JP2025072560A - Processing System - Google Patents

Abstract

To provide a processing device, a processing program, and a processing method capable of authenticating a user more efficiently.SOLUTION: In a processing system 1, a processing device in a building 10 includes: a first communication interface configured to communicably connect to a first authentication device installed in a building in order to determine whether to permit a user to use a facility with restricted user access by authenticating the user with a first authentication method using first authentication information; a second communication interface configured to receive permission information, which is used for permitting the user to use the facility by authenticating the user with a second authentication method different from the first authentication method, from a second authentication device different from the first authentication device; and a processor configured to execute processing for transmitting the permission information to the first authentication device upon receiving the permission information from the second authentication device.SELECTED DRAWING: Figure 1

Description

Application for application of Article 30, Paragraph 2 of the Patent Act has been made 1. Facts of disclosure (1) Date of website posting, website address, and publisher (2) Content of the disclosed invention In the above facts 1 to 31, the publishers disclosed services related to the processing systems invented by Ryo Sasaki, Yoichi Furusawa, Takaaki Machida, and Yoshiki Sato through the website addresses provided by each publisher.

The present disclosure relates to a processing system used to authenticate a user.

A ticket gate management system that controls the opening and closing of a ticket gate to manage entry and exit to a facility, comprising: a contactless information recording medium carried by a person entering or exiting the facility and storing management information necessary for entry and exit through the ticket gate; a reader that reads the management information stored in the contactless information recording medium; a ticket gate device that opens the ticket gate when the non-contact information recording medium is authenticated; and a control device that performs an authentication decision based on the management information read by the reader and controls the opening and closing of the ticket gate, wherein the control device determines whether the person is an individual entering or exiting the facility or a group entering or exiting with a reservation based on the management information read by the reader, and changes the processing procedures related to the authentication decision and the opening and closing control of the ticket gate based on the result of the decision (Patent Document 1).

JP2010-86479A

In light of the above-mentioned techniques, an object of the present disclosure is to provide a processing system capable of more efficiently authenticating a user through various embodiments.

According to one aspect of the present disclosure, there is provided a processing device including: a first communication interface configured to communicatively connect to a first authentication device installed in a facility where use by a user is restricted in order to determine whether or not to allow the user to use the facility by authenticating the user by a first authentication method using first authentication information; a second communication interface configured to receive, from a second authentication device different from the first authentication device, permission information used to allow the user to use the facility by authenticating the user by a second authentication method different from the first authentication method; and a processor configured to execute a process for transmitting the permission information to the first authentication device upon receiving the permission information from the second authentication device.

According to one aspect of the present disclosure, "a processing device including a first communication interface configured to communicatively connect to a first authentication device installed in a facility whose use by a user is restricted in order to determine whether or not to allow the user to use the facility by authenticating the user by a first authentication method using first authentication information, a second communication interface configured to receive, from a second authentication device different from the first authentication device, permission information used to allow the user to use the facility by authenticating the user by a second authentication method different from the first authentication method, and at least one processor, the at least one processor being configured to function to execute a process for transmitting the permission information to the first authentication device when the permission information is received from the second authentication device."
is provided.

According to one aspect of the present disclosure, there is provided a processing method executed by at least one processor in a processing device including: a first communication interface configured to communicatively connect to a first authentication device installed in a facility where use by a user is restricted in order to determine whether or not to allow the user to use the facility by authenticating the user by a first authentication method using first authentication information; a second communication interface configured to receive, from a second authentication device different from the first authentication device, acceptance information used to allow the user to use the facility by authenticating the user by a second authentication method different from the first authentication method; and at least one processor, the processing method including a step of transmitting the acceptance information to the first authentication device when the acceptance information is received from the second authentication device.

According to one aspect of the present disclosure, there is provided a server device including at least one processor, the at least one processor being configured to execute a process of receiving first log information indicating that the user has been authenticated from a first authentication device installed to authenticate the user by a first authentication method and determine whether or not to allow the user to use the facility in which the user's use is restricted, due to the reception of an authentication request by the user using first authentication information, receiving second log information indicating that the user has been authenticated from the first authentication device, due to the first authentication device receiving allowance information generated by authenticating the user by a second authentication method different from the first authentication method, and storing the first log information and the second log information.

According to one aspect of the present disclosure, there is provided a program that causes a computer having at least one processor to function to execute a process of receiving first log information indicating that the user has been authenticated from a first authentication device installed in a facility where user use is restricted for the purpose of authenticating the user by a first authentication method and determining whether or not to allow the user to use the facility, upon receipt of an authentication request from the user using first authentication information, receiving second log information indicating that the user has been authenticated from the first authentication device upon receipt by the first authentication device of acceptance of acceptance information generated by authenticating the user by a second authentication method different from the first authentication method, and storing the first log information and the second log information.

According to one aspect of the present disclosure, there is provided a method executed by at least one processor in a computer having the at least one processor, the method including: receiving first log information indicating that the user has been authenticated from a first authentication device installed in a facility where user use is restricted for the purpose of authenticating the user by a first authentication method and determining whether or not to allow the user to use the facility, due to receipt of an authentication request by the user using first authentication information; receiving second log information indicating that the user has been authenticated from the first authentication device, due to receipt by the first authentication device of acceptance information generated by authenticating the user by a second authentication method different from the first authentication method; and storing the first log information and the second log information.

According to one aspect of the present disclosure, a processing system including a server device and a processing device, in which, due to receipt of an authentication request by a user using first authentication information in a facility where the user's use is restricted, the server device receives first log information indicating that the user has been authenticated from a first authentication device installed to authenticate the user by a first authentication method and determine whether or not to permit the user's use, and the server device outputs acceptance information generated by authenticating the user by a second authentication method different from the first authentication method in order to provide the acceptance information to the processing device, and upon receiving the acceptance information output from the server device, the processing device transmits the acceptance information to the first authentication device, and due to the acceptance by the first authentication device, a second log information indicating that the user has been authenticated is output from the first authentication device.
The present invention provides a processing system configured to execute a process in which the server device receives log information and the server device stores the first log information and the second log information.

According to one aspect of the present disclosure, there is provided a processing program that causes a processing system including a server device and a processing device to function in a facility where user use is restricted, such that, due to receipt of an authentication request from the user using first authentication information, the server device receives first log information indicating that the user has been authenticated from a first authentication device installed to authenticate the user by a first authentication method and determine whether or not to allow the user to use the facility, the server device outputs acceptance information generated by authenticating the user by a second authentication method different from the first authentication method in order to provide the acceptance information to the processing device, the processing device transmits the acceptance information output from the server device to the first authentication device, the server device receives second log information from the first authentication device indicating that the user has been authenticated due to acceptance by the first authentication device, and the server device executes a process for storing the first log information and the second log information.

According to one aspect of the present disclosure, "a processing method executed in a processing system including a server device and a processing device, comprising:
a step of the server device receiving first log information indicating that the user has been authenticated from a first authentication device installed for authenticating the user by a first authentication method and determining whether or not to permit the user to use the service, upon receipt of an authentication request using authentication information; a step of the server device outputting acceptance information generated by authenticating the user by a second authentication method different from the first authentication method, in order to provide the acceptance information to the processing device; a step of the processing device transmitting the acceptance information outputted from the server device to the first authentication device upon receipt of the acceptance information; a step of the server device receiving second log information indicating that the user has been authenticated from the first authentication device, upon receipt by the first authentication device; and a step of the server device storing the first log information and the second log information.

According to the present disclosure, a processing system method that allows for more efficient authentication of users can be provided.

The above effects are merely illustrative for the convenience of explanation and are not limiting. In addition to or instead of the above effects, any effect described in this disclosure or any effect obvious to a person skilled in the art may be achieved.

FIG. 1 is a block diagram showing a configuration of a processing system 1 according to an embodiment of the present disclosure. FIG. 2A is a block diagram showing a configuration of a processing device 100 according to an embodiment of the present disclosure. FIG. 2B is a block diagram showing a configuration of the server device 200 according to an embodiment of the present disclosure. FIG. 3A is a diagram conceptually illustrating a user management table stored in the second server device 200-2 according to an embodiment of the present disclosure. FIG. 3B is a diagram conceptually illustrating a log management table stored in the second server device 200-2 according to an embodiment of the present disclosure. FIG. 3C is a diagram conceptually illustrating authority information according to an embodiment of the present disclosure. FIG. 4A is a diagram showing a processing sequence executed by the processing system 1 according to an embodiment of the present disclosure. FIG. 4B is a diagram showing a processing sequence executed by the processing system 1 according to an embodiment of the present disclosure. FIG. 4C is a diagram showing a processing sequence executed by the processing system 1 according to an embodiment of the present disclosure. FIG. 4D is a diagram showing a processing sequence executed by the processing system 1 according to an embodiment of the present disclosure. FIG. 4E is a diagram showing a processing sequence executed by the processing system 1 according to an embodiment of the present disclosure. FIG. 5 is a block diagram showing a configuration of a processing system 1000 according to an embodiment of the present disclosure. FIG. 6 is a diagram conceptually illustrating a user management table stored in the second server device 200-2 according to an embodiment of the present disclosure. FIG. 7A is a diagram showing a processing sequence executed by the processing system 1000 according to an embodiment of the present disclosure. FIG. 7B is a diagram showing a processing sequence executed by the processing system 1000 according to an embodiment of the present disclosure.

1. Overview of Processing System 1 In conventional buildings, for example, when an authentication method using a card reader is used as equipment for authentication at the building gate, the gate cannot be entered or left unless the card is physically held, and if the card is forgotten, the person cannot enter or leave the building, and may need to go to a distant reception desk, declare that the card has been forgotten, and be given a spare card, etc., which is inconvenient. Furthermore, even if an authentication method different from the first authentication method is introduced to a building or a gate installed in the building, the introduction cost is high because it is necessary to replace the gate with one that can handle a different authentication method in addition to the first authentication method, and additional wiring work is required,
There was a problem that the burden on the administrator would be large. In the processing system 1 according to the present disclosure, in addition to authenticating a user by the first authentication method by the first authentication device 300-1 in a facility where the use by a user is restricted, the processing system 1 enables authentication of a user by various authentication methods as a second authentication method by the second authentication device 300-2 via the processing device 100. This makes it possible to easily expand the authentication method by retrofitting the processing device 100 without incurring huge introduction costs. In addition, by using biometric authentication such as face authentication as the second authentication method, for example, it becomes unnecessary to carry a card, and convenience is improved. Furthermore, for example, it is possible to combine multiple methods such as face authentication as well as terminal authentication and QR code as the second authentication method, and convenience is further improved.

