WO2022149376A1 - Unité de commande d'authentification biométrique, système, procédé de commande d'unité de commande d'authentification biométrique, et support d'enregistrement - Google Patents

Unité de commande d'authentification biométrique, système, procédé de commande d'unité de commande d'authentification biométrique, et support d'enregistrement Download PDF

Info

Publication number
WO2022149376A1
WO2022149376A1 PCT/JP2021/044024 JP2021044024W WO2022149376A1 WO 2022149376 A1 WO2022149376 A1 WO 2022149376A1 JP 2021044024 W JP2021044024 W JP 2021044024W WO 2022149376 A1 WO2022149376 A1 WO 2022149376A1
Authority
WO
WIPO (PCT)
Prior art keywords
person
authenticated
tracking
control unit
biometric authentication
Prior art date
Application number
PCT/JP2021/044024
Other languages
English (en)
Japanese (ja)
Inventor
統 坂口
智弘 波多江
寿也 古城
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to JP2022573944A priority Critical patent/JPWO2022149376A5/ja
Publication of WO2022149376A1 publication Critical patent/WO2022149376A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B15/00Arrangements or apparatus for collecting fares, tolls or entrance fees at one or more control points
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition

Definitions

  • the present invention relates to a biometric authentication control unit, a system, a control method of the biometric authentication control unit, and a recording medium.
  • face recognition has begun to be applied to various procedures at airports (for example, check-in, luggage deposit, security check, etc.).
  • procedures at airports for example, check-in, luggage deposit, security check, etc.
  • ticket gates that support face recognition is also underway.
  • Patent Document 1 it is determined whether or not it is appropriate as an image pickup target using the movement line of a pedestrian, and the face recognition performance is remarkably improved by changing the determination threshold in the face matching process according to the determination result. It is stated that it provides improved facial recognition devices, facial recognition methods and entry / exit management devices.
  • problems may occur. Specifically, although the authentication of a person located in front of the gate device is started, a problem may occur when another person interrupts in front of the person. In this case, it may allow unauthenticated persons to pass through.
  • Patent Document 1 The problem cannot be solved by applying the technique disclosed in Patent Document 1. This is because the technique of Patent Document 1 is limited to determining whether or not a pedestrian is suitable as an image pickup target.
  • the main object of the present invention is to provide a biometric authentication control unit, a system, a control method of the biometric authentication control unit, and a recording medium, which contribute to appropriately controlling the passage of a user.
  • an authenticated person detecting means for detecting a person at a predetermined position as an authenticated person and an authentication request including the detected biometric information of the authenticated person are transmitted to a server device.
  • a bioauthentication control unit is provided, which comprises a notification means for determining whether or not the person to be authenticated can pass through the gate device and notifying the gate device of the determination result.
  • a server device that stores biometric information of each of a plurality of users and performs biometric authentication
  • a biometric authentication unit connected to the server device and the biometric authentication control unit
  • the bioauthentication control unit includes an authenticated gate device, an authenticated person detecting means for detecting a person at a predetermined position as an authenticated person, and an authentication request including the detected biometric information of the authenticated person.
  • the requesting means for transmitting to the server device, the tracking means for tracking the detected authenticated person, the result of bioauthentication of the authenticated person by the server device, and the authenticated person at the entrance of the gate device.
  • a system including a notification means for determining whether or not the authenticated person can pass through the gate device based on the result of the tracking determination of the person and notifying the gate device of the determination result. ..
  • the biometric authentication control unit a person at a predetermined position is detected as a person to be authenticated, and an authentication request including the detected biometric information of the person to be authenticated is transmitted to the server device.
  • the authenticated person is tracked, and the person to be authenticated is tracked based on the result of the bioauthentication of the person to be authenticated by the server device and the result of the tracking determination of the person to be authenticated at the entrance of the gate device.
  • a control method of the biometric authentication control unit which determines whether or not the user can pass through the gate device and notifies the gate device of the determination result.
  • a process of detecting a person at a predetermined position as a person to be authenticated on a computer mounted on a bioauthentication control unit and authentication including the detected biometric information of the person to be authenticated are included.
  • a recording medium is provided.
  • a biometric authentication control unit a system, a control method of the biometric authentication control unit, and a recording medium that contribute to appropriately controlling the passage of the user are provided.
  • the effect of the present invention is not limited to the above. According to the present invention, other effects may be produced in place of or in combination with the effect.
  • the biometric authentication control unit 100 includes a subject detection unit 101, a request unit 102, a tracking unit 103, and a notification unit 104 (see FIG. 1).
  • the authenticated person detection unit 101 detects a person at a predetermined position as an authenticated person.
  • the request unit 102 transmits an authentication request including the detected biometric information of the person to be authenticated to the server device.
  • the tracking unit 103 tracks the detected person to be authenticated.
  • the notification unit 104 determines whether or not the authenticated person can pass through the gate device based on the result of the biometric authentication of the authenticated person by the server device and the result of the tracking determination of the authenticated person at the entrance of the gate device. , Notify the gate device of the determination result.
  • the biometric authentication control unit 100 detects a user who is a predetermined distance away from the gate device as a person to be authenticated. When the biometric authentication control unit 100 detects the subject to be authenticated, the biometric authentication control unit 100 starts biometric authentication and tracking of the subject to be authenticated. After that, when the person to be authenticated arrives at the gate device (arrival at the entrance of the gate device), the biometric authentication control unit 100 determines whether or not the tracking of the person to be authenticated is successful. The biometric authentication control unit 100 permits the subject to pass through the gate when the subject is successfully authenticated and the tracking started from a predetermined position is successful at least at the entrance.
  • the biometric authentication control unit 100 succeeds in biometric authentication of the person to be authenticated and succeeds in tracking the person to be authenticated at the entrance of the gate device, the person to be authenticated can pass through the gate device.
  • the user who interrupts from the side of the person to be authenticated cannot pass through the gate device because biometric authentication and tracking are not successful. That is, the traffic of the user is appropriately controlled.
  • FIG. 2 is a diagram showing an example of a schematic configuration of the authentication system according to the first embodiment.
  • the authentication system includes a plurality of gate devices 10-1 to 10-3 and a server device 20.
  • gate device 10 In the following description, if there is no particular reason for distinguishing the gate devices 10-1 to 10-3, it is simply referred to as "gate device 10". Similarly, the other configurations are represented by the symbols on the left side of the hyphen.
  • the gate device 10 and the server device 20 are configured to enable communication by a wired or wireless communication means.
  • the server device 20 may be installed in the same building as the gate device 10 or may be installed on a network (cloud).
  • the gate device 10 is, for example, a device installed at an airport or a station.
  • the gate device 10 controls the passage of the user.
  • the gate device 10 will be described as a ticket gate installed at a station.
  • the purpose is not to limit the gate device 10 to the ticket gate installed at the station.
  • the server device 20 is a device that controls the entire authentication system.
  • the server device 20 is a device that performs biometric authentication of a user who is about to pass through the gate device 10. If the user has the qualification (authority) to pass through the gate device 10, the server device 20 permits the user to pass. If the user is not qualified to pass through the gate device 10, the server device 20 refuses the passage of the user.
  • the gate device 10 includes a camera 11 installed so as to be able to photograph a user walking toward the gate device 10. Further, the gate device 10 includes detection sensors 12 and 13 for detecting a user who has entered the own device, and a gate 14 for controlling the passage of the user.
  • the gate device 10 includes a biometric authentication control unit 15.
  • the biometric authentication control unit 15 is a unit that can be retrofitted (add-on) to the gate device 10.
  • the gate device 10 and the biometric authentication control unit 15 are connected by a bus standard such as USB (Universal Serial Bus) or PCI (Peripheral Component Interconnect), for example.
  • the biometric authentication control unit 15 is configured to be communicable with the camera 11, the detection sensors 12 and 13, and controls (uses) these devices to realize the biometric authentication function of the gate device 10.
  • the biometric authentication control unit 15 detects a person (user, passenger) existing at a predetermined distance (for example, position X1 in FIG. 3) from the gate device 10.
  • the biometric authentication control unit 15 When the user is detected at the position X1, the biometric authentication control unit 15 requests the server device 20 to perform biometric authentication of the detected user. Specifically, the biometric authentication control unit 15 transmits an "authentication request" including the biometric information of the user to the server device 20.
