づいて、前記表示部の表示における認証対象に対応する部分に別の画像を表示させてもよい。 (4) The display control unit may display another image in a portion corresponding to the authentication target in the display of the display unit based on the authentication registration information transmitted from the authentication registration information transmission unit.
 このような構成によれば、認証対象についての関係者の意思に沿って、表示部の表示における当該認証対象に対応する部分に別の画像を表示させることができる。これにより、認証対象に対応する部分が表示部に表示されることによって、現実空間における関係者が不利益を被るのを防止することができる。前記別の画像は、静止画でもよいし、動画でもよい。 According to such a configuration, it is possible to display another image in a portion corresponding to the authentication target in the display unit in accordance with the intention of the person concerned with the authentication target. Thereby, the part corresponding to authentication object is displayed on a display part, and it can prevent that the person concerned in real space suffers a disadvantage. The another image may be a still image or a moving image.
(5)前記認証登録情報は、予め行われた審査に基づいて前記認証登録情報記憶部に記憶されてもよい。 (5) The authentication registration information may be stored in the authentication registration information storage unit based on an examination performed in advance.
 このような構成によれば、予め審査を行うことによって、信頼性の高い認証登録情報を認証サーバに記憶し、その認証登録情報を端末装置からの要求に応じて送信することができるため、なりすましなどを効果的に防止することができる。 According to such a configuration, it is possible to store authentication registration information with high reliability in the authentication server by performing an examination in advance and transmit the authentication registration information in response to a request from the terminal device. Etc. can be effectively prevented.
(6)前記認証サーバは、認証対象ごとに任意に変更可能な任意登録情報を記憶する任意登録情報記憶部をさらに備えていてもよい。この場合、前記認証登録情報送信部は、前記認証登録情報とともに前記任意登録情報を前記端末装置に送信してもよい。 (6) The authentication server may further include an arbitrary registration information storage unit that stores arbitrary registration information that can be arbitrarily changed for each authentication target. In this case, the authentication registration information transmission unit may transmit the arbitrary registration information to the terminal device together with the authentication registration information.
 このような構成によれば、予め行われた審査に基づいて認証サーバに記憶される認証登録情報とは別に、認証対象についての関係者が任意に変更可能な任意登録情報を認証サーバに記憶させ、当該任意登録情報を認証登録情報とともに端末装置に送信することができる。したがって、認証対象についての関係者の意思を端末装置に対してさらに効果的に反映させることができる。前記認証登録情報は送信せずに、前記任意登録情報のみを前記端末装置に送信することも可能である。 According to such a configuration, in addition to the authentication registration information stored in the authentication server based on the examination performed in advance, the authentication server stores arbitrary registration information that can be arbitrarily changed by the parties related to the authentication target. The arbitrary registration information can be transmitted to the terminal device together with the authentication registration information. Accordingly, it is possible to more effectively reflect the intentions of the parties related to the authentication target to the terminal device. It is also possible to transmit only the arbitrary registration information to the terminal device without transmitting the authentication registration information.
(7)前記端末装置は、画像を撮影するカメラをさらに備えていてもよい。この場合、前記対象特定情報取得部は、前記カメラにより撮影された撮影画像から前記対象特定情報を取得してもよい。 (7) The terminal device may further include a camera that captures an image. In this case, the target identification information acquisition unit may acquire the target identification information from a captured image captured by the camera.
 このような構成によれば、端末装置のカメラで撮影された撮影画像から対象特定情報が取得され、その対象特定情報に基づいて現実空間から認証対象が特定される。この端末装置に対して認証サーバから認証登録情報を送信すれば、認証対象についての関係者の意思をカメラで撮影された撮影画像に対して反映させることができる。 According to such a configuration, the target specifying information is acquired from the captured image captured by the camera of the terminal device, and the authentication target is specified from the real space based on the target specifying information. If the authentication registration information is transmitted from the authentication server to the terminal device, the intention of the person concerned with the authentication target can be reflected on the captured image captured by the camera.
(8)前記対象特定情報は、前記カメラにより撮影された撮影画像に含まれるマーカであってもよい。 (8) The target specifying information may be a marker included in a captured image captured by the camera.
 このような構成によれば、カメラにより撮影された撮影画像に含まれるマーカを対象特定情報として取得し、その対象特定情報に基づいて現実空間から認証対象を確実に特定することができる。 According to such a configuration, a marker included in a captured image captured by a camera can be acquired as target specifying information, and an authentication target can be reliably specified from the real space based on the target specifying information.
 本発明によれば、端末装置において対象特定情報を取得することにより、現実空間から認証対象を特定することができるとともに、認証対象についての関係者が、アプリケーションの識別情報、及び、その認証対象に関する認証登録情報を送信するか否かを認証サーバに予め記憶しておけば、当該関係者の意思を端末装置に対して反映させることができる。 According to the present invention, by acquiring target specifying information in a terminal device, it is possible to specify an authentication target from the real space, and a person related to the authentication target relates to the application identification information and the authentication target. If the authentication server stores in advance whether or not to transmit the authentication registration information, the intention of the concerned person can be reflected on the terminal device.
本発明の一実施形態に係る認証システムの構成例を示したブロック図である。It is the block diagram which showed the example of a structure of the authentication system which concerns on one Embodiment of this invention. 端末装置の制御部の具体的構成を示したブロック図である。It is the block diagram which showed the specific structure of the control part of a terminal device. 認証サーバの制御部の具体的構成を示したブロック図である。It is the block diagram which showed the specific structure of the control part of an authentication server. 認証登録情報を送信する際の認証サーバの制御部による処理の一例を示したフローチャートである。It is the flowchart which showed an example of the process by the control part of the authentication server at the time of transmitting authentication registration information. 認証対象が人物である場合の端末装置の表示部に対する画像の表示例を示した概略図である。It is the schematic which showed the example of a display of the image with respect to the display part of a terminal device when authentication object is a person. 認証対象が人物である場合の端末装置の表示部に対する画像の別の表示例を示した概略図である。It is the schematic which showed another example of a display of the image with respect to the display part of a terminal device in case an authentication object is a person. 認証対象が物体である場合の端末装置の表示部に対する画像の表示例を示した概略図である。It is the schematic which showed the example of a display of the image with respect to the display part of a terminal device when an authentication target is an object.
1.認証システムの全体的構成
 図1は、本発明の一実施形態に係る認証システムの構成例を示したブロック図である。本実施形態に係る認証システムには、複数の端末装置1、及び、これらの端末装置1との間で通信可能な認証サーバ2が含まれる。これらの端末装置1及び認証サーバ2は、例えばインターネットなどのネットワークNを介して、有線又は無線により互いに通信可能となっている。 1. Overall Configuration of Authentication System FIG. 1 is a block diagram showing a configuration example of an authentication system according to an embodiment of the present invention. The authentication system according to the present embodiment includes a plurality of terminal devices 1 and an authentication server 2 that can communicate with these terminal devices 1. The terminal device 1 and the authentication server 2 can communicate with each other by wire or wireless via a network N such as the Internet.