Furthermore, the processing system 1 according to the present disclosure can extend the authentication conditions in addition to extending the authentication method. In the conventional building control panel, it is not possible to flexibly assign conditions regarding entry and exit to one user ID. For example, in authority control according to reservation time, it may be impossible to set multiple dates and times as conditions for entry and exit in advance, or there may be an upper limit on the number of times that can be set as the time for entry and exit. In addition, since the maintenance management of the control panel of the building is performed by the building manager, employees of the companies occupying the building directly communicate with the building manager by email, etc., and the authority is reflected in the control panel only after a certain period of work has passed. For this reason, there is a problem that conditions regarding reservation time and entry and exit cannot be flexibly set, and even if the authority conditions are changed, the changed conditions cannot be quickly reflected in the control panel.

The second server device 200-1 in the processing system 1 according to the present disclosure cooperates with the first server device 200-1 to which the control panel of the building is connected, thereby
In the second server device 200-1, the date and time as the condition for entering and leaving the building can be flexibly set. Furthermore, the second server device 200-1 is connected to the first server device 200
By linking with server device 200-1 via, for example, an API, the entry and exit conditions set in second server device 200-1 can be reflected in the control panel in a timely manner, so that when a visitor checks in at the entrance to the building, the visitor can be granted limited authority according to the schedule information registered in advance by an employee of the occupying company.

In addition, in a conventional building, if a company or the like that occupies the building has already introduced an entrance/exit management system, when a user is authenticated at a facility other than the gate (for example, an office where the user works, etc.), an authentication method (for example, facial recognition, etc.) different from the authentication method at the building gate (for example, an authentication method using a card reader) may be set. In this case, while authentication is possible at facilities other than the gate using facial recognition, etc., a physical card must be used at the building gate, which is a problem in that it is difficult to improve convenience. With the processing system 1 according to the present disclosure, the authentication method at the building gate can be easily expanded by retrofitting the processing device 100 without incurring huge introduction costs, and by using biometric authentication such as facial recognition as the second authentication method, it is no longer necessary to carry a card, thereby improving convenience through the entrance/exit management system for the entire building.

Furthermore, in conventional buildings, the building manager and the companies occupying the building manage different subjects, making it difficult to centrally manage entrance and exit for the entire building. In other words, only the building manager can view the entrance and exit management system for the entire building, and it is not expected that the companies actually occupying the building will view it. For this reason, when managing the entrance and exit of an employee of a company actually occupying the building, there is an issue that the entrance and exit management of the employee at the building entrance and exit and the entrance and exit management within the company's office are separated. For example,
When a user is authenticated by an authentication device installed at the gate of a building, the time and user of authentication are simply recorded, and the management company that is the manager of the building simply manages the recorded information. In addition, when a user may be authenticated by another authentication device installed in another facility (a conference room, a conference booth, or an office floor) within the gate of the building, the time and user of authentication are similarly simply recorded, and another company that manages the other facility (for example, a company that is located in the building) simply manages the recorded information. In other words, it is difficult to share information authenticated at the gate of the building and information authenticated in other facilities across companies. When the manager of the building 10 and the company located in the building 10 both use the same second server device 200-1 to manage authority using the processing system 1 according to the present disclosure,
By sharing necessary information such as employee information that can pass between the two parties and log information showing that authentication has been performed, and managing unnecessary information to be kept secret, it is possible to flexibly expand the authentication method even between organizations.In addition, by collecting log information that is not simply information about the time and user of authentication, but also information about the equipment where the authentication was performed, it is possible to manage more detailed information such as when, who, and where the authentication was performed.

Furthermore, the second server device 200-1 in the processing system 1 according to the present disclosure can assign a name that is easily visible to humans (for example, information indicating the facility or location such as "gate in front of the elevator on the 3rd floor of Building A") to each authentication device installed in the facility such as each door or each passing point on the management screen, and can map and display the information together with the floor map. In addition to device management, it can manage building information, floor information, conference room information, seat information, etc. as location management, and can manage information on people inside and outside the company such as employees, external businesses, and guests as people management. Therefore, it is possible to provide a system that is easy for the administrator to manage by displaying the access history log on the management screen with high visibility regarding who accessed, when and where. By linking the second server device 200-1 with the first server device 200-1, the log information managed in the first server device 200-1 can be displayed with high visibility on the management screen connected to the second server device 200-1, making it easier for the system administrator to manage.

That is, in the processing system 1 according to the present disclosure, in a facility where use by a user is restricted, in addition to authenticating a user by a first authentication method using a first authentication device 300-1,
This system enables a user to be authenticated by a second authentication device 300-2 through a processing device using a second authentication method. Typically, the first authentication device 300-1 has a function of, for example, a card reader, and obtains first authentication information when a user's ID card 500-1 is brought close to the first authentication device 300-1. The first authentication device 300-1 then authenticates the user using the obtained first authentication information. When the user is authenticated, the first authentication device 3
The first authentication device 300-1 transmits an unlocking signal to the locking/unlocking device 400 connected via a communication network to release the restriction on the use of the facility. As a result, the gate connected to the locking/unlocking device 400 is unlocked and the user is permitted to use the facility. In addition, the first authentication device 300-1 transmits permission log information including the fact that the restriction on the user's use has been released and the user's use has been permitted, as well as the time of such permission, in response to a request from the first server device 200-1. As a result, the first server device 200-1 manages the user's usage status.

Here, the processing system 1 that performs such authentication processing is typically used as equipment in buildings, gates installed in buildings, and the like.

FIG. 1 is a block diagram showing a configuration of a processing system 1 according to an embodiment of the present disclosure. According to FIG. 1, in the processing system 1, a first authentication device 300-1 and a locking/unlocking device 400 are connected to each other so as to be able to communicate with each other via a communication network in a building 10, which is an example of a facility. Although not particularly shown, a gate installed in the building 10 is electrically connected to the locking/unlocking device 400, and the gate opens and closes when the gate receives an unlocking signal from the first authentication device 300-1 via the locking/unlocking device 400. In addition, the processing system 1 has previously set up a gateway 60 for the first authentication device 300-1.
The first server device 200-1 is communicatively connected to the first authentication device 300-1 via a communication network and transmits an identification code as first authentication information to the first authentication device 300-1, and receives information on a user's tolerance log from the first authentication device 300-1.

In the present disclosure, a processing system 1 including a first authentication device 300-1 and the like is configured to include a processing device 100 communicably connected to the first authentication device 300-1 via a communication network.
, a second authentication device 300-2 communicably connected to the processing device 100 via a communication network, and a second server device 200-2 communicably connected to the second authentication device 300-2 and the first server device 200-1 via a communication network. These processing devices 100 and second authentication devices 300-2 can be installed later in a building 10 in which the first authentication device 300-1 and the like have been installed. Therefore, in addition to the first authentication method performed by the already installed first authentication device 300-1, authentication by the second authentication method is also possible, and it is possible to flexibly expand the authentication method and manage authentication information.

In this disclosure, the term "facility" typically refers to a building or a gate installed in a building, as described above. However, the facility may be any object subject to usage restrictions that restrict the use of the facility by users. Examples of such facilities include the following:
-Providing space such as buildings, hotels, apartment buildings, houses, event facilities, or rooms (conference rooms, conference booths, residences) installed within buildings or apartment buildings,
- Gates and doors installed in the space that restrict the use of the space,
- Items with restricted use, such as electronic devices such as printers and computers, home equipment such as elevators and delivery boxes, or vehicles such as bicycles and cars.

For ease of explanation, an example will be given in which the facility is a building, but the facility is of course not limited to this.

In addition, in this disclosure, the term "administrator" simply means a person who manages each facility or each server device. Therefore, the administrator may be an individual or an organization such as a company or business. In addition, the same administrator does not need to manage the entire processing system 1, and the administrator may manage the entire building 1.
The administrator who manages the first server device 200-1 and the administrator who manages the second server device 200-2 may be different persons.

In addition, in the present disclosure, "authentication" may be performed by any authentication method as long as it is possible to authenticate a user. For example, authentication may be performed by a knowledge type (e.g., memorization by a user), a possession type (e.g., ID,
Examples include a card, a smartphone, a QR code, a license or a token, a biometric (e.g., a fingerprint, a voice, an iris or a face), or a combination thereof. Thus, in this disclosure, terms such as a first authentication method and a second authentication method, a first authentication device and a second authentication device, and a first authentication information and a second authentication information are used, but can include any of the methods, devices and information used to perform the authentication exemplified above.

Here, for ease of explanation, a case will be described in which the first authentication information, the first authentication method, and the first authentication device are an identification code (e.g., a six-digit number) that is unique information given to each user, a method for determining whether an identification code matches or does not match in the first authentication device, and a card reader for acquiring the identification code from an ID card in which the identification code is stored by short-range wireless communication. Similarly, a case will be described in which the second authentication information, the second authentication method, and the second authentication device are a usage certificate information, a method for authenticating a user based on a usage certificate,
The following description will be given of a case in which a reader for reading the license information and the usage certificate information from a user terminal device is applied. However, the present invention is not limited to this. Also, the authentication information, the authentication method, and the authentication device do not need to be different from each other, and may be the same type as each other.

In this disclosure, a "user" may be any person who uses the facility, including, by way of example, employees of an institution that occupies the building, residents of an apartment complex, and guests or service providers who are temporarily permitted to use the facility by the employees or residents.

In addition, in this disclosure, descriptions such as "first" and "second" may be used, but unless otherwise specified, these are merely names given for the convenience of explanation of both. Therefore, even if descriptions such as "first" and "second" are used, it does not mean that the elements are limited to those elements to which they are attached. Naturally, multiple elements such as "third", "fourth", "fifth" and more may be included.

2. Configuration of the Processing Device 100 FIG. 2A is a block diagram showing the configuration of the processing device 100 according to an embodiment of the present disclosure.
The processing device 100 does not need to include all of the components shown in FIG. 2A, and may have a configuration in which some components are omitted, or may have other components added. Although not specifically shown in the figure, the processing device 100 may be, so to speak, a first authentication device 300-1 and a second authentication device 300-2.
It is used to relay communication between the authentication device 300-2. Typically,
The processing device 100 is connected later to be communicatively connected via a communication network to the first authentication device 300-1 already installed in the building 10. Therefore, the processing device 100 may be in any form as long as it can perform such a function, and may be any of a chip or a substrate on which each of the components exemplified in FIG. 2A is mounted, or a device composed of these.

As shown in FIG. 2, the processing device 100 includes a processor 111 including a CPU and the like, a RAM
, ROM, and non-volatile memory, a memory 112 including a HDD, a first communication interface 113, and a second communication interface 114. These components are electrically connected to each other via control lines and data lines.

The processor 111 is configured with a CPU (microcomputer) and functions as a control unit for controlling other connected components based on various programs stored in the memory 112. The processor 111 reads out from the memory 112 a program for executing an application according to the present disclosure and a program for executing an OS, and executes them. Specifically, when the processor 111 receives permission information from the second authentication device 300-2, the processor 111 executes a process for transmitting the permission information to the first authentication device 300-1, and the like, in the memory 112.
The processor 111 executes the program stored in the memory 112. The processor 111 is mainly composed of one or more CPUs, but may also be appropriately combined with a GPU, an FPGA, or the like.