  • the biometric authentication control unit 15 starts tracking (tracking) of the user (the person to be authenticated detected at the position X1) at substantially the same timing as the transmission of the authentication request (start of authentication).
  • the biometric authentication control unit 15 detects the authenticated person at the position X1, the authentication request to the server device 20 and the tracking start of the authenticated person are performed at substantially the same timing.
  • the server device 20 that has received the authentication request identifies the user by a collation process (authentication process) using biometric information registered in advance.
  • the server device 20 determines whether or not the specified user is qualified to pass through the gate device 10. For example, the server device 20 confirms the charge amount of the pre-registered user and determines whether or not the authenticated person can pass.
  • the server device 20 may make an inquiry to an external server or the like when determining whether or not the authenticated person can pass. Whether or not to inquire about an external server or the like depends on the specifications, design, etc. of the system, and is different from the purpose of the disclosure of the present application. Therefore, the description regarding the configuration of the system including the external server will be omitted.
  • the server device 20 transmits a response (authentication result) to the authentication request to the biometric authentication control unit 15 that is the source of the request. Specifically, when the server device 20 is determined to be “passable”, the server device 20 notifies the biometric authentication control unit 15 of "authentication success”. When it is determined that "passage is not possible", the server device 20 notifies the biometric authentication control unit 15 of "authentication failure”.
  • the person to be authenticated moves toward the gate device 10.
  • the biometric authentication control unit 15 receives the response of the authentication request from the server device 20 at the timing when the person to be authenticated moves to the location X2.
  • the biometric authentication control unit 15 Even if the authentication result is received from the server device 20, the biometric authentication control unit 15 continues to track the person to be authenticated. Even if the biometric authentication control unit 15 receives the authentication result from the server device 20, the biometric authentication control unit 15 does not instruct the gate device 10 to open or close the gate 14 at that timing.
  • the authenticated person further approaches the gate device 10 and enters the inside thereof (the authenticated person reaches the position X3).
  • the gate device 10 detects that the person to be authenticated has entered the inside of the gate device 10 based on the detection signal from the detection sensor 12 installed at the entrance of the gate device 10.
  • the gate device 10 detects the person to be authenticated, it notifies the biometric authentication control unit 15 to that effect.
  • the biometric authentication control unit 15 Upon recognizing the fact that the user has entered the gate device 10, the biometric authentication control unit 15 makes a final determination regarding the tracking of the person to be authenticated. The biometric authentication control unit 15 makes a final determination of tracking at the timing (position X3) when it is determined that the person to be authenticated has entered the inside of the gate device 10. The biometric authentication control unit 15 determines that the tracking is completed when the face of the same person can be tracked between the position X1 and the position X3.
  • the biometric authentication control unit 15 When the biometric authentication control unit 15 succeeds in authenticating the server device 20 and the tracking is completed at the timing when the final determination regarding the tracking is performed, the user (certified person) presses the gate device 10. It is determined that the vehicle can pass through, and the gate device 10 is notified to that effect. More specifically, the biometric authentication control unit 15 transmits a "passage permission notification" to the gate device 10.
  • the authenticated person goes further inside from the entrance of the gate device 10.
  • the gate device 10 detects the person to be authenticated based on the detection signal from the detection sensor 13 installed in the middle of the own device.
  • the gate device 10 If the gate device 10 receives the "passage permission notification" at the timing when the user is detected, the gate device 10 maintains the open state of the gate 14 and permits the user to pass through the gate.
  • the gate device 10 closes the gate 14 to restrict the passage of the user.
  • the biometric information of the user exemplifies data (feature amount) calculated from physical characteristics peculiar to an individual such as a face and an iris pattern (pattern).
  • the biometric information of the user may be image data such as a face image and an iris image.
  • the biometric information of the user may be any information that includes the physical characteristics of the user.
  • a human face image or a feature amount generated from the face image is used as biological information for explanation.
  • tracking using a facial image or tracking using a body shape image can be used.
  • face tracking using a face image face area
  • the authentication system may include at least one gate device 10.
  • Each gate device 10 may be installed in the same place (for example, the same station) or may be installed in a different place.
  • FIG. 4 is a diagram showing an example of a processing configuration (processing module) of the biometric authentication control unit 15 according to the first embodiment.
  • the biometric authentication control unit 15 includes a communication control unit 201, a subject detection unit 202, an authentication request unit 203, a subject tracking unit 204, a passage permission notification unit 205, and table management.
  • a unit 206, a message output unit 207, and a storage unit 208 are included.
  • the communication control unit 201 is a means for controlling communication with other devices. For example, the communication control unit 201 receives data (packets) from the server device 20. Further, the communication control unit 201 transmits data to the server device 20. The communication control unit 201 passes the data received from the other device to the other processing module. The communication control unit 201 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from the other device via the communication control unit 201.
  • the authenticated person detection unit 202 is a means for detecting the authenticated person.
  • the authenticated person detection unit 202 detects a person at a position (predetermined position) separated from the gate device 10 by a predetermined distance as the authenticated person. More specifically, the authenticated person detection unit 202 detects whether or not a person is present at a place (position X1 in FIG. 3) at a predetermined distance from the gate device 10.
  • the authenticated person detection unit 202 acquires image data from the camera 11 on a regular basis or at a predetermined timing. The authenticated person detection unit 202 attempts to extract a face image from the acquired image data.
  • the subject detection unit 202 may extract a face image (face region) from the image data by using a learning model learned by CNN (Convolutional Neural Network).
  • the authenticated person detection unit 202 may extract a face image by using a technique such as template matching.
  • the authenticated person detection unit 202 calculates the distance between the eyes from the face image. Specifically, the authenticated person detection unit 202 extracts the left and right eyes from the face image, and calculates the length (number of pixels) of the straight line connecting the extracted eyes.
  • the authenticated person detection unit 202 executes a threshold value process for the calculated inter-eye distance, and determines whether or not the authenticated person exists at the predetermined position (position X1) according to the result. Specifically, if the distance between the eyes is longer than the threshold value, the authenticated person detection unit 202 determines that the authenticated person has been detected at a predetermined position. If the eye-to-eye distance is equal to or less than the threshold value, the authenticated person detection unit 202 determines that the person to be authenticated does not exist at the predetermined position.
  • the authenticated person detection unit 202 When the authenticated person is detected at a predetermined position (position X1), the authenticated person detection unit 202 adds an entry to the authenticated person information table.
  • the authenticated person detection unit 202 assigns an authenticated person ID (identifier) that identifies the authenticated person, and stores the authenticated person ID in a new entry.
  • the authenticated person detection unit 202 also stores the time when the authenticated person is registered in the authenticated person information table (the time when a new entry is added) in the authenticated person information table.
  • FIG. 5 is a diagram showing an example of the authenticated person information table according to the first embodiment.
  • the authenticated person information table is constructed on the memory of the biometric authentication control unit 15. As shown in the lowermost part of FIG. 5, when the authenticated person detection unit 202 detects a person at the position X1, an entry is added to the authenticated person information table, and the detected person is set as the authenticated person. At the timing when the entry is added, nothing is set in the authentication status field, the tracking ID field, and the tracking status field.
  • the authentication status field is a field for managing the status of the biometric authentication of the person to be authenticated.
  • the tracking ID field is a field for storing the tracking ID described later.
  • the tracking status field is a field for managing the tracking status of the authenticated person.
  • the authenticated person detection unit 202 hands over the authenticated person ID and the face image at the time of detecting the authenticated person to the authentication request unit 203 and the authenticated person tracking unit 204. More precisely, the authenticated person detection unit 202 outputs an "authentication request instruction" accompanied by an authenticated person ID and a face image to the authentication request unit 203. The authenticated person detection unit 202 outputs a "tracking start instruction" accompanied by the authenticated person ID and a face image to the authenticated person tracking unit 204.
