WO2023084753A1 - 認証装置、認証方法、及びプログラム - Google Patents

認証装置、認証方法、及びプログラム Download PDF

Info

Publication number
WO2023084753A1
WO2023084753A1 PCT/JP2021/041790 JP2021041790W WO2023084753A1 WO 2023084753 A1 WO2023084753 A1 WO 2023084753A1 JP 2021041790 W JP2021041790 W JP 2021041790W WO 2023084753 A1 WO2023084753 A1 WO 2023084753A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
biometric information
master
mobile terminal
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2021/041790
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
康治 齋藤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NEC Corp
Original Assignee
NEC Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NEC Corp filed Critical NEC Corp
Priority to PCT/JP2021/041790 priority Critical patent/WO2023084753A1/ja
Priority to JP2023559360A priority patent/JP7708204B2/ja
Publication of WO2023084753A1 publication Critical patent/WO2023084753A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present invention relates to an authentication device, an authentication method, and a program.
  • Patent Literature 1 describes the following technique.
  • the portable user device stores pass authorization data necessary for the user to pass through the gate and feature data indicating the features of the user.
  • An example of feature data is face data relating to facial features.
  • the passability determination unit acquires pass authorization data and feature data from the user device via the wireless communication unit. Also, the passability determination unit acquires an image of the user trying to pass through the gate. Then, the pass permission/prohibition determination unit opens the gate when the pass authorization data is valid and the image of the user matches the characteristic data acquired from the user device.
  • Patent Document 2 describes measuring the position of the wireless communication terminal and determining whether or not the wireless communication terminal can pass through the gate based on this position.
  • the mobile terminal needs to transmit master biometric information to the authentication device every time the user tries to pass through a gate or the like. In this case, the user's convenience may be reduced.
  • One example of the purpose of the present invention is to reduce the number of times the master biometric information is transmitted from the mobile terminal when user authentication is performed using the master biometric information stored in the mobile terminal.
  • Acquisition means for acquiring master biometric information of a subject from a mobile terminal and acquiring biometric information for authentication, which is the biometric information of the subject generated by a biometric information generating device installed at the entrance of the target area; authentication means for performing authentication processing of the subject using the authentication biometric information and the master biometric information; entrance processing means for performing at least a part of processing for allowing the target person to enter the target area when the authentication processing is successful;
  • the master biometric information is stored in the storage means, and the master biometric information stored in the storage means for a predetermined time or longer is invalidated or deleted from the storage means.
  • the acquisition means acquires the biometric information for authentication before acquiring the master biometric information from the mobile terminal,
  • the authentication means performs authentication processing of the authentication biometric information on the valid master biometric information stored in the storage means,
  • the authentication device is provided, wherein the acquisition means acquires the master biometric information from the portable terminal when the master biometric information that matches the biometric information for authentication and is valid is not stored in the storage means. .
  • Acquisition processing in which a computer acquires master biometric information of a subject from a mobile terminal and acquires biometric information for authentication, which is the biometric information of the subject, generated by a biometric information generation device installed at the entrance of the target area; , An authentication process for authenticating the subject using the authentication biometric information and the master biometric information; an entrance process for performing at least a part of a process for allowing the target person to enter the target area when the authentication process is successful; When the authentication process succeeds, the master biometric information is stored in the storage means, and the master biometric information stored in the storage means for a predetermined time or longer is invalidated or deleted from the storage means.
  • the authentication biometric information is acquired;
  • the authentication process authenticating the authentication biometric information with respect to the valid master biometric information stored in the storage means, An authentication method is provided for acquiring the master biometric information from the mobile terminal in the acquisition process when the master biometric information that matches the biometric information for authentication and is valid is not stored in the storage means. .
  • an acquisition function in a computer for acquiring master biometric information of a subject from a mobile terminal, and acquiring biometric information for authentication, which is the biometric information of the subject, generated by a biometric information generating device installed at the entrance of the target area; , An authentication function that performs authentication processing of the subject using the authentication biometric information and the master biometric information; an entrance processing function that performs at least a part of processing for allowing the target person to enter the target area when the authentication processing is successful; When the authentication process succeeds, the master biometric information is stored in the storage means, and the master biometric information stored in the storage means for a predetermined time or longer is invalidated or deleted from the storage means.
  • the acquisition function acquires the biometric information for authentication before acquiring the master biometric information from the mobile terminal
  • the authentication function performs authentication processing of the authentication biometric information for the valid master biometric information stored in the storage means
  • a program is provided in which the acquisition function acquires the master biometric information from the portable terminal when the master biometric information that matches the biometric information for authentication and is valid is not stored in the storage means.