The memory 112 includes a RAM, a ROM, or a non-volatile memory, and functions as a storage unit.
The ROM stores instructions for executing the application and OS according to the present disclosure as a program. Such a program is loaded and executed by the processor 111. The RAM is used to write and read data while the program stored in the ROM is being processed by the processor 111. The non-volatile memory is a memory into which data is written and read by the execution of the program, and the data written therein is stored even after the execution of the program is terminated. Specifically, the memory 112 stores a program for the processor 111 to execute a process for transmitting the permissible information to the first authentication device 300-1 when the processor 111 receives the permissible information from the second authentication device 300-2.

The first communication interface 113 is electrically connected to the first
The first communication interface 113 functions as a first communication unit that transmits and receives information to and from the authentication device 300-1. The first communication interface 113 transmits to the first authentication device 300-1 the permission information that is generated when the user is authenticated by the second authentication method. Such a first communication interface 113 is preferably configured by serial communication such as RS-485, RS-422, or USB, a wired LAN, or a combination of these. However, the first communication interface 113 is not limited to the above-mentioned wired communication, and may be configured by a communication circuit for communication by wireless communication such as short-range wireless communication.

The second communication interface 114 functions as a second communication unit that transmits and receives information to and from the second authentication device 300-2 via a communication processing circuit and an antenna. The second communication interface 114 receives, from the second authentication device 300-2, permission information that is generated when a user is authenticated by the second authentication method.
14 is preferably a wireless LAN such as IEEE802.11, Bluetooth
Bluetooth (registered trademark), BLE (Bluetooth Low Energy), NFC
However, the second communication interface 114 is not limited to the above wireless communication, and may be configured by a wired communication method such as serial communication.

3. Configuration of the server device 200 FIG. 2B is a block diagram showing the configuration of the server device 200 according to an embodiment of the present disclosure. The server device 200 does not need to include all of the components shown in FIG. 2B, and it is possible to adopt a configuration in which some components are omitted, or other components can be added. In addition, the server device 200 does not need to include the components shown in FIG. 2B in a single housing, and each component and process of the server device 200 can be distributed to processing devices such as multiple on-premise server devices and cloud server devices. In addition, in the present disclosure, the first server device 200-
The first and second servers 200-1 and 200-2 may have the same configuration or may have different configurations. Here, the configuration and functions of the second server 200-2 will be mainly described.

2B, the server device 200 includes a processor 211 including a CPU and the like,
The memory 212 includes AM, ROM, non-volatile memory, HDD, etc., and a communication interface 213. These components are electrically connected to each other via control lines and data lines.

The processor 211 is configured with a CPU (microcomputer) and functions as a control unit for controlling other connected components based on various programs stored in the memory 212. The processor 211 reads out from the memory 212 a program for executing an application according to the present disclosure and a program for executing an OS, and executes the program. Specifically, the processor 111 performs the following operations: "a process of generating acceptance information by authenticating the user in the second authentication device 300-2 configured to be able to authenticate the user by a second authentication method using second authentication information different from the first authentication information, for equipment in which whether or not to permit the user's use is determined by the first authentication device 300-1 configured to be able to authenticate the user by a first authentication method using first authentication information", "a process of outputting the acceptance information via a communication interface in order to provide the acceptance information to the processing device 100 communicably connected to the first authentication device 300-1", "a process of receiving first log information indicating that the user has been authenticated from the first authentication device 300-1, which is installed for authenticating the user by the first authentication method and determining whether or not to permit the user's use, due to the acceptance by the first authentication device 300-1 of an authentication request by the user using the first authentication information in equipment in which the user's use is restricted", and "a process of receiving second log information indicating that the user has been authenticated from the first authentication device 300-1, due to the acceptance by the first authentication device 300-1 of acceptance of acceptance information generated by authenticating the user by the second authentication method different from the first authentication method.
The processor 211 executes a "process of receiving log information," a "process of storing first log information and second log information," and the like based on a program stored in the memory 212. The processor 211 is mainly composed of one or more CPUs, but may also be appropriately combined with a GPU, an FPGA, and the like.

The memory 212 includes a RAM, a ROM, a non-volatile memory, and a HDD, and functions as a storage unit. The ROM stores instructions for executing the application and the OS according to the present disclosure as a program. Such a program is loaded and executed by the processor 211. The RAM is used to write and read data while the program stored in the ROM is being processed by the processor 211. The non-volatile memory is a memory in which data is written and read by the execution of the program, and the data written therein is saved even after the execution of the program is terminated. Specifically, the memory 212 stores a program for the processor 211 to execute the above-mentioned processes. The memory 212 also stores various information such as a user management table (FIG. 3A) and a log management table (FIG. 3B). Note that these pieces of information may be stored in a database device communicably connected to the server device 200 as necessary (in this case, the database may also be included as one of the memories 212).

The communication interface 213 functions as a communication unit that transmits and receives information to and from other remotely installed server devices such as the first server device 200-1 and other devices such as the second authentication device 300-2 via a communication processing circuit and an antenna.
The communication processing circuit processes the programs and various information used in the communication device according to the progress of the processing in order to transmit and receive information. The communication processing circuit processes based on a wideband wireless communication method such as the LTE method, but it can also process based on wireless LANs and Blue
It is also possible to perform processing based on a narrowband wireless communication system such as Tooth (registered trademark) or a contactless wireless communication system. Also, wired communication can be used instead of or in addition to wireless communication.

In addition, the second server device 200-2 mainly performs functions as a permission management unit, a permission information management unit, and an authentication unit by processing a program in the processor 211. In Fig. 2B, the second server device 200-2 is described as performing each of these functions by itself. However, without being limited to this, the second server device 200-2 may include multiple server devices, and each server device may execute each of these functional units.

4. Configuration of Other Devices As described above, the processing system 1 includes the first authentication device 300-1, the second authentication device 300-2,
, a locking/unlocking device 400, and a gateway 600. Although the specific configurations of these are not particularly shown in the figures, they include components necessary for executing each process, such as a processor, a memory, and a communication interface, and each component is electrically connected to each other via a control line and a data line.

The first authentication device 300-1, for example, is installed for authentication at the gate of the building 10, and includes a control panel or control device connected by wire to the locking/unlocking device 400 and the gateway 600, and an authentication unit (e.g., a card reader) communicatively connected to the control panel or control device. The second authentication device 3000-2, for example, is a terminal device such as a smartphone including a control unit communicatively connected to the second server device 200-2 and a camera or sensor for performing face authentication of a user. However, these are merely examples, and the gateway 600 may have other forms. The gateway 600 may be any device communicatively connected to the first server device 300-1 and capable of relaying communication between the first authentication device 300-1 and the first server device 300-1. For example, the gateway 600 may be a device that communicates with the first server device 300-1 and relays communication between the first authentication device 300-1 and the first server device 300-1.
The gateway 600, which is wirelessly connected to the first 100-1, relays the communication.
Communication is enabled between authentication device 300 and first server device 300-1.

5. Information stored in the second server device 200-2 Fig. 3A is a diagram conceptually illustrating a user management table stored in the second server device 200-2 according to an embodiment of the present disclosure. The information stored in the user management table is updated and stored as necessary according to the progress of processing by the processor 211 of the second server device 200-2.

According to FIG. 3A, the user management table includes attribute information,
The first authentication information, the authority information, the second authentication information, and the like are stored. The "user ID information" is information unique to each user and is information for identifying each user. The user ID information is information generated in the second server device 200-2, for example, when a user or an administrator transmits a new registration request for a service provided by the processing system 1. The "attribute information" is information related to the attributes of each user. Examples of such attribute information include the user's name (first name), title, nickname, career history, contact information such as telephone number and email address, the address and name of the company to which the user belongs, the name of the department to which the user belongs, and the like. These are stored as needed by inputting instructions from the user or the administrator, and the like.

The "first authentication information" is information used for authenticating a user when the first authentication method is executed in the first authentication device 300-1. The first authentication information may be any of authentication information corresponding to a knowledge-type, possession-type, or biometric authentication method. Here, an example will be described in which an identification code, which is unique information given to each user, is used as the first authentication information (for example, an identification code may be a six-digit number, but the same identification code may be used between each user). The "authority information" is information indicating the authority of each user as to whether or not the facility can be used. The authority information is, for example, information indicating the time when the facility can be used for each user (for example, a combination of days of the week and times, such as 9:00 to 17:00 on Mondays) and the location where the facility can be used. Specifically, it will be described in FIG. 3C.

The "second authentication information" is information used for authenticating a user when the second authentication method is executed in the second authentication device 300-2. The second authentication information may be any of authentication information corresponding to a knowledge-type, possession-type, or biometric authentication method. Here, an example will be described in which license information granted to each user is used as the second authentication information. Note that, although authentication information different from the first authentication information is exemplified as the second authentication information here, it may be the same authentication information as the first authentication information. Naturally, in addition to the second authentication information, multiple authentication information may be additionally stored, such as third authentication information used for authenticating a user when the third authentication method is executed in the third authentication device, and fourth authentication information used for authenticating a user when the fourth authentication method is executed in the fourth authentication device.

Although not specifically shown, in relation to the second authentication information of Figure 3A, each piece of information used for signature verification such as each private key, each public key, and a common key used when issuing a license is also stored in memory 212.

3B is a diagram conceptually illustrating a log management table stored in the second server device 200-2 according to an embodiment of the present disclosure. The information stored in the log management table is updated and stored as necessary according to the progress of processing by the processor 211 of the second server device 200-2.

3B, the log management table stores restricted ID information, unlocking time information, and entry/exit information in association with user ID information. "User ID information" is information unique to each user and is used to identify each user. In other words, when a user is authenticated via any authentication device such as the first authentication device 300-1, the user ID information is stored to identify the user.

The "locking/unlocking ID information" is information specific to a locking/unlocking device for locking/unlocking restricted objects such as facilities whose use by users is restricted, and is information for identifying each locking/unlocking device. Here, restricted objects such as facilities include, as described above, buildings, hotels, apartment buildings, houses, event facilities, or rooms (conference rooms, conference booths, residences) installed in buildings or apartment buildings that provide space,
- Gates and doors installed in the space that restrict the use of the space,
- Items with restricted use include electronic devices such as printers and personal computers, home equipment such as elevators and delivery boxes, and vehicles such as bicycles and cars, and locking/unlocking devices are provided for each of these pieces of equipment. Therefore, it is possible to identify each piece of equipment by the locking/unlocking ID information. In addition, authentication devices are often installed for each of the above-mentioned pieces of equipment or each locking/unlocking device. Therefore, as the locking/unlocking ID information, authentication device ID information for identifying each authentication device and equipment ID information for identifying each piece of equipment are provided.
In the present embodiment, by using the locking/unlocking device ID information, it is possible to identify the equipment that is the restricted object that the user is permitted to use and the locking/unlocking device provided corresponding to the equipment.