 端末装置1は、制御部11、通信部12、操作部13、表示部14、カメラ15及びマイク16を備えている。端末装置1は、パーソナルコンピュータ、スマートフォン、タブレットコンピュータ、ロボット又はスマートグラスなどにより構成され、当該認証システムのユーザによって使用される。制御部11は、通信部12を介してネットワークNに接続可能であり、当該ネットワークNを介して認証サーバ2との間でデータの送受信を行うことができる。 The terminal device 1 includes a control unit 11, a communication unit 12, an operation unit 13, a display unit 14, a camera 15, and a microphone 16. The terminal device 1 is configured by a personal computer, a smartphone, a tablet computer, a robot, a smart glass, or the like, and is used by a user of the authentication system. The control unit 11 can be connected to the network N via the communication unit 12, and can transmit and receive data to and from the authentication server 2 via the network N.
 操作部13は、例えばタッチキー又はポインティングデバイスにより構成される。表示部14は、例えば液晶表示器により構成される。ただし、操作部13及び表示部14は、タッチパネルとして一体的に構成されていてもよい。カメラ15は、画像を撮影するためのデバイスであり、撮影画像として静止画又は動画を撮影することができる。マイク16は、音声を取得するためのデバイスである。本実施形態では、マイク16が端末装置1に備えられた構成を示しているが、これに限らず、例えば端末装置1に組み込まれていない外部装置としてのマイクから、有線通信又は無線通信により音声を取得できるような構成であってもよい。 The operation unit 13 is configured by, for example, a touch key or a pointing device. The display unit 14 is configured by a liquid crystal display, for example. However, the operation unit 13 and the display unit 14 may be integrally configured as a touch panel. The camera 15 is a device for capturing an image, and can capture a still image or a moving image as a captured image. The microphone 16 is a device for acquiring sound. In the present embodiment, the configuration in which the microphone 16 is provided in the terminal device 1 is shown. However, the present invention is not limited to this. For example, a microphone as an external device that is not incorporated in the terminal device 1 can be used for voice communication by wired communication or wireless communication. The configuration may be such that can be acquired.
 認証サーバ2は、制御部21、通信部22及び記憶部23を備えている。制御部21は、通信部22を介してネットワークNに接続可能であり、当該ネットワークNを介して各端末装置1との間でデータの送受信を行うことができる。記憶部23は、例えばハードディスク及びRAM(Random Access Memory)により構成されている。制御部21は、記憶部23に対してデータの入出力を行う。 The authentication server 2 includes a control unit 21, a communication unit 22, and a storage unit 23. The control unit 21 can be connected to the network N via the communication unit 22 and can transmit and receive data to and from each terminal device 1 via the network N. The storage unit 23 includes, for example, a hard disk and a RAM (Random Access Memory). The control unit 21 inputs / outputs data to / from the storage unit 23.
 本実施形態では、現実空間における物体、人物又は空間などを認証対象として、当該認証対象に関する情報が予め認証サーバ2に登録されている。認証対象に関する情報としては、例えば名前、住所、血液型、勤務先、出身校又は資格・免許などの個人情報を含む認証登録情報の他、一時的ステータス又はスタンプなどを例示することができる。一時的ステータスとは、例えば「急いでいる」、「支払い済みである」、「商品情報を知りたい」などといったユーザの一時的な状態である。 In this embodiment, information related to an authentication target is registered in the authentication server 2 in advance with an object, person, or space in the real space as the authentication target. Examples of the information related to the authentication target include temporary status or stamp in addition to authentication registration information including personal information such as name, address, blood type, workplace, home school or qualification / license. The temporary status is a temporary state of the user such as “I am in a hurry”, “I have paid”, “I want to know product information”, or the like.
 認証登録情報は、例えば現実空間における認証対象についての関係者(個人、法人又は団体など)からの届出に基づいて、認証サーバ2の記憶部23に登録される。認証サーバ2への認証登録情報の登録の際には、予め審査が行われ、その審査によって信頼性が高いと評価された認証登録情報のみが認証サーバ2に登録される。 The authentication registration information is registered in the storage unit 23 of the authentication server 2 based on, for example, a notification from a related party (individual, corporation, organization, or the like) regarding an authentication target in the real space. When registering the authentication registration information in the authentication server 2, an examination is performed in advance, and only the authentication registration information evaluated as having high reliability by the examination is registered in the authentication server 2.
 認証サーバ2に登録された認証登録情報は、端末装置1から認証サーバ2に対して照会することができる。例えば、端末装置1のカメラ15により撮影された撮影画像に含まれる認証対象について、その認証対象に関する認証登録情報の照会を認証サーバ2に要求することにより、当該認証登録情報が認証サーバ2から端末装置1に送信される。認証サーバ2には、当該認証サーバ2から認証登録情報を送信する端末装置1が実行するアプリケーションの識別情報(アプリID)が、認証対象についての関係者からの届出に基づいて予め登録され、当該アプリIDに従って認証登録情報が各端末装置1に送信される。 The authentication registration information registered in the authentication server 2 can be inquired from the terminal device 1 to the authentication server 2. For example, by requesting the authentication server 2 to inquire about the authentication registration information regarding the authentication target for the authentication target included in the captured image captured by the camera 15 of the terminal device 1, the authentication registration information is transferred from the authentication server 2 to the terminal. Sent to the device 1. In the authentication server 2, the identification information (application ID) of the application executed by the terminal device 1 that transmits the authentication registration information from the authentication server 2 is registered in advance based on the notification from the parties about the authentication target. Authentication registration information is transmitted to each terminal device 1 according to the application ID.
2.端末装置の制御部の具体的構成
 図2は、端末装置1の制御部11の具体的構成を示したブロック図である。制御部11は、例えばCPU(Central Processing Unit)を含む構成であり、CPUがアプリケーションを実行することにより、対象特定情報取得部111、照会要求部112及び表示制御部113などとして機能する。上記アプリケーションは、端末装置1のユーザによる操作部13の操作に基づいて、端末装置1にインストールすることができる。 2. Specific Configuration of Control Unit of Terminal Device FIG. 2 is a block diagram illustrating a specific configuration of the control unit 11 of the terminal device 1. The control unit 11 includes, for example, a CPU (Central Processing Unit), and functions as the target specifying information acquisition unit 111, the inquiry request unit 112, the display control unit 113, and the like when the CPU executes an application. The application can be installed in the terminal device 1 based on the operation of the operation unit 13 by the user of the terminal device 1.
 対象特定情報取得部111は、認証対象を特定するための対象特定情報を取得する。対象特定情報は、認証対象自体が有するものから得られる情報であってもよいし、認証対象が発生するものから得られる情報であってもよい。例えば、認証対象が物体である場合には、当該物体に設けられた二次元コードなどのコードや、当該物体から発信される無線信号又は赤外線などから得られる情報が、対象特定情報を構成していてもよい。また、認証対象が人物である場合には、当該人物の顔、指紋、耳の穴の形状又は声紋などから得られる生体認証情報が、対象特定情報を構成していてもよい。 The target specifying information acquisition unit 111 acquires target specifying information for specifying an authentication target. The target specifying information may be information obtained from what the authentication target itself has, or information obtained from what the authentication target is generated. For example, when the authentication target is an object, information obtained from a code such as a two-dimensional code provided on the object, a wireless signal transmitted from the object, or infrared light constitutes the target specifying information. May be. When the authentication target is a person, biometric authentication information obtained from the person's face, fingerprint, ear hole shape, voiceprint, or the like may constitute the target specifying information.