  • the authentication request unit 203 is a means for requesting the server device 20 to authenticate the authenticated person detected by the authenticated person detection unit 202. Upon receiving the authentication request instruction from the authenticated person detection unit 202, the authentication request unit 203 generates a feature amount (feature vector composed of a plurality of feature amounts) from the acquired face image.
  • the authentication requesting unit 203 extracts eyes, nose, mouth, etc. as feature points from the face image. After that, the authentication requesting unit 203 calculates the position of each feature point and the distance between each feature point as a feature amount, and generates a feature vector (vector information that characterizes the face image) composed of a plurality of feature amounts.
  • a feature vector vector information that characterizes the face image
  • the authentication request unit 203 generates an authentication request including the generated feature amount (biological information), the person to be authenticated ID, and the gate ID, and transmits the authentication request to the server device 20 (see FIG. 6).
  • the gate ID is identification information for identifying the gate device 10.
  • a MAC (Media Access Control) address or an IP (Internet Protocol) address of the gate device 10 can be used.
  • the gate ID may be system-specific identification information (identification ID). By holding the identification ID as a master on the server device 20 side as well, it can be determined that the transmitted authentication request is from the permitted gate device 10.
  • the authentication request unit 203 sets "authenticating" in the authentication status field of the corresponding entry (the entry having the same authenticated person ID) in the authenticated person information table (FIG. 5). See the second entry from the bottom).
  • the authentication request unit 203 receives a response (a response including an authentication result) from the server device 20 to the authentication request.
  • the authentication request unit 203 extracts the authenticated person ID from the received response.
  • the authentication request unit 203 identifies the person to be authenticated based on the extracted ID of the person to be authenticated, and registers the authentication result in the corresponding entry of the person to be authenticated information table (the first and second entries from the top of FIG. 5). reference).
  • the authenticated person tracking unit 204 is a means for tracking the authenticated person (user at position X1) detected by the authenticated person detection unit 202. Upon receiving the tracking start instruction from the authenticated person detection unit 202, the authenticated person tracking unit 204 starts tracking the person corresponding to the acquired face image. The authenticated person tracking unit 204 assigns a "tracking ID" to the face image that has started tracking, and manages the face image being tracked.
  • the authenticated person tracking unit 204 manages the tracking of the authenticated person by using the table information in which the face image of the tracking target and the tracking ID are associated with each other, as shown in FIG. 7, for example.
  • the authenticated person tracking unit 204 When the tracking of the authenticated person is started (when the tracking ID is given to the face image), the authenticated person tracking unit 204 indicates the corresponding entry corresponding to the authenticated person (authentication person ID acquired from the authenticated person detection unit 202). ), The tracking ID is stored in the tracking ID field. In addition, the subject tracking unit 204 sets "tracking" in the corresponding subject tracking status field (see the third entry from the bottom of FIG. 5).
  • the authenticated person tracking unit 204 acquires image data from the camera 11 on a regular basis or at a predetermined timing.
  • the authenticated person tracking unit 204 makes a tracking determination of the authenticated person using the acquired image data. Specifically, if the subject tracking unit 204 can obtain the same face image as the previous face image (for example, the face image at the start of tracking) by translation, rotation, and scale in the acquired image data, " It is judged as "tracking successful". If such a facial image cannot be obtained, the authenticated person tracking unit 204 determines that the tracking has failed.
  • the existing process can be used, so further description will be omitted.
  • the authenticated person tracking unit 204 reflects the result of the tracking determination in the authenticated person information table. Specifically, the authenticated person tracking unit 204 sets the tracking status of the entry corresponding to the tracking ID determined to be successful among the tracking IDs of the tracking target to "tracking". On the other hand, the authenticated person tracking unit 204 sets the tracking status of the entry corresponding to the tracking ID determined to be tracking failure among the tracking IDs of the tracking target to "tracking failure" (third from the top of FIG. 5). See entry).
  • the authenticated person tracking unit 204 overwrites the tracking status of the authenticated person who succeeded in tracking with "tracking", and sets the tracking status of the authenticated person who failed in tracking to "tracking failed”. do. If the image data is acquired and the tracking determination is executed at the timing when another user crosses in front of the authenticated person, "tracking failure" can be set in the authenticated person information table. Further, “tracking failure” may be set when the person to be authenticated leaves the gate device 10 and turns back. However, even if the entry is set to "tracking failure", “tracking” is set if the subsequent tracking determination is successful.
  • the authenticated person tracking unit 204 acquires a "tracking final determination instruction" from the intruder detection unit 302 of the gate device 10 described later.
  • the authenticated person tracking unit 204 receives a tracking final determination instruction accompanied by image data from the intruder detection unit 302.
  • the authenticated person tracking unit 204 makes a tracking determination using the image data acquired from the intruder detection unit 302. That is, the authenticated person tracking unit 204 makes a final determination (final tracking determination) regarding the tracking of the authenticated person according to the detection of the intruder by the intruder detection unit 302.
  • the authenticated person tracking unit 204 registers the determination result in the authenticated person information table. More specifically, when the final tracking determination is successful, the authenticated person tracking unit 204 sets the tracking status of the entry corresponding to the tracking ID that succeeded in the determination to "tracking completed" (at the top of FIG. 5). See entry).
  • the authenticated person tracking unit 204 does not perform any special processing.
  • the subject tracking unit 204 does not set "tracking failure" for the subject who failed to track.
  • the authenticated person tracking unit 204 is authenticated. Set "Tracking completed" in the person information table.
  • the authenticated person tracking unit 204 finishes the final determination (final tracking determination) regarding the tracking of the authenticated person, it notifies the passage permission notification unit 205 to that effect.
  • the passage permission notification unit 205 is a means for notifying the gate device 10 whether or not the authenticated person (user) is permitted to pass through the gate device 10.
  • the passage permission notification unit 205 allows the authenticated person to pass through the gate device 10 based on the result of biometric authentication of the authenticated person by the server device 20 and the result of the tracking determination of the authenticated person at the entrance of the gate device 10. Whether or not it is determined, and the determination result is notified to the gate device 10.
  • the passage permission notification unit 205 accesses the authenticated person information table at the timing when the authenticated person tracking unit 204 finishes the final tracking determination regarding the authenticated person.
  • the passage permission notification unit 205 confirms the authentication status field and the tracking status field of each entry included in the authenticated person information table. If there is an entry in which the setting value of the authentication status field is "authentication successful" and the setting value of the tracking status field is "tracking completed", the passage permission notification unit 205 allows the authenticated person to pass through the gate device 10. Allow. Specifically, if there is an entry that satisfies the above two conditions, the passage permission notification unit 205 notifies the gate device 10 that the user can pass through the gate device 10. The passage permission notification unit 205 transmits a “passage permission notification” to the gate device 10.
  • the passage permission notification unit 205 transmits the "passage permission notification" to the gate device 10.
  • the pass permission notification unit 205 allows the authenticated person to pass through the gate device 10. Determine if it can be done. That is, the passage permission notification unit 205 determines whether or not the person to be authenticated can pass through the gate device based on the result of biometric authentication and the result of final determination.
  • the passage permission notification unit 205 indicates that the person to be authenticated can pass through the gate device 10 when the result of biometric authentication by the server device 20 is successful and the result of the final determination of tracking is successful.
  • the notification is transmitted to the gate device 10.
  • the passage permission notification unit 205 When the passage permission notification unit 205 permits the user (certified person) to pass through the gate, the passage permission notification unit 205 deletes the entry that is the basis for the permission. In the example of FIG. 5, the passage permission notification unit 205 deletes the entry at the top.
  • the passage permission notification unit 205 determines whether or not the user can pass through the gate based on the setting value of the authentication status field and the setting value of the tracking status field of the authenticated person information table.
  • the authenticated person detection unit 202 detects the authenticated person at a predetermined position
  • the authenticated person detecting unit 202 adds an entry to the authenticated person information table.
  • the authentication request unit 203 receives the biometric authentication result from the server device 20
  • the authentication request unit 203 sets the received biometric authentication result in the authentication status field of the added entry.