The "unlocking time information" is information related to the time when an unlocking signal is transmitted from the first authentication device 300-1 to the locking/unlocking device 400 as a result of the user being authenticated via the first authentication device 300-1. The unlocking time information may directly indicate the time when the unlocking signal is transmitted, or may indicate the time when the unlocking signal is received by the locking/unlocking device 400.
It may indicate the time when authentication was performed to transmit an unlocking signal. In other words, the unlocking time information may be any information indicating the time when any process related to the transmission of an unlocking signal was performed. The "entry/exit information" is information indicating whether each user is currently entering or exiting the building 10. For example, when the first authentication device 300-1 first authenticates a user and generates an unlocking signal, "enter" is stored as the entry/exit information, and thereafter, each time the user is authenticated and an unlocking signal is generated, either "exit" or "enter" is stored as the entry/exit information.

3C is a diagram conceptually illustrating authority information according to an embodiment of the present disclosure.
For example, the information is updated and stored whenever necessary in response to a request from any of the managers.

The authority information shown in FIG. 3C is generated for each user ID information of a user. That is, by referring to the authority information, it is possible to determine whether or not a user associated with the user ID information has the authority to use each facility. FIG. 3C shows the authority information of a user having "A1" as the user ID information. According to FIG. 3C, the restriction target information and time information are stored in association with the locking/unlocking ID information. As described in FIG. 3B, the locking/unlocking ID information is information unique to a locking/unlocking device for locking/unlocking a restricted object such as a facility whose use by a user is restricted, and is information for identifying each locking/unlocking device. Each locking/unlocking device is provided for each facility, and each locking/unlocking device is connected to an authentication device that authenticates a user, but it is also possible to use equipment ID information that identifies each facility or authentication device ID information that identifies each authentication device as the locking/unlocking ID information.

"Restriction target information" is information indicating a facility that is a restricted object in which a locking/unlocking device is installed. Examples include information indicating the name of the facility, such as building 10, and information indicating the location of each facility. "Time information" is information indicating the time during which each user is permitted to use a facility that is a restricted object in which a locking/unlocking device is installed. The time information may be in any of the units of year, month, week, day, hour, minute, and second. Furthermore, the time information does not necessarily have to be a continuous fixed period, and may be a period specified each time.

In the case of the above-mentioned authority information shown in Figure 3C, for example, it is shown that a user having user ID information "A1" can use the building (gate) in which a locking/unlocking device with locking/unlocking ID information "G1" is installed between 9:00 and 22:00 on weekdays, and can use Room C in which a locking/unlocking device with locking/unlocking ID information "G4" is installed between 12:00 and 13:00 on weekdays.

6. Processing sequence executed by the processing system 1 (A) Pre-registration processing of first authentication information Fig. 4A is a diagram showing a processing sequence executed by the processing system 1 according to an embodiment of the present disclosure. Specifically, Fig. 4A shows a processing sequence executed between the first authentication device 300-1, the first server device 200-1, and the second server device 200-2 in order to register, in the first authentication device 300-1, the first authentication information used in the authentication of a user by the first authentication method in the first authentication device 300-1. The processing in each device is executed by a processor processing a program stored in the memory of each device.

According to FIG. 4A, the processor 211 of the second server device 200-2 receives a user registration request for a new user via the communication interface 213 from an administrator terminal device available to the administrator. The user registration request includes attribute information and authority information of the user who wishes to newly register. Examples of attribute information include the user's name (first and last name), title, nickname, career history, contact information such as telephone number and email address, the address of the company to which the user belongs, the name of the company, and the name of the department to which the user belongs. The authority information also includes information indicating the available times and facilities that have been set for the user by the administrator in advance (see FIG. 3C ).
) are included.

When the processor 211 of the second server device 200-2 receives the user registration request, it generates new user ID information (S11). Then, the processor 211 of the second server device 200-2 associates the received attribute information and authority information with the generated user ID information and stores them in the user management table (S12).
The processor 211 of the second server device 200-2 generates an identification code, which is information unique to the user, as first authentication information for newly authenticating the user, and stores the generated identification code in the user management table in association with the user ID information (S13).
The user ID information stored in the user management table and the first authentication information (T11) and authority information associated with each user ID information are transmitted to the user ID information terminal 100.

When the processor 211 of the first server device 200-1 receives each user ID information and the first authentication information and authority information associated with each user ID information from the second server device 200-2 via the communication interface 213, the processor 211 stores the received information in the memory 212 (S14). Then, at a predetermined timing, the processor 211 of the first server device 200-1 transmits each user ID information and the first authentication information (T12) and authority information associated with each user ID information to the first authentication device 300-1 via the communication interface 213.

When the processor of the first authentication device 300-1 receives each user ID information and the first authentication information and authority information associated with each user ID information from the first server device 200-1 via the communication interface, the processor stores the received information in memory (S14). The received information is used when the first authentication device performs authentication using the first authentication method. This completes the pre-registration process of the first authentication information.

As the first authentication information, the first authentication method, and the first authentication device, for example, an identification code which is unique information given to each user, a method for determining whether the identification code matches or does not match in the first authentication device, and a card reader for acquiring the identification code from an ID card in which the identification code is stored by short-range wireless communication are respectively applied. That is, in such a case, an ID card 500 in which an identification code that can be read by a card reader is stored in advance is used.
Therefore, although not shown in the figure, an ID card is prepared in advance by an administrator, and the user is required to carry the ID card for the second server device 2 by an administrator terminal device or the like.
The first authentication information (identification code) associated with the user ID information, starting from 00-2, is stored in the ID card. The ID card in which the first authentication information (identification code) is stored is given to the user in advance by the administrator.

(B) Pre-registration process of second authentication information Fig. 4B is a diagram showing a process sequence executed in the processing system 1 according to an embodiment of the present disclosure. Specifically, Fig. 4B shows a process sequence executed between the second authentication device 300-2 and the second server device 200-2 to generate second authentication information used in the second authentication device 300-2 to authenticate a user by the second authentication method. The process in each device is executed by a processor processing a program stored in the memory of each device.

(B-1) Registration process of second authentication information The registration process of second authentication information is a process performed when the second authentication information used for authenticating a user is newly registered in the second server device 200-2. According to FIG. 4B, the processor 211 of the second server device 200-2 receives a registration request for second authentication information from an administrator terminal device available to the administrator via the communication interface 213. Note that, when transmitting the registration request, the administrator transmits the processing device 1 to the first authentication device 300-1.
00 is installed later, and the second authentication device 30 is configured to be able to communicate with the processing device 100.
0-2 is installed in building 10. The registration request includes attribute information of the user who wishes to newly register, second authentication information used for authentication by the second authentication device 300-2 (for example, facial features of the user in the case of using a face authentication method), and authority information. Examples of the attribute information include the user's name (first name), title, nickname, career history, contact information such as a telephone number and an email address, the address of the company to which the user belongs, the name of the company, and the name of the department to which the user belongs. The authority information also includes information (FIG. 3C) indicating the time and facilities that can be used, which are set in advance by an administrator for the user.

When the processor 211 of the second server device 200-2 receives a registration request via the communication interface 213, it generates new user ID information (S21). Then, the processor 211 of the second server device 200-2 causes the authority management unit (access control) to associate the received attribute information and authority information with the generated user ID information and store them in the user management table (S22). Furthermore, the processor 211 of the second server device 200-2 causes the permission information management unit (which refers to and reads out an identification code (first authentication information) as permission information) to generate an identification code that is information unique to the user as first authentication information for authenticating the user, and stores the identification code in the user management table in association with the user ID information (S23). Furthermore, the processor 211 of the second server device 200-2 causes the authentication management unit (which manages facial features, information used for biometric authentication, etc.) to store the generated user ID information in the user management table (S24).
The second authentication information included in the registration request received in association with the information is stored in the user management table in association with the information (S24). This completes the registration process of the second authentication information.

In the above, the processed authority information, the first authentication information, and the second authentication information are stored in the memory 212 of the second server device 200-2. These pieces of information are used for processing such as authentication by the second authentication method shown in FIG. 4D, confirmation of authority information, and reference to allowance information, but the second authentication information and the authority information may be frequently updated. In such a case, it is possible to easily update to the latest information, and processing such as authentication can be performed using the updated latest information. On the other hand, the processed authority information, the first authentication information, and the second authentication information may be transmitted to the second authentication device 300-2 in advance. In this way, by transmitting these pieces of information in advance, processing such as authentication by the second authentication method, confirmation of authority information, and generation of allowance information can be performed in the second authentication device 300-2, and it is possible to more flexibly respond to failures such as deterioration of the communication environment.

(B-2) Setting process of hole data The setting process of hole data is a process carried out when a new processing device 100 is retrofitted to the first authentication device 300-1 and new hole data is set for the processing device 100. As shown in Fig. 4B, in response to the processing device 100 being retrofitted to the first authentication device 300-1 by the administrator, the processor 211 of the second server device 200-2 receives the processing device 100 via the communication interface 213 from, for example, an administrator terminal device available to the administrator.
The second server device 2 receives a request for setting hole data for the processing device 100 via the
When the processor 211 of the machine 100-2 receives the registration request via the communication interface 213, the processor 211 generates a pair of a private key A and a public key A unique to the newly generated hall data in accordance with the public key cryptosystem (S31).
The processing device ID information is unique to the processing device 100 in order to identify the processing device 100 .

Next, the processor 211 of the second server device 200-2 generates a common key A for the hall data using the generated private key A for the hall data and the public key A for the hall data in accordance with the common key cryptography (S32). The processor 211 of the second server device 200-2 stores the private key A for the hall data and the common key A for the hall data in its own memory 213 and
S33), the public key A of the hall data and the common key A of the hall data (T31) are transmitted to the processing device 100 via the administrator's administrator terminal device.
When the hall data public key A and the hall data common key A are received via the communication interface 113, the hall data setting process is completed by storing the received hall data public key A and the hall data common key A in the memory 112 (S34).

(B-3) Administrator Setting Process The administrator setting process is a process of generating a private key or the like used to prove that the account is allowed to generate a digital key for the processing device 100 in the processing system 1 including the second server device 200-2 and the processing device 100 via the second authentication device 300-2. According to FIG. 4B, the processor of the second authentication device 300-2 receives an administrator setting request via a communication interface, for example, from an administrator terminal device available to the administrator. When the processor of the second authentication device 300-2 receives a registration request via the communication interface, it generates a pair of a private key B and a public key B unique to the administrator according to the public key cryptography (S35). Then, the processor of the second authentication device 300-2 stores the administrator's private key B of the generated administrator's private key B and administrator's public key B in its own memory (S36), and transmits the administrator's public key B (T31) to the second server device 200-1. When the processor 211 of the second server device 200-2 receives the administrator's public key B via the communication interface 213, the processor 211 stores the received administrator's public key B in the memory 212 (S
37) This completes the administrator setting process.