 本実施形態では、対象特定情報取得部111が、カメラ15により撮影された撮影画像、又は、マイク16により取得された声紋から対象特定情報を取得するようになっている。カメラ15により撮影される撮影画像が物体である場合には、対象特定情報取得部111が、例えば当該物体に設けられたコードを読み取るコード読取部や、物体から発信される無線信号又は赤外線を受信する無線信号受信部又は赤外線受信部などにより構成される。また、カメラ15により撮影される撮影画像が人物である場合には、対象特定情報取得部111が、例えば当該人物の顔、指紋又は声紋を認証する顔認証処理部、指紋認証処理部又は声紋認証処理部により構成される。ただし、対象特定情報取得部111は、上記のような構成に限られるものではなく、例えばGPS信号を受信するGPS受信部などの他の機構により構成されていてもよい。 In the present embodiment, the target identification information acquisition unit 111 acquires target identification information from a captured image captured by the camera 15 or a voiceprint acquired by the microphone 16. When the captured image captured by the camera 15 is an object, the target identification information acquisition unit 111 receives, for example, a code reading unit that reads a code provided on the object, or a wireless signal or infrared ray transmitted from the object A radio signal receiving unit or an infrared receiving unit. When the captured image captured by the camera 15 is a person, the target specifying information acquisition unit 111, for example, a face authentication processing unit, fingerprint authentication processing unit, or voice print authentication for authenticating the face, fingerprint, or voice print of the person. Consists of a processing unit. However, the target identification information acquisition unit 111 is not limited to the above-described configuration, and may be configured by another mechanism such as a GPS reception unit that receives a GPS signal.
 このように、対象特定情報取得部111で対象特定情報を取得することにより、認証対象を特定することができる。すなわち、カメラ15により撮影される撮影画像に複数の物体、人物又は空間が含まれている場合であっても、対象特定情報を取得した物体、人物又は空間を認証対象として特定することができる。また、認証対象として特定された物体、人物又は空間の境界線を認定することも可能である。 Thus, by acquiring the target specifying information by the target specifying information acquisition unit 111, the authentication target can be specified. That is, even if a captured image captured by the camera 15 includes a plurality of objects, persons, or spaces, the object, person, or space from which the target specifying information has been acquired can be specified as an authentication target. It is also possible to recognize the boundary line of the object, person or space specified as the authentication target.
 照会要求部112は、取得した対象特定情報に基づいて特定される認証対象に関する認証登録情報の照会を認証サーバ2に要求する。具体的には、取得した対象特定情報から得られる認証対象の識別情報が、照会要求部112から通信部12を介して認証サーバ2に送信されることにより、当該認証対象の照会の要求が行われる。 The inquiry request unit 112 requests the authentication server 2 to inquire about authentication registration information related to the authentication target specified based on the acquired target specifying information. Specifically, authentication target identification information obtained from the acquired target identification information is transmitted from the inquiry request unit 112 to the authentication server 2 via the communication unit 12, thereby making a request for the authentication target query. Is called.
 表示制御部113は、表示部14の表示を制御する。照会要求部112から認証サーバ2に認証登録情報の照会が要求され、認証サーバ2から端末装置1に認証登録情報が送信された場合には、当該認証登録情報を表示部14の表示に反映させる処理が表示制御部113により行われる。したがって、例えばカメラ15により撮影された現実空間の撮影画像に、AR技術を用いて認証登録情報に基づく付加情報を投影させれば、拡張された現実空間を提供することができる。 The display control unit 113 controls display on the display unit 14. When an inquiry for authentication registration information is requested from the inquiry request unit 112 to the authentication server 2 and the authentication registration information is transmitted from the authentication server 2 to the terminal device 1, the authentication registration information is reflected on the display of the display unit 14. Processing is performed by the display control unit 113. Therefore, for example, if the additional information based on the authentication registration information is projected onto the captured image of the real space photographed by the camera 15 using the AR technology, the expanded real space can be provided.
3.認証サーバの制御部の具体的構成
 図3は、認証サーバ2の制御部21の具体的構成を示したブロック図である。制御部21は、例えばCPUを含む構成であり、CPUがプログラムを実行することにより、照会要求受付部211及び認証登録情報送信部212などとして機能する。 3. Specific Configuration of Control Unit of Authentication Server FIG. 3 is a block diagram showing a specific configuration of the control unit 21 of the authentication server 2. The control unit 21 includes, for example, a CPU, and functions as an inquiry request reception unit 211, an authentication registration information transmission unit 212, and the like when the CPU executes a program.
 照会要求受付部211は、端末装置1からの認証登録情報の照会を受け付ける。具体的には、通信部22を介して、対象特定情報から得られた認証対象の識別情報を端末装置1から受信することにより、当該認証対象に関する認証登録情報の照会が照会要求受付部211により受け付けられる。 The inquiry request reception unit 211 receives an inquiry for authentication registration information from the terminal device 1. Specifically, by receiving identification information of the authentication target obtained from the target specifying information from the terminal device 1 via the communication unit 22, an inquiry for authentication registration information related to the authentication target is received by the query request receiving unit 211. Accepted.
 認証登録情報送信部212は、照会要求受付部211により認証登録情報の照会の要求を受け付けた認証対象について、当該認証対象に関する認証登録情報を端末装置1に送信する。具体的には、記憶部23に記憶されている認証登録情報が、認証登録情報送信部212から通信部22を介して端末装置1に送信される。 The authentication registration information transmitting unit 212 transmits authentication registration information related to the authentication target to the terminal device 1 for the authentication target for which the request for authentication registration information has been received by the query request receiving unit 211. Specifically, the authentication registration information stored in the storage unit 23 is transmitted from the authentication registration information transmission unit 212 to the terminal device 1 via the communication unit 22.
 記憶部23には、認証登録情報の他に、任意登録情報、アプリID及び送信要否などの情報が、認証対象ごとに対応付けて記憶されている。任意登録情報は、予め審査を行うことなくユーザが任意に変更可能な認証対象に関する情報であって、上述した一時的ステータスなどのように、例えば認証登録情報よりも頻繁に更新される情報からなる。アプリIDは、端末装置1が実行するアプリケーションごとに割り当てられた識別情報である。送信要否の情報は、予め設定された認証登録情報を送信するか否かの情報である。 In the storage unit 23, in addition to the authentication registration information, information such as arbitrary registration information, application ID, and transmission necessity is stored in association with each authentication target. The optional registration information is information related to an authentication target that can be arbitrarily changed by the user without prior examination, and includes information that is updated more frequently than the authentication registration information, such as the temporary status described above. . The application ID is identification information assigned to each application executed by the terminal device 1. The information on necessity of transmission is information on whether or not to transmit preset authentication registration information.
 このように、記憶部23は、認証対象に関する認証登録情報を予め記憶している認証登録情報記憶部、認証対象ごとに認証登録情報を送信するか否かを予め記憶している送信要否記憶部、及び、アプリIDを予め記憶しているアプリケーション識別情報記憶部を構成している。ただし、認証登録情報記憶部、送信要否記憶部及びアプリケーション情報記憶部は、1つの記憶部23の記憶領域に割り当てられた構成に限らず、例えば少なくとも1つが別の記憶部により構成されていてもよい。 As described above, the storage unit 23 stores the authentication registration information related to the authentication target in advance, and the authentication registration information storage unit stores in advance whether the authentication registration information is transmitted for each authentication target. And an application identification information storage unit that stores application IDs in advance. However, the authentication registration information storage unit, the transmission necessity storage unit, and the application information storage unit are not limited to the configuration assigned to the storage area of one storage unit 23, and for example, at least one is configured by another storage unit. Also good.