  • the number of times the master biometric information is transmitted from the mobile terminal is reduced.
  • FIG. 3 is a diagram showing a first example of information stored in a storage unit
  • FIG. 5 is a diagram showing a second example of information stored in a storage unit
  • FIG. 4 is a flowchart showing an example of processing performed by an authentication device together with processing performed by a mobile terminal
  • FIG. 8 is a flow chart showing a process performed when the target person enters a predetermined floor or room of the building after the process shown in FIG. 7 has been performed
  • FIG. 1 is a diagram illustrating the usage environment of an authentication device 10 according to this embodiment.
  • the authentication device 10 authenticates a subject using biometric information.
  • biometric information is face information, but other biometric information such as fingerprint information, vein information, or iris information may be used.
  • the biometric information may be a combination of a plurality of the above-described pieces of information.
  • the authentication device 10 is used together with the mobile terminal 20, the biometric information acquisition device 50, and the communication device 60.
  • a mobile terminal 20 is owned by a user.
  • the authentication device 10 functions as an electronic identification card, for example, an electronic employee ID card, and stores in advance the master biometric information of the subject.
  • the biometric information acquisition device 50 and the communication device 60 are installed at a place where the user should be authenticated, for example, in front of a gate or door.
  • the biometric information acquisition device 50 is installed at a place where the subject should be authenticated, generates biometric information of the subject, and transmits it to the authentication device 10 .
  • This biometric information is hereinafter referred to as authentication biometric information.
  • the mobile terminal 20 also transmits the master biometric information to the authentication device 10 via the communication device 60 .
  • the communication device 60 attempts communication with the mobile terminal 20 at regular intervals, for example, at intervals of one second.
  • the communicable distance between the mobile terminal 20 and the communication device 60 is, for example, 5 m or less, preferably 3 m or less, more preferably 1.5 m or less, but is not limited to these.
  • the authentication device 10 uses the biometric information for authentication generated by the biometric information acquisition device 50 and the master biometric information acquired from the portable terminal 20 to perform authentication processing of the subject.
  • the authentication device 10 stores and reuses the master biometric information used at that time for a certain period of time.
  • the mobile terminal 20 may store at least one of the target person identification information given to the target person who owns the mobile terminal 20 and the terminal identification information given to the mobile terminal 20 .
  • the portable terminal 20 transmits at least one of the subject identification information and the terminal identification information along with the subject identification information and the master biometric information as necessary.
  • An example of the subject identification information is a subject ID such as an employee ID.
  • the authentication device 10 is also used together with the control device 30 .
  • the control device 30 performs at least part of the processing for allowing the target person to enter the target area.
  • the control device 30 opens the gate 40 installed at the entrance of the target area.
  • the control device 30 unlocks the door installed at the entrance of the target area.
  • the target area may be a place where multiple facilities are gathered, such as a theme park, the building itself, a predetermined floor within the building, or a portion of a predetermined floor within the building, such as a predetermined room. good.
  • the control device 30 performs a process of notifying the target person of this fact by, for example, turning on a light-emitting device installed in the gate 40 or the door. good too.
  • Successful authentication processing by the authentication device 10 may be part of the conditions for opening the gate or unlocking the door.
  • the target area may have a predetermined number of people who can enter.
  • the control device 30 opens the gate or unlocks the door when it is confirmed that the target person is a person who can enter the target area. You may This confirmation is performed using, for example, at least one of the subject identification information and the terminal identification information.
  • a plurality of gates 40 may be arranged in parallel at the entrance of the target area.
  • the authentication device 10 and the communication device 60 may be provided for each of multiple gates 40 .
  • FIG. 2 is a diagram showing an example of the functional configuration of the authentication device 10. As shown in FIG.
  • the authentication device 10 includes an acquisition unit 110 , an authentication unit 120 , a storage processing unit 130 and an entrance processing unit 140 .
  • the acquisition unit 110 acquires master biometric information from the mobile terminal 20 via the communication device 60 and acquires authentication biometric information from the biometric information acquisition device 50 .
  • the acquisition unit 110 also acquires other information from the mobile terminal 20 as necessary.
  • An example of other information is at least one of subject identification information and terminal identification information. This information is hereinafter referred to as identification information for authentication.
  • a plurality of portable terminals 20 may exist simultaneously within the communication range of the communication device 60 and these plurality of portable terminals 20 may be able to communicate with the communication device 60 .
  • the acquiring unit 110 acquires the reception intensity when the communication device 60 receives the radio signal output by the mobile terminal 20, and uses this reception intensity to determine the mobile terminal 20 to be processed. For example, the acquisition unit 110 determines the mobile terminals 20 to be processed in descending order of reception strength.
  • the authentication unit 120 uses the biometric information for authentication and the master biometric information acquired by the acquisition unit 110 to perform authentication processing of the subject. For example, the authentication unit 120 calculates the degree of matching of the biometric information for authentication with the master biometric information, and determines that the authentication of the subject has been successful when the degree of matching is greater than or equal to a reference value. When the authentication is successful, the authentication unit 120 generates authentication completion information indicating that fact.