(B-4) Digital Key Issuance Processing The digital key generation processing is a processing for issuing a digital key used for authenticating the connection source between the second authentication device 300-2 and the processing device 100. According to FIG. 4B,
The processor of the second authentication device 300-2 detects an operation input by the administrator, for example, via an input interface, and accepts the selection of the hole data for which the digital key to be generated is to be used (S41). The processor of the second authentication device 300-2 then transmits a request (T41) for issuing a digital key for that hole data to the second server device 200-2 via the communication interface. The issuance request includes administrator ID information of the administrator's public key B and hole data ID information for specifying the hole data.

When the processor 211 of the second server device 200-2 receives the issuance request via the communication interface 213, it generates a digital key including predetermined digital data unique to the digital key (S42). The processor 211 of the second server device 200-2 then encrypts the digital key using the common key A of the hall data generated in S32 (S43), and generates a signature A for the digital key using the private key A of the hall data generated in S31 (S44).
11 transmits the generated digital key and signature A to the second authentication device 300-2 via the communication interface 213.

When the processor of the second authentication device 300-2 receives the digital key and the signature A via the communication interface, the processor generates a signature B for the received digital key and the signature A using the administrator's private key B generated in S35 (S45).
Processor 0-2 stores the digital key in memory together with signature A created by private key A of the hall data and signature B created by private key B of the administrator (S46). This completes the digital key issuing process.

The digital key issued in FIG. 4B includes information indicating the unlocking conditions such as the validity period, usable time, and number of times the digital key can be used, as well as the administrator's public key B generated in S35.

(C) Authentication Processing in the First Authentication Device 300-1 Fig. 4C is a diagram showing a processing sequence executed in the processing system 1 according to an embodiment of the present disclosure. Specifically, Fig. 4C shows a processing sequence executed between the first authentication device 300-1, the first server device 200-1, and the second server device 200-2 in order to authenticate a user by the first authentication method using the first authentication information in the first authentication device 300-1. The processing in each device is executed by a processor processing a program stored in the memory of each device.

According to FIG. 4C, the card reader of the first authentication device 300-1 includes a communication interface capable of communicating by a short-range wireless communication method such as NFC.
is an ID in which the first authentication information (identification code) previously assigned to the user is stored.
When the card 500-1 (FIG. 1) is brought close to the card reader of the first authentication device 300-1 (when the ID card 500-1 is located within the communication range of the short-distance wireless communication),
, obtain the first authentication information from the ID card 500-1 via the card reader (S
51). In this case, since ID card 500-1 is used, the first authentication information is acquired via a communication interface capable of communicating by a short-range wireless communication method, but the acquisition method may be appropriately changed depending on the type of first authentication information. For example, in the case of knowledge-based authentication (e.g., memorization by the user), the first authentication information may be acquired via an input interface such as a numeric keypad or keyboard. Also, in the case of possession-based authentication (e.g., ID
In the case of authentication of devices such as cards, smartphones, QR codes, licenses or tokens, communication interfaces such as various short-range wireless communication methods and wideband wireless communication methods, cameras,
Alternatively, the first authentication information may be acquired via a sensor. In addition, in the case of biometric authentication (e.g., fingerprint, voice, iris, or face), the first authentication information may be acquired via a camera or a sensor.

The processor of the first authentication device 300-1 refers to the first authentication information previously stored in the memory in the pre-registration process of the first authentication information in Fig. 4A, and verifies whether there is any first authentication information that matches the first authentication information acquired from the ID card 500-1. Then, if any of the first authentication information previously stored in the memory matches the first authentication information acquired from the ID card 500-1, the processor of the first authentication device 300-1 registers the matching first authentication information as the first authentication information.
The user is authenticated by reading out the user ID information stored in the memory in association with the authentication information (S52).

Next, the processor of the first authentication device 300-1 refers to the authority information (FIGS. 3A and 3C) associated with the read user ID information.
The processor of the first authentication device 300-1 obtains the time when the first authentication information was obtained from the ID card 500-1 from the timer of the first authentication device 300-1.
The acquired time is compared with the time information of the facility (building 10) stored as the authority information, and the acquired time is determined as the available time (for example, a combination of days of the week and times, such as 9:00 to 22:00 on weekdays).
If the acquired time satisfies the available time, the processor of the first authentication device 300-1 judges whether the authentication has been successful and the device is available.
An unlocking signal is generated to be transmitted to the locking/unlocking device 400. The processor of the first authentication device 300-1 transmits the unlocking signal to the locking/unlocking device 400 via the communication interface. Although not shown in the figure, the locking/unlocking device 400, upon receiving the unlocking signal, transmits the unlocking signal to a gate connected to the locking/unlocking device 400, thereby opening the gate and allowing the user to enter the facility. In other words, the restriction on the user's use of the facility is lifted.

The processor of the first authentication device 300-1 also generates an authorization log (first log) including locking/unlocking ID information for identifying the locking/unlocking device 400, user ID information of the authenticated user, and information on the authorization of use of the facility and the unlocking time information related to the unlocking signal, and stores the log in memory (S53). In this way, whereas conventionally it was only possible to manage "who (a user identified by user ID information) was authenticated on a certain day (information in days as time information)", it is now possible to manage the facility that was authorized to be used or its location from the locking/unlocking ID information,
It is possible to obtain and manage information on users who have been authenticated and permitted to use the system from user ID information, and detailed information on the time during which use was permitted from unlocking time information.

Next, the processor 211 of the first server device 200-1 connects the communication interface 213
In response to the request for transmitting the tolerance log (first log) to the first authentication device 300-1 at a predetermined interval, the processor of the first authentication device 300-1 transmits a transmission request (T51) for the tolerance log (first log) stored in the memory to the first authentication device 300-1 via the
T52: The first log is read out and transmitted to the first server device 200 via the communication interface.
When the processor 211 of the first server device 200-1 receives the tolerance log via the communication interface 213, the processor 211 stores the received tolerance log (first log) in the memory 212.
The period for transmitting the transmission request for the tolerance log (first log) may be any period on a yearly, monthly, weekly, daily, hourly, minutely, or secondly basis.
It is not necessary to set the period to be a fixed one. For example, the message may be sent once a day, or once every 12 hours on weekdays and once a day on holidays.
The period can be changed as desired by the administrator, etc. Also, a request to transmit the permission log (first log) is not necessarily required, and the first authentication device 300-1 can transmit the permission log (
The tolerance log (first log) may be transmitted each time a predetermined amount of the tolerance log (first log) is stored in the first authentication device 300-1 or at predetermined intervals.

The processor 211 of the second server device 200-2 also includes a communication interface 213
The processor 211 of the first server device 200-1 transmits a transmission request (T53) for the tolerance log (first log) stored in the memory to each server device including the first server device 200-1 to which the first authentication device 300-1 is connected, via the
When a transmission request for the first log is received, the tolerance log (T54) stored in the memory 212 is read out and transmitted via the communication interface 213 to the second server device 200-2.
When the processor 211 of the second server device 200-2 receives the permission log (first log) via the communication interface 213, the processor 211
Based on the D information, the log management table corresponding to the locking/unlocking device 400 is identified, and the unlocking time information is stored in association with the user ID information included in the permitted log (first log), and the entry/exit information is updated (S55). The period for transmitting the transmission request for the permitted log (first log) may be any period of years, months, weeks, days, hours, minutes, or seconds, and does not necessarily have to be set at a fixed period. For example, the log may be transmitted once a day, or once every 12 hours on weekdays and once a day on holidays. The period can be changed as desired by the administrator, etc. In addition, a transmission request for the permitted log (first log) is not necessarily required, and the permitted log may be transmitted every time the permitted log (first log) is stored in the first server device 200-1, or the permitted log (first log) may be transmitted every time a predetermined amount of the permitted log (first log) is stored in the first server device 200-1 or every predetermined period. This completes the authentication process in the first authentication device 300-1.

(D) Authentication Processing in the Second Authentication Device 300-2 Figures 4D and 4E are diagrams showing a processing sequence executed in the processing system 1 according to an embodiment of the present disclosure. Specifically, Figures 4D and 4E show a processing sequence executed mainly between the second server device 200-2, the second authentication device 300-2, and the processing device 100 in order to authenticate a user by the second authentication method using the second authentication information in the second authentication device 300-2. The processing in each device is executed by a processor processing a program stored in the memory of each device.

(D-1) Authentication process based on second authentication information According to FIG. 4D, the second authentication device 300-2 includes a sensor (camera) for acquiring the facial features of the user. The processor of the second authentication device 300-2 activates the camera by detecting an operation input by the user via, for example, an input interface. When the user's face is detected within the angle of view of the camera, the processor of the second authentication device 300-2
A face image of the user is acquired as second authentication information used in the authentication method (S61).
The second authentication information uses facial features, and the features may be calculated by the second authentication device 300-2 or the second server device 200-2. In the present embodiment, the second authentication information includes not only facial features but also the facial image itself and data after image processing to calculate the facial features. In the above, a sensor (camera) is used to acquire a facial image or facial features as the second authentication information, but the acquisition method may be appropriately selected depending on the type of the second authentication information. For example, in the case of knowledge-type authentication (e.g., memory by a user), the second authentication information may be acquired via an input interface such as a numeric keypad or keyboard. In the case of possession-type authentication (e.g., ID card, smartphone, QR code, license, or token), the second authentication information may be acquired via a communication interface such as a camera or a sensor of various short-range wireless communication methods or wideband wireless communication methods. In the case of biometric authentication (e.g., fingerprint, voice, iris, or face), the second authentication information may be acquired via a camera or a sensor.

When the processor of the second authentication device 300-2 acquires the second authentication information, it transmits the acquired second authentication information (S61) to the second server device 200-2 via the communication interface. When the processor 211 of the second server device 200-2 receives the second authentication information via the communication interface 213, it accesses the database of the authentication management unit and performs authentication by the second authentication method by referring to whether or not the corresponding second authentication information is included (S62). Specifically, the processor 211 of the second server device 200-2 executes the process shown in FIG. 4B.
The processor 211 of the second server device 200-2 checks whether there is user ID information that matches the second authentication information received from the second authentication device 300-2 by referring to the second authentication information previously stored in the user management table by the processing of S24, etc. If there is no match, the processor 211 of the second server device 200-2 cancels the subsequent processing as a result of authentication failure.

On the other hand, if there is a match, the processor 211 of the second server device 200-2 accesses the database of the authority management unit, refers to the authority information (FIGS. 3A and 3C) stored in advance in the user management table by the process of S22 of FIG. 4B, etc., and refers to whether or not the corresponding user ID information is included (S63).
When the information is specified, the processor 212 of the second server device 200-2 refers to the authority information associated with the user ID information in the user management table. The processor 212 of the second server device 200-2 compares the current time acquired from the timer with the time information of the facility (building 10) stored as the authority information, and determines whether the acquired time is available (for example, 9:00 to 22:00 on weekdays by a combination of days and times).
If the acquired time satisfies the available time, the processor 212 of the second server device 200-2 determines that the facility (building 10) is available for use.