4.認証登録情報を送信する際の動作
 図4は、認証登録情報を送信する際の認証サーバ2の制御部21による処理の一例を示したフローチャートである。 4). Operation When Transmitting Authentication Registration Information FIG. 4 is a flowchart illustrating an example of processing by the control unit 21 of the authentication server 2 when transmitting authentication registration information.
 認証サーバ2の照会要求受付部211が、端末装置1の照会要求部112から認証登録情報の照会の要求を受け付けた場合には(ステップS101でYes)、その端末装置1が実行するアプリケーションのアプリIDが記憶部23に記憶されているか否かが確認される(ステップS102)。具体的には、認証対象の照会の要求が行われる際に端末装置1の照会要求部112から送信される認証対象の識別情報及びアプリIDに基づいて、当該認証対象に関する認証登録情報と対応付けて記憶部23に当該アプリIDが記憶されているか否かが確認される。 When the inquiry request reception unit 211 of the authentication server 2 receives a request for inquiry of authentication registration information from the inquiry request unit 112 of the terminal device 1 (Yes in step S101), the application of the application executed by the terminal device 1 It is confirmed whether or not the ID is stored in the storage unit 23 (step S102). Specifically, when authentication target inquiry request is made, the authentication target identification information and the application ID transmitted from the inquiry request unit 112 of the terminal device 1 are associated with the authentication registration information related to the authentication target. Whether or not the application ID is stored in the storage unit 23 is confirmed.
 そして、端末装置1が実行するアプリケーションのアプリIDが記憶部23に登録されている場合には(ステップS102でYes)、照会が要求されている認証対象について、認証登録情報を送信すると記憶部23に記憶されているか否かが確認される(ステップS103)。具体的には、認証対象の照会の要求が行われる際に端末装置1の照会要求部112から送信される認証対象の識別情報に基づいて、当該認証対象に関する認証登録情報と対応付けて記憶部23に記憶されている送信要否の情報が確認される。 And when application ID of the application which the terminal device 1 performs is registered into the memory | storage part 23 (it is Yes at step S102), if authentication registration information is transmitted about the certification | authentication object from which the inquiry is requested | required, the memory | storage part 23 Is stored (step S103). Specifically, based on the identification information of the authentication target transmitted from the inquiry request unit 112 of the terminal device 1 when the request for the query of the authentication target is performed, the storage unit is associated with the authentication registration information related to the authentication target. The transmission necessity information stored in 23 is confirmed.
 その結果、認証登録情報を送信すると記憶部23に記憶されている場合には(ステップS103でYes)、認証サーバ2の認証登録情報送信部212から端末装置1に認証登録情報が送信される(ステップS104)。具体的には、認証対象の照会の要求が行われる際に端末装置1の照会要求部112から送信される認証対象の識別情報に基づいて、当該認証対象に関する認証登録情報が記憶部23から読み出され、端末装置1へと送信される。認証登録情報を送信する際、当該認証登録情報に対応付けて任意登録情報が記憶部23に記憶されている場合には、認証登録情報とともに任意登録情報が端末装置1に送信される。 As a result, when the authentication registration information is transmitted and stored in the storage unit 23 (Yes in step S103), the authentication registration information is transmitted from the authentication registration information transmission unit 212 of the authentication server 2 to the terminal device 1 ( Step S104). Specifically, the authentication registration information related to the authentication target is read from the storage unit 23 based on the authentication target identification information transmitted from the inquiry request unit 112 of the terminal device 1 when a request for the authentication target inquiry is made. And transmitted to the terminal device 1. When transmitting the authentication registration information, if the arbitrary registration information is stored in the storage unit 23 in association with the authentication registration information, the arbitrary registration information is transmitted to the terminal device 1 together with the authentication registration information.
 一方、端末装置1が実行するアプリケーションのアプリIDが記憶部23に登録されていない場合や(ステップS102でNo)、認証登録情報を送信すると記憶部23に記憶されていない場合には(ステップS103でNo)、照会の要求を受け付けた端末装置1に対する認証登録情報の送信は行われない。なお、認証登録情報に含まれる各種情報ごとに、端末装置1に送信するか否かを個別に設定できるような構成であってもよい。 On the other hand, when the application ID of the application executed by the terminal device 1 is not registered in the storage unit 23 (No in step S102), or when the authentication registration information is transmitted and is not stored in the storage unit 23 (step S103). No), the authentication registration information is not transmitted to the terminal device 1 that has received the inquiry request. In addition, the structure which can set individually whether to transmit to the terminal device 1 for every various information contained in authentication registration information may be sufficient.
5.認証対象が人物である場合の表示例
 図5Aは、認証対象が人物である場合の端末装置1の表示部14に対する画像の表示例を示した概略図である。この例では、端末装置1のカメラ15により撮影された現実空間の撮影画像3に、認証対象としての人物31が含まれている。 5. Example of Display when Authentication Target is Person FIG. 5A is a schematic diagram showing an example of image display on the display unit 14 of the terminal device 1 when the authentication target is a person. In this example, a person 31 as an authentication target is included in the photographed image 3 in the real space photographed by the camera 15 of the terminal device 1.
 端末装置1の対象特定情報取得部111は、例えば顔認証処理部としての機能に基づいて、現実空間の撮影画像3に含まれる人物31を認証対象として特定する。このとき、人物31の顔が、認証対象を特定するための対象特定情報であり、カメラ15により撮影された撮影画像3に含まれるマーカ32を構成している。端末装置1の照会要求部112は、マーカ32に基づいて特定される人物31に関する認証登録情報の照会を認証サーバ2に要求し、認証サーバ2の認証登録情報送信部212は、上述した所定の条件を満たす場合に、当該人物31に関する認証登録情報を端末装置1に送信する。顔認証以外のマーカ32としては、例えば認証対象が角膜の上に装着するコンタクトレンズであってもよいし、体表への刺青、スカリフィケーション、焼印又は凍結烙印などのように、認証対象の表面に固定されたものであってもよい。 The target specifying information acquisition unit 111 of the terminal device 1 specifies the person 31 included in the captured image 3 in the real space as an authentication target based on, for example, a function as a face authentication processing unit. At this time, the face of the person 31 is target specifying information for specifying the authentication target, and constitutes the marker 32 included in the captured image 3 captured by the camera 15. The inquiry request unit 112 of the terminal device 1 requests the authentication server 2 to inquire about the authentication registration information regarding the person 31 specified based on the marker 32, and the authentication registration information transmission unit 212 of the authentication server 2 performs the predetermined registration described above. If the condition is satisfied, authentication registration information related to the person 31 is transmitted to the terminal device 1. As the marker 32 other than the face authentication, for example, the authentication target may be a contact lens mounted on the cornea, or the authentication target such as tattooing on the body surface, saliification, branding, or freezing thumbprint. It may be fixed to the surface.