  • the storage processing unit 130 causes the storage unit 150 to store the master biometric information used at that time.
  • the storage processing unit 130 also invalidates or deletes from the storage unit 150 the master biometric information stored in the storage unit 150 for a predetermined period of time or more.
  • the storage unit 150 may be part of the authentication device 10 or may be located outside the authentication device 10 . Note that the storage processing unit 130 may store the master biometric information in the storage unit 150 in association with the identification information for authentication acquired together with the master biometric information.
  • the valid time of the master biometric information stored in the storage unit 150 is, for example, 24 hours, but it may be of another length, such as 12 hours or 8 hours.
  • the predetermined time may be determined for each target person, or may be determined for each target person and each target area.
  • the storage processing unit 130 determines this predetermined time using the subject's schedule information.
  • the schedule information includes information indicating the target area to which the target person should go and the date and time when the target person is scheduled to stay in the target area.
  • the schedule information stores the location of the meeting and the date and time of the meeting.
  • the entrance processing unit 140 sets a predetermined time for each target area so as to include the scheduled stay date and time, and stores the predetermined time for each target person in association with the area identification information in the storage unit 150. .
  • the valid master biometric information stored in the storage unit 150 is used for authentication processing of authentication biometric information. Specifically, the acquiring unit 110 acquires the biometric information for authentication before acquiring the master biometric information from the mobile terminal 20 . Then, the authentication unit 120 performs the authentication processing of the biometric information for authentication on the valid master biometric information stored in the storage unit 150 . The acquisition unit 110 acquires the master biometric information from the portable terminal 20 when the storage unit 150 does not store valid master biometric information that matches the biometric information for authentication.
  • the entry processing unit 140 performs at least part of the processing for allowing the target person to enter the target area.
  • This part of the processing is appropriately set according to the division of functions between the entrance processing unit 140 and the control device 30 .
  • An example of this part of processing is to send authenticated information to the control device 30 .
  • the storage unit 150 further stores at least one of target person identification information and terminal identification information of persons who can enter the target area for each target area.
  • the storage unit 150 also stores other information as needed.
  • FIG. 3 is a diagram showing a first example of information stored in the storage unit 150.
  • the storage unit 150 stores master biometric information for which authentication by the authentication unit 120 has succeeded among the master biometric information acquired by the acquisition unit 110 .
  • the storage unit 150 stores this master biometric information in association with authentication identification information acquired together with the master biometric information.
  • a predetermined time has not passed since the master biometric information stored in the storage unit 150 was acquired by the acquisition unit 110 . That is, the master biometric information that has passed the predetermined time is deleted from the storage unit 150 . However, instead of erasing the master biometric information for which the predetermined time has passed from the storage unit 150, the storage processing unit 130 associates information indicating that the predetermined time has passed, for example, a flag, with the master biometric information and stores it. 150 may be stored.
  • FIG. 4 is a diagram showing a second example of information stored in the storage unit 150.
  • the storage unit 150 stores area identification information for identifying the target area and authority identification information in association with each other as shown in this figure.
  • the authorized identification information is at least one of the target person identification information of the target person who can enter the target area and the terminal identification information of the mobile terminal 20 used by the target person.
  • the area identification information is for each building, but the storage unit 150 may further store authorized identification information for each room or floor.
  • FIG. 5 is a diagram showing an example of the functional configuration of the mobile terminal 20. As shown in FIG.
  • the mobile terminal 20 has a storage section 210 and a transmission section 220 .
  • the storage unit 210 stores master biometric information of the subject who uses the mobile terminal 20 .
  • the storage unit 210 further stores at least one of the target person identification information of the target person using the mobile terminal 20 and the terminal identification information of the mobile terminal 20 used by the target person, that is, authentication identification information.
  • the transmission unit 220 transmits the master biometric information stored in the storage unit 210 to the authentication device 10. At this time, the transmitting unit 220 also transmits identification information for authentication as necessary.
  • FIG. 6 is a diagram showing a hardware configuration example of the authentication device 10. As shown in FIG. Authentication device 10 has bus 1010 , processor 1020 , memory 1030 , storage device 1040 , input/output interface 1050 and network interface 1060 .
  • the bus 1010 is a data transmission path for the processor 1020, the memory 1030, the storage device 1040, the input/output interface 1050, and the network interface 1060 to exchange data with each other.
  • the method of connecting processors 1020 and the like to each other is not limited to bus connection.
  • the processor 1020 is a processor realized by a CPU (Central Processing Unit), a GPU (Graphics Processing Unit), or the like.
  • the memory 1030 is a main memory implemented by RAM (Random Access Memory) or the like.