When the processor 212 of the second server device 200-2 determines that the facility (building 10) is available based on the authority information, the processor 212 accesses the database of the permission information management unit and executes the process shown in FIG.
The permission information (see FIG. 3A) stored in advance in the user management table by the process of S22 of
See FIG. 3C (S64). Specifically, the processor 212 of the second server device 200-2 reads out the permission information including the first authentication information (identification code) associated with the user ID information associated with the matched second authentication information.

The processor 212 of the second server device 200-2 transmits the permissible information (T61) read from the permissible information management unit to the second authentication device 300-2 via the communication interface 213. When the processor of the second authentication device 300-2 receives the permissible information via the communication interface, it stores the permissible information in its own memory (S65).
The authentication process using the authentication information is terminated. Note that since the permission information is transmitted from the second authentication device 300-2 to the processing device 100 as shown in T91 of Fig. 4E, it is sufficient that the permission information is stored at least temporarily for the transmission.

In FIG. 4D, the second server device 200-2 includes an authentication unit, an authority management unit,
The above processes are executed by the processes in the permission information management unit and the permission information management unit. However, for example, the second server device 200-2 may be configured by server devices each of which executes a respective function unit, and each function unit may be distributed and executed by the server devices.

In the above, the second server device 200-2 receives the authority information, the first authentication information, and the second authentication information from the second authentication device 300-2 in advance.
The second authentication device 300-2 executes each function. Among these pieces of information used when executing each function, the second authentication information and authority information in particular may be frequently updated. In such a case, when executing each function in the second server device 200-2, it is possible to easily update to the latest information, and the authentication process and the like can be performed using the updated latest information. On the other hand, it is also possible to store the authority information, the first authentication information, and the second authentication information in the second authentication device 300-2, and to execute each of the above functions in the second authentication device 300-2. In such a case, since the need for communication with the second server device 200-2 is low, it is possible to more flexibly respond to failures such as a deterioration in the communication environment.

(D-2) Encryption process of short-distance wireless communication Encryption process of short-distance wireless communication is a process of performing encryption to establish more secure short-distance wireless communication between the second authentication device 300-2 and the processing device 100. As an example, like the Diffie-Hellman key sharing method, it is performed by exchanging public keys generated in the second authentication device 300-2 and the processing device 100 and generating a common common key. According to FIG. 4D, the processor of the second authentication device 300-2 detects the processing device 100 by receiving a signal transmitted at a predetermined period from the processing device 100 to be connected (S71). When the processor of the second authentication device 300-2 detects the processing device 100, it transmits a connection request (T71) to the processing device 100 via the communication interface.

When the processor 111 of the processing device 100 receives the connection request via the second communication interface 114, it permits the connection with the second authentication device 300-2 (S72). Then, the processor 111 of the processing device 100 generates a private key C of the processing device 100 and a public key C of the processing device 100 that are unique for communication with the second authentication device 300-2 according to the public encryption method (S73). The processor 111 of the processing device 100 stores the generated private key C of the processing device 100 in the memory 112 (S74), and transmits the public key C (T72) of the processing device 100 to the second authentication device 300-2 via the second communication interface 214 (at this time, it also transmits a notice that the connection is permitted). The processor of the second authentication device 300-2
When the public key C of the processing device 100 is received via the communication interface, the public key C of the processing device 100 is stored in its own memory (S75).

Next, the processor of the second authentication device 300-2 performs the public encryption process on the processing device 10.
0, the secret key D of the second authentication device 300-2 and the secret key D of the second authentication device 300-
The processor of the second authentication device 300-2 generates a public key D of the second authentication device 300-2 (S76). The processor of the second authentication device 300-2 generates a common key C using the generated private key D of the second authentication device 300-2 and the public key C of the processing device 100 received from the processing device 100 (S77). The processor of the second authentication device 300-2 stores the generated private key D of the second authentication device 300-2 and the common key C generated by the second authentication device 300-2 in its own memory (S78). The processor of the second authentication device 300-2
After encrypting any information with the common key C (S79), the encrypted information and the public key D (T73) of the second authentication device 300-2 are transmitted to the processing device 100 via the communication interface. When the processor 111 of the processing device 100 receives the public key D of the second authentication device 300-2 via the second communication interface 114, the processor 111 stores the received public key D in the memory 112 (S80).

Next, the processor 111 of the processing device 100 generates a common key C using the private key C of the processing device 100 generated in S73 and the public key D of the second authentication device 300-2 received from the second authentication device 300-2 (S81). The processor 111 of the processing device 100 decrypts the encrypted information received from the second authentication device 300-2 using the common key C generated by the processing device 100 (S82). If the processor 111 of the processing device 100 can decrypt the encrypted information using the common key C generated by the processing device 100, it is assumed that the common keys C generated by the second authentication device 300-2 and the processing device 100 are the same (i.e., are shared).
The processor 11 of the processing device 100 generates decryption result information indicating that the decryption is successful.
The second authentication device 300-2 encrypts the decryption result information with the common key C generated by the processing device 100, and then transmits the encrypted decryption result information to the second authentication device 300-2 via the second communication interface 114. This makes it possible to encrypt each piece of information transmitted and received in communication between the second processing device 300-2 and the processing device 100 using the common key C, thereby improving the security of communication. This ends the encryption process.

(D-3) Digital key authentication process The digital key authentication process is a process for authenticating the connection source between the second authentication device 300-2 and the processing device 100. According to Fig. 4E, when the second authentication device 300-2 receives the decryption result information in Fig. 4D, in order to transmit the digital key to the processing device 100, the second authentication device 300-2 transmits the digital key stored in S46 in Fig. 4B together with the signature A of the whole data by the private key A and
The second authentication device 300 reads the signature B together with the signature B obtained by the administrator's private key B (S91).
Processor -2 transmits the read digital key, signature A using private key A of the hall data, and signature B using private key B of the administrator (T91) to the processing device 100 via the communication interface. Note that the digital key has been encrypted with common key A of the hall data in S43 of Fig. 4B.

When the processor 111 of the processing device 100 receives the digital key, the signature A based on the private key A of the hall data, and the signature B based on the private key B of the administrator via the second communication interface 114, it decrypts the digital key with the common key A of the processing device 100 stored in S34 of Fig. 4B (S92). When the digital key is decrypted, the processor 111 of the processing device 100
The signature A based on the private key A of the hall data is verified using the public key A of the hall data that was set in advance in the hall data of the processing device 100 and stored in S34 of FIG. 4B. Then,
If the signature verification is successful, the processor 111 of the processing device 100 verifies signature B with the administrator's private key B using the administrator's public key B, which is set in advance for the administrator and obtained as included in the digital key (S94). If the verification of each signature is successful, the processor 111 of the processing device 100 generates authentication result information indicating that the signature verification has ended and authentication of the digital key has been successful, and transmits the authentication result information (T92) encrypted with the common key C generated by the processing device 100 to the second authentication device 300-2 via the second communication interface 114.
If the authentication of the digital key is successful, the processor 111 of the processing device 100 becomes ready to accept commands from the second authentication device 300-2.

When the processor of the second authentication device 300-2 receives the authentication result information via the communication interface, the processor encrypts the permission information received in S65 of FIG. 4D with the common key C generated by the second authentication device 300-2 (S95), and transmits the encrypted permission information (
T93) to the processing device 100 as an unlocking request. When the processor 111 of the processing device 100 receives the encrypted allowable information via the second communication interface 114, it decrypts the allowable information using the common key C generated by the processing device 100. Then, the processor 111 of the processing device 100 transmits the decrypted allowable information to the first authentication device 300-1 via the first communication interface 113.

When the processor of the first authentication device 300-1 receives the permission information from the processing device 100,
The processor 300-1 acquires an identification code (first authentication information) that may be included in the permission information. Subsequent processing is executed in the same manner as in FIG. 4C, although not shown. Specifically, the processor 300-1 of the first authentication device 300-1 verifies whether there is any first authentication information that matches the first authentication information acquired from the processing device 100, by referring to the first authentication information previously stored in the memory in the pre-registration processing of the first authentication information in FIG. 4A. Then, when any of the first authentication information previously stored in the memory matches the first authentication information acquired from the processing device 100, the processor 300-1 of the first authentication device 300-1 authenticates the user by reading out the user ID information stored in the memory in association with the matching first authentication information.

Next, the processor of the first authentication device 300-1 refers to the authority information (FIGS. 3A and 3C) associated with the read user ID information.
The first processor of the first authentication device 30 determines the time when the first authentication information is acquired from the processing device 100.
The processor of the first authentication device 300-1 compares the acquired time with the time information of the facility (building 10) stored as the authority information, and determines that the acquired time is the available time (for example, a combination of days of the week and times, such as 9:00 to 22:00 on weekdays).
If the acquired time satisfies the available time, the processor of the first authentication device 300-1 generates an unlocking signal to be sent to the locking/unlocking device 400 since the authentication has been successful and the device is available for use. The processor of the first authentication device 300-1 sends the unlocking signal to the locking/unlocking device 400 via the communication interface. Although not shown in the figure, the operation of the locking/unlocking device 400 that receives the unlocking signal is the same as that described in FIG. 4C.

The processor of the first authentication device 300-1 generates an authorization log (second log) including locking/unlocking ID information for identifying the locking/unlocking device 400, user ID information of the authenticated user, and unlocking time information indicating that the use of the facility is permitted and related to the unlocking signal, and stores the log in a memory. After the authorization log (second log) is stored, the first server device 200
The operation when the tolerance log (second log) is transmitted to first server device 200-1 and second server device 200-2, and the tolerance log is acquired and managed in first server device 200-1 and second server device 200-2, is also similar to that described in FIG. 4C.

4D and 4E, the identification code (first authentication information) itself is read out by the second authentication device 300-2 as authorization information and is output to the processing device 10.
0, but it is not necessary to use the identification code. For example,
The user ID information of the user authenticated in -2 and information indicating that the authentication of the user has been successful may be included in the permission information and transmitted to the processing device 100. In this way, in the first authentication device 300-1, authentication by the first authentication method is possible based on whether or not the user ID information has been stored in advance.

7. Example of Use Case of Processing System 1 The processing system 1 that is processed as described above is typically used in the following use case. However, the use case shown below is merely an example, and is not limited to the following.

(A) Case of authenticating an employee It is assumed that an administrator of a company that resides in the building 10 with restricted use or an administrator of the building 10 registers an employee of the company as a user. In this case, an identification code is stored as the first authentication information in an employee ID card and distributed to the employee in advance.
When the employee brings his/her employee ID card close to the card reader, which is the first authentication device, authentication is performed using the identification code, and the employee is authenticated. If the employee is successfully authenticated,
A gate installed at the entrance of building 10 opens, and the employee is permitted to enter building 10 (i.e., permitted to use building 10).