 この例では、認証サーバ2から端末装置1に送信された認証登録情報に基づいて、認証対象に対応する画像33が表示部14に表示される。この画像33としては、例えば人物31の名前、住所、血液型、勤務先、出身校又は資格・免許などのように、予め行われた審査に基づいて登録された情報を例示することができる。また、認証登録情報とともに認証サーバ2から端末装置1に送信される任意登録情報に基づいて、一時的ステータスなどのユーザが任意に変更可能な情報も画像33として表示部14に表示されてもよい。このように、撮影画像3に含まれる人物31に対応付けて画像33を表示させることにより、AR技術を用いた現実空間に対する付加情報の投影を行うことができる。 In this example, the image 33 corresponding to the authentication target is displayed on the display unit 14 based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1. Examples of the image 33 include information registered on the basis of a preliminarily conducted examination such as the name, address, blood type, workplace, home school, or qualification / license of the person 31. Further, information that can be arbitrarily changed by the user, such as a temporary status, based on the arbitrary registration information transmitted from the authentication server 2 to the terminal device 1 together with the authentication registration information may be displayed on the display unit 14 as the image 33. . In this way, by displaying the image 33 in association with the person 31 included in the captured image 3, it is possible to project additional information on the real space using the AR technology.
 図5Bは、認証対象が人物である場合の端末装置1の表示部14に対する画像の別の表示例を示した概略図である。この例では、図5Aの例と同様に、端末装置1のカメラ15により撮影された現実空間の撮影画像3に、認証対象としての人物31が含まれている。 FIG. 5B is a schematic diagram illustrating another display example of an image on the display unit 14 of the terminal device 1 when the authentication target is a person. In this example, as in the example of FIG. 5A, the photographed image 3 in the real space photographed by the camera 15 of the terminal device 1 includes a person 31 as an authentication target.
 この例では、認証サーバ2から端末装置1に送信された認証登録情報に基づいて、表示部14の表示における認証対象に対応する部分に別の画像34が表示される。この画像34は、例えば撮影画像3に含まれる人物31の顔を隠すための画像である。このように、AR技術を用いた現実空間に対する画像34の表示によって、現実空間における人物31を保護することも可能である。 In this example, based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1, another image 34 is displayed at a portion corresponding to the authentication target in the display of the display unit 14. This image 34 is an image for hiding the face of the person 31 included in the captured image 3, for example. In this way, it is possible to protect the person 31 in the real space by displaying the image 34 on the real space using the AR technology.
 一方、認証サーバ2から端末装置1に送信された認証登録情報に基づいて、表示部14に表示された撮影画像3における人物31の画像の変更が禁止されてもよい。具体的には、端末装置1側で撮影画像3に対する画像の変更が行われようとした場合に、人物31の画像に対する変更が受け付けられないようにして、現実空間における人物31を保護してもよい。 On the other hand, based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1, the change of the image of the person 31 in the captured image 3 displayed on the display unit 14 may be prohibited. Specifically, when the terminal device 1 tries to change the image of the captured image 3, the change of the image of the person 31 is not accepted and the person 31 in the real space is protected. Good.
6.認証対象が物体である場合の表示例
 図6は、認証対象が物体である場合の端末装置1の表示部14に対する画像の表示例を示した概略図である。この例では、端末装置1のカメラ15により撮影された現実空間の撮影画像4に、認証対象としての物体41が含まれている。物体41は、図6に示すような建物であってもよいし、建物以外の各種物体であってもよい。 6). Display Example when Authentication Target is an Object FIG. 6 is a schematic diagram illustrating a display example of an image on the display unit 14 of the terminal device 1 when the authentication target is an object. In this example, an object 41 as an authentication target is included in the captured image 4 in the real space captured by the camera 15 of the terminal device 1. The object 41 may be a building as shown in FIG. 6 or various objects other than a building.
 端末装置1の対象特定情報取得部111は、例えば画像処理部としての機能に基づいて、現実空間の撮影画像4に含まれる物体41を認証対象として特定する。このとき、現実空間の物体41に予め設けられているマーカ42が、認証対象を特定するための対象特定情報を構成しており、カメラ15により撮影された撮影画像4に含まれるマーカ42の画像を識別することによって、物体41が認証対象として特定される。端末装置1の照会要求部112は、マーカ42に基づいて特定される物体41に関する認証登録情報の照会を認証サーバ2に要求し、認証サーバ2の認証登録情報送信部212は、上述した所定の条件を満たす場合に、当該物体41に関する認証登録情報を端末装置1に送信する。 The target specifying information acquisition unit 111 of the terminal device 1 specifies the object 41 included in the captured image 4 in the real space as an authentication target based on, for example, a function as an image processing unit. At this time, the marker 42 provided in advance on the object 41 in the real space constitutes the target specifying information for specifying the authentication target, and the image of the marker 42 included in the captured image 4 captured by the camera 15. Is identified as an authentication target. The inquiry request unit 112 of the terminal device 1 requests the authentication server 2 to inquire about authentication registration information regarding the object 41 specified based on the marker 42, and the authentication registration information transmission unit 212 of the authentication server 2 performs the predetermined registration described above. If the condition is satisfied, authentication registration information regarding the object 41 is transmitted to the terminal device 1.
 この例では、認証サーバ2から端末装置1に送信された認証登録情報に基づいて、認証対象に対応する画像43が表示部14に表示される。この画像43としては、例えば広告、告知又は装飾画像などを例示することができる。このように、撮影画像4に含まれる物体41に対応付けて画像43を表示させることにより、AR技術を用いた現実空間に対する付加情報の投影を行うことができる。 In this example, the image 43 corresponding to the authentication target is displayed on the display unit 14 based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1. As this image 43, an advertisement, a notice, a decoration image, etc. can be illustrated, for example. In this way, by displaying the image 43 in association with the object 41 included in the captured image 4, it is possible to project additional information on the real space using the AR technique.
 一方、認証サーバ2から端末装置1に送信された認証登録情報に基づいて、表示部14に表示された撮影画像4における物体41の画像の変更が禁止されてもよい。具体的には、端末装置1側で撮影画像4に対する画像の変更が行われようとした場合に、物体41の画像に対する変更が受け付けられないようにして、現実空間における物体41を保護してもよい。 On the other hand, based on the authentication registration information transmitted from the authentication server 2 to the terminal device 1, the change of the image of the object 41 in the captured image 4 displayed on the display unit 14 may be prohibited. Specifically, when the terminal device 1 tries to change the image with respect to the captured image 4, the change to the image of the object 41 is not accepted and the object 41 in the real space is protected. Good.
7.作用効果
(1)本実施形態では、端末装置1においてアプリケーションを実行し、対象特定情報を取得することにより、現実空間から認証対象が特定され、その特定された認証対象に関する認証登録情報の照会が、端末装置1から認証サーバ2に要求される。この照会の要求を受け付けた認証サーバ2においては、端末装置1が実行するアプリケーションのアプリIDが予め記憶されているか否か、及び、特定された認証対象について、予め記憶されている認証登録情報を端末装置1に送信するか否かが確認される。そして、端末装置1が実行するアプリケーションのアプリIDが予め記憶されており、かつ、認証登録情報を送信すると予め記憶されている場合には、当該認証対象に関する認証登録情報を端末装置1に送信する。したがって、認証対象についての関係者が、アプリID、及び、その認証対象に関する認証登録情報を送信するか否かを認証サーバ2に予め記憶しておけば、そのアプリケーションを用いて認証登録情報の照会の要求が行われた場合にのみ、当該関係者の意思に応じて認証登録情報を送信することができる。これにより、認証対象についての関係者が意図しないアプリケーションを実行する端末装置1に認証登録情報が送信されるのを防止し、当該関係者の意思を端末装置1に対して反映させることができる。 7). Effect (1) In the present embodiment, by executing an application in the terminal device 1 and acquiring the target specifying information, the authentication target is specified from the real space, and the authentication registration information related to the specified authentication target is inquired. The authentication server 2 is requested from the terminal device 1. In the authentication server 2 that has received the request for inquiry, whether or not the application ID of the application executed by the terminal device 1 is stored in advance, and the authentication registration information stored in advance for the specified authentication target is stored. Whether or not to transmit to the terminal device 1 is confirmed. When the application ID of the application executed by the terminal device 1 is stored in advance and is stored in advance when the authentication registration information is transmitted, the authentication registration information related to the authentication target is transmitted to the terminal device 1. . Therefore, if the parties related to the authentication object store in advance in the authentication server 2 whether or not the application ID and authentication registration information related to the authentication object are to be transmitted, the authentication registration information is inquired using the application. Only when the request is made, the authentication registration information can be transmitted according to the intention of the concerned party. As a result, it is possible to prevent the authentication registration information from being transmitted to the terminal device 1 that executes an application that is not intended by the parties related to the authentication target, and to reflect the intentions of the parties concerned on the terminal device 1.