  • the storage device 1040 is a removable medium such as a HDD (Hard Disk Drive), an SSD (Solid State Drive), a memory card, or an auxiliary storage device realized by a ROM (Read Only Memory).
  • the storage device 1040 stores program modules that implement each function of the authentication device 10 (for example, the acquisition unit 110, the authentication unit 120, the storage processing unit 130, and the entrance processing unit 140). Each function corresponding to the program module is realized by the processor 1020 reading each program module into the memory 1030 and executing it.
  • the storage device 1040 also functions as the storage unit 150 .
  • the input/output interface 1050 is an interface for connecting the authentication device 10 and various input/output devices.
  • input/output interface 1050 has a short-range wireless communication module.
  • the authentication device 10 communicates with the communication device 60 via the input/output interface 1050 .
  • the network interface 1060 is an interface for connecting the authentication device 10 to the network.
  • This network is, for example, a LAN (Local Area Network) or a WAN (Wide Area Network).
  • a method for connecting the network interface 1060 to the network may be a wireless connection or a wired connection.
  • Authentication device 10 may communicate with mobile terminal 20 via network interface 1060 .
  • the hardware configuration of the mobile terminal 20 is also the same as the hardware configuration of the authentication device 10 shown in FIG.
  • the storage devices 1040 that serve as the storage unit 210 at least the device that stores the master biometric information preferably cannot be falsified with the stored information.
  • FIG. 7 is a flowchart showing an example of processing performed by the authentication device 10 together with processing performed by the mobile terminal 20.
  • FIG. The processing shown in this figure is performed when the subject passes through the gate 40 installed at the entrance of the building.
  • control device 30 controls the gate 40 installed at the entrance of the building and the door locks installed in the rooms within the building.
  • the gate 40 When the subject passes through the gate 40, at least biometric authentication is required.
  • authentication by at least one of the authentication identification information, that is, the subject identification information and the terminal identification information may be further required.
  • the authentication device 10 transmits a request to start communication to the mobile terminal 20 via the communication device 60 (step S10). Then, the communication device 60 acquires authentication identification information, that is, at least one of the subject identification information and the terminal identification information, from the mobile terminal 20 and transmits it to the authentication device 10 . Acquisition unit 110 of authentication device 10 acquires this identification information for authentication (step S20).
  • the acquisition unit 110 of the authentication device 10 confirms whether or not the master biometric information corresponding to the identification information for authentication acquired in step S20 is stored in the storage unit 150 (step S30). If the storage unit 150 stores this master biometric information (step S30: Yes), the authentication unit 120 reads this master biometric information from the storage unit 150 . On the other hand, if the storage unit 150 does not store this master biometric information (step S30: No), the authentication unit 120 requests the mobile terminal 20 for the master biometric information (step S40). The mobile terminal 20 then transmits the master biometric information and the identification information for authentication to the authentication device 10 . The acquisition unit 110 acquires this master biometric information (step S50).
  • the biometric information acquisition device 50 acquires the biometric information for authentication of the subject and transmits it to the authentication device 10 .
  • the biometric information acquisition device 50 generates at least one of face information, fingerprint information, vein information, and iris information of the subject as authentication biometric information, and transmits the generated authentication biometric information to the authentication device 10 .
  • the acquisition unit 110 of the authentication device 10 acquires this biometric information for authentication (step S60).
  • a motion sensor such as an infrared sensor, may be provided at or near the gate 40 .
  • the authentication device 10 may perform the processing shown in step S60 when the human sensor detects a person.
  • the authentication unit 120 of the authentication device 10 uses the master biometric information read from the storage unit 150 or the master biometric information acquired in step S50 to perform authentication processing of the authentication biometric information acquired in step S60 (step S70). . If the authentication is successful (step S70: Yes), the authentication unit 120 generates the above-described authenticated information. Further, when the acquisition unit 110 has acquired the master biometric information from the mobile terminal 20, the authentication unit 120 stores this master biometric information in the storage unit 150 in association with the identification information for authentication acquired in step S20. (Step S80).
  • the entrance processing unit 140 sets the expiration date of the authenticated information, associates the expiration date with the identification information for authentication, and stores the expiration date in the storage unit 150.
  • the expiration date of the authenticated information is, for example, a predetermined time after the authenticated information is generated. This predetermined time can be set by, for example, a building administrator. As an example, the predetermined period of time is 24 hours, but other values are possible, such as 12 hours or 8 hours.
  • the entrance processing unit 140 then outputs the authentication information to the control device 30 .
  • Control device 30 then opens gate 40 (step S100). This allows the subject to pass through the gate 40 and enter the building.
  • the acquisition unit 110 may acquire area identification information assigned to the building that the target person is about to enter this time.
  • the entry processing unit 140 reads the authorized identification information corresponding to the area identification information acquired by the acquisition unit 110 from the storage unit 150, and this authorized identification information corresponds to the authentication identification information acquired by the acquisition unit 110.
  • the inclusion may be included in the conditions for performing step S100.