  • the authenticated person tracking unit 204 sets the result of the tracking determination in the tracking status field of the added entry.
  • the passage permission notification unit 205 may receive a "gate closing notification" from the gate device 10. Upon receiving the notification, the passage permission notification unit 205 continues to access the authenticated person information table for a predetermined period of time, and confirms whether or not an entry satisfying the above two conditions appears (whether or not it exists). If an entry satisfying the above two conditions appears during the predetermined period, the passage permission notification unit 205 permits the authenticated person (user) to pass through the gate. Specifically, when an entry satisfying the above two conditions appears, the passage permission notification unit 205 transmits a "passage permission notification" to the gate device 10.
  • the above phenomenon occurs when the authentication result (authentication success) from the server device 20 is delayed to be reflected in the authenticated person information table due to the network environment between the gate device 10 and the server device 20, the above phenomenon occurs. Can occur. Alternatively, the above phenomenon may occur when the person to be authenticated tries to run through the gate device 10.
  • the passage permission notification unit 205 notifies the station staff (terminal used by the station staff) of the occurrence of a problem.
  • the pass permission notification unit 205 may urge the authenticated person to go to the station staff via the message output unit 207.
  • the table management unit 206 is a means for managing the authenticated person information table.
  • the table management unit 206 accesses the authenticated person information table periodically or at a predetermined timing, and deletes unnecessary entries.
  • the table management unit 206 confirms the registration time field of each entry, and deletes the entry for which a predetermined period has passed since the entry was added to the authenticated person information table. That is, the table management unit 206 deletes an entry that does not satisfy the above two conditions (authentication success, tracking completion) even after a predetermined period has elapsed from the entry registration.
  • the table management unit 206 may notify the server device 20 and the authenticated person tracking unit 204 to that effect.
  • the table management unit 206 may transmit the authenticated person ID to the server device 20 and cancel the authentication of the corresponding authenticated person. Further, the table management unit 206 may transmit the tracking ID to the authenticated person tracking unit 204 and instruct the face image corresponding to the tracking ID to be excluded from the face tracking target.
  • the message output unit 207 is a means for outputting a message or the like to be notified to the user.
  • the message output unit 207 notifies the user of a necessary message by using a display (not shown), a speaker (not shown), or the like.
  • the message output unit 207 outputs a message regarding the countermeasure (for example, contacting the station staff) to that effect.
  • the storage unit 208 is a means for storing information necessary for the operation of the biometric authentication control unit 15.
  • FIG. 8 is a diagram showing an example of a processing configuration (processing module) of the gate device 10 according to the first embodiment.
  • the communication control unit 301, the gate device 10 include an intruder detection unit 302, a gate control unit 303, and a storage unit 304.
  • the communication control unit 301 is a means for controlling communication with other devices. For example, the communication control unit 301 receives data (packet) from the biometric authentication control unit 15. Further, the communication control unit 301 transmits data to the biometric authentication control unit 15. The communication control unit 301 passes the data received from the other device to the other processing module. The communication control unit 301 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 301.
  • the intruder detection unit 302 is a means for detecting an intruder into the own device (gate device 10). More specifically, the intruder detection unit 302 detects an intruder to the entrance of the gate device 10. The intruder detection unit 302 detects an intruder by using the detection signal from the detection sensor 12. When the intruder is detected, the intruder detection unit 302 acquires image data from the camera 11. The intruder detection unit 302 transmits a "tracking final determination instruction" accompanied by the acquired image data to the biometric authentication control unit 15.
  • the intruder detection unit 302 detects the user who has reached the intermediate point (position X4 in FIG. 3) of the gate device 10 by using the detection signal from the detection sensor 13.
  • the intruder detection unit 302 detects the user at the position X4
  • the intruder detection unit 302 notifies the gate control unit 303 to that effect.
  • the gate control unit 303 is a means for controlling the gate 14 included in the gate device 10.
  • the gate control unit 303 controls the opening and closing of the gate 14 at the timing when the user reaches a predetermined position (position X4 in FIG. 3) of the gate device 10.
  • the gate control unit 303 maintains the open state of the gate 14 if the "passage permission notification" has already been received from the biometric authentication control unit 15 at the timing when the user reaches the position X4. On the other hand, if the gate control unit 303 has not received the "passage permission notification" from the biometric authentication control unit 15 at that timing, the gate control unit 303 closes the gate 14.
  • the gate control unit 303 When the gate is closed, the gate control unit 303 notifies the biometric authentication control unit 15 to that effect. Specifically, the gate control unit 303 transmits a "gate closing notification" to the biometric authentication control unit 15. When the gate control unit 303 receives the "user passage permission" within a predetermined period after transmitting the gate closing notification, the gate control unit 303 opens the gate 14.
  • the gate control unit 303 notifies the server device 20 of the fact that the person to be authenticated has passed through the gate 14 via the biometric authentication control unit 15. Specifically, when the user is detected at the position X4 and the pass permission notification is received from the biometric authentication control unit 15, the gate control unit 303 permits the user to pass through the gate. Notify the biometric authentication control unit 15 to that effect.
  • the passage permission notification unit 205 of the biometric authentication control unit 15 has the authenticated person ID and the gate ID of the gate device 10 described in the entry (entry in the authenticated person information table) on which the passage permission notification is transmitted. A "gate passage notification" including the above is transmitted to the server device 20. That is, the gate device 10 (biometric authentication control unit 15) transmits a "gate passage notification" including the authenticated person ID and the gate ID of the authenticated person who has passed through the gate 14 to the server device 20.
  • the storage unit 304 is a means for storing information necessary for the operation of the gate device 10.
  • FIG. 9 is a sequence diagram showing an example of the operation of the biometric authentication control unit 15 and the gate device 10 according to the first embodiment.
  • the biometric authentication control unit 15 attempts to detect the authenticated person at a place separated from the gate device 10 by a predetermined distance (step S101). If the person to be authenticated is not detected (step S101, No branch), the biometric authentication control unit 15 repeats the process of step S101.
  • the biometric authentication control unit 15 starts authentication request and tracking regarding the person to be authenticated (steps S102, S103).
  • the biometric authentication control unit 15 starts tracking the authenticated person at the same time as the authentication request unit 203 transmits the authentication request.
  • the biometric authentication control unit 15 receives the authentication result from the server device 20 (step S104).
  • the biometric authentication control unit 15 reflects the authentication result in the authenticated person information table.
  • the gate device 10 determines whether or not the authenticated person has reached the entrance of the gate device 10 (step S201). If the person to be authenticated has not reached the entrance (step S201, No branch), the gate device 10 repeats the process of step S201.
  • the gate device 10 transmits a tracking final determination instruction to the biometric authentication control unit 15 (step S202).
  • the biometric authentication control unit 15 makes a final determination of tracking (step S105).
  • the biometric authentication control unit 15 reflects the result of the final determination of tracking in the authenticated person information table.
  • the biometric authentication control unit 15 If the biometric authentication control unit 15 succeeds in authenticating the authenticated person at the timing of the final determination and the tracking of the authenticated person is completed, the biometric authentication control unit 15 transmits a passage permission notification to the gate device 10 (step S106). ).
  • the gate device 10 determines whether or not the authenticated person has reached a predetermined position of the gate device 10 (step S203). If the person to be authenticated has not reached the predetermined position (step S203, No branch), the gate device 10 repeats the process of step S203.
  • the gate device 10 controls the opening / closing of the gate 14 (step S204). If the gate device 10 has received the passage permission notification, the gate device 10 permits the passage of the authenticated person. In other words, the gate device 10 closes the gate 14 and the user's Block traffic.
  • the person to be authenticated opens the gate 14. Allow to pass.
  • the gate device 10 If the gate device 10 permits the passage of the authenticated person, the gate device 10 notifies the server device 20 of the fact.
  • FIG. 10 is a diagram showing an example of a processing configuration (processing module) of the server device 20 according to the first embodiment.
  • the server device 20 includes a communication control unit 401, a user registration unit 402, an authentication unit 403, a gate passage notification processing unit 404, and a storage unit 405.