(2)本実施形態では、現実空間から特定された認証対象に関する認証登録情報が、認証サーバ2から端末装置1に送信され、当該端末装置1の表示部14の表示に反映される。これにより、認証対象についての関係者の意思を端末装置1の表示部14の表示に反映させることができる。このように、認証登録情報を送信すると予め記憶されている認証対象に関する認証登録情報のみを端末装置1に送信して、その認証登録情報を表示部14の表示に反映させることにより、現実空間における関係者が不利益を被るのを防止することができる。 (2) In the present embodiment, authentication registration information related to the authentication target specified from the real space is transmitted from the authentication server 2 to the terminal device 1 and reflected on the display of the display unit 14 of the terminal device 1. Thereby, the intention of the person concerned about authentication object can be reflected in the display of the display part 14 of the terminal device 1. FIG. As described above, when the authentication registration information is transmitted, only the authentication registration information related to the authentication target stored in advance is transmitted to the terminal device 1 and the authentication registration information is reflected on the display of the display unit 14, so that It is possible to prevent the parties concerned from suffering disadvantages.
(3)本実施形態では、図5A、図5B及び図6に例示されるように、認証対象についての関係者の意思に沿って、当該認証対象に対応する画像33,43を表示部14に表示させることができる。これにより、現実空間に対して付加情報を投影し、なりすましなどを防止することができるため、現実空間における関係者が不利益を被るのを防止することができる。 (3) In this embodiment, as illustrated in FIGS. 5A, 5B, and 6, images 33 and 43 corresponding to the authentication target are displayed on the display unit 14 in accordance with the intentions of the parties related to the authentication target. Can be displayed. This makes it possible to project additional information on the real space and prevent impersonation and the like, thereby preventing the parties in the real space from suffering disadvantages.
(4)一方、認証対象についての関係者の意思に沿って、表示部14の表示における当該認証対象に対応する部分に別の画像34を表示させた場合には、認証対象に対応する部分が表示部14に表示されることによって、現実空間における関係者が不利益を被るのを防止することができる。 (4) On the other hand, in the case where another image 34 is displayed on the part corresponding to the authentication target in the display of the display unit 14 in accordance with the intention of the person concerned with the authentication target, the part corresponding to the authentication target is By being displayed on the display unit 14, it is possible to prevent a person concerned in the real space from suffering a disadvantage.
(5)本実施形態では、予め審査を行うことによって、信頼性の高い認証登録情報を認証サーバ2に記憶し、その認証登録情報を端末装置1からの要求に応じて送信することができるため、なりすましなどを効果的に防止することができる。 (5) In this embodiment, since the authentication registration information with high reliability can be stored in the authentication server 2 by performing the examination in advance, the authentication registration information can be transmitted in response to a request from the terminal device 1. And spoofing can be effectively prevented.
(6)本実施形態では、予め行われた審査に基づいて認証サーバ2に記憶される認証登録情報とは別に、認証対象についての関係者が任意に変更可能な任意登録情報を認証サーバ2に記憶させ、当該任意登録情報を認証登録情報とともに端末装置1に送信することができる。したがって、認証対象についての関係者の意思を端末装置1に対してさらに効果的に反映させることができる。 (6) In this embodiment, apart from the authentication registration information stored in the authentication server 2 based on a preliminarily conducted examination, optional registration information that can be arbitrarily changed by the parties related to the authentication target is stored in the authentication server 2. The arbitrary registration information can be stored and transmitted to the terminal device 1 together with the authentication registration information. Therefore, it is possible to more effectively reflect the intentions of the parties related to the authentication target to the terminal device 1.
(7)本実施形態では、図5A、図5B及び図6に例示されるように、端末装置1のカメラ15で撮影された撮影画像3,4から対象特定情報が取得され、その対象特定情報に基づいて現実空間から認証対象が特定される。この端末装置1に対して認証サーバ2から認証登録情報を送信すれば、認証対象についての関係者の意思をカメラ15で撮影された撮影画像3,4に対して反映させることができる。 (7) In the present embodiment, as illustrated in FIGS. 5A, 5B, and 6, target specifying information is acquired from the captured images 3 and 4 captured by the camera 15 of the terminal device 1, and the target specifying information is acquired. The authentication object is specified from the real space based on the above. If the authentication registration information is transmitted from the authentication server 2 to the terminal device 1, the intentions of the parties related to the authentication target can be reflected in the captured images 3 and 4 captured by the camera 15.
(8)本実施形態では、カメラ15により撮影された撮影画像3,4に含まれるマーカ32,42を対象特定情報として取得し、その対象特定情報に基づいて現実空間から認証対象を確実に特定することができる。 (8) In the present embodiment, the markers 32 and 42 included in the captured images 3 and 4 captured by the camera 15 are acquired as target specifying information, and the authentication target is reliably specified from the real space based on the target specifying information. can do.
8.変形例
 以上の実施形態では、端末装置1が、例えばパーソナルコンピュータ、スマートフォン、タブレットコンピュータ又はコミュニケーションロボット(人間との対話を通じて付加価値や多幸感を提供するロボット)などのように、操作部13及び表示部14を備えた構成である場合について説明した。しかし、このような構成に限らず、端末装置1は、例えばスマートグラスなどのように、表示部14のみを備えた構成であってもよい。この場合、端末装置1に対する動作指示は、例えば音声信号などのように、操作信号以外の信号が端末装置1に入力されることにより行われてもよい。 8). In the above-described embodiment, the terminal device 1 includes the operation unit 13 and the display, such as a personal computer, a smartphone, a tablet computer, or a communication robot (a robot that provides added value and happiness through dialogue with humans). The case where it is the structure provided with the part 14 was demonstrated. However, the configuration is not limited to such a configuration, and the terminal device 1 may have a configuration including only the display unit 14 such as a smart glass. In this case, the operation instruction to the terminal device 1 may be performed by inputting a signal other than the operation signal, such as an audio signal, to the terminal device 1.
    1  端末装置
    2  認証サーバ
    3,4 撮影画像
   11  制御部
   12  通信部
   13  操作部
   14  表示部
   15  カメラ
   21  制御部
   22  通信部
   23  記憶部
   31  人物
   32,42 マーカ
   33,34,43 画像
   41  物体
  111  対象特定情報取得部
  112  照会要求部
  113  表示制御部
  211  照会要求受付部
  212  認証登録情報送信部 DESCRIPTION OF SYMBOLS 1 Terminal device 2 Authentication server 3,4 Image | photographed image 11 Control part 12 Communication part 13 Operation part 14 Display part 15 Camera 21 Control part 22 Communication part 23 Memory | storage part 31 Person 32, 42 Marker 33, 34, 43 Image 41 Object 111 Object Specific information acquisition unit 112 Inquiry request unit 113 Display control unit 211 Inquiry request reception unit 212 Authentication registration information transmission unit