  • the acquisition unit 110 acquires the area identification information.
  • the communication device 60 stores area identification information and transmits this area identification information to the authentication device 10 together with information acquired from the mobile terminal 20 .
  • the subject operates the mobile terminal 20 to transmit the area identification information to the authentication device 10 .
  • FIG. 8 shows the processing performed when the target person enters a predetermined floor or room of the building after the processing shown in FIG. 7 has been performed.
  • the authentication device 10 does not perform authentication using biometric information, but instead performs authentication using identification information for authentication.
  • a door or gate is installed at the entrance to the designated floor of the building. Doors are installed at the entrances to the rooms of the building.
  • the control device 30 controls opening and closing of these gates or locking of the doors.
  • a communication device 60 is provided in the vicinity of these gates or doors.
  • the mobile terminal 20 transmits identification information for authentication to the authentication device 10 via the communication device 60 .
  • the acquisition unit 110 of the authentication device 10 acquires this identification information for authentication.
  • the acquisition unit 110 also acquires area identification information.
  • the acquisition method of this area identification information is as explained using FIG. 7 (step S110).
  • the authentication unit 120 of the authentication device 10 confirms whether or not the expiration date corresponding to the identification information for authentication acquired in step S110 is stored in the storage unit 150. If the expiration date is stored and has not expired (step S120: Yes), the authentication unit 120 retrieves from the storage unit 150 the authorized identification associated with the area identification information acquired in step S110. Read information. The authentication unit 120 then confirms whether or not the read authorized identification information includes the authentication identification information acquired in step S110 (step S130). If the authorized identification information includes identification information for authentication (step S130: Yes), the entrance processing section 140 causes the control device 30 to open the gate or unlock the door (step S140).
  • the admission processing unit 140 may use the subject's schedule information to set the expiration date of the authenticated information.
  • the schedule information includes information indicating the target area to which the target person should go and the date and time when the target person is scheduled to stay in the target area.
  • the schedule information stores the location of the meeting and the date and time of the meeting.
  • the entry processing unit 140 sets an expiration date so as to include the date and time of the scheduled stay for each target area, and causes the storage unit 150 to store the expiration date in association with the area identification information.
  • the authentication unit 120 acquires and uses the expiration date corresponding to the area identification information acquired in step S110.
  • the process shown in FIG. 7 may be performed instead of the process shown in FIG.
  • a biological information acquisition device 50 is also provided near these gates or doors.
  • the process shown in step S80 may not be performed.
  • the mobile terminal 20 stores the subject's master biometric information.
  • the authentication device 10 acquires this master biometric information from the portable terminal 20 and uses it for authentication processing of the subject. Further, the authentication device 10 stores the master biometric information acquired from the mobile terminal 20 for a predetermined period of time, and uses it for authentication processing of the subject. Therefore, the number of times the master biometric information is transmitted from the mobile terminal 20 can be reduced. This eliminates the need for the subject to always carry the mobile terminal 20 when being authenticated by the authentication device 10 .
  • the storage unit 210 of the mobile terminal 20 stores certificate information.
  • This certificate information proves that the mobile terminal 20 is a terminal used together with the authentication device 10 .
  • the authentication device 10 sets the acquisition of the certificate information from the authentication device 10 as a condition for performing authentication processing or a condition for successful authentication processing.
  • FIG. 9 is a diagram showing an example of processing performed by the authentication device 10 according to this embodiment, and corresponds to FIG. 7 of the first embodiment. The processing shown in this figure is also performed when the subject passes through the gate 40 installed at the entrance of the building.
  • the authentication device 10 transmits a request to start communication to the mobile terminal 20 via the communication device 60 (step S10). Then, the communication device 60 acquires authentication identification information and certificate information from the mobile terminal 20, and transmits them to the authentication device 10 (step S22).
  • the mobile terminal 20 transmits the master biometric information, authentication identification information, and certificate information to the authentication device 10 (step S52).
  • step S30, step S60 to step S100 are as explained using FIG.
  • the authentication unit 120 performs authentication processing when the acquisition unit 110 acquires the certificate information from the mobile terminal 20 in step S70. In other words, when the certificate information has not been acquired, the authentication unit 120 determines that the authentication of the subject has failed.
  • the authentication device 10 can reduce the number of times the master biometric information is transmitted from the mobile terminal. Moreover, the authentication unit 120 does not perform the authentication process when the certificate information is not acquired from the mobile terminal 20 . Therefore, the possibility that a person who does not have a valid mobile terminal 20 accidentally enters the target area is reduced.
  • Acquisition means for acquiring master biometric information of a subject from a mobile terminal and acquiring biometric information for authentication, which is the biometric information of the subject generated by a biometric information generating device installed at the entrance of the target area; authentication means for performing authentication processing of the subject using the authentication biometric information and the master biometric information; entrance processing means for performing at least a part of processing for allowing the target person to enter the target area when the authentication processing is successful;