  • the communication control unit 401 is a means for controlling communication with other devices. For example, the communication control unit 401 receives data (packet) from the biometric authentication control unit 15. Further, the communication control unit 401 transmits data to the biometric authentication control unit 15. The communication control unit 401 passes the data received from the other device to the other processing module. The communication control unit 401 transmits the data acquired from the other processing module to the other device. In this way, the other processing module transmits / receives data to / from other devices via the communication control unit 401.
  • the user registration unit 402 is a means for system registration of users who can pass through the gate device 10.
  • the user registration unit 402 acquires biometric information (for example, a face image) of a user who can pass through the gate device 10 by any means.
  • the system user inputs biometric information and personal information (name, address, etc.) into the server device 20 using the WEB (web) page of the railway company or the kiosk terminal installed at the station.
  • WEB web
  • the user registration unit 402 When the user registration unit 402 acquires a face image, the user registration unit 402 calculates the feature amount from the face image.
  • the user registration unit 402 puts the user's biometric information (for example, the feature amount calculated from the face image) into the "user information database" together with the user ID that identifies the system user (registrant of biometric information). Register (see Figure 11).
  • the user registration unit 402 registers the information (business information) necessary for the user authentication process in the user information database as necessary. For example, when the server device 20 processes an authentication request from a ticket gate (gate device 10) installed at a station, the user registration unit 402 associates information such as a charge amount with biometric information and uses the user. Store in the information database.
  • the server device 20 processes an authentication request from a ticket gate (gate device 10) installed at a station
  • the user registration unit 402 associates information such as a charge amount with biometric information and uses the user. Store in the information database.
  • the user information database shown in FIG. 11 is an example, and other items may be stored in association with biometric information (feature amount). For example, the user's name and face image may be registered in the user information database.
  • the authentication unit 403 is a means for processing the authentication request received from the biometric authentication control unit 15 (gate device 10). Upon receiving the authentication request, the authentication unit 403 extracts the gate ID and the authenticated person ID from the authentication request. The authentication unit 403 adds a new entry to the authentication status database and stores the extracted gate ID and authenticated person ID (see FIG. 12). In addition, the authentication unit 403 sets the processing status of the added entry to "processing". In FIG. 12, for ease of understanding, the code of the gate device 10 is used for the gate ID.
  • the authentication unit 403 sets the biometric information (feature amount) included in the authentication request as the collation target, and performs collation processing with the biometric information registered in the user information database. conduct.
  • the authentication unit 403 sets the feature amount extracted from the authentication request as a collation target, and sets 1 to N (N is positive) with a plurality of feature amounts registered in the user information database. Integer, the same applies below) Perform matching.
  • the authentication unit 403 calculates the degree of similarity between the feature amount (feature vector) to be collated and each of the plurality of feature amounts on the registration side. For the similarity, a chi-square distance, an Euclidean distance, or the like can be used. The farther the distance is, the lower the similarity is, and the closer the distance is, the higher the similarity is.
  • the authentication unit 403 sets "authentication failure" in the authentication result.
  • the authentication unit 403 determines whether or not the user identified by the collation process is eligible to pass through the gate device 10. ..
  • the authentication unit 403 determines whether or not the charge amount of the specified user is a balance equal to or greater than the initial fare. If the balance of the charge amount is equal to or less than the initial fare, the authentication unit 403 determines that the specified user is not eligible to pass through the gate device 10. If the balance of the charge amount is larger than the initial fare, the authentication unit 403 determines that the specified user is eligible to pass through the gate device 10.
  • the authentication unit 403 determines whether or not the boarding station is set for the specified user. If the boarding station is not set, the authentication unit 403 determines that the identified user is not eligible to pass through the gate device 10. When the boarding station is set, the authentication unit 403 calculates the fare according to the user's route (the route between the boarding station and the getting-off station). If the calculated fare exceeds the charge amount, the authentication unit 403 determines that the user is not eligible to pass through the gate device 10. If the calculated fare is less than or equal to the charge amount, the authentication unit 403 determines that the identified user is eligible to pass through the gate device 10.
  • the authentication unit 403 sets "authentication failure" in the authentication result.
  • the authentication unit 403 sets "authentication successful" in the authentication result.
  • the authentication unit 403 transmits the authentication result (authentication success, authentication failure) to the biometric authentication control unit 15 (gate device 10). If the authentication is successful, the authentication unit 403 sends an acknowledgment indicating the authentication success to the biometric authentication control unit 15. At that time, the authentication unit 403 transmits an acknowledgment including the authenticated person ID of the user who is the target of the authentication process to the biometric authentication control unit 15.
  • the authentication unit 403 sends a negative response indicating the authentication failure to the biometric authentication control unit 15.
  • the authentication unit 403 may notify the biometric authentication control unit 15 together with the cause of the authentication failure.
  • the authentication unit 403 may transmit to the biometric authentication control unit 15 factors related to the authentication failure such as the biometric information is not registered in the system, the charge amount is insufficient, and the boarding station is not set. .. Further, even when the authentication fails, the authentication unit 403 transmits a negative response including the authenticated person ID of the user who is the target of the authentication process to the biometric authentication control unit 15.
  • the authentication unit 403 sets "Responded" in the entry of the corresponding authentication status database.
  • the authentication unit 403 sets the user ID of the successful authentication person (user determined to be successful authentication) in the user ID of the corresponding entry.
  • the gate passage notification processing unit 404 is a means for processing the gate passage notification received from the gate device 10 (biometric authentication control unit 15).
  • the gate passage notification processing unit 404 extracts the gate ID and the authenticated person ID from the received notification.
  • the gate passage notification processing unit 404 searches the authentication status database using the gate ID and the authenticated person ID as keys, and identifies the corresponding entry.
  • the gate passage notification processing unit 404 reads the user ID from the user ID field of the specified entry.
  • the gate passage notification processing unit 404 searches the user information database using the read user ID as a key, and identifies the corresponding entry.
  • the gate passage notification processing unit 404 executes processing associated with the user's gate passage for the specified entry.
  • the gate passage notification processing unit 404 sets a station where the gate device 10 is installed at the boarding station of the specified entry. ..
  • the gate passage notification processing unit 404 calculates the fare of the user and deducts the fare from the charge amount. Further, the gate passage notification processing unit 404 clears the set value of the boarding station field.
  • the storage unit 405 stores various information necessary for the operation of the server device 20.
  • a user information database and an authentication status database are constructed in the storage unit 405.
  • FIG. 13 is a flowchart showing an example of the operation of the server device 20 according to the first embodiment.
  • the server device 20 receives an authentication request from the biometric authentication control unit 15 (step S301).
  • the server device 20 executes a collation process using the biometric information included in the authentication request and the biometric information registered in the user information database (step S302).
  • the server device 20 determines whether or not there is an entry having a similarity between biometric information of a predetermined value or more (step S303).
  • step S303 If such an entry does not exist (step S303, No branch), the server device 20 sets the authentication result to authentication failure (step S304).
  • step S303 If such an entry exists (step S303, Yes branch), the server device 20 determines whether or not the person to be authenticated is eligible to pass through the gate device 10 (step S305).
  • step S305 If the person to be authenticated is not qualified to pass through the gate device 10 (step S305, No branch), the server device 20 sets the authentication result to authentication failure (step S304).
  • the server device 20 sets the authentication result to authentication success (step S306).
  • the server device 20 transmits the authentication result (authentication success, authentication failure) to the biometric authentication control unit 15 (step S307).
  • FIG. 14 is a sequence diagram showing an example of the operation of the authentication system according to the first embodiment. Prior to the operation shown in FIG. 14, it is assumed that the system user has been registered in advance. Further, in FIG. 14, the biometric authentication control unit 15 is regarded as integrated with the gate device 10, and the operation of the system will be described.
  • the gate device 10 detects a person to be authenticated at a place separated from the own device by a predetermined distance (step S01).
  • the gate device 10 acquires the biometric information of the person to be authenticated and transmits an authentication request including the biometric information to the server device 20 (step S02).
  • the gate device 10 starts tracking the authenticated person (step S03).