Claims (11)

  1.  端末装置及び当該端末装置との間で通信可能な認証サーバを含む認証システムであって、
     前記端末装置は、
     認証対象を特定するための対象特定情報を取得する対象特定情報取得部と、
     取得した前記対象特定情報に基づいて特定される認証対象に関する認証登録情報の照会を前記認証サーバに要求する照会要求部とを含むアプリケーションを実行し、
     前記認証サーバは、
     認証対象に関する認証登録情報を予め記憶している認証登録情報記憶部と、
     前記端末装置が実行するアプリケーションごとに割り当てられた識別情報を予め記憶しているアプリケーション識別情報記憶部と、
     認証対象ごとに認証登録情報を送信するか否かを予め記憶している送信要否記憶部と、
     前記端末装置の前記照会要求部から認証登録情報の照会の要求を受け付けたときに、当該端末装置が実行するアプリケーションの識別情報が前記アプリケーション識別情報記憶部に記憶されており、かつ、認証登録情報の照会の要求を受け付けた認証対象について、認証登録情報を送信すると前記送信要否記憶部に記憶されている場合に、当該認証対象に関する認証登録情報を前記端末装置に送信する認証登録情報送信部とを備えることを特徴とする認証システム。     An authentication system including an authentication server capable of communicating with a terminal device and the terminal device,
    The terminal device
    A target identification information acquisition unit for acquiring target identification information for identifying an authentication target;
    Executing an application including an inquiry requesting unit that requests the authentication server to make an inquiry about authentication registration information related to an authentication object specified based on the acquired object specifying information;
    The authentication server is
    An authentication registration information storage unit that stores authentication registration information related to an authentication target in advance;
    An application identification information storage unit that stores in advance identification information assigned to each application executed by the terminal device;
    A transmission necessity storage unit that stores in advance whether or not to transmit authentication registration information for each authentication target;
    When an inquiry request for authentication registration information is received from the inquiry request unit of the terminal device, identification information of an application executed by the terminal device is stored in the application identification information storage unit, and authentication registration information An authentication registration information transmitting unit that transmits authentication registration information related to the authentication target to the terminal device when authentication registration information is transmitted and stored in the transmission necessity storage unit when the authentication target is received An authentication system comprising:
  2.  前記端末装置は、
     表示部と、
     前記認証登録情報送信部から送信された認証登録情報を前記表示部の表示に反映させる表示制御部とを備えることを特徴とする請求項1に記載の認証システム。     The terminal device
    A display unit;
    The authentication system according to claim 1, further comprising: a display control unit that reflects the authentication registration information transmitted from the authentication registration information transmission unit on the display of the display unit.
  3.  前記表示制御部は、前記認証登録情報送信部から送信された認証登録情報に基づいて、認証対象に対応する画像を前記表示部に表示させることを特徴とする請求項2に記載の認証システム。 3. The authentication system according to claim 2, wherein the display control unit causes the display unit to display an image corresponding to an authentication target based on the authentication registration information transmitted from the authentication registration information transmission unit.
  4.  前記表示制御部は、前記認証登録情報送信部から送信された認証登録情報に基づいて、前記表示部の表示における認証対象に対応する部分に別の画像を表示させることを特徴とする請求項2に記載の認証システム。 The display control unit displays another image on a portion corresponding to an authentication target in the display of the display unit based on the authentication registration information transmitted from the authentication registration information transmission unit. The authentication system described in.
  5.  前記認証登録情報は、予め行われた審査に基づいて前記認証登録情報記憶部に記憶されることを特徴とする請求項1~4のいずれかに記載の認証システム。 The authentication system according to any one of claims 1 to 4, wherein the authentication registration information is stored in the authentication registration information storage unit based on an examination performed in advance.
  6.  前記認証サーバは、認証対象ごとに任意に変更可能な任意登録情報を記憶する任意登録情報記憶部をさらに備え、
     前記認証登録情報送信部は、前記認証登録情報とともに前記任意登録情報を前記端末装置に送信することを特徴とする請求項5に記載の認証システム。     The authentication server further includes an optional registration information storage unit that stores optional registration information that can be arbitrarily changed for each authentication target,
    The authentication system according to claim 5, wherein the authentication registration information transmission unit transmits the arbitrary registration information to the terminal device together with the authentication registration information.
  7.  前記端末装置は、画像を撮影するカメラをさらに備え、
     前記対象特定情報取得部は、前記カメラにより撮影された撮影画像から前記対象特定情報を取得することを特徴とする請求項1~6のいずれかに記載の認証システム。     The terminal device further includes a camera for taking an image,
    The authentication system according to any one of claims 1 to 6, wherein the target specifying information acquisition unit acquires the target specifying information from a captured image captured by the camera.
  8.  前記対象特定情報は、前記カメラにより撮影された撮影画像に含まれるマーカであることを特徴とする請求項7に記載の認証システム。 The authentication system according to claim 7, wherein the target identification information is a marker included in a captured image captured by the camera.
  9.  前記マーカは、認証対象が角膜の上に装着するコンタクトレンズであることを特徴とする請求項8に記載の認証システム。 The authentication system according to claim 8, wherein the marker is a contact lens to be authenticated on a cornea.
  10.  前記マーカは、認証対象の表面に固定されており、体表への刺青、スカリフィケーション、焼印又は凍結烙印を含むことを特徴とする請求項8に記載の認証システム。 The authentication system according to claim 8, wherein the marker is fixed to a surface to be authenticated and includes a tattoo on the body surface, a calibration, a branding mark, or a freezing thumbprint.
  11.  音声を取得するマイクをさらに備え、
     前記対象特定情報取得部は、前記マイクにより取得された声紋から前記対象特定情報を取得することを特徴とする請求項1~8のいずれかに記載の認証システム。     A microphone that captures audio,
    9. The authentication system according to claim 1, wherein the target specifying information acquisition unit acquires the target specifying information from a voice print acquired by the microphone.
PCT/JP2016/065458 2015-05-27 2016-05-25 Authentication system WO2016190355A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2017520779A JPWO2016190355A1 (en) 2015-05-27 2016-05-25 Authentication system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2015107692 2015-05-27
JP2015-107692 2015-05-27