  • the master biometric information is stored in the storage means, and the master biometric information stored in the storage means for a predetermined time or longer is invalidated or deleted from the storage means.
  • the acquisition means acquires the biometric information for authentication before acquiring the master biometric information from the mobile terminal,
  • the authentication means performs authentication processing of the authentication biometric information on the valid master biometric information stored in the storage means,
  • the authentication device wherein the acquisition means acquires the master biometric information from the mobile terminal when the master biometric information that matches the biometric information for authentication and is valid is not stored in the storage means.
  • the acquisition means acquires schedule information indicating the subject's schedule, The authentication device, wherein the storage processing means sets the predetermined time for each target area using the schedule information.
  • the authentication device In the target area, at least one of an authorized person who is the target person who has the right to enter the target area and an authorized terminal which is the mobile terminal possessed by the authorized person is identified.
  • Authorized identification information is linked in advance,
  • the acquisition means acquires authentication identification information for identifying at least one of the target person and the mobile terminal from the mobile terminal,
  • the authentication device, wherein the admission processing means performs the at least part of the processing when the identification information for authentication is included in the authorized identification information. 4.
  • the acquisition means acquires authentication identification information for identifying at least one of the target person and the mobile terminal from the mobile terminal
  • the storage processing means associates the master biometric information and the authentication identification information acquired by the acquisition means with each other and stores them in the storage means;
  • the acquisition means acquires the biometric information for authentication and the identification information for authentication before acquiring the master biometric information from the mobile terminal,
  • the authentication means specifies the master biometric information linked to the authentication identification information acquired by the acquisition means in the storage means, and performs the authentication process using the master biometric information,
  • the authentication device wherein the acquisition means acquires the master biometric information from the mobile terminal and performs the authentication process when the storage means does not have the master biometric information linked to the identification information for authentication. 5.
  • the entrance processing means outputs authenticated information indicating that the authentication process has succeeded to a control means for controlling opening/closing of a gate installed at the entrance of the target area or locking of a door installed at the entrance. , authenticator. 6.
  • the acquisition means acquires the master biometric information from the mobile terminal via a wireless communication device installed at the entrance; The authentication device, wherein the wireless communication device has a communicable distance of 5 m or less. 7.
  • the acquisition means is Acquiring the reception strength when the wireless communication device receives the wireless signal output by the mobile terminal, An authentication device that determines the mobile terminal to be processed by using the reception strength when a plurality of the mobile terminals and the wireless communication device can communicate with each other.
  • a computer acquires master biometric information of a subject from a mobile terminal and acquires biometric information for authentication, which is the biometric information of the subject, generated by a biometric information generation device installed at the entrance of the target area; , An authentication process for authenticating the subject using the authentication biometric information and the master biometric information; an entry process for performing at least a part of a process for allowing the target person to enter the target area when the authentication process is successful;
  • the master biometric information is stored in the storage means, and the master biometric information stored in the storage means for a predetermined time or longer is invalidated or deleted from the storage means.
  • the authentication biometric information is acquired; In the authentication process, authenticating the authentication biometric information with respect to the valid master biometric information stored in the storage means, The authentication method, wherein in the acquisition process, the master biometric information is acquired from the portable terminal when the master biometric information that matches the biometric information for authentication and is valid is not stored in the storage means. 9.
  • the computer is In the acquisition process, schedule information indicating the subject's schedule is acquired; The authentication method, wherein in the storage process, the predetermined time is set for each target area using the schedule information. 10.
  • the authentication method In the target area, at least one of an authorized person who is the target person who has the right to enter the target area and an authorized terminal which is the mobile terminal possessed by the authorized person is identified.
  • Authorized identification information is linked in advance,
  • the computer is In the acquisition process, authentication identification information for identifying at least one of the target person and the mobile terminal is acquired from the mobile terminal,
  • the authentication method wherein in the admission process, the at least part of the process for enabling entry is performed when the identification information for authentication is included in the authorized identification information. 11.