In addition, in order to provide the employee with various authentication methods, the administrator issues a usage permit to the employee in advance as the employee's second authentication information. Specifically, the usage permit is stored in a user terminal device (smartphone) that the employee can use. Then, when the employee brings the smartphone close to the second authentication device, authentication using the usage permit is performed, and the employee is authenticated. If the authentication of the employee is successful, an identification code (first authentication information) previously associated with the employee is provided to the first authentication device via the processing device 100. Then, authentication using the identification code is performed, and the employee is authenticated. If the authentication of the employee is successful, a gate installed at the entrance of the building 10 opens, and the employee is permitted to enter the building 10 (i.e., the employee is permitted to use the building 10).

Although not specifically described, the processing system 1 can be used not only by the combination of a building 10 and employees, but also by an apartment building and its residents, an event facility and its users, or a car and its users, etc.

(B) Case of authenticating a service provider It is assumed that a resident of an apartment complex with restricted use registers, for example, a parcel delivery person as a user to allow temporary use. In this case, a PIN to be entered into the numeric keypad of an autolock device (first authentication device) of the apartment complex is provided to the delivery person in advance as the first authentication information. Then, when the delivery person enters the PIN into the autolock device, which is the first authentication device, authentication using the PIN is performed and the delivery person is authenticated. If the authentication of the delivery person is successful, the entrance door of the apartment complex opens and the delivery person is allowed to enter the apartment complex (i.e., the use of the apartment complex is allowed).

In addition, in order to provide the deliverer with various authentication methods, the resident issues a usage permit to the deliverer in advance as the second authentication information of the deliverer. Specifically, the usage permit is stored in a user terminal device (smartphone) that the deliverer can use. Then, when the deliverer brings the smartphone close to the second authentication device, authentication using the usage permit is performed, and the deliverer is authenticated. If the authentication of the deliverer is successful, a PIN number (first authentication information) previously associated with the deliverer is provided to the first authentication device via the processing device 100. Then, authentication using the PIN number is performed, and the deliverer is authenticated. If the authentication of the deliverer is successful, the entrance door of the apartment building opens, and the deliverer is permitted to enter the apartment building (i.e., permitted to use the apartment building).

Although not specifically stated, the combination of an apartment building and a delivery person is not limited to this.
The processing system 1 can also be used by visitors who have been registered by the company or its employees.

As described above, in the present embodiment, it is possible to provide a processing device, a processing program, and a processing method that can perform user authentication more efficiently. In particular, in addition to the first authentication device 300-1 that is installed in advance, the second authentication device 300
By retrofitting the first authentication method, such as the first authentication method, via the processing device 100, it is possible to expand the equipment more flexibly. Also, it becomes possible for the user to use a second authentication method, etc., other than the first authentication method, and more flexible authentication becomes possible. Also, the first authentication device 300
When acquiring the permission log in the first server device 200-1, it is normally difficult to reflect the result of authentication in a different authentication device such as the second authentication device 300-2.
The second server device 200-2 acquires the tolerance log via the server 1,
In the case of 0-2, it is possible to centrally manage not only the first authentication device 300-1 but also the permission logs of the second authentication device 300-2, etc. In addition, by collecting not only the time of authentication and user information but also information on the equipment where the authentication was performed, it is possible to manage more detailed information such as when, who, and where the authentication was performed. Furthermore, when authentication is performed using the second authentication information, in addition to authentication by the second authentication device 300-2,
Since authentication is also performed by the first authentication device 300-1, it is possible to further improve safety, authenticity of authentication, and confidentiality. In other words, by going through multiple authentications, it is possible to improve the authenticity of "who can enter and leave where," and by using multiple authentication means, it is possible to further improve confidentiality for areas with high security levels.

8. Others In the above embodiment, the case where only the locking/unlocking device 400 is controlled via the first authentication device 300-1 has been described. However, the object to be controlled is not limited to the locking/unlocking device 400, and it is also possible to control a wider variety of devices. FIG. 5 is a block diagram showing the configuration of a processing system 1000 according to an embodiment of the present disclosure. Specifically, FIG. 5 shows the locking/unlocking device 400-
1, a configuration of a processing system 1000 including an elevator 400-2 and a gateway 600 in addition to the elevator 400-1 is shown.

5, as described above, the processing system 1000 includes the elevator 400-2 in addition to the locking/unlocking device 400-1. The elevator 400-2 is communicatively connected to the first server device 200-1 via a communication network. The other components are the same as those of the processing system 1 in FIG.

FIG. 6 is a diagram conceptually illustrating a user management table stored in the second server device 200-2 according to an embodiment of the present disclosure. In addition to each piece of information stored in the user management table shown in FIG. 3A, the user management table stores control information in association with user ID information. The "control information" is information for controlling the elevator 400-2, and for example, in the case of a user with user ID information "A1", call information for calling an elevator capable of transporting to the 8th floor of the building 10 to the nearest elevator hall to the gate, and destination information indicating the "8th floor", which is the usual destination of the elevator, are stored. Such control information is stored, for example, by receiving it together with a user registration request from an administrator terminal device available to the administrator. Note that other information is the same as that in FIG. 3A.

7A is a diagram showing a processing sequence executed by the processing system 1000 according to an embodiment of the present disclosure. Specifically, FIG. 7A shows a process performed by the first authentication device 300-1, the first server device 200-1, and the second server device 200-2 in order to register, in the first authentication device 300-1, first authentication information used in the first authentication device 300-1 to authenticate a user by a first authentication method.
1 shows a processing sequence executed between the device 1 and the device 2. The processing in each device is executed by a processor that executes a program stored in the memory of the device.

7A, the processor 211 of the second server device 200-2 receives a user registration request for a new user from an administrator terminal device available to the administrator via the communication interface 213. The user registration request includes attribute information, authority information, and control information of the user who wishes to newly register. Examples of the attribute information include the user name (first and last name), title,
The information includes a nickname, a career history, contact information such as a telephone number and an email address, the address of the company to which the user belongs, the name of the company, the name of the department to which the user belongs, etc. The authority information also includes information set in advance by an administrator for the user indicating the time and place at which the facility can be used. The control information is information for controlling the elevator 400-2, and includes call information for calling an elevator capable of transporting a user to a specified floor of the building 10 to the elevator hall nearest to the gate, and destination information indicating the floor to which the elevator normally transports the user.

When the processor 211 of the second server device 200-2 receives a user registration request, it generates new user ID information (S71). Then, the processor 211 of the second server device 200-2 stores the received attribute information and authority information in the user management table in association with the generated user ID information (S72), and stores the received control information in association with the user ID in the user management table (S73). In addition, the processor 211 of the second server device 200-2 generates an identification code, which is information unique to the user, as first authentication information for newly authenticating the user, and stores it in the user management table in association with the user ID information (S74). At a predetermined timing, the processor 211 of the second server device 200-2 transmits each user ID information stored in the user management table, the first authentication information (T71), authority information, and control information associated with each user ID information, to the first server device 200-1 via the communication interface 213.

When the processor 211 of the first server device 200-1 receives each user ID information and the first authentication information, authority information, and control information associated with each user ID information from the second server device 200-2 via the communication interface 213, the processor 211 stores the received information in the memory 212 (S75).
The processor 211 of the first authentication device 30
0-1, each user ID information and the first authentication information (T72
) and authority information.

When the processor of the first authentication device 300-1 receives each user ID information and the first authentication information and authority information associated with each user ID information from the first server device 200-1 via the communication interface, the processor stores the received information in memory (S76). The received information is used when the first authentication device performs authentication using the first authentication method. This completes the pre-registration process of the first authentication information.

Fig. 7B is a diagram showing a processing sequence executed in the processing system 1000 according to an embodiment of the present disclosure. Specifically, Fig. 7B shows a processing sequence executed between the first authentication device 300-1, the first server device 200-1, and the second server device 200-2 in order to authenticate a user by the first authentication method using the first authentication information in the first authentication device 300-1. The processing in each device is executed by a processor processing a program stored in the memory of each device.

7B, the first identification information (identification code) is acquired from the ID card 500-1 or the allowance information including the identification code, which is the first identification information, is acquired from the processing device 100 by the process shown in FIG. 4C or 4D (S81). The processor of the first authentication device 300-1 refers to the first authentication information previously stored in the memory in the pre-registration process of the first authentication information in FIG. 7A, and searches for the first authentication information that matches the first authentication information acquired from the ID card 500-1 or the processing device 100.
The processor of the first authentication device 300-1 verifies whether or not there is authentication information. If any of the first authentication information previously stored in the memory matches the first authentication information acquired from the ID card 500-1 or the processing device 100, the processor of the first authentication device 300-1 reads out the user ID information stored in the memory in association with the matching first authentication information, thereby authenticating the user (S
82).

Next, the processor of the first authentication device 300-1 refers to the authority information associated with the read user ID information. The specific process is the same as the process shown in FIG. 4C. When the processor of the first authentication device 300-1 can confirm the authority, it generates an unlocking signal to be sent to the locking/unlocking device 400-1. The processor of the first authentication device 300-1 sends the unlocking signal to the locking/unlocking device 400-1 via the communication interface. Although not shown in particular, the locking/unlocking device 400-1 that has received the unlocking signal sends the unlocking signal to the gate connected to the locking/unlocking device 400-1, which opens the gate and allows the user to enter the inside of the facility. In other words, the restriction on the user's use of the facility is lifted.

In addition, the processor of the first authentication device 300-1 generates an authorization log including lock/unlock ID information for identifying the lock/unlock device 400-1, user ID information of the authenticated user, information indicating that use of the equipment has been authorized, and unlock time information which is the time related to the unlocking signal, and stores the log in memory (S83).

Next, the processor 211 of the first server device 200-1 connects the communication interface 213
A transmission request (T
Then, when the processor of the first authentication device 300-1 receives a transmission request for the tolerance log, it reads out the tolerance log (T82) stored in the memory and transmits it to the first server device 200-1 via the communication interface.
When the 0-1 processor 211 receives the tolerance log via the communication interface 213, it stores the received tolerance log in the memory 212 (S84). Note that the period for sending a request to send the tolerance log and the presence or absence of a request to send the tolerance log are the same as those in FIG. 4C.

Furthermore, when the processor 211 of the first server device 200-1 stores the permission log in S84, the processor 211 reads out the control information stored in S75 of Fig. 7A based on the user ID information included in the received permission information.
The control information read out via the communication interface 213 is transmitted to the elevator 400-2, which is the device to be controlled, via the gateway 600.
When control information is received, an elevator capable of transporting to a specified floor of building 10 is called to the nearest elevator hall to the gate based on the received control information, and a floor number that is a normal transport destination is preset for that elevator. Specifically, for example, for a user with user ID information "A1", an elevator capable of transporting to the 8th floor of building 10 is called to the nearest elevator hall to the gate, and the "8th floor" is preset as the normal transport destination for that elevator.