  • the server device 20 executes the authentication process and transmits the result to the gate device 10 (steps S11 and S12).
  • the gate device 10 receives the authentication result and reflects the authentication result in the authenticated person information table (reflection of the authentication result; step S04).
  • the gate device 10 makes a final determination of tracking regarding the authenticated person (step S05).
  • the gate device 10 reflects the result of the final determination in the authenticated person information table.
  • the gate device 10 When the authenticated person reaches a predetermined position of the gate device 10, the gate device 10 performs gate control (step S06). Specifically, the gate device 10 permits the passage of the person to be authenticated, which is set as successful authentication and complete tracking.
  • the gate device 10 transmits a gate passage notification to the server device 20 (step S07).
  • the server device 20 Upon receiving the gate passage notification, the server device 20 updates the information of the gate passer (authentication successful person; authenticated person determined to have succeeded in authentication) (step S13). Specifically, the server device 20 updates the entry in the user information database corresponding to the gate passer.
  • the user 30 is set as the authenticated person, and the user 31 is a user who is not the authentication target.
  • the person to be authenticated is shown in gray, and the user who is not the target of authentication is shown in white.
  • the user 31 is not the authenticated person because it is not detected as the authenticated person at the position X1. Therefore, the entry regarding the user 31 does not exist in the authenticated person information table.
  • User 30 walks toward the gate device 10.
  • the user 31 moves so as to enter the inside of the gate device 10 from the side of the user 30.
  • the positional relationship between the two becomes as shown in the lower part of FIG.
  • the gate 14 closes when the user 31 reaches the position X4. Further, even if a predetermined period has elapsed since the gate 14 was closed, the authentication result of the user 31 is not registered in the authenticated person information table, so that the gate 14 does not open.
  • the person to be authenticated overtakes another person to be authenticated walking in front of him.
  • the user 32 and the user 33 walk toward the gate device 10, as shown in the upper part of FIG.
  • both the user 32 and the user 33 are set as the authenticated person (gray person) because the biometric information is acquired at the position X1 and the tracking is started.
  • the user 33 walking behind moves like the alternate long and short dash line shown in the upper part of FIG. 16 and overtakes the previous user 32. In this case, with the passage of time, the positional relationship between the two becomes as shown in the lower part of FIG.
  • the entries of the user 32 and the user 33 are registered in the authenticated person information table, and when the authentication process of the user 33 (authentication process in the server device 20) is successful, the user 33 is located at the position X4.
  • the gate 14 remains open even when it reaches. Further, even if the user 32 reaches the position X4 following the user 33, the gate 14 does not close.
  • the biometric information is acquired at the position X1, and the user set as the authenticated person is normally processed without reaching (entering) the gate device 10 in the set order. That is, the user can pass through the gate device 10 even if the user does not reach the gate device 10 in the order registered as the person to be authenticated due to the difference in walking speed of the person to be authenticated.
  • the authentication system according to the first embodiment allows irregular situations, so that the system throughput is improved.
  • the authentication system detects the authenticated person at a place away from the gate device 10 by a predetermined position.
  • the gate device 10 detects the subject to be authenticated, the gate device 10 starts authentication and tracking regarding the subject to be authenticated at substantially the same timing. Since the server device 20 can start the authentication process from a place away from the gate device 10, the execution time of biometric authentication can be secured. Further, the gate device 10 determines that the tracking of the same person is successful if the same face image as the face image of the previous frame is obtained by translation, rotation, and scale in the subsequent frame from the above-mentioned distant place. Tracking) is started.
  • the gate device 10 (biometric authentication control unit 15) makes a final determination of face tracking at the timing when the person to be authenticated enters the inside of the own device.
  • face tracking since the feature amount having a high processing load is not generated (extracted), the final determination result of face tracking can be obtained in a short time. That is, the face tracking determination result is obtained immediately after the person to be authenticated enters the gate device 10, and the biometric authentication by the server device 20 is usually completed at that timing.
  • the gate device 10 can allow the passage of a properly qualified person to be authenticated.
  • the gate device 10 determines whether or not the person to be authenticated (entrant) can pass through the gate. , Control the gate 14.
  • FIG. 17 is a diagram showing an example of the hardware configuration of the biometric authentication control unit 15.
  • the biometric authentication control unit 15 includes a processor 311, a memory 312, a communication interface 313, and the like.
  • the components such as the processor 311 are connected by an internal bus or the like and are configured to be able to communicate with each other.
  • the biometric authentication control unit 15 may include hardware (not shown). Further, the number of processors 311 and the like included in the biometric authentication control unit 15 is not limited to the example of FIG. 17, and for example, a plurality of processors 311 may be included in the biometric authentication control unit 15.
  • the processor 311 is a programmable device such as a CPU (Central Processing Unit), an MPU (Micro Processing Unit), and a DSP (Digital Signal Processor). Alternatively, the processor 311 may be a device such as an FPGA (Field Programmable Gate Array) or an ASIC (Application Specific Integrated Circuit). The processor 311 executes various programs including an operating system (OS).
  • OS operating system
  • the memory 312 is a RAM (RandomAccessMemory), a ROM (ReadOnlyMemory), an HDD (HardDiskDrive), an SSD (SolidStateDrive), or the like.
  • the memory 312 stores an OS program, an application program, and various data.
  • the communication interface 313 is a circuit, module, etc. that communicates with other devices.
  • the communication interface 313 includes a NIC (Network Interface Card) and the like.
  • the function of the biometric authentication control unit 15 is realized by various processing modules.
  • the processing module is realized, for example, by the processor 311 executing a program stored in the memory 312.
  • the program can also be recorded on a computer-readable storage medium.
  • the storage medium may be a non-transitory such as a semiconductor memory, a hard disk, a magnetic recording medium, or an optical recording medium. That is, the present invention can also be embodied as a computer program product. Further, the above program can be downloaded via a network or updated by using a storage medium in which the program is stored. Further, the processing module may be realized by a semiconductor chip.
  • the biometric authentication control unit 15 is equipped with a computer, and the function of the biometric authentication control unit 15 can be realized by causing the computer to execute a program. Further, the biometric authentication control unit 15 executes the control method of the biometric authentication control unit by the program.
  • the gate device 10 includes a camera 11, detection sensors 12, 13 and a gate 14 (see FIG. 18). Similar to the biometric authentication control unit 15, the gate device 10 includes hardware such as a processor, a memory, and a communication interface, but illustration and description of these configurations will be omitted.
  • the camera 11 is a camera device capable of acquiring a visible light image.
  • the gate device 10 includes one camera 11 has been described, but the purpose is not to limit the number or installation of the cameras 11.
  • a plurality of cameras 11 may be installed in the gate device 10 for different purposes.
  • a camera 11 for detecting the person to be authenticated, a camera 11 for tracking, and a camera 11 for final determination of tracking may be installed in the gate device 10.
  • the authenticated person may be detected by other means.
  • a person at a predetermined distance from the gate device 10 may be detected by using a motion sensor or the like.
  • the camera 11 may acquire the image data when the person is detected by the motion sensor, and the person to be authenticated may be detected.
  • the detection sensors 12 and 13 are sensors that detect a person.
  • a sensor composed of a light transmitting device and a light receiving device can be used.
  • the light transmitting device and the light receiving device are installed so as to face each other (two devices are installed on the inner wall of the main body).
  • the transmitting device constantly transmits light, and the receiving device receives the transmitted light.
  • the biometric authentication control unit 15 determines that a person has been detected when the receiving device cannot receive the light. Note that FIG. 3 illustrates one of the two devices constituting the detection sensors 12 and 13.
  • the gate device 10 may perform final tracking determination and gate control of the person to be authenticated by using the integrated detection sensor (for example, the detection sensor 12 installed at the entrance). In this case, the gate device 10 may control the gate 14 after the final tracking determination result is obtained.
  • the integrated detection sensor for example, the detection sensor 12 installed at the entrance
  • the gate 14 is a device that controls the passage of users.
  • the method of the gate 14 is not particularly limited, and is, for example, a flapper gate that opens and closes a flapper provided from one side or both sides of the passage, a turnstile gate in which three bars rotate, and the like.
  • the function of the biometric authentication control unit 15 may be realized by a CPU or the like that controls the entire gate device 10. Conversely, the function of the gate device 10 may be realized by the processor 311 included in the biometric authentication control unit 15.