  • the computer is In the acquisition process, authentication identification information for identifying at least one of the target person and the mobile terminal is acquired from the mobile terminal, In the storage process, the master biometric information and the identification information for authentication acquired in the acquisition process are associated with each other and stored in the storage means; In the acquisition process, before acquiring the master biometric information from the mobile terminal, acquire the biometric information for authentication and the identification information for authentication, In the authentication process, specifying the master biometric information linked in the storage means to the identification information for authentication acquired in the acquisition process, and performing the authentication process using the master biometric information, The authentication method, wherein in the acquisition process, if there is no master biometric information linked to the identification information for authentication in the storage means, the master biometric information is acquired from the portable terminal and the authentication process is performed.
  • the computer sends authentication information indicating that the authentication process was successful to the control means for controlling the opening and closing of the gate installed at the entrance of the target area or the locking of the door installed at the entrance. , the authentication method. 13.
  • the computer acquires the master biometric information from the mobile terminal via a wireless communication device installed at the entrance; The authentication method, wherein the wireless communication device has a communicable distance of 5 m or less. 14.
  • the computer in the acquisition process, Acquiring the reception strength when the wireless communication device receives the wireless signal output by the mobile terminal, An authentication method, wherein when a plurality of mobile terminals and the wireless communication device can communicate with each other, the mobile terminal to be processed is determined using the reception strength. 15.
  • an acquisition function in a computer for acquiring master biometric information of a subject from a mobile terminal, and acquiring biometric information for authentication, which is the biometric information of the subject, generated by a biometric information generating device installed at the entrance of the target area;
  • An authentication function that performs authentication processing of the subject using the authentication biometric information and the master biometric information;
  • an entrance processing function that performs at least a part of processing for allowing the target person to enter the target area when the authentication processing is successful;
  • the master biometric information is stored in the storage means, and the master biometric information stored in the storage means for a predetermined time or longer is invalidated or deleted from the storage means.
  • the acquisition function acquires the biometric information for authentication before acquiring the master biometric information from the mobile terminal,
  • the authentication function performs authentication processing of the authentication biometric information for the valid master biometric information stored in the storage means,
  • the acquisition function acquires the master biometric information from the portable terminal when the master biometric information that matches the biometric information for authentication and is valid is not stored in the storage means.
  • the acquisition function acquires schedule information indicating the subject's schedule, A program in which the memory processing function sets the predetermined time for each target area using the schedule information. 17.
  • the target area At least one of an authorized person who is the target person who has the right to enter the target area and an authorized terminal which is the mobile terminal possessed by the authorized person is identified.
  • Authorized identification information is linked in advance,
  • the acquisition function acquires authentication identification information for identifying at least one of the target person and the mobile terminal from the mobile terminal,
  • the program, wherein the entry processing function performs the at least part of the processing when the identification information for authentication is included in the authorized identification information. 18.
  • the acquisition function acquires authentication identification information for identifying at least one of the target person and the mobile terminal from the mobile terminal
  • the storage processing function associates the master biometric information and the authentication identification information acquired by the acquisition function with each other and stores them in the storage means
  • the acquisition function acquires the biometric information for authentication and the identification information for authentication before acquiring the master biometric information from the mobile terminal
  • the authentication function specifies the master biometric information linked to the authentication identification information acquired by the acquisition function in the storage means, and performs the authentication process using the master biometric information
  • the acquisition function is a program that acquires the master biometric information from the portable terminal and performs the authentication process when the storage means does not have the master biometric information linked to the identification information for authentication. 19.
  • the entrance processing function outputs authenticated information indicating that the authentication process has succeeded to a control means for controlling opening/closing of a gate installed at the entrance of the target area or locking of a door installed at the entrance. ,program. 20.
  • the acquisition function acquires the master biometric information from the mobile terminal via a wireless communication device installed at the entrance, A program, wherein the wireless communication device has a communicable distance of 5 m or less. 21. 20.
  • the acquisition function is Acquiring the reception strength when the wireless communication device receives the wireless signal output by the mobile terminal, A program for determining the mobile terminal to be processed using the reception strength when a plurality of the mobile terminals and the wireless communication device can communicate with each other.
  • authentication device 20 mobile terminal 30 control device 40 gate 50 biological information acquisition device 60 communication device 110 acquisition unit 120 authentication unit 130 storage processing unit 140 entrance processing unit 150 storage unit 210 storage unit 220 transmission unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Time Recorders, Dirve Recorders, Access Control (AREA)
  • Lock And Its Accessories (AREA)
PCT/JP2021/041790 2021-11-12 2021-11-12 認証装置、認証方法、及びプログラム Ceased WO2023084753A1 (ja)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2021/041790 WO2023084753A1 (ja) 2021-11-12 2021-11-12 認証装置、認証方法、及びプログラム
JP2023559360A JP7708204B2 (ja) 2021-11-12 2021-11-12 認証装置、認証方法、及びプログラム