The processor 211 of the second server device 200-2 transmits a transmission request (T83) of the permitted log stored in the memory to each server device including the first server device 200-1 to which the first authentication device 300-1 is connected, at a predetermined period, via the communication interface 213. Then, when the processor 211 of the first server device 200-1 receives the transmission request of the permitted log, it reads the permitted log (T84) stored in the memory 212 and transmits it to the second server device 200-2 via the communication interface 213. When the processor 211 of the second server device 200-2 receives the permitted log via the communication interface 213, it identifies the log management table corresponding to the locking/unlocking device 400 based on the locking/unlocking ID information included in the received permitted log, stores the unlocking time information in association with the user ID information also included in the permitted log, and updates the entry/exit information (S85). The period for transmitting the transmission request of the permitted log and the presence or absence of a transmission request of the permitted log are the same as those in FIG. 4C.

Although not shown in the figures, the pre-registration process of the second authentication information and the authentication process in the second authentication device 300-2 are executed in the same manner as in FIG. 4B and FIG. 4D.

5 to 7B, the elevator 400-2 is shown as an example of a device to be controlled, but other devices can be added. For example, other automatic doors, gates, air conditioning equipment, lighting equipment, and the like inside the building 10 can also be processed in the same manner.

As described above, in the present embodiment, it is possible to provide a processing device, a processing program, and a processing method that can perform user authentication more efficiently. In particular, in addition to the first authentication device 300-1 that is installed in advance, the second authentication device 300
By retrofitting the first authentication method, such as the first authentication method, via the processing device 100, it is possible to expand the equipment more flexibly. Also, it becomes possible for the user to use a second authentication method, etc., other than the first authentication method, and more flexible authentication becomes possible. Also, the first authentication device 300
When acquiring the permission log in the first server device 200-1, it is normally difficult to reflect the result of authentication in a different authentication device such as the second authentication device 300-2.
The second server device 200-2 acquires the tolerance log via the server 1,
In the case of 0-2, it is possible to centrally manage not only the first authentication device 300-1 but also the permission logs of the second authentication device 300-2, etc. In addition, by collecting not only the time of authentication and user information but also information on the equipment where the authentication was performed, it is possible to manage more detailed information such as when, who, and where the authentication was performed. Furthermore, when authentication is performed using the second authentication information, in addition to authentication by the second authentication device 300-2,
Since authentication is also performed by the first authentication device 300-1, it is possible to further improve safety and authentication accuracy. In addition to these, by performing user authentication, it is possible to control in advance the equipment (e.g., elevator 400-2) that is expected to be used next, allowing the user to use each equipment more efficiently.

The processes and procedures described in this specification can be realized not only by those explicitly described in the embodiments, but also by software, hardware, or a combination of these. Specifically, the processes and procedures described in this specification are realized by implementing logic corresponding to the processes in a medium such as an integrated circuit, a volatile memory, a non-volatile memory, a magnetic disk, or an optical storage. In addition, the processes and procedures described in this specification can be implemented as computer programs and executed by various computers including a processing device and a server device.

The processes and procedures described herein may be implemented as a single device, software, component,
Although a process or procedure is described as being performed by a module, such a process or procedure may be performed by multiple devices, multiple software, multiple components, and/or multiple modules. Furthermore, although various information described herein is described as being stored in a single memory or storage unit, such information may be stored in multiple memories provided in a single device or multiple memories distributed across multiple devices. Furthermore, software and hardware elements described herein may be realized by integrating them into fewer components or breaking them down into more components.

REFERENCE SIGNS LIST 1 Processing system 10 Building 100 Processing device 200 Server device 200-1 First server device 200-2 Second server device 300-1 First authentication device 300-2 Second authentication device 400 Locking/unlocking device 500-1 ID card 500-2 User terminal device 1000 Processing system 400-1 Locking/unlocking device 400-2 Elevator 600 Gateway

Claims (23)

a first communication interface configured to communicatively connect to a first authentication device installed in a facility whose use by a user is restricted in order to determine whether or not to permit the use of the user by authenticating the user by a first authentication method using first authentication information;
The permission information used to permit the user to use the service by authenticating the user by a second authentication method different from the first authentication method is generated by a second authentication device different from the first authentication method.
a second communication interface configured to receive from the authentication device;
a processor configured to execute a process for transmitting the allowance information to the first authentication device upon receiving the allowance information from the second authentication device;
A processing device comprising: The processing device according to claim 1, wherein the permission information is the same as the first authentication information. 2. The method according to claim 1, wherein the permission information is unique information that is given to the user in advance.
The processing device according to claim 1 . The processing device according to claim 1, wherein the allowance information is transmitted in advance to the second authentication device from a second server device connected to the second authentication device via a communication network, and is also transmitted in advance to the first authentication device via a first server device different from the second server device. the second authentication method is a method using second authentication information different from the first authentication information;
The processing device of claim 1 . The processing device according to claim 1 , wherein the second communication interface uses a communication method different from a communication method used by the first communication interface. The processing device according to claim 1 , wherein the second communication interface communicates via short-range wireless communication. 8. The short-range wireless communication in the second communication interface according to claim 7, further comprising an encryption process.
The processing device according to claim 1 . The processing device according to claim 1 , wherein the first authentication device authorizes the user to use the device based on receipt of the authorization information. The processing device according to claim 1 , which is installed in the facility as a retrofit to the first authentication device that has already been installed in the facility. The processing device according to claim 10 , which is connected to the first authentication device by serial communication via the first communication interface. a first communication interface configured to communicatively connect to a first authentication device installed in a facility whose use by a user is restricted in order to determine whether or not to permit the use of the user by authenticating the user by a first authentication method using first authentication information;
The authorization information used to authorize the user by authenticating the user using a second authentication method different from the first authentication method is generated by a second authentication device different from the first authentication method.
a second communication interface configured to receive from the authentication device;
At least one processor;
The at least one processor in a processing device comprising:
a processing program causing the device to function to execute a process for transmitting the permissible information to the first authentication device when the permissible information is received from the second authentication device; a first communication interface configured to communicatively connect to a first authentication device installed in a facility whose use by a user is restricted in order to determine whether or not to permit the use of the user by authenticating the user by a first authentication method using first authentication information;
The permission information used to permit the user to use the service by authenticating the user by a second authentication method different from the first authentication method is generated by a second authentication device different from the first authentication method.
a second communication interface configured to receive from the authentication device;
At least one processor;
A processing method executed by the at least one processor in a processing device comprising:
A method comprising the step of transmitting the allowance information to the first authentication device upon receiving the allowance information from the second authentication device. A server device including at least one processor,
the at least one processor:
receiving first log information indicating that the user has been authenticated from a first authentication device installed in a facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility for authenticating the user by a first authentication method and determining whether or not to permit the user's use, upon receipt of an authentication request by the user using first authentication information;
receiving second log information from the first authentication device, the second log information indicating that the user has been authenticated, due to the first authentication device accepting, by the first authentication device, permissible information generated by authenticating the user by a second authentication method different from the first authentication method;
storing the first log information and the second log information;
A server device configured to execute a process for: The server device according to claim 14 , wherein the permission information is provided to a processing device communicatively connected to the first authentication device, and transmitted from the processing device to the first authentication device. the first log information and the second log information are communicably connected to the first authentication device,
The server device according to claim 14 , wherein the authentication information is transmitted from the first authentication device to the server device via another server device different from the server device. The server device and the other server device are managed by different administrators,
The server device according to claim 14 , wherein the first log information and the second log information are transmitted from the first authentication device to the server device via the other server device in response to a request from an administrator managing the server device. The server device according to claim 14 , wherein the first log information and the second log information include at least one of information indicating a facility that the user is permitted to use and information indicating a time period during which the user is permitted to use the facility. In a computer having at least one processor, the at least one processor is
receiving first log information indicating that the user has been authenticated from a first authentication device installed in a facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility for authenticating the user by a first authentication method and determining whether or not to permit the user's use, upon receipt of an authentication request by the user using first authentication information;
receiving second log information from the first authentication device, the second log information indicating that the user has been authenticated, due to the first authentication device accepting, by the first authentication device, permissible information generated by authenticating the user by a second authentication method different from the first authentication method;
storing the first log information and the second log information;
A program that functions to perform processing for 1. A method executed by at least one processor in a computer having the at least one processor, the method comprising:
receiving first log information indicating that the user has been authenticated from a first authentication device installed in a facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed for authenticating the user by a first authentication method and determining whether or not to permit the user's use, upon receipt of an authentication request from the user using first authentication information;
receiving second log information from the first authentication device, the second log information indicating that the user has been authenticated, due to the first authentication device accepting acceptance information generated by authenticating the user by a second authentication method different from the first authentication method;
storing the first log information and the second log information;
The method includes: A processing system including a server device and a processing device,
the server device receives first log information indicating that the user has been authenticated from a first authentication device installed in a facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility where the user's use is restricted, the first log information indicating that the user has been authenticated,
the server device outputs, in order to provide to the processing device, permission information generated by authenticating the user by a second authentication method different from the first authentication method;
When the processing device receives the permission information output from the server device, the processing device transmits the permission information to the first authentication device,
receiving, by the server device, second log information from the first authentication device, the second log information indicating that the user has been authenticated;
The first log information and the second log information are stored in the server device.
23. A processing system configured to perform processing for: A processing system including a server device and a processing device,
the server device receives first log information indicating that the user has been authenticated from a first authentication device installed in a facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility where the user's use is restricted, the first log information indicating that the user has been authenticated,
the server device outputs, in order to provide to the processing device, permission information generated by authenticating the user by a second authentication method different from the first authentication method;
When the processing device receives the permission information output from the server device, the processing device transmits the permission information to the first authentication device,
receiving, by the server device, second log information from the first authentication device, the second log information indicating that the user has been authenticated;
The first log information and the second log information are stored in the server device.
A processing program that functions to perform processing for the purpose of A processing method executed in a processing system including a server device and a processing device,
a step of the server device receiving first log information indicating that the user has been authenticated from a first authentication device installed in a facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first authentication device being installed in the facility where the user's use is restricted, the first log information indicating that the user has been authenticated, the first log information indicating that the user has been authenticated being received from the first authentication device.
outputting, by the server device, for providing to the processing device, acceptance information generated by authenticating the user by a second authentication method different from the first authentication method;
a step of transmitting the permission information to the first authentication device by the processing device when receiving the permission information output from the server device;
receiving, by the server device, second log information from the first authentication device, the second log information indicating that the user has been authenticated due to acceptance by the first authentication device;
storing the first log information and the second log information in the server device;
A processing method comprising:

Images