Publications (1)

Publication Number Publication Date
WO2016190355A1 true WO2016190355A1 (en) 2016-12-01

Family

ID=57393417

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2016/065458 WO2016190355A1 (en) 2015-05-27 2016-05-25 Authentication system

Country Status (2)

Country Link
JP (1) JPWO2016190355A1 (en)
WO (1) WO2016190355A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0844630A (en) * 1994-08-03 1996-02-16 Nri & Ncc Co Ltd Device for controlling file access and method thereof
JP2013152326A (en) * 2012-01-25 2013-08-08 Menicon Co Ltd Support system and support method for user of contact lenses
JP2013161103A (en) * 2012-02-01 2013-08-19 Tmdance Corp Information processing system and information processing method
WO2014144700A1 (en) * 2013-03-15 2014-09-18 Symantec Corporation Systems and methods for identifying a secure application when connecting to a network
JP2015513734A (en) * 2012-02-24 2015-05-14 ナント ホールディングス アイピー,エルエルシー System and method for content activation via interaction based authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0844630A (en) * 1994-08-03 1996-02-16 Nri & Ncc Co Ltd Device for controlling file access and method thereof
JP2013152326A (en) * 2012-01-25 2013-08-08 Menicon Co Ltd Support system and support method for user of contact lenses
JP2013161103A (en) * 2012-02-01 2013-08-19 Tmdance Corp Information processing system and information processing method
JP2015513734A (en) * 2012-02-24 2015-05-14 ナント ホールディングス アイピー,エルエルシー System and method for content activation via interaction based authentication
WO2014144700A1 (en) * 2013-03-15 2014-09-18 Symantec Corporation Systems and methods for identifying a secure application when connecting to a network

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
KATASHI NAGAO: "Advanced Agent Technology", 25 July 2000 (2000-07-25), pages 214 - 220 *
TAKASHI YONEMURA: "Sharing Augmented Real Space with Mobile AR System", THE VIRTUAL REALITY SOCIETY OF JAPAN DAI 3 KAI TAIKAI RONBUNSHU, 19 August 1998 (1998-08-19), pages 307 - 308 *
TAKUJI NARUMI: "Meta Cookie : Pseudo-Gustatory Display Based on Cross-Modal Integration", TRANSACTIONS OF THE VIRTUAL REALITY SOCIETY OF JAPAN, vol. 15, no. 4, 31 December 2010 (2010-12-31), pages 579 - 588 *
YUMA AKAIKE: "Kakucho Genjitsu Gijutsu ni yoru Communication Noryoku eno Eikyo", IPSJ SIG NOTES COMSUMER DEVICE & SYSTEM (CDS) 2014-CDS- 010, 15 May 2014 (2014-05-15), pages 1 - 8 *

Also Published As

Publication number Publication date
JPWO2016190355A1 (en) 2018-03-15

Similar Documents

Publication Publication Date Title
CN114495341B (en) Visitor management method, equipment, system and computer readable storage medium
US11437127B2 (en) Trusted third-party computerized platform for AI-based health wallet
CN107113354B (en) Communication system comprising a head-mounted device
US20130053002A1 (en) Wireless communications with perceived targets
US11074327B2 (en) Methods and systems for ensuring that an individual is authorized to conduct an activity
US9215311B2 (en) Mobile electronic device and method
US20220116231A1 (en) Chain of authentication using public key infrastructure
JP5826422B2 (en) Crime prevention system
EP2821932A1 (en) Computer-implemented method and system for controlling access for a tag reader to an information page on a server system
KR101727459B1 (en) Method and apparatus for authentication of visitor
US20230308881A1 (en) System and method for encounter identity verification
JP6350659B2 (en) Drug history information management device and method, registration terminal device and method, and program
KR102468233B1 (en) Service identifying and processing method using low distance wireless terminal message
JP7034452B2 (en) Ticketing system, ticket inspection device, and program
WO2016190355A1 (en) Authentication system
Rengel Privacy-invading technologies and recommendations for designing a better future for privacy rights
AU2014100797A4 (en) Driver licence and other identification card and identity verification system
JP6448758B1 (en) Transportation card admission management system
US20200260270A1 (en) Mobile Identificaton Using Thing Client Devices
US10438138B2 (en) Reliable aftermarket event ticket transfer: method and apparatus
WO2019106811A1 (en) Query response system and query response method
WO2023175942A1 (en) Information processing device, information processing system, information processing method, and recording medium
WO2021106269A1 (en) Procedure sharing system and procedure sharing method
JP2007115127A (en) Security management system
KR102148370B1 (en) Main terminal connecting with sub terminal, terminal authentication server authenticating use of sub terminal and method for authenticating use of sub terminal using the same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16800059

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2017520779

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16800059

Country of ref document: EP

Kind code of ref document: A1