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/041790 WO2023084753A1 (ja) 2021-11-12 2021-11-12 認証装置、認証方法、及びプログラム

Publications (1)

Publication Number Publication Date
WO2023084753A1 true WO2023084753A1 (ja) 2023-05-19

Family

ID=86335441

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/041790 Ceased WO2023084753A1 (ja) 2021-11-12 2021-11-12 認証装置、認証方法、及びプログラム

Country Status (2)

Country Link
JP (1) JP7708204B2 (https=)
WO (1) WO2023084753A1 (https=)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108109250A (zh) * 2018-01-29 2018-06-01 长沙舍同智能科技有限责任公司 人脸识别免接触门禁控制器及智能门
WO2021193138A1 (ja) * 2020-03-24 2021-09-30 日本電気株式会社 顧客認証装置、顧客認証方法、及びプログラム

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108109250A (zh) * 2018-01-29 2018-06-01 长沙舍同智能科技有限责任公司 人脸识别免接触门禁控制器及智能门
WO2021193138A1 (ja) * 2020-03-24 2021-09-30 日本電気株式会社 顧客認証装置、顧客認証方法、及びプログラム

Also Published As

Publication number Publication date
JPWO2023084753A1 (https=) 2023-05-19
JP7708204B2 (ja) 2025-07-15

Similar Documents

Publication Publication Date Title
CN101620753B (zh) 安全防范系统及其方法
US8952781B2 (en) Method and apparatus for access control using dual biometric authentication
CN101551920A (zh) 一种门禁系统及合法用户远程遥控开锁的方法
JP2020042440A (ja) 入退室管理システム
JP2010092122A (ja) 認証システム、生体認証装置、及び生体認証方法
JPWO2008136120A1 (ja) 入退室管理プログラム、入退室管理方法および入退室管理装置
WO2018014322A1 (zh) 住宅智能门锁系统及其控制方法
KR101637516B1 (ko) 출입 제어 방법 및 장치
JP2002041469A (ja) 電子機器管理システムおよび電子機器管理方法
US12408034B2 (en) Access control system and a method therein for handling access to an access-restricted physical resource
US20150089240A1 (en) Biometric management system
KR20180125729A (ko) 코드표시를 통한 차량 출입통제 시스템 및 방법
JP7398685B2 (ja) 情報処理システム、及び、情報処理方法
JP5495603B2 (ja) 認証装置
JP2004355318A (ja) コンピュータ利用管理システム、コンピュータ利用管理方法、視聴覚機器利用管理システムおよび視聴覚機器利用管理方法
KR101967111B1 (ko) 스마트한 고유정보 처리 절차를 통한 시스템 부하감소로 보안강화 서비스를 위한 콘트롤러 시스템
JP2021135972A (ja) 認証システム、提供方法、出力方法、及びプログラム
KR102585626B1 (ko) 생체 정보를 활용한 출입 통제 시스템 및 통제 방법
WO2023084753A1 (ja) 認証装置、認証方法、及びプログラム
US9256996B2 (en) Method and system for training users related to a physical access control system
CN115100771A (zh) 来访者管理系统和来访者管理方法
JP4835464B2 (ja) 入退管理システム
KR101926709B1 (ko) 생체 인증 및 제어 장치 및 그 방법
JP5094440B2 (ja) システム管理装置、およびセキュリティシステム
WO2023084752A1 (ja) 認証装置、携帯端末、認証方法、情報処理方法、及びプログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21964108

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 18704184

Country of ref document: US

ENP Entry into the national phase

Ref document number: 2023559360

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21964108

Country of ref document: EP

Kind code of ref document: A1