  • the server device 20 can be configured by an information processing device. Similar to the biometric authentication control unit 15, the server device 20 may be provided with a processor, a memory, a communication interface, and the like, and since the configuration is clear to those skilled in the art, detailed description thereof will be omitted.
  • the gate device 10 has been described as a ticket gate installed at a station. However, it goes without saying that the purpose is not to limit the gate device 10 to the ticket gate.
  • the gate device 10 may be any device installed at an airport, an event venue, an office, or the like to control the passage of users.
  • the server device 20 has a user information database
  • the database may be built on a database server different from the server device 20.
  • the authentication system may include various means (authentication requesting unit 203, authenticated person tracking unit 204, etc.) described in the above embodiment.
  • the authentication process executed by the server device 20 may be executed by the gate device 10 (biometric authentication control unit 15). Some or all of the functions of the server device 20 may be realized by the gate device 10.
  • the biometric information related to the feature amount generated from the face image is transmitted from the biometric authentication control unit 15 to the server device 20 has been described.
  • the "face image" itself may be transmitted from the biometric authentication control unit 15 to the server device 20 as biometric information.
  • the server device 20 may generate a feature amount from the acquired face image and execute an authentication process (1 to N collation).
  • the biometric authentication control unit 15 may detect the person to be authenticated at a place distant from the gate device 10 by using the image obtained from the stereo camera instead of the threshold processing for the eye distance. Specifically, the biometric authentication control unit 15 analyzes two images obtained from a stereo camera (analysis using parallax) and calculates the position of the user with reference to the gate device 10. The biometric authentication control unit 15 sets the user as the person to be authenticated if the calculated position is included in a predetermined place.
  • the form of data transmission / reception between the biometric authentication control unit 15 and the server device 20 is not particularly limited, but the data transmitted / received between these devices may be encrypted.
  • the face image and the feature amount calculated from the face image are personal information, and in order to appropriately protect the personal information, it is desirable that encrypted data is transmitted and received.
  • the biometric authentication control unit 15 may refuse to pass through the gate 14 of the subject who has failed to track even once.
  • the biometric authentication control unit 15 may not overwrite the field set as "tracking failure" in the tracking status field of the subject information table with "tracking". In this way, the gate device 10 can realize stricter control (passer management) by refusing the person to be authenticated who has failed to pass through the gate.
  • the tracking process related to the movement from the position X1 to the position X3 regarding the authenticated person may not be executed. That is, the biometric authentication control unit 15 stores the face image of the person to be authenticated at the position X1, and records the tracking result when the face image taken at the position X3 and the face image at the position X1 are the same person's face image. It may be set to "tracking completed". As described above, the gate device 10 may omit tracking from the position X1 to the position X3 of the person to be authenticated.
  • the entry of the authenticated person may be deleted from the authenticated person information table.
  • the biometric authentication control unit 15 stores the number of tracking failures for each tracking target.
  • the biometric authentication control unit 15 may delete the corresponding entry if the number of tracking failures exceeds a predetermined threshold value. That is, it is usually not possible to assume a situation in which the tracking of the authenticated person fails multiple times. In such a situation, it is assumed that the subject is heading to another place instead of the gate device 10, and it is desirable that such a subject is promptly excluded from the target of gate control.
  • the gate device 10 may include an authenticated person detection unit 111, a request unit 112, a tracking unit 113, and a gate control unit 114 (see FIG. 19).
  • the authenticated person detection unit 111 detects a person at a predetermined position as an authenticated person.
  • the request unit 112 transmits an authentication request including the detected biometric information of the person to be authenticated to the server device 20.
  • the tracking unit 113 tracks the detected person to be authenticated.
  • the gate control unit 114 controls the gate 14 based on the result of biometric authentication of the person to be authenticated by the server device 20 and the result of the tracking determination of the person to be authenticated at the entrance of the own device.
  • the gate device 10 includes an intruder detection unit that detects an intruder entering the entrance, and the tracking unit 113 makes a final determination regarding the tracking of the authenticated person according to the detection of the intruder. May be good.
  • the gate control unit 114 may control the gate 14 based on the result of biometric authentication and the result of final determination. The gate control unit 114 may allow the person to be authenticated to pass through the gate 14 when the result of biometric authentication is successful and the result of the final determination regarding tracking is successful.
  • information about the authenticated person is stored and managed using the authenticated person information table.
  • information about the authenticated person may be stored and managed using a database (certified person information database).
  • each embodiment may be used alone or in combination. For example, it is possible to replace a part of the configuration of the embodiment with the configuration of another embodiment, or to add the configuration of another embodiment to the configuration of the embodiment. Further, it is possible to add, delete, or replace a part of the configuration of the embodiment with another configuration.
  • the present invention is suitably applicable to an authentication system installed at an airport, a station, or the like.
  • the tracking unit makes a final determination regarding the tracking of the authenticated person in response to the detection of an intruder at the entrance of the gate device.
  • the biometric authentication control unit according to Appendix 1, wherein the notification unit determines whether or not the person to be authenticated can pass through the gate device based on the result of the biometric authentication and the result of the final determination.
  • the notification unit issues a pass permission notification indicating that the person to be authenticated can pass through the gate device when the result of the biometric authentication is successful and the result of the final determination regarding the tracking is successful.
  • the biometric authentication control unit according to Appendix 2 which is transmitted to the gate device.
  • the authenticated person detection unit detects the person to be authenticated based on the inter-eye distance calculated from the face image included in the image data taken at the predetermined position, any one of Supplementary note 1 to 3.
  • the biometric authentication control unit according to any one of Supplementary note 1 to 4, wherein the tracking unit starts tracking the authenticated person at the same time as the requesting unit transmits the authentication request.
  • the authenticated person detection unit detects the authenticated person, it adds an entry to the authenticated person information table and adds an entry to the authenticated person information table.
  • the requesting unit sets the received biometric authentication result in the authentication status field of the added entry.
  • the tracking unit sets the result of the tracking determination in the tracking status field of the added entry.
  • the notification unit is described in any one of Supplementary note 1 to 5, which determines whether or not the authenticated person can pass through the gate device based on the set value of the authentication status field and the set value of the tracking status field.
  • Biometric control unit [Appendix 7] The biometric authentication control unit according to Appendix 6, further comprising a table management unit that deletes an entry for which a predetermined period has passed since it was added to the authenticated person information table. [Appendix 8] The biometric authentication control unit according to any one of Supplementary note 1 to 7, wherein the tracking unit tracks the face of the detected person to be authenticated.
  • the biometric authentication control unit according to any one of Supplementary note 1 to 8, wherein the biometric information is a face image or a feature amount generated from the face image.
  • a server device that stores biometric information for each of multiple users and performs biometric authentication, The biometric authentication control unit connected to the server device, The gate device connected to the biometric authentication control unit and Including The biometric authentication control unit is An authenticated person detection unit that detects a person at a predetermined position as an authenticated person, A request unit that sends an authentication request including the detected biometric information of the person to be authenticated to the server device, and A tracking unit that tracks the detected person to be authenticated, Based on the result of the biometric authentication of the person to be authenticated by the server device and the result of the tracking determination of the person to be authenticated at the entrance of the gate device, it is determined whether or not the person to be authenticated can pass through the gate device.
  • a notification unit that notifies the gate device of the determination result The system.
  • Appendix 11 The system according to Appendix 10, wherein the server device performs collation processing using the biometric information of each of the plurality of users and the biometric information included in the authentication request.
  • Appendix 12 The system according to Appendix 11, wherein the server device determines whether or not the user specified as a result of the collation process is qualified to pass through the gate device.
  • Appendix 13 In the biometric control unit Detects a person in a predetermined position as a person to be authenticated, An authentication request including the detected biometric information of the person to be authenticated is transmitted to the server device, and the authentication request is transmitted to the server device.

Abstract

Afin de fournir une unité de commande d'authentification biométrique qui peut commander de manière appropriée le passage d'utilisateurs, cette unité de commande d'authentification biométrique est pourvue d'un moyen de détection de sujet d'authentification, d'un moyen de demande, d'un moyen de suivi et d'un moyen de notification. Le moyen de détection de sujet d'authentification détecte une personne dans une position prescrite en tant que sujet d'authentification. Le moyen de demande transmet à un dispositif serveur une demande d'authentification qui comprend des informations biométriques du sujet d'authentification détecté. Le moyen de suivi suit le sujet d'authentification détecté. Sur la base du résultat d'une authentification biométrique du sujet d'authentification par le dispositif serveur et du résultat d'une détermination de suivi concernant le sujet d'authentification à une entrée d'un dispositif de porte, le moyen de notification détermine si le sujet de détection peut passer à travers un dispositif de porte, et notifie au dispositif de porte le résultat de la détermination.
PCT/JP2021/044024 2021-01-05 2021-12-01 Unité de commande d'authentification biométrique, système, procédé de commande d'unité de commande d'authentification biométrique, et support d'enregistrement WO2022149376A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2022573944A JPWO2022149376A5 (ja) 2021-12-01 生体認証制御ユニット、システム、生体認証制御ユニットの制御方法及びコンピュータプログラム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2021000311 2021-01-05
JP2021-000311 2021-01-05

Publications (1)

Publication Number Publication Date
WO2022149376A1 true WO2022149376A1 (fr) 2022-07-14

Family

ID=82357240

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/044024 WO2022149376A1 (fr) 2021-01-05 2021-12-01 Unité de commande d'authentification biométrique, système, procédé de commande d'unité de commande d'authentification biométrique, et support d'enregistrement

Country Status (1)

Country Link
WO (1) WO2022149376A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007303239A (ja) * 2006-05-15 2007-11-22 Konica Minolta Holdings Inc 認証装置、認証装置の制御方法、および認証装置の制御プログラム
JP2015001790A (ja) * 2013-06-14 2015-01-05 セコム株式会社 顔認証システム
JP2020077399A (ja) * 2019-10-10 2020-05-21 日本電気株式会社 情報処理装置
JP2020086780A (ja) * 2018-11-21 2020-06-04 日本電気株式会社 情報処理装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007303239A (ja) * 2006-05-15 2007-11-22 Konica Minolta Holdings Inc 認証装置、認証装置の制御方法、および認証装置の制御プログラム
JP2015001790A (ja) * 2013-06-14 2015-01-05 セコム株式会社 顔認証システム
JP2020086780A (ja) * 2018-11-21 2020-06-04 日本電気株式会社 情報処理装置
JP2020077399A (ja) * 2019-10-10 2020-05-21 日本電気株式会社 情報処理装置

Also Published As

Publication number Publication date
JPWO2022149376A1 (fr) 2022-07-14

Similar Documents

Publication Publication Date Title
US11568695B1 (en) Information-based, biometric, asynchronous access control system
US20230401914A1 (en) Information processing apparatus, information processing system, and information processing method
JP2005242775A (ja) ゲートシステム
US20220415105A1 (en) Information processing apparatus, information processing system, and information processing method
AU2024202070A1 (en) Gate device, authentication system, gate control method, and storage medium
WO2022064830A1 (fr) Dispositif de traitement d'image, système de traitement d'image, procédé de traitement d'image, et programme
WO2022149376A1 (fr) Unité de commande d'authentification biométrique, système, procédé de commande d'unité de commande d'authentification biométrique, et support d'enregistrement
JP2023153850A (ja) ゲート装置、認証システム、ゲート装置の制御方法及び記憶媒体
WO2023032011A1 (fr) Unité de commande d'authentification biométrique, système, procédé de commande d'une unité de commande d'authentification biométrique, et support d'enregistrement
WO2022234613A1 (fr) Système, dispositif de porte, procédé de commande pour un dispositif de porte, et support de stockage
JP2006099687A (ja) 利用者認証装置
JP7287574B2 (ja) 情報処理装置、情報処理システム、情報処理方法及びプログラム
US20230025272A1 (en) Gate apparatus, server apparatus, emigration and immigration examination system,control method of gate apparatus, and control method of server apparatus
WO2022208640A1 (fr) Dispositif de grille, unité de commande d'authentification biométrique, système, procédé de commande de dispositif de grille et support de stockage
JPWO2022208640A5 (fr)
KR102538649B1 (ko) 탑승자 인증 기반 주차관리 방법 및 장치
WO2022079762A1 (fr) Dispositif serveur, système de notification de visiteur, procédé de notification de visiteur, et support d'informations
WO2023176167A1 (fr) Dispositif, procédé et programme d'enregistrement
JP7327650B2 (ja) ゲート装置、認証システム、ゲート装置の制御方法及びプログラム
JP7276523B2 (ja) 管理サーバ、システム、トークン発行方法及びコンピュータプログラム
JP7363981B2 (ja) システム、サーバ装置、サーバ装置の制御方法及びプログラム
WO2023162041A1 (fr) Dispositif serveur, système, procédé de commande de dispositif serveur et support de stockage
WO2023157158A1 (fr) Système, dispositif serveur, procédé de commande de dispositif serveur et support de stockage
WO2020129675A1 (fr) Dispositif d'authentification, procédé d'authentification, et programme
WO2021260773A1 (fr) Système d'authentification, terminal d'authentification, procédé de commande de terminal d'authentification et support de stockage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21917597

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022573944

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21917597

Country of ref document: EP

Kind code of ref document